source.dussan.org Git - archiva.git/blob

   1 package org.apache.archiva.redback.rbac.ldap;
   2 /*
   3  * Licensed to the Apache Software Foundation (ASF) under one
   4  * or more contributor license agreements.  See the NOTICE file
   5  * distributed with this work for additional information
   6  * regarding copyright ownership.  The ASF licenses this file
   7  * to you under the Apache License, Version 2.0 (the
   8  * "License"); you may not use this file except in compliance
   9  * with the License.  You may obtain a copy of the License at
  10  *
  11  * http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing,
  14  * software distributed under the License is distributed on an
  15  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  16  * KIND, either express or implied.  See the License for the
  17  * specific language governing permissions and limitations
  18  * under the License.
  19  */
  20
  21 import org.apache.archiva.redback.common.ldap.MappingException;
  22 import org.apache.archiva.redback.common.ldap.connection.LdapConnection;
  23 import org.apache.archiva.redback.common.ldap.connection.LdapConnectionFactory;
  24 import org.apache.archiva.redback.common.ldap.connection.LdapException;
  25 import org.apache.archiva.redback.configuration.UserConfiguration;
  26 import org.apache.archiva.redback.configuration.UserConfigurationKeys;
  27 import org.apache.commons.lang.StringUtils;
  28 import org.slf4j.Logger;
  29 import org.slf4j.LoggerFactory;
  30 import org.springframework.stereotype.Service;
  31
  32 import javax.annotation.PostConstruct;
  33 import javax.inject.Inject;
  34 import javax.inject.Named;
  35 import javax.naming.NamingEnumeration;
  36 import javax.naming.NamingException;
  37 import javax.naming.directory.Attribute;
  38 import javax.naming.directory.DirContext;
  39 import javax.naming.directory.SearchControls;
  40 import javax.naming.directory.SearchResult;
  41 import java.util.ArrayList;
  42 import java.util.Collections;
  43 import java.util.List;
  44 import java.util.Map;
  45
  46 /**
  47  * @author Olivier Lamy
  48  * @since 2.1
  49  */
  50 @Service( "ldapRoleMapper#default" )
  51 public class DefaultLdapRoleMapper
  52     implements LdapRoleMapper
  53 {
  54
  55     private Logger log = LoggerFactory.getLogger( getClass() );
  56
  57     @Inject
  58     private LdapConnectionFactory ldapConnectionFactory;
  59
  60     @Inject
  61     @Named( value = "userConfiguration#default" )
  62     private UserConfiguration userConf;
  63
  64     //---------------------------
  65     // fields
  66     //---------------------------
  67
  68     private String ldapGroupClass = "groupOfUniqueNames";
  69
  70     private String groupsDn;
  71
  72     private String baseDn;
  73
  74     @PostConstruct
  75     public void initialize()
  76     {
  77         this.ldapGroupClass = userConf.getString( UserConfigurationKeys.LDAP_GROUPS_CLASS, this.ldapGroupClass );
  78
  79         this.groupsDn = userConf.getString( UserConfigurationKeys.LDAP_GROUPS_BASEDN, this.groupsDn );
  80
  81         this.baseDn = userConf.getString( UserConfigurationKeys.LDAP_BASEDN, this.baseDn );
  82     }
  83
  84     public String getLdapGroup( String role )
  85     {
  86         return userConf.getString( UserConfigurationKeys.LDAP_GROUPS_ROLE_START_KEY + role );
  87     }
  88
  89     public List<String> getAllGroups()
  90         throws MappingException
  91     {
  92         LdapConnection ldapConnection = null;
  93
  94         NamingEnumeration<SearchResult> namingEnumeration = null;
  95         try
  96         {
  97             ldapConnection = ldapConnectionFactory.getConnection();
  98
  99             DirContext context = ldapConnection.getDirContext();
 100
 101             SearchControls searchControls = new SearchControls();
 102
 103             searchControls.setDerefLinkFlag( true );
 104             searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
 105
 106             String filter = "objectClass=" + getLdapGroupClass();
 107
 108             namingEnumeration = context.search( getGroupsDn(), filter, searchControls );
 109
 110             List<String> allGroups = new ArrayList<String>();
 111
 112             while ( namingEnumeration.hasMore() )
 113             {
 114                 SearchResult searchResult = namingEnumeration.next();
 115
 116                 String groupName = searchResult.getName();
 117                 // cn=blabla we only want bla bla
