Class LdapUserDirectory
- java.lang.Object
-
- org.ametys.runtime.plugin.component.AbstractLogEnabled
-
- org.ametys.core.util.ldap.AbstractLDAPConnector
-
- org.ametys.plugins.core.impl.user.directory.LdapUserDirectory
-
- All Implemented Interfaces:
UserDirectory
,Cacheable
,LogEnabled
,Disposable
,Component
,Serviceable
public class LdapUserDirectory extends AbstractLDAPConnector implements UserDirectory, Component, Cacheable, Disposable
Use an ldap directory for getting the list of users and also authenticating them.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.ametys.core.util.Cacheable
Cacheable.SingleCacheConfiguration
-
-
Field Summary
Fields Modifier and Type Field Description private static String
__LDAP_USERDIRECTORY_USER_BY_LOGIN_CACHE_NAME_PREFIX
private static String
__LDAP_USERDIRECTORY_USER_BY_MAIL_CACHE_NAME_PREFIX
private AbstractCacheManager
_cacheManager
private String
_id
private String
_label
protected int
_pageSize
The LDAP search page size.private Map<String,Object>
_paramValues
private String
_populationId
private String
_udModelId
private String
_uniqueCacheSuffix
protected boolean
_userEmailIsMandatory
To know if email is a mandatory attributeprotected String
_usersEmailAttribute
Name of the email attribute.protected String
_usersFirstnameAttribute
Name of the first name attribute.protected String
_usersLastnameAttribute
Name of the last name attribute.protected String
_usersLoginAttribute
Name of the login attribute.protected String
_usersObjectFilter
Filter for limiting the search.protected String
_usersRelativeDN
Relative DN for users.protected int
_usersSearchScope
The scope used for search.static String
PARAM_DATASOURCE_ID
Name of the parameter holding the datasource idstatic String
PARAM_SERVER_SIDE_SORTING
True to sort the results on the server side, false to get the results unsorted.static String
PARAM_USERS_EMAIL_ATTRIBUTE
Name of the email attribute.static String
PARAM_USERS_EMAIL_IS_MANDATORY
To know if email is a mandatory attributestatic String
PARAM_USERS_FIRSTNAME_ATTRIBUTE
Name of the first name attribute.static String
PARAM_USERS_LASTNAME_ATTRIBUTE
Name of the last name attribute.static String
PARAM_USERS_LOGIN_ATTRIBUTE
Name of the login attribute.static String
PARAM_USERS_OBJECT_FILTER
Filter for limiting the search.static String
PARAM_USERS_RELATIVE_DN
Relative DN for users.static String
PARAM_USERS_SEARCH_SCOPE
The scope used for search.-
Fields inherited from class org.ametys.core.util.ldap.AbstractLDAPConnector
__DEFAULT_PAGE_SIZE, _ldapAdminPassword, _ldapAdminRelativeDN, _ldapAliasDerefMode, _ldapAuthenticationMethod, _ldapBaseDN, _ldapFollowReferrals, _ldapUrl, _ldapUseSSL, _pagingSupported, _serverSideSorting
-
-
Constructor Summary
Constructors Constructor Description LdapUserDirectory()
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description private I18nizableText
_buildI18n(String i18nKey)
protected User
_createUser(Map<String,Object> attributes)
Create a new user from LDAP attributesprotected User
_entry2User(Map<String,Object> attributes)
Deprecated.protected Map<String,Object>
_getAttributes(SearchResult entry)
Get attributes from a ldap entry.protected Map<String,Object>
_getPatternFilter(String pattern)
Get the filter from a pattern.protected SearchControls
_getSearchConstraint(int maxResults)
Get constraints for a search.protected Control[]
_getSortControls()
Get the sort control.protected List<User>
_internalGetUsers(Map<String,Map<String,Object>> entries, int count, int offset, String pattern, int possibleErrors)
Get the user list.private List<User>
_users(Map<String,Map<String,Object>> entries, int count, int offset, String pattern, NamingEnumeration<SearchResult> results, int possibleErrors)
boolean
checkCredentials(String login, String password)
Authenticate a user with its credentialsvoid
dispose()
private Cache<String,User>
getCacheByLogin()
private Cache<String,User>
getCacheByMail()
AbstractCacheManager
getCacheManager()
Returns the instance of the implementation ofAbstractCacheManager
to use.String
getId()
A unique identifierString
getLabel()
