final Entry e = it.next(); ldapEntry.setDn(e.getDn().getName()); ldapEntry.setBindPrincipal(e.getDn().getName()); for (Attribute attribute : e.getAttributes()) { if (activeDirectory && "userPrincipalName".equalsIgnoreCase(attribute.getId())) { ldapEntry.setBindPrincipal(attribute.getString()); if (attribute.isHumanReadable()) { ldapEntry.put(attribute.getId(), Joiner.on(", ").join(attribute.iterator())); if ("memberOf".equalsIgnoreCase(attribute.getId()) || "isMemberOf".equalsIgnoreCase(attribute.getId())) { for (Value<?> group : attribute) { groupDns.add(group.getString()); LOG.trace("Resolved {} to group {}", groupDn, groupId); if (groupId != null) { final String string = groupId.getString(); ldapEntry.addGroups(Collections.singleton(string));
String oid = getOid( entry, SchemaConstants.MATCHING_RULE, schemaManager.isStrict() ); if ( !schemaManager.isSchemaLoaded( schemaName ) ) String msg = I18n.err( I18n.ERR_16028_CANNOT_ADD_MR, entry.getDn().getName(), schemaName ); LOG.info( I18n.err( I18n.ERR_16029_CANNOT_ADD_MR_IN_REGISTRY, entry.getDn().getName(), schemaName ) ); schema = schemaManager.getLoadedSchema( schemaName ); Attribute mSyntax = entry.get( MetaSchemaConstants.M_SYNTAX_AT ); matchingRule.setSyntaxOid( mSyntax.getString() );
Dn baseDn = new Dn( bindDn ); LdapPrincipal ldapPrincipal = new LdapPrincipal( schemaManager, entry.getDn(), AuthenticationLevel.STRONG, entry.get( SchemaConstants.USER_PASSWORD_AT ).getBytes() ); ldapSession.putSaslProperty( SaslConstants.SASL_AUTHENT_USER, ldapPrincipal ); return entry.get( SchemaConstants.USER_PASSWORD_AT );
public Entry add( String upId, Value... values ) throws LdapException if ( Strings.isEmpty( upId ) ) String message = I18n.err( I18n.ERR_13204_NULL_ATTRIBUTE_ID ); LOG.error( message ); throw new IllegalArgumentException( message ); add( upId, schemaManager.lookupAttributeTypeRegistry( upId ), values ); attribute.add( values ); attribute.setUpId( upId );
throw new IllegalArgumentException( I18n.err( I18n.ERR_16016_NULL_ENTRY ) ); if ( entry.get( SchemaConstants.CN_AT ) == null ) throw new IllegalArgumentException( I18n.err( I18n.ERR_16017_INVALID_CN_AT ) ); name = entry.get( SchemaConstants.CN_AT ).getString(); if ( entry.get( SchemaConstants.CREATORS_NAME_AT ) == null ) throw new IllegalArgumentException( I18n.err( I18n.ERR_16018_INVALID_AT, SchemaConstants.CREATORS_NAME_AT ) ); owner = entry.get( SchemaConstants.CREATORS_NAME_AT ).getString(); if ( entry.get( MetaSchemaConstants.M_DISABLED_AT ) != null ) String value = entry.get( MetaSchemaConstants.M_DISABLED_AT ).getString(); value = Strings.upperCase( value ); isDisabled = "TRUE".equalsIgnoreCase( value ); depsSet.add( value.getValue() );
/** * Process the FQCN attribute * * @param entry The entry to read * @param objectType The type of schema object * @return The schema object FQCN * @throws LdapInvalidAttributeValueException If the attribute does not contain a valid value */ private String getFqcn( Entry entry, String objectType ) throws LdapInvalidAttributeValueException { // The FQCN Attribute mFqcn = entry.get( MetaSchemaConstants.M_FQCN_AT ); if ( mFqcn == null ) { String msg = I18n.err( I18n.ERR_16034_ENTRY_WITHOUT_VALID_AT, objectType, MetaSchemaConstants.M_FQCN_AT ); if ( LOG.isWarnEnabled() ) { LOG.warn( msg ); } throw new IllegalArgumentException( msg ); } return mFqcn.getString(); }
groups.add(cursor.get().get(configuration.getGroupNameAttribute()).getString()); Optional<SingularityUser> result = Optional.of(new SingularityUser(user, com.google.common.base.Optional.fromNullable(Strings.emptyToNull(userEntry.get(configuration.getUserNameAttribute()).getString())), com.google.common.base.Optional.fromNullable(Strings.emptyToNull(userEntry.get(configuration.getUserEmailAttribute()).getString())), groups));