 118                 groupName = StringUtils.substringAfter( groupName, "=" );
 119
 120                 log.debug( "found groupName: '{}", groupName );
 121
 122                 allGroups.add( groupName );
 123
 124             }
 125
 126             return allGroups;
 127         }
 128         catch ( LdapException e )
 129         {
 130             throw new MappingException( e.getMessage(), e );
 131         }
 132         catch ( NamingException e )
 133         {
 134             throw new MappingException( e.getMessage(), e );
 135         }
 136
 137         finally
 138         {
 139             if ( ldapConnection != null )
 140             {
 141                 ldapConnection.close();
 142             }
 143             if ( namingEnumeration != null )
 144             {
 145                 try
 146                 {
 147                     namingEnumeration.close();
 148                 }
 149                 catch ( NamingException e )
 150                 {
 151                     log.warn( "failed to close search results", e );
 152                 }
 153             }
 154         }
 155     }
 156
 157     public List<String> getGroupsMember( String group )
 158         throws MappingException
 159     {
 160         LdapConnection ldapConnection = null;
 161
 162         NamingEnumeration<SearchResult> namingEnumeration = null;
 163         try
 164         {
 165             ldapConnection = ldapConnectionFactory.getConnection();
 166
 167             DirContext context = ldapConnection.getDirContext();
 168
 169             SearchControls searchControls = new SearchControls();
 170
 171             searchControls.setDerefLinkFlag( true );
 172             searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
 173
 174             String filter = "objectClass=" + getLdapGroupClass();
 175
 176             namingEnumeration = context.search( "cn=" + group + "," + getGroupsDn(), filter, searchControls );
 177
 178             List<String> allMembers = new ArrayList<String>();
 179
 180             while ( namingEnumeration.hasMore() )
 181             {
 182                 SearchResult searchResult = namingEnumeration.next();
 183
 184                 Attribute uniqueMemberAttr = searchResult.getAttributes().get( "uniquemember" );
 185
 186                 if ( uniqueMemberAttr != null )
 187                 {
 188                     NamingEnumeration<String> allMembersEnum = (NamingEnumeration<String>) uniqueMemberAttr.getAll();
 189                     while ( allMembersEnum.hasMore() )
 190                     {
 191                         String userName = allMembersEnum.next();
 192                         // uid=blabla we only want bla bla
 193                         userName = StringUtils.substringAfter( userName, "=" );
 194                         userName = StringUtils.substringBefore( userName, "," );
 195                         log.debug( "found userName for group {}: '{}", group, userName );
 196
 197                         allMembers.add( userName );
 198                     }
 199                     close( allMembersEnum );
 200                 }
 201
 202
 203             }
 204
 205             return allMembers;
 206         }
 207         catch ( LdapException e )
 208         {
 209             throw new MappingException( e.getMessage(), e );
 210         }
 211         catch ( NamingException e )
 212         {
 213             throw new MappingException( e.getMessage(), e );
 214         }
 215
 216         finally
 217         {
 218             if ( ldapConnection != null )
 219             {
 220                 ldapConnection.close();
 221             }
 222             close( namingEnumeration );
 223         }
 224     }
 225
 226     public List<String> getGroups( String username )
 227         throws MappingException
 228     {
 229
 230         List<String> userGroups = new ArrayList<String>();
 231
 232         LdapConnection ldapConnection = null;
 233
 234         NamingEnumeration<SearchResult> namingEnumeration = null;
 235         try
 236         {
 237             ldapConnection = ldapConnectionFactory.getConnection();
 238
 239             DirContext context = ldapConnection.getDirContext();
 240
 241             SearchControls searchControls = new SearchControls();
 242
 243             searchControls.setDerefLinkFlag( true );
 244             searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
 245
 246             String filter =
