Package de.elo.ix.client.ldap

Class LdapUserDirectoryHandlerWrapper

java.lang.Object

de.elo.ix.client.ldap.LdapUserDirectoryHandlerWrapper

All Implemented Interfaces:

LdapUserDirectoryHandler

public class LdapUserDirectoryHandlerWrapper
extends Object
implements LdapUserDirectoryHandler

Constructor Summary

Constructors

Constructor	Description
LdapUserDirectoryHandlerWrapper()
LdapUserDirectoryHandlerWrapper(LdapUserDirectoryHandler innerHandler)

Method Summary

Modifier and Type	Method	Description
void	assignGroups(UserInfo ui, Domain domain, String userName, Set<String> groupNamesOS)	Assign the given groups to UserInfo.groupList.
void	assignProperties(UserInfo ui, Domain domain, String userName, Attributes attributes)	Assign LDAP attributes.
void	assignSuperior(UserInfo ui, Domain domain, String userName, Attributes attributes)	Assign superior.
void	assignUserName(UserInfo ui, Domain domain, String userName, Attributes attributes)	Assign user name, os name and mail address.
UserInfo	authenticate(String loginName, String password, String runAsName)	Authenticate a user and optionally return information of a second user.
void	closeContext(Context ctxt)	Close Context object.
InitialDirContext	createInitialDirContext(Domain domain, Map<String,String> environment)	Create an javax.naming.directory.InitialDirContext.
String	extractGroupNameFromDN(Domain domain, String groupDN)	Extract group name from Distinguished Name.
void	getGroupDNsFromAttributes(Domain domain, String userDN, Attributes attributes, String attributeName, Set<String> groupNames)	Extract the Distinguished Names of groups found in the given attributes.
void	getInitialContextEnvironment(Domain domain, String ldapUrl, String userName, String password, Map<String,String> environment)	Get environment properties to create an javax.naming.directory.InitialDirContext.
LdapUserDirectoryHandler	getInnerHandler()
void	getUserAttributeNames(Domain domain, String userDN, Set<String> attributeNames)	Get user attributes to be read.
Attributes	getUserAttributes(DirContext ctxt, Domain domain, String userDN, Set<String> attributeNames)	Get attributes from DirContext.
NamingEnumeration<SearchResult>	searchGroupsOfMember(DirContext ctxt, Domain domain, String groupSearchDN, String filterGroups, String memberDN, int timeoutSeconds)	Search groups in sub-tree of groupSearchDN that include memberDN as member.
NamingEnumeration<SearchResult>	searchPerson(DirContext ctx, Domain domain, String personSearchDN, String filterPerson, String userName, int timeoutSeconds, Set<String> attributeNames)	Search person by name or mail.
void	setInnerHandler(LdapUserDirectoryHandler innerHandler)
UserInfo	tryReadEloUser(String userName, boolean mustExist)	Read user from ELO.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

LdapUserDirectoryHandlerWrapper

public LdapUserDirectoryHandlerWrapper()

LdapUserDirectoryHandlerWrapper

public LdapUserDirectoryHandlerWrapper(LdapUserDirectoryHandler innerHandler)

Method Details

authenticate

public UserInfo authenticate(String loginName,
 String password,
 String runAsName)
                      throws byps.RemoteException

Description copied from interface: LdapUserDirectoryHandler

Authenticate a user and optionally return information of a second user.

Specified by:

authenticate in interface LdapUserDirectoryHandler

Parameters:

loginName - User to authenticate. If runAsName is null or empty, the implementation can decide to create this user in ELO if it does not exist. If a runAsName is supplied, this user must exist in ELO. This parameter can be empty if the implementation provides a default login account.

password - Password to loginName. Ignored, if loginName is empty.

runAsName - Return information of this user. The implementation can decide to create this user in ELO if it does not exist. If this parameter is null, the returned object refers to loginName.

