public class LdapGroupDirectory extends AbstractLDAPConnector<Object,Object> implements GroupDirectory
Modifier and Type | Class and Description |
---|---|
private static class |
LdapGroupDirectory.GroupComparator
Group comparator.
|
private static class |
LdapGroupDirectory.LdapGroup
Implementation of
Group for Ldap group directory |
Modifier and Type | Field and Description |
---|---|
private static LdapGroupDirectory.GroupComparator |
__GROUP_COMPARATOR |
protected static String |
__PARAM_ASSOCIATED_USERDIRECTORY_ID
Name of the parameter holding the id of the associated user directory
|
protected static String |
__PARAM_DATASOURCE_ID
Name of the parameter holding the datasource id
|
protected static String |
__PARAM_GROUPS_DESCRIPTION_ATTRIBUTE
Name of the decription attribute.
|
protected static String |
__PARAM_GROUPS_ID_ATTRIBUTE
Name of the id attribute.
|
protected static String |
__PARAM_GROUPS_MEMBER_ATTRIBUTE
Name of the member DN attribute.
|
protected static String |
__PARAM_GROUPS_MEMBEROF_ATTRIBUTE
Name of the member DN attribute.
|
protected static String |
__PARAM_GROUPS_OBJECT_FILTER
Filter for limiting the search.
|
protected static String |
__PARAM_GROUPS_RELATIVE_DN
Relative DN for groups.
|
protected static String |
__PARAM_GROUPS_SEARCH_SCOPE
The scope used for search.
|
protected static String |
__PARAM_USERS_UID_ATTRIBUTE
Name of the user uid attribute.
|
protected String |
_associatedPopulationId
The id of the associated user population where the LDAP group will retrieve the users
|
protected String |
_associatedUserDirectoryId
The id of the associated user directory where the LDAP group will retrieve the users
|
private String |
_groupDirectoryModelId
The id of the
GroupDirectoryModel |
protected String |
_groupsDescriptionAttribute
The group description attribute
|
protected String |
_groupsIdAttribute
The group id attribute
|
protected String |
_groupsMemberAttribute
The attribute which contains the member DN
|
protected String |
_groupsObjectFilter
The filter to find groups
|
protected String |
_groupsRelativeDN
The group DN relative to baseDN
|
protected int |
_groupsSearchScope
The scope used for search.
|
protected String |
_id
The id
|
protected I18nizableText |
_label
The label
|
protected int |
_pageSize
The LDAP search page size.
|
private Map<String,Object> |
_paramValues
The map of the values of the parameters
|
protected UserManager |
_userManager
The user manager
|
protected UserPopulationDAO |
_userPopulationDAO
The DAO for user populations
|
protected String |
_usersMemberOfAttribute
The attribute which contains the groups of a user
|
protected String |
_userUidAttribute
The user id in 'memberUid' attribute (on groups for retrieving the users of a group).
|
__DEFAULT_PAGE_SIZE, _ldapAdminPassword, _ldapAdminRelativeDN, _ldapAliasDerefMode, _ldapAuthenticationMethod, _ldapBaseDN, _ldapFollowReferrals, _ldapUrl, _ldapUseSSL, _pagingSupported
Constructor and Description |
---|
LdapGroupDirectory() |
Modifier and Type | Method and Description |
---|---|
protected String |
_getGroupId(SearchResult groupEntry)
Get a group id from attributes of a ldap group entry.
|
protected Set<String> |
_getGroupIdsOfUser(Attributes userAttrs,
DirContext context)
Get group ids from attributes of a ldap user entry.
|
protected String |
_getRelativeDn(String dn)
If the given DN is absolute, return the relative DN.
|
protected SearchControls |
_getSearchConstraint()
Get constraints for a search.
|
protected Group |
_getUserGroup(SearchResult entry)
Get an UserGroup from attributes of a ldap entry.
|
private Set<String> |
_getUserGroupsFromMemberAttr(UserIdentity userIdentity,
LdapUserDirectory userDirectory) |
private Set<String> |
_getUserGroupsFromMemberofAttr(UserIdentity userIdentity,
String usersRelativeDN,
LdapUserDirectory associatedUserDirectory) |
protected UserIdentity |
_getUserInLdapFromDn(String ldapDn)
Gets a user according to its DN
|
protected UserIdentity |
_getUserInLdapFromUid(String ldapUid)
Gets a user according to its UID
|
private SearchControls |
_getUserSearchConstraint(String[] returningAttributes) |
protected Set<UserIdentity> |
_getUsersFromMembersOfAttr(String groupId)
Gets all users of a group from the 'runtime.groups.ldap.memberof' attribute on the users
|
protected Map<String,Object> |
_group2JSON(Group group,
boolean users)
Get group as JSON object
|
Group |
getGroup(String groupID)
Returns a particular group.
|
String |
getGroupDirectoryModelId()
Get the id of the
GroupDirectoryModel extension point |
Set<Group> |
getGroups()
Returns all groups.
|
String |
getId()
Get the id of the group directory.
|
I18nizableText |
getLabel()
Get the label of the group directory.
|
Map<String,Object> |
getParameterValues()
Get the values of parameters (from group directory model)
|
Set<String> |
getUserGroups(UserIdentity userIdentity)
Get all groups a particular user is in.
|
Map<String,Object> |
group2JSON(String id,
boolean withUsers)
Get group
|
List<Map<String,Object>> |
groups2JSON(int count,
int offset,
Map parameters,
boolean withUsers)
Get groups
|
void |
init(String groupDirectoryModelId,
Map<String,Object> paramValues)
Initialize the group directory with given parameter values.