Get the label of the CredentialProviderCollection<Cacheable.SingleCacheConfiguration>
getManagedCaches()
Gets the managed caches.Map<String,Object>
getParameterValues()
Get the values of parameters (from user directory model)String
getPopulationId()
Get the id of the population this user directory belongs to.protected String[]
getSortByFields()
Get the fields to sort by if the search is sortedprivate String
getUniqueCacheIdSuffix()
User
getUser(String login)
Get a particular user by his login.User
getUserByEmail(String email)
Get a particular user by his email.String
getUserDirectoryModelId()
Get the id of theUserDirectoryModel
extension pointString
getUserDN(String login)
Get the distinguished name of an user by his login.Collection<User>
getUsers()
Get the list of all users of one directory.List<User>
getUsers(int count, int offset, Map<String,Object> parameters)
Get a list of users from a directory given the parametersvoid
init(String id, String udModelId, Map<String,Object> paramValues, String label)
Initialize the user's directory with given parameters' values.void
service(ServiceManager serviceManager)
void
setPopulationId(String populationId)
Set the value of the id of the population this user directory belong to.-
Methods inherited from class org.ametys.core.util.ldap.AbstractLDAPConnector
_cleanup, _delayedInitialize, _getConfigParameter, _getContextEnv, _getFilter, _getRootContextEnv, _getSearchScope, _hasMoreEntries, _search, _search, _search, _search, _setResultsControls, _testConnectionsPooled, _testPagingSupported, isPagingSupported
-
Methods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled
getLogger, setLogger
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.ametys.core.util.Cacheable
createCaches, getCache, hasComputableSize, isCachingEnabled, removeCaches
-
-
-
-
Field Detail
-
PARAM_DATASOURCE_ID
public static final String PARAM_DATASOURCE_ID
Name of the parameter holding the datasource id- See Also:
- Constant Field Values
-
PARAM_USERS_RELATIVE_DN
public static final String PARAM_USERS_RELATIVE_DN
Relative DN for users.- See Also:
- Constant Field Values
-
PARAM_USERS_OBJECT_FILTER
public static final String PARAM_USERS_OBJECT_FILTER
Filter for limiting the search.- See Also:
- Constant Field Values
-
PARAM_USERS_SEARCH_SCOPE
public static final String PARAM_USERS_SEARCH_SCOPE
The scope used for search.- See Also:
- Constant Field Values
-
PARAM_USERS_LOGIN_ATTRIBUTE
public static final String PARAM_USERS_LOGIN_ATTRIBUTE
Name of the login attribute.- See Also:
- Constant Field Values
-
PARAM_USERS_FIRSTNAME_ATTRIBUTE
public static final String PARAM_USERS_FIRSTNAME_ATTRIBUTE
Name of the first name attribute.- See Also:
- Constant Field Values
-
PARAM_USERS_LASTNAME_ATTRIBUTE
public static final String PARAM_USERS_LASTNAME_ATTRIBUTE
Name of the last name attribute.- See Also:
- Constant Field Values
-
PARAM_USERS_EMAIL_ATTRIBUTE
public static final String PARAM_USERS_EMAIL_ATTRIBUTE
Name of the email attribute.- See Also:
- Constant Field Values
-
PARAM_USERS_EMAIL_IS_MANDATORY
public static final String PARAM_USERS_EMAIL_IS_MANDATORY
To know if email is a mandatory attribute- See Also:
- Constant Field Values
-
PARAM_SERVER_SIDE_SORTING
public static final String PARAM_SERVER_SIDE_SORTING
True to sort the results on the server side, false to get the results unsorted.- See Also:
- Constant Field Values
-
__LDAP_USERDIRECTORY_USER_BY_LOGIN_CACHE_NAME_PREFIX
private static final String __LDAP_USERDIRECTORY_USER_BY_LOGIN_CACHE_NAME_PREFIX
-
__LDAP_USERDIRECTORY_USER_BY_MAIL_CACHE_NAME_PREFIX
private static final String __LDAP_USERDIRECTORY_USER_BY_MAIL_CACHE_NAME_PREFIX
-
_usersRelativeDN
protected String _usersRelativeDN
Relative DN for users.
-
_usersObjectFilter
protected String _usersObjectFilter
Filter for limiting the search.
-
_usersSearchScope
protected int _usersSearchScope
The scope used for search.
-
_usersLoginAttribute
protected String _usersLoginAttribute
Name of the login attribute.
-
_usersFirstnameAttribute
protected String _usersFirstnameAttribute
Name of the first name attribute.
