/** * Try LDAP login for given context and return {@link Principal}. * * @param ldapUid the name of the ldap user to log in. * @param validXWikiUserName the name of the XWiki user to log in. * @param password the password of the user to log in. * @param context the XWiki context. * @return the {@link Principal}. * @throws XWikiException error when login. * @throws UnsupportedEncodingException error when login. * @throws LDAPException error when login. */ protected Principal ldapAuthenticateInContext(String ldapUid, String validXWikiUserName, String password, XWikiContext context) throws XWikiException, UnsupportedEncodingException, LDAPException { return ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, false); }
if (isSuperAdmin(login)) { return authenticateSuperAdmin(password, context); principal = ldapAuthenticate(login, password, context); principal = xwikiAuthenticate(login, password, context);
String validXWikiUserName = getValidXWikiUserName(ldapUid); principal = ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, true); } catch (Exception e) { context.setWikiId(context.getMainXWiki()); try { principal = ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, false); } catch (Exception e) {
syncUser(userProfile, searchAttributes, ldapDn, ldapUid, ldapUtils, context); syncGroupsMembership(userProfile.getFullName(), ldapDn, isNewUser, ldapUtils, context); } catch (XWikiException e) { LOG.error("Failed to synchronise user's groups membership", e);
/** * Synchronize user XWiki membership with it's LDAP membership. * * @param xwikiUserName the name of the user. * @param ldapDn the LDAP DN of the user. * @param createuser indicate if the user is created or updated. * @param ldapUtils the LDAP communication tool. * @param context the XWiki context. * @throws XWikiException error when synchronizing user membership. */ protected void syncGroupsMembership(String xwikiUserName, String ldapDn, boolean createuser, XWikiLDAPUtils ldapUtils, XWikiContext context) throws XWikiException { XWikiLDAPConfig config = XWikiLDAPConfig.getInstance(); // got valid group mappings Map<String, Set<String>> groupMappings = config.getGroupMappings(context); // update group membership, join and remove from given groups // sync group membership for this user if (groupMappings.size() > 0) { // flag if always sync or just on create of the user String syncmode = config.getLDAPParam("ldap_mode_group_sync", "always", context); if (!syncmode.equalsIgnoreCase("create") || createuser) { syncGroupsMembership(xwikiUserName, ldapDn, groupMappings, ldapUtils, context); } } }
this.authService = new XWikiLDAPAuthServiceImpl(); } else { this.authService = new XWikiAuthServiceImpl();
@Override public XWikiUser checkAuth(XWikiContext context) throws XWikiException { XWikiUser user = getUserFromSession(context); if (user != null) { this.logger.debug("Previously authenticated LIMS user found in the session: [{}]", user.getUser()); setupContextForLims(context); storeAccesMode(context); return user; } XWikiRequest request = context.getRequest(); String pn = request.get(LimsServer.INSTANCE_IDENTIFIER_KEY); String username = request.get(LimsServer.USERNAME_KEY); String token = request.get(LimsServer.TOKEN_KEY); if (StringUtils.isNotEmpty(username) && StringUtils.isNotEmpty(token)) { user = checkLocalToken(token, username, context); if (user == null && StringUtils.isNotEmpty(pn)) { user = checkRemoteToken(token, username, pn, context); } if (user != null) { storeUserInSession(new LimsAuthentication(token, user, pn), context); setupContextForLims(context); storeAccesMode(context); return user; } } // LIMS authentication failed, try with the default form-based authentication return super.checkAuth(context); }
if (isSuperAdmin(login)) { return authenticateSuperAdmin(password, context); principal = ldapAuthenticate(login, password, context); principal = xwikiAuthenticate(login, password, context);
String validXWikiUserName = getValidXWikiUserName(ldapUid); principal = ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, true); } catch (Exception e) { context.setDatabase(context.getMainXWiki()); try { principal = ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, false); } catch (Exception e) {
syncUser(userProfile, searchAttributes, ldapDn, ldapUid, ldapUtils, context); syncGroupsMembership(userProfile.getFullName(), ldapDn, isNewUser, ldapUtils, context); } catch (XWikiException e) { LOGGER.error("Failed to synchronise user's groups membership", e);
/** * Synchronize user XWiki membership with it's LDAP membership. * * @param xwikiUserName the name of the user. * @param ldapDn the LDAP DN of the user. * @param createuser indicate if the user is created or updated. * @param ldapUtils the LDAP communication tool. * @param context the XWiki context. * @throws XWikiException error when synchronizing user membership. */ protected void syncGroupsMembership(String xwikiUserName, String ldapDn, boolean createuser, XWikiLDAPUtils ldapUtils, XWikiContext context) throws XWikiException { XWikiLDAPConfig config = XWikiLDAPConfig.getInstance(); // got valid group mappings Map<String, Set<String>> groupMappings = config.getGroupMappings(context); // update group membership, join and remove from given groups // sync group membership for this user if (groupMappings.size() > 0) { // flag if always sync or just on create of the user String syncmode = config.getLDAPParam("ldap_mode_group_sync", "always", context); if (!syncmode.equalsIgnoreCase("create") || createuser) { syncGroupsMembership(xwikiUserName, ldapDn, groupMappings, ldapUtils, context); } } }
/** * Try LDAP login for given context and return {@link Principal}. * * @param ldapUid the name of the ldap user to log in. * @param validXWikiUserName the name of the XWiki user to log in. * @param password the password of the user to log in. * @param context the XWiki context. * @return the {@link Principal}. * @throws XWikiException error when login. * @throws UnsupportedEncodingException error when login. * @throws LDAPException error when login. */ protected Principal ldapAuthenticateInContext(String ldapUid, String validXWikiUserName, String password, XWikiContext context) throws XWikiException, UnsupportedEncodingException, LDAPException { return ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, false); }