|
void |
service(ServiceManager serviceManager) |
void |
setId(String id)
Set the id of the group directory.
|
void |
setLabel(I18nizableText label)
Set the label of the group directory.
|
_cleanup, _delayedInitialize, _getConfigParameter, _getContextEnv, _getFilter, _getRootContextEnv, _getSearchScope, _hasMoreEntries, _search, _search, _setPagingIfSupported, _testConnectionsPooled, _testPagingSupported, isPagingSupported
addObjectInCache, clearCache, dispose, getObjectFromCache, initialize, isCacheEnabled, removeObjectFromCache
getLogger, setLogger
protected static final String __PARAM_DATASOURCE_ID
protected static final String __PARAM_ASSOCIATED_USERDIRECTORY_ID
protected static final String __PARAM_GROUPS_RELATIVE_DN
protected static final String __PARAM_GROUPS_OBJECT_FILTER
protected static final String __PARAM_GROUPS_SEARCH_SCOPE
protected static final String __PARAM_GROUPS_ID_ATTRIBUTE
protected static final String __PARAM_GROUPS_DESCRIPTION_ATTRIBUTE
protected static final String __PARAM_USERS_UID_ATTRIBUTE
protected static final String __PARAM_GROUPS_MEMBER_ATTRIBUTE
protected static final String __PARAM_GROUPS_MEMBEROF_ATTRIBUTE
private static final LdapGroupDirectory.GroupComparator __GROUP_COMPARATOR
protected UserManager _userManager
protected UserPopulationDAO _userPopulationDAO
protected String _groupsRelativeDN
protected String _groupsObjectFilter
protected int _groupsSearchScope
protected String _groupsIdAttribute
protected String _groupsDescriptionAttribute
protected int _pageSize
protected String _groupsMemberAttribute
protected String _associatedUserDirectoryId
protected String _associatedPopulationId
protected String _userUidAttribute
protected String _usersMemberOfAttribute
protected I18nizableText _label
private String _groupDirectoryModelId
GroupDirectoryModel
private Map<String,Object> _paramValues
public LdapGroupDirectory()
public String getId()
GroupDirectory
getId
in interface GroupDirectory
public I18nizableText getLabel()
GroupDirectory
getLabel
in interface GroupDirectory
public void setId(String id)
GroupDirectory
setId
in interface GroupDirectory
id
- The idpublic void setLabel(I18nizableText label)
GroupDirectory
setLabel
in interface GroupDirectory
label
- The labelpublic String getGroupDirectoryModelId()
GroupDirectory
GroupDirectoryModel
extension pointgetGroupDirectoryModelId
in interface GroupDirectory
public Map<String,Object> getParameterValues()
GroupDirectory
getParameterValues
in interface GroupDirectory
public void service(ServiceManager serviceManager) throws ServiceException
service
in interface Serviceable
service
in class AbstractLDAPConnector<Object,Object>
ServiceException
public void init(String groupDirectoryModelId, Map<String,Object> paramValues) throws Exception
GroupDirectory
init
in interface GroupDirectory
groupDirectoryModelId
- The id of group directory extension pointparamValues
- The parameters' valuesException
- If an error occuredpublic Group getGroup(String groupID)
GroupDirectory
getGroup
in interface GroupDirectory
groupID
- The id of the group.public Set<Group> getGroups()
GroupDirectory
getGroups
in interface GroupDirectory
public Set<String> getUserGroups(UserIdentity userIdentity)
GroupDirectory
getUserGroups
in interface GroupDirectory
userIdentity
- The identity of the userprivate Set<String> _getUserGroupsFromMemberofAttr(UserIdentity userIdentity, String usersRelativeDN, LdapUserDirectory associatedUserDirectory)
private Set<String> _getUserGroupsFromMemberAttr(UserIdentity userIdentity, LdapUserDirectory userDirectory)
protected String _getGroupId(SearchResult groupEntry)
groupEntry
- The ldap group entry to get attributes from.IllegalArgumentException
- If a needed attribute is missing.protected Set<String> _getGroupIdsOfUser(Attributes userAttrs, DirContext context) throws NamingException
userAttrs
- The attributes of a ldap user entrycontext
- The contextNamingException
- If a naming exception was encountered while retrieving the group DNsIllegalArgumentException
- If a needed attribute is missing.public List<Map<String,Object>> groups2JSON(int count, int offset, Map parameters, boolean withUsers)
GroupDirectory
groups2JSON
in interface GroupDirectory
count
- The maximum number of groups to sax. (-1 to sax all)offset
- The offset to start with, first is 0.parameters
- Parameters for saxing user list differently, see implementation.withUsers
- true to also have the users of the groupspublic Map<String,Object> group2JSON(String id, boolean withUsers)
GroupDirectory
group2JSON
in interface GroupDirectory
id
- The group's idwithUsers
- true to also have the users of the groupprotected Group _getUserGroup(SearchResult entry)
entry
- The ldap entry to get attributes from.IllegalArgumentException
- If a needed attribute is missing.protected String _getRelativeDn(String dn)
dn
- The absolute or relative DNprotected UserIdentity _getUserInLdapFromDn(String ldapDn)
ldapDn
- The DN of the user in the LDAPprotected UserIdentity _getUserInLdapFromUid(String ldapUid)
ldapUid
- The UID of the user in the LDAPprotected Set<UserIdentity> _getUsersFromMembersOfAttr(String groupId)
groupId
- The id of the groupprivate SearchControls _getUserSearchConstraint(String[] returningAttributes)
protected SearchControls _getSearchConstraint()
protected Map<String,Object> _group2JSON(Group group, boolean users)
group
- the groupusers
- true to get users' group