LdapIdentityStoreDefinitionAnnotationLiteral out = new LdapIdentityStoreDefinitionAnnotationLiteral( in.bindDn(), in.bindDnPassword(), in.callerBaseDn(), in.callerNameAttribute(), in.callerSearchBase(), in.callerSearchFilter(), in.callerSearchScope(), in.callerSearchScopeExpression(), in.groupMemberAttribute(), in.groupMemberOfAttribute(), in.groupNameAttribute(), in.groupSearchBase(), in.groupSearchFilter(), in.groupSearchScope(), in.groupSearchScopeExpression(), in.maxResults(), in.maxResultsExpression(), in.priority(), in.priorityExpression(), in.readTimeout(), in.readTimeoutExpression(), in.url(), in.useFor(), in.useForExpression() );
public static boolean hasAnyELExpression(LdapIdentityStoreDefinition in) { return AnnotationELPProcessor.hasAnyELExpression( in.bindDn(), in.bindDnPassword(), in.callerNameAttribute(), in.callerSearchBase(), in.callerSearchFilter(), in.callerSearchScopeExpression(), in.groupMemberAttribute(), in.groupMemberOfAttribute(), in.groupNameAttribute(), in.groupSearchBase(), in.groupSearchFilter(), in.groupSearchScopeExpression(), in.maxResultsExpression(), in.priorityExpression(), in.readTimeoutExpression(), in.url(), in.useForExpression() ); }
private String getCallerDn(LdapContext searchContext, String callerName) { String callerDn = null; if (!ldapIdentityStoreDefinition.callerBaseDn().isEmpty() && ldapIdentityStoreDefinition.callerSearchBase().isEmpty()) { callerDn = String.format("%s=%s,%s", ldapIdentityStoreDefinition.callerNameAttribute(), callerName, ldapIdentityStoreDefinition.callerBaseDn()); } else { callerDn = searchCaller(searchContext, callerName); } return callerDn; }
private LdapContext createSearchLdapContext() { try { return createLdapContext( ldapIdentityStoreDefinition.url(), ldapIdentityStoreDefinition.bindDn(), ldapIdentityStoreDefinition.bindDnPassword()); } catch (AuthenticationException e) { throw new IdentityStoreConfigurationException("Bad bindDn or bindPassword for: " + ldapIdentityStoreDefinition.bindDn(), e); } }
private List<SearchResult> searchGroups(LdapContext searchContext, String callerDn) { String filter = null; if (ldapIdentityStoreDefinition.groupSearchFilter() != null && !ldapIdentityStoreDefinition.groupSearchFilter().trim().isEmpty()) { // Filter should have exactly one "%s", where callerDn will be substituted. filter = format(ldapIdentityStoreDefinition.groupSearchFilter(), callerDn); } else { // Use groupMemberAttribute and callerDn to search for groups filter = format(DEFAULT_GROUP_FILTER, ldapIdentityStoreDefinition.groupMemberAttribute(), callerDn); } return search(searchContext, ldapIdentityStoreDefinition.groupSearchBase(), filter, getGroupSearchControls()); }
private SearchControls getCallerSearchControls() { SearchControls controls = new SearchControls(); controls.setSearchScope(convertScopeValue(ldapIdentityStoreDefinition.callerSearchScope())); controls.setCountLimit((long)ldapIdentityStoreDefinition.maxResults()); controls.setTimeLimit(ldapIdentityStoreDefinition.readTimeout()); return controls; }
private String searchCaller(LdapContext searchContext, String callerName) { String filter = null; if (ldapIdentityStoreDefinition.callerSearchFilter() != null && !ldapIdentityStoreDefinition.callerSearchFilter().trim().isEmpty()) { // Filter should have exactly one "%s", where callerName will be substituted. filter = format(ldapIdentityStoreDefinition.callerSearchFilter(), callerName); } else { // Use groupMemberAttribute and callerDn to search for groups filter = format(DEFAULT_USER_FILTER, ldapIdentityStoreDefinition.callerNameAttribute(), callerName); } List <SearchResult> callerDn = search(searchContext, ldapIdentityStoreDefinition.callerSearchBase(), filter, getCallerSearchControls()); if (callerDn.size() > 1) { // TODO User is found in multiple organizations } if (callerDn.size() == 1) { // get the fully qualified identification like uid=arjan,ou=caller,dc=jsr375,dc=net return callerDn.get(0).getNameInNamespace(); } return null; }
private Set<String> retrieveGroupsForCallerDn(LdapContext searchContext, String callerDn) { if (callerDn == null || callerDn.isEmpty()) { return emptySet(); } if (ldapIdentityStoreDefinition.groupSearchBase().isEmpty() && !ldapIdentityStoreDefinition.groupMemberOfAttribute().isEmpty()) { return retrieveGroupsFromCallerObject(callerDn, searchContext); } else { return retrieveGroupsBySearching(callerDn, searchContext); } }
private Set<String> retrieveGroupsFromCallerObject(String callerDn, LdapContext searchContext) { try { Attributes attributes = searchContext.getAttributes(callerDn, new String[] { ldapIdentityStoreDefinition.groupMemberOfAttribute() }); Attribute memberOfAttribute = attributes.get(ldapIdentityStoreDefinition.groupMemberOfAttribute()); Set<String> groups = new HashSet<>(); if (memberOfAttribute != null) { for (Object group : list(memberOfAttribute.getAll())) { if (group != null) { String groupName = getGroupNameFromDn(group.toString(), ldapIdentityStoreDefinition.groupNameAttribute()); if (groupName != null) { groups.add(groupName); } } } } return groups; } catch (NamingException e) { throw new IdentityStoreRuntimeException(e); } }