private void addMemberToRoleOrGroup(final CoreSession session, final String dn, final String memberDN, final String attributeName) throws LdapException { final Entry entry = session.lookup(new Dn(dn), attributeName); Attribute attribute = entry.get(attributeName); if (attribute == null) { entry.add(attributeName, memberDN); attribute = entry.get(attributeName); } else { attribute.add(memberDN); } final ModifyRequestImpl modifyRequestImpl = new ModifyRequestImpl(); modifyRequestImpl.setName(entry.getDn()); modifyRequestImpl.replace(attribute); session.modify(modifyRequestImpl); }
/** * Indicates if the given Root DSE corresponds to an ApacheDS server. * * @param rootDse the Root DSE * @return <code>true</code> if this is an ApacheDS server, * <code>false</code> if not. * @throws LdapInvalidAttributeValueException If the vendorName attribute contains an invalid value */ private boolean isApacheDs( Entry rootDse ) throws LdapInvalidAttributeValueException { if ( rootDse != null ) { Attribute vendorNameAttribute = rootDse.get( SchemaConstants.VENDOR_NAME_AT ); if ( ( vendorNameAttribute != null ) && vendorNameAttribute.size() == 1 ) { return DEFAULT_APACHEDS_VENDOR_NAME.equalsIgnoreCase( vendorNameAttribute.getString() ); } } return false; }
for (Entry e : groupSearch) { if (LOG.isTraceEnabled()) { LOG.trace("Group Entry: {}", e.toString(" ")); if (! e.containsAttribute(groupIdAttribute)) { LOG.warn("Unknown group id attribute {}, skipping group entry {}", groupIdAttribute, e); continue; final String groupId = e.get(groupIdAttribute).getString(); if (ldapEntry == null) { LOG.trace("DN {} == {} member?", dn, member.getString()); if (dn != null && dn.equalsIgnoreCase(normalizedDn(member.getString()))) { groups.add(groupId); } else { if (!isNullOrEmpty(uid) && uid.equalsIgnoreCase(member.getString())) { LOG.trace("UID {} == {} member?", uid, member.getString()); groups.add(groupId);
@NotNull private ExternalIdentity createIdentity(@NotNull Entry entry, @Nullable String id, boolean isGroup) throws LdapInvalidAttributeValueException { LdapProviderConfig.Identity cfg = isGroup ? config.getGroupConfig() : config.getUserConfig(); if (id == null) { String idAttribute = cfg.getIdAttribute(); Attribute attr = entry.get(idAttribute); if (attr == null) { throw new LdapInvalidAttributeValueException(ResultCodeEnum.CONSTRAINT_VIOLATION, "no value found for attribute '" + idAttribute + "' for entry " + entry); } id = attr.getString(); } String extId = config.getUseUidForExtId() ? id : entry.getDn().getName(); ExternalIdentityRef ref = new ExternalIdentityRef(extId, this.getName()); String path = cfg.makeDnPath() ? createDNPath(entry.getDn()) : null; LdapIdentity identity = isGroup ? new LdapGroup(this, ref, id, path, entry) : new LdapUser(this, ref, id, path, entry); Map<String, Object> props = identity.getProperties(); applyAttributes(props, entry); return identity; }
private void denormalizeEntryOpAttrs( Entry entry ) throws LdapException { if ( directoryService.isDenormalizeOpAttrsEnabled() ) { Attribute attr = entry.get( SchemaConstants.CREATORS_NAME_AT ); if ( attr != null ) { Dn creatorsName = dnFactory.create( attr.getString() ); attr.clear(); attr.add( denormalizeTypes( creatorsName ).getName() ); } attr = entry.get( SchemaConstants.MODIFIERS_NAME_AT ); if ( attr != null ) { Dn modifiersName = dnFactory.create( attr.getString() ); attr.clear(); attr.add( denormalizeTypes( modifiersName ).getName() ); } attr = entry.get( ApacheSchemaConstants.SCHEMA_MODIFIERS_NAME_AT ); if ( attr != null ) { Dn modifiersName = dnFactory.create( attr.getString() ); attr.clear(); attr.add( denormalizeTypes( modifiersName ).getName() ); } } }