Returns:

UserInfo object or null. UserInfo.getName() has to return the unique ELO user name. UserInfo.getId() must return the unique ELO user ID. Return UserDirectory.NOT_RESPONSIBLE_FOR_AUTHENTICATION if authentication should be processed against the ELO user database (and not against LDAP). Return null, if this handler does not process authentication (default behavior).

Throws:

byps.RemoteException

tryReadEloUser

public UserInfo tryReadEloUser(String userName,
 boolean mustExist)
                        throws byps.RemoteException

Description copied from interface: LdapUserDirectoryHandler

Read user from ELO. If user is not found and mustExist=false, return a new UserInfo object with UserInfo.id=-1 and UserInfo.name=userName.

Specified by:

tryReadEloUser in interface LdapUserDirectoryHandler

mustExist - if true, an exception is thrown if the user does not exist.

Returns:

UserInfo object.

Throws:

byps.RemoteException

getInitialContextEnvironment

public void getInitialContextEnvironment(Domain domain,
 String ldapUrl,
 String userName,
 String password,
 Map<String,String> environment)

Description copied from interface: LdapUserDirectoryHandler

Get environment properties to create an javax.naming.directory.InitialDirContext.

Specified by:

getInitialContextEnvironment in interface LdapUserDirectoryHandler

Parameters:

domain - Domain

ldapUrl - Server url

userName - User name to authenticate

password - User password

environment - The properties built by the other parameters have to be added to this map.

createInitialDirContext

public InitialDirContext createInitialDirContext(Domain domain,
 Map<String,String> environment)
                                          throws Exception

Description copied from interface: LdapUserDirectoryHandler

Create an javax.naming.directory.InitialDirContext.

Specified by:

createInitialDirContext in interface LdapUserDirectoryHandler

Parameters:

domain - Domain

environment - Environment properties, created by LdapUserDirectoryHandler.getInitialContextEnvironment(Domain, String, String, String, Map).

Returns:

InitialDirContext object.

Throws:

Exception

closeContext

public void closeContext(Context ctxt)

Description copied from interface: LdapUserDirectoryHandler

Close Context object.

Specified by:

closeContext in interface LdapUserDirectoryHandler

Parameters:

ctxt - Context object.

searchPerson

public NamingEnumeration<SearchResult> searchPerson(DirContext ctx,
 Domain domain,
 String personSearchDN,
 String filterPerson,
 String userName,
 int timeoutSeconds,
 Set<String> attributeNames)
                                             throws Exception

Description copied from interface: LdapUserDirectoryHandler

Search person by name or mail.

Specified by:

searchPerson in interface LdapUserDirectoryHandler

Parameters:

ctx - DirContext

domain - Domain

personSearchDN - Sub-trees to be searched (Distinguished Name).

filterPerson - Filter expression.

userName - User name.

timeoutSeconds - Timeout value.

attributeNames - Attributes to return.

Returns:

Attributes.

Throws:

Exception

getUserAttributeNames

public void getUserAttributeNames(Domain domain,
 String userDN,
 Set<String> attributeNames)

Description copied from interface: LdapUserDirectoryHandler

Get user attributes to be read.

Specified by:

getUserAttributeNames in interface LdapUserDirectoryHandler

Parameters:

domain - Domain

userDN - User Distinguished name of user.

attributeNames - Attribute names.

getUserAttributes

public Attributes getUserAttributes(DirContext ctxt,
 Domain domain,
 String userDN,
 Set<String> attributeNames)
                             throws Exception

Description copied from interface: LdapUserDirectoryHandler

Get attributes from DirContext.

Specified by:

getUserAttributes in interface LdapUserDirectoryHandler

Parameters:

ctxt - DirContext

domain - Domain

userDN - Distinguished name of user.

attributeNames - Attribute names.

Returns:

Attributes

Throws:

Exception

getGroupDNsFromAttributes

public void getGroupDNsFromAttributes(Domain domain,
 String userDN,
 Attributes attributes,
 String attributeName,
 Set<String> groupNames)
                               throws Exception

Description copied from interface: LdapUserDirectoryHandler

Extract the Distinguished Names of groups found in the given attributes.

