masonjm 2004/10/26 22:23:36
Modified: src/stores/org/apache/slide/store/txjndi Tag:
SLIDE_2_1_RELEASE_BRANCH JNDIPrincipalStore.java
Log:
Fix for bug #31700 provided by Stefan Fromm. Allows an attribute other than the rdn
attribute to be used as the username in Slide. (merge)
Revision Changes Path
No revision
No revision
1.5.2.3 +45 -11
jakarta-slide/src/stores/org/apache/slide/store/txjndi/JNDIPrincipalStore.java
Index: JNDIPrincipalStore.java
===================================================================
RCS file:
/home/cvs/jakarta-slide/src/stores/org/apache/slide/store/txjndi/JNDIPrincipalStore.java,v
retrieving revision 1.5.2.2
retrieving revision 1.5.2.3
diff -u -r1.5.2.2 -r1.5.2.3
--- JNDIPrincipalStore.java 29 Sep 2004 15:38:44 -0000 1.5.2.2
+++ JNDIPrincipalStore.java 27 Oct 2004 05:23:36 -0000 1.5.2.3
@@ -25,8 +25,10 @@
import java.util.ArrayList;
import java.util.Enumeration;
+import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
+import java.util.Map;
import java.util.NoSuchElementException;
import java.util.StringTokenizer;
import java.util.TreeSet;
@@ -140,6 +142,12 @@
* The attribute used to uniquely identify the objects you're fetching. Usually uid
or cn.
* </dd>
*
+ * <dt>jndi.attributes.userprincipalname</dt>
+ * <dd>
+ * The attribute used to provide a user/role name which is mapped into Slide
instead of the
+ * path name. This attribute is optional.
+ * </dd>
+ *
* <dt>jndi.search.filter</dt>
* <dd>
* The filter string to use for the search. Example:
<em>(objectClass=inetOrgPerson)</em>.
@@ -247,9 +255,10 @@
public static final String PARAM_JNDI_RDN_ATTRIBUTE =
"jndi.attributes.rdn";
public static final String PARAM_JNDI_SEARCH_ATTRIBUTES =
"jndi.search.attributes";
public static final String PARAM_JNDI_SEARCH_SCOPE = "jndi.search.scope";
+ public static final String PARAM_JNDI_USERPRINCIPALNAME =
"jndi.attributes.userprincipalname";
public static final String PARAM_LOG_VALIDATION_ERRORS =
"log.validationerrors";
-
+
// Default values
public static final int DEFAULT_CACHE_SIZE = 200;
public static final boolean DEFAULT_CACHE_OVERFLOW_TO_DISK = true;
@@ -285,9 +294,12 @@
protected String groupMemberSet;
protected String rdnAttribute;
protected int searchScope;
+ protected String principalNameAttribute;
private String name;
private String usersPath;
+ private Map objectNameMap; // Uri-String -> LDAP lookup name
+
public JNDIPrincipalStore() {
ctxParameters = new Hashtable();
@@ -295,6 +307,7 @@
name = "";
refreshList = new TreeSet();
refresher = new RefreshThread();
+ objectNameMap = new HashMap();
}
// ----------------------------------------------------------- Service Methods
--------
@@ -411,6 +424,9 @@
if ( "true".equalsIgnoreCase( temp ) ) {
logValidationErrors = true;
}
+
+ //Set attribute which contains the user principal name for
authentication
+ principalNameAttribute =
(String)parameters.get(PARAM_JNDI_USERPRINCIPALNAME);
}
public boolean cacheResults() {
@@ -729,7 +745,12 @@
if ( !validatePathName( name ) ) {
continue;
}
- String value = parseLdapName( name );
+ String value = parseLdapName(name);
+ if (principalNameAttribute != null) {
+ String uriValue =
((String)result.getAttributes().get(principalNameAttribute).get()).toLowerCase();
+ objectNameMap.put(uriValue, value);
+ value = uriValue;
+ }
getLogger().log(
name + ": Creating child binding \"" +
value + "\" for \"" +
@@ -750,10 +771,12 @@
// of the "+ something" in LDAP.
try {
+ if (principalNameAttribute != null &&
objectNameMap.get(objectName) == null)
+ retrieveObject(parentUri);
NamingEnumeration results = ctx.search(
container,
- rdnAttribute + "=" + objectName,
- controls );
+ rdnAttribute + "=" + (principalNameAttribute
!= null ? (String)objectNameMap.get(objectName) : objectName),
+ controls);
if ( !results.hasMore() ) {
if (ctx != null) {
@@ -823,12 +846,12 @@
new NodeProperty( "resourcetype", resourceType, "DAV:", "",
false ) );
props.put(
"DAV:displayname",
- new NodeProperty( "displayname", objectName, "DAV:", "", false
) );
+ new NodeProperty( "displayname", (!uri.isStoreRoot() &&
principalNameAttribute != null?(String)objectNameMap.get(objectName):objectName),
"DAV:", "", false ) );
// The storeRoot isn't a real object so it doesn't have any parameters
to look up
if ( !uri.isStoreRoot() ) {
- String localFilter = rdnAttribute + "=" + objectName;
+ String localFilter = rdnAttribute + "=" +
(principalNameAttribute != null?(String)objectNameMap.get(objectName):objectName);
SearchControls controls = new SearchControls();
controls.setSearchScope( searchScope );
@@ -881,7 +904,18 @@
if ( isGms ) {
valueString.append( "<D:href xmlns:D='DAV:'>" );
valueString.append( usersPath ).append( "/" );
-
valueString.append( parseLdapName( value.toString() ) );
+ String name =
parseLdapName(value.toString());
+ if
(principalNameAttribute != null) {
+ //
lookup LDAP user entry
+
controls.setReturningAttributes(new String[] { principalNameAttribute });
+
NamingEnumeration roleResults =
+
ctx.search(container, rdnAttribute + "=" + name, controls);
+ if
(roleResults.hasMore()) {
+
SearchResult userObject = (SearchResult)roleResults.next();
+
name =
((String)userObject.getAttributes().get(principalNameAttribute).get()).toLowerCase();
+ }
+ }
+
valueString.append(name);
valueString.append( "</D:href>" );
} else {
if ( isMva ) {
@@ -1023,7 +1057,7 @@
if (name.equals("")) return name;
- int firstEqual = name.indexOf( "=" );
+ int firstEqual = name.indexOf("=");
if ( firstEqual < 0 ) {
firstEqual = 0;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