Attribute oc = entry.get( objectClassAT ); String oid = schemaManager.getObjectClassRegistry().getOidByName( value.getValue() ); if ( oc.contains( MetaSchemaConstants.META_SCHEMA_OC ) ) if ( oc.contains( SchemaConstants.ORGANIZATIONAL_UNIT_OC ) ) if ( deleteContext.getDn().size() != 3 ) String ouValue = deleteContext.getDn().getRdn().getValue(); ouValue = Strings.toLowerCaseAscii( Strings.trim( ouValue ) );
/** * Update the Operational Attribute with the reference to the subentry */ private void setOperationalAttribute( Entry entry, Dn subentryDn, AttributeType opAttr ) throws LdapException { Attribute operational = entry.get( opAttr ); if ( operational == null ) { operational = new DefaultAttribute( opAttr ); entry.put( operational ); } operational.add( subentryDn.getName() ); }
/** * Creates a new instance of DefaultModification. * * @param schemaManager The schema manager * @param modification The modification */ public DefaultModification( SchemaManager schemaManager, Modification modification ) { operation = modification.getOperation(); Attribute modAttribute = modification.getAttribute(); try { AttributeType at = modAttribute.getAttributeType(); if ( at == null ) { at = schemaManager.lookupAttributeTypeRegistry( modAttribute.getId() ); } attribute = new DefaultAttribute( at, modAttribute ); } catch ( LdapException ne ) { // The attributeType is incorrect. Log, but do nothing otherwise. LOG.error( I18n.err( I18n.ERR_13230_INCORRECT_ATTRIBUTE, modAttribute.getId() ) ); } }
/** * Update the list of modifications with a modification associated with a specific * role, if it's requested. */ private void getOperationalModForReplace( boolean hasRole, AttributeType attributeType, Entry entry, Dn oldDn, Dn newDn, List<Modification> modifications ) throws LdapInvalidAttributeValueException { String oldDnStr = oldDn.getName(); String newDnStr = newDn.getName(); if ( hasRole ) { Attribute operational = entry.get( attributeType ).clone(); if ( operational == null ) { operational = new DefaultAttribute( attributeType, newDnStr ); } else { operational.remove( oldDnStr ); operational.add( newDnStr ); } modifications.add( new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE, operational ) ); } }
/** * Anonymize an attribute using pure random values (either chars of bytes, depending on the Attribute type) */ @Override public Attribute anonymize( Map<Value, Value> valueMap, Set<Value> valueSet, Attribute attribute ) { Attribute result = new DefaultAttribute( attribute.getAttributeType() ); for ( Value value : attribute ) { byte[] bytesValue = value.getBytes(); byte[] newValue = computeNewValue( bytesValue ); try { result.add( newValue ); Value anonValue = new Value( attribute.getAttributeType(), newValue ); valueMap.put( ( Value ) value, anonValue ); valueSet.add( anonValue ); } catch ( LdapInvalidAttributeValueException e ) { throw new RuntimeException( I18n.err( I18n.ERR_13436_ERROR_ANONYMIZING_VALUE, value ) ); } } return result; }
@Override public Map<String, Object> transformSearchResult(SearchCursor cursor) throws IOException { LOG.debug(name); cursor.forEach(response -> { if (response instanceof SearchResultEntry) { Entry resultEntry = ((SearchResultEntry) response).getEntry(); String dn = resultEntry.getDn().toString(); LOG.debug("\tEntryDN {}", dn); DeepMap dnBranch = reqBranch.getBranch(dn.toLowerCase()); dnBranch.put(DISTINGUISH_NAME, dn); resultEntry.forEach(attr -> { // Since there might be multiple attributes with the same name, it is required to collect all their values (i.e. memberUid in group) if (attr.size() > 1) { List<Object> list = new ArrayList<>(); attr.iterator().forEachRemaining(list::add); String join = StringUtils.join(list, ","); dnBranch.put(attr.getId() + "", join); LOG.debug("\t\tAttr {} : {} ", attr.getId(), join); } else { dnBranch.put(attr.getId() + "", attr.get() + ""); LOG.debug("\t\tAttr {}", attr); } }); } }); return reqBranch.getRoot(); }