Specified by:

getGroupDNsFromAttributes in interface LdapUserDirectoryHandler

Parameters:

domain - Domain

userDN - Distinguished name of user.

attributes - Attributes

attributeName - Attribute name of group membership

groupNames - Distinguished Names of groups.

Throws:

Exception

extractGroupNameFromDN

public String extractGroupNameFromDN(Domain domain,
 String groupDN)

Description copied from interface: LdapUserDirectoryHandler

Extract group name from Distinguished Name.

Specified by:

extractGroupNameFromDN in interface LdapUserDirectoryHandler

Parameters:

domain - Domain

groupDN - Group Distinguished Name

Returns:

Simple group name.

searchGroupsOfMember

public NamingEnumeration<SearchResult> searchGroupsOfMember(DirContext ctxt,
 Domain domain,
 String groupSearchDN,
 String filterGroups,
 String memberDN,
 int timeoutSeconds)
                                                     throws Exception

Description copied from interface: LdapUserDirectoryHandler

Search groups in sub-tree of groupSearchDN that include memberDN as member.

Specified by:

searchGroupsOfMember in interface LdapUserDirectoryHandler

Parameters:

ctxt - DirContext

domain - Domain

groupSearchDN - Distinguished Name of sub-tree

filterGroups - Filter expression

memberDN - Distinguished Name of group member.

timeoutSeconds - Search timeout in seconds

Returns:

Enumeration

Throws:

Exception

assignGroups

public void assignGroups(UserInfo ui,
 Domain domain,
 String userName,
 Set<String> groupNamesOS)
                  throws Exception

Description copied from interface: LdapUserDirectoryHandler

Assign the given groups to UserInfo.groupList. The default implementation calls checkoutUsers to read the ELO groups and maps the group names to their IDs. Group UserInfo.ID_EVERYONE should be always assigned.

Specified by:

assignGroups in interface LdapUserDirectoryHandler

Parameters:

ui - UserInfo.groupList is set by this function.

domain - Domain

userName - User name.

groupNamesOS - Set of group names.

Throws:

Exception

assignUserName

public void assignUserName(UserInfo ui,
 Domain domain,
 String userName,
 Attributes attributes)
                    throws Exception

Description copied from interface: LdapUserDirectoryHandler

Assign user name, os name and mail address.

Specified by:

assignUserName in interface LdapUserDirectoryHandler

Parameters:

ui - UserInfo.name, UserInfo.userProps[UserInfoC.PROP_NAME_OS], and UserInfo.userProps[UserInfoC.PROP_NAME_EMAIL] are set.

domain - Domain

userName - User name.

attributes - Attributes from LDAP server

Throws:

Exception

assignProperties

public void assignProperties(UserInfo ui,
 Domain domain,
 String userName,
 Attributes attributes)
                      throws Exception

Description copied from interface: LdapUserDirectoryHandler

Assign LDAP attributes.

Specified by:

assignProperties in interface LdapUserDirectoryHandler

Parameters:

ui - UserInfo.ldapProperties are set

domain - Domain

userName - User name.

attributes - Attributes from LDAP server

Throws:

Exception

getInnerHandler

public LdapUserDirectoryHandler getInnerHandler()

setInnerHandler

public void setInnerHandler(LdapUserDirectoryHandler innerHandler)

assignSuperior

public void assignSuperior(UserInfo ui,
 Domain domain,
 String userName,
 Attributes attributes)
                    throws Exception

Description copied from interface: LdapUserDirectoryHandler

Assign superior.

Specified by:

assignSuperior in interface LdapUserDirectoryHandler

Parameters:

ui - UserInfo.name, UserInfo.userProps[UserInfoC.PROP_NAME_OS], and UserInfo.userProps[UserInfoC.PROP_NAME_EMAIL] are set.

domain - Domain

userName - User name.

attributes - Attributes from LDAP server

Throws:

Exception