public static boolean hasAnyELExpression(LdapIdentityStoreDefinition in) { return AnnotationELPProcessor.hasAnyELExpression( in.bindDn(), in.bindDnPassword(), in.callerNameAttribute(), in.callerSearchBase(), in.callerSearchFilter(), in.callerSearchScopeExpression(), in.groupMemberAttribute(), in.groupMemberOfAttribute(), in.groupNameAttribute(), in.groupSearchBase(), in.groupSearchFilter(), in.groupSearchScopeExpression(), in.maxResultsExpression(), in.priorityExpression(), in.readTimeoutExpression(), in.url(), in.useForExpression() ); }
private String getCallerDn(LdapContext searchContext, String callerName) { String callerDn = null; if (!ldapIdentityStoreDefinition.callerBaseDn().isEmpty() && ldapIdentityStoreDefinition.callerSearchBase().isEmpty()) { callerDn = String.format("%s=%s,%s", ldapIdentityStoreDefinition.callerNameAttribute(), callerName, ldapIdentityStoreDefinition.callerBaseDn()); } else { callerDn = searchCaller(searchContext, callerName); } return callerDn; }
private LdapContext createSearchLdapContext() { try { return createLdapContext( ldapIdentityStoreDefinition.url(), ldapIdentityStoreDefinition.bindDn(), ldapIdentityStoreDefinition.bindDnPassword()); } catch (AuthenticationException e) { throw new IdentityStoreConfigurationException("Bad bindDn or bindPassword for: " + ldapIdentityStoreDefinition.bindDn(), e); } }
private List<SearchResult> searchGroups(LdapContext searchContext, String callerDn) { String filter = null; if (ldapIdentityStoreDefinition.groupSearchFilter() != null && !ldapIdentityStoreDefinition.groupSearchFilter().trim().isEmpty()) { // Filter should have exactly one "%s", where callerDn will be substituted. filter = format(ldapIdentityStoreDefinition.groupSearchFilter(), callerDn); } else { // Use groupMemberAttribute and callerDn to search for groups filter = format(DEFAULT_GROUP_FILTER, ldapIdentityStoreDefinition.groupMemberAttribute(), callerDn); } return search(searchContext, ldapIdentityStoreDefinition.groupSearchBase(), filter, getGroupSearchControls()); }
private SearchControls getCallerSearchControls() { SearchControls controls = new SearchControls(); controls.setSearchScope(convertScopeValue(ldapIdentityStoreDefinition.callerSearchScope())); controls.setCountLimit((long)ldapIdentityStoreDefinition.maxResults()); controls.setTimeLimit(ldapIdentityStoreDefinition.readTimeout()); return controls; }
private String searchCaller(LdapContext searchContext, String callerName) { String filter = null; if (ldapIdentityStoreDefinition.callerSearchFilter() != null && !ldapIdentityStoreDefinition.callerSearchFilter().trim().isEmpty()) { // Filter should have exactly one "%s", where callerName will be substituted. filter = format(ldapIdentityStoreDefinition.callerSearchFilter(), callerName); } else { // Use groupMemberAttribute and callerDn to search for groups filter = format(DEFAULT_USER_FILTER, ldapIdentityStoreDefinition.callerNameAttribute(), callerName); } List <SearchResult> callerDn = search(searchContext, ldapIdentityStoreDefinition.callerSearchBase(), filter, getCallerSearchControls()); if (callerDn.size() > 1) { // TODO User is found in multiple organizations } if (callerDn.size() == 1) { // get the fully qualified identification like uid=arjan,ou=caller,dc=jsr375,dc=net return callerDn.get(0).getNameInNamespace(); } return null; }
private Set<String> retrieveGroupsForCallerDn(LdapContext searchContext, String callerDn) { if (callerDn == null || callerDn.isEmpty()) { return emptySet(); } if (ldapIdentityStoreDefinition.groupSearchBase().isEmpty() && !ldapIdentityStoreDefinition.groupMemberOfAttribute().isEmpty()) { return retrieveGroupsFromCallerObject(callerDn, searchContext); } else { return retrieveGroupsBySearching(callerDn, searchContext); } }
private Set<String> retrieveGroupsFromCallerObject(String callerDn, LdapContext searchContext) { try { Attributes attributes = searchContext.getAttributes(callerDn, new String[] { ldapIdentityStoreDefinition.groupMemberOfAttribute() }); Attribute memberOfAttribute = attributes.get(ldapIdentityStoreDefinition.groupMemberOfAttribute()); Set<String> groups = new HashSet<>(); if (memberOfAttribute != null) { for (Object group : list(memberOfAttribute.getAll())) { if (group != null) { String groupName = getGroupNameFromDn(group.toString(), ldapIdentityStoreDefinition.groupNameAttribute()); if (groupName != null) { groups.add(groupName); } } } } return groups; } catch (NamingException e) { throw new IdentityStoreRuntimeException(e); } }
LdapIdentityStoreDefinitionAnnotationLiteral out = new LdapIdentityStoreDefinitionAnnotationLiteral( in.bindDn(), in.bindDnPassword(), in.callerBaseDn(), in.callerNameAttribute(), in.callerSearchBase(), in.callerSearchFilter(), in.callerSearchScope(), in.callerSearchScopeExpression(), in.groupMemberAttribute(), in.groupMemberOfAttribute(), in.groupNameAttribute(), in.groupSearchBase(), in.groupSearchFilter(), in.groupSearchScope(), in.groupSearchScopeExpression(), in.maxResults(), in.maxResultsExpression(), in.priority(), in.priorityExpression(), in.readTimeout(), in.readTimeoutExpression(), in.url(), in.useFor(), in.useForExpression() );