 247                 new StringBuilder().append( "(&" ).append( "(objectClass=" + getLdapGroupClass() + ")" ).append(
 248                     "(uniquemember=" ).append( "uid=" + username + "," + this.getBaseDn() ).append( ")" ).append(
 249                     ")" ).toString();
 250
 251             log.debug( "filter: {}", filter );
 252
 253             namingEnumeration = context.search( getGroupsDn(), filter, searchControls );
 254
 255             while ( namingEnumeration.hasMore() )
 256             {
 257                 SearchResult searchResult = namingEnumeration.next();
 258
 259                 List<String> allMembers = new ArrayList<String>();
 260
 261                 Attribute uniqueMemberAttr = searchResult.getAttributes().get( "uniquemember" );
 262
 263                 if ( uniqueMemberAttr != null )
 264                 {
 265                     NamingEnumeration<String> allMembersEnum = (NamingEnumeration<String>) uniqueMemberAttr.getAll();
 266                     while ( allMembersEnum.hasMore() )
 267                     {
 268                         String userName = allMembersEnum.next();
 269                         // uid=blabla we only want bla bla
 270                         userName = StringUtils.substringAfter( userName, "=" );
 271                         userName = StringUtils.substringBefore( userName, "," );
 272                         allMembers.add( userName );
 273                     }
 274                     close( allMembersEnum );
 275                 }
 276
 277                 if ( allMembers.contains( username ) )
 278                 {
 279                     String groupName = searchResult.getName();
 280                     // cn=blabla we only want bla bla
 281                     groupName = StringUtils.substringAfter( groupName, "=" );
 282                     userGroups.add( groupName );
 283
 284                 }
 285
 286
 287             }
 288
 289             return userGroups;
 290         }
 291         catch ( LdapException e )
 292         {
 293             throw new MappingException( e.getMessage(), e );
 294         }
 295         catch ( NamingException e )
 296         {
 297             throw new MappingException( e.getMessage(), e );
 298         }
 299
 300         finally
 301         {
 302             if ( ldapConnection != null )
 303             {
 304                 ldapConnection.close();
 305             }
 306             close( namingEnumeration );
 307         }
 308
 309     }
 310
 311     private void close( NamingEnumeration namingEnumeration )
 312     {
 313         if ( namingEnumeration != null )
 314         {
 315             try
 316             {
 317                 namingEnumeration.close();
 318             }
 319             catch ( NamingException e )
 320             {
 321                 log.warn( "fail to close namingEnumeration: {}", e.getMessage() );
 322             }
 323         }
 324     }
 325
 326     public String getGroupsDn()
 327     {
 328         return this.groupsDn;
 329     }
 330
 331     public String getLdapGroupClass()
 332     {
 333         return this.ldapGroupClass;
 334     }
 335
 336     public void addLdapMapping( String role, String ldapGroup )
 337     {
 338         log.warn( "addLdapMapping not implemented" );
 339     }
 340
 341     public void removeLdapMapping( String role )
 342     {
 343         log.warn( "removeLdapMapping not implemented" );
 344     }
 345
 346     public Map<String, String> getLdapGroupMappings()
 347     {
 348         log.warn( "getLdapGroupMappings not implemented" );
 349         return Collections.emptyMap();
 350     }
 351
 352     //---------------------------------
 353     // setters for unit tests
 354     //---------------------------------
 355
 356
 357     public void setGroupsDn( String groupsDn )
 358     {
 359         this.groupsDn = groupsDn;
 360     }
 361
 362     public void setLdapGroupClass( String ldapGroupClass )
 363     {
 364         this.ldapGroupClass = ldapGroupClass;
 365     }
 366
 367     public void setUserConf( UserConfiguration userConf )
 368     {
 369         this.userConf = userConf;
 370     }
 371
 372     public void setLdapConnectionFactory( LdapConnectionFactory ldapConnectionFactory )
 373     {
 374         this.ldapConnectionFactory = ldapConnectionFactory;
 375     }
 376
 377     public String getBaseDn()
 378     {
 379         return baseDn;
 380     }
 381
 382     public void setBaseDn( String baseDn )
 383     {
 384         this.baseDn = baseDn;
 385     }
 386 }