-
_usersLastnameAttribute
protected String _usersLastnameAttribute
Name of the last name attribute.
-
_usersEmailAttribute
protected String _usersEmailAttribute
Name of the email attribute.
-
_userEmailIsMandatory
protected boolean _userEmailIsMandatory
To know if email is a mandatory attribute
-
_pageSize
protected int _pageSize
The LDAP search page size.
-
_udModelId
private String _udModelId
-
_paramValues
private Map<String,Object> _paramValues
-
_populationId
private String _populationId
-
_uniqueCacheSuffix
private final String _uniqueCacheSuffix
-
_cacheManager
private AbstractCacheManager _cacheManager
-
-
Constructor Detail
-
LdapUserDirectory
public LdapUserDirectory()
-
-
Method Detail
-
getId
public String getId()
Description copied from interface:UserDirectory
A unique identifier- Specified by:
getId
in interfaceUserDirectory
- Returns:
- The non-null and non-empty identifier
-
getLabel
public String getLabel()
Description copied from interface:UserDirectory
Get the label of the CredentialProvider- Specified by:
getLabel
in interfaceUserDirectory
- Returns:
- The optionnal label
-
service
public void service(ServiceManager serviceManager) throws ServiceException
- Specified by:
service
in interfaceServiceable
- Overrides:
service
in classAbstractLDAPConnector
- Throws:
ServiceException
-
dispose
public void dispose()
- Specified by:
dispose
in interfaceDisposable
-
getCacheManager
public AbstractCacheManager getCacheManager()
Description copied from interface:Cacheable
Returns the instance of the implementation ofAbstractCacheManager
to use.
This is not meant to be called manually.- Specified by:
getCacheManager
in interfaceCacheable
- Returns:
- The
AbstractCacheManager
to bind
-
getUniqueCacheIdSuffix
private String getUniqueCacheIdSuffix()
-
getManagedCaches
public Collection<Cacheable.SingleCacheConfiguration> getManagedCaches()
Description copied from interface:Cacheable
Gets the managed caches.
This is meant to be implemented in order to describe the managed caches and automatically create and remove the corresponding caches inCacheable.createCaches()
andCacheable.removeCaches()
default methods.
This is not meant to be called manually.- Specified by:
getManagedCaches
in interfaceCacheable
- Returns:
- A collection of
Cacheable.SingleCacheConfiguration
s to manage
-
_buildI18n
private I18nizableText _buildI18n(String i18nKey)
-
getCacheByLogin
private Cache<String,User> getCacheByLogin()
-
getCacheByMail
private Cache<String,User> getCacheByMail()
-
init
public void init(String id, String udModelId, Map<String,Object> paramValues, String label) throws Exception
Description copied from interface:UserDirectory
Initialize the user's directory with given parameters' values.- Specified by:
init
in interfaceUserDirectory
- Parameters:
id
- The non-null and non-empty unique identifierudModelId
- The id of user directory extension pointparamValues
- The parameters' valueslabel
- The optional label- Throws:
Exception
- If an error occurred
-
setPopulationId
public void setPopulationId(String populationId)
Description copied from interface:UserDirectory
Set the value of the id of the population this user directory belong to.- Specified by:
setPopulationId
in interfaceUserDirectory
- Parameters:
populationId
- The id of the population the user directory belongs to.
-
getPopulationId
public String getPopulationId()
Description copied from interface:UserDirectory
Get the id of the population this user directory belongs to.- Specified by:
getPopulationId
in interfaceUserDirectory
- Returns:
- The id of the population
-
getParameterValues
public Map<String,Object> getParameterValues()
Description copied from interface:UserDirectory
Get the values of parameters (from user directory model)- Specified by:
getParameterValues
in interfaceUserDirectory
- Returns:
- the parameters' values
-
getUserDirectoryModelId
public String getUserDirectoryModelId()
Description copied from interface:UserDirectory
Get the id of theUserDirectoryModel
extension point- Specified by:
getUserDirectoryModelId
in interfaceUserDirectory
- Returns:
- the id of extension point
-
getUsers
public Collection<User> getUsers()
Description copied from interface:UserDirectory
Get the list of all users of one directory.- Specified by:
getUsers
in interfaceUserDirectory
- Returns:
- list of users as Collection of
User
s, empty if a problem occurs.
-
getUsers
public List<User> getUsers(int count, int offset, Map<String,Object> parameters)
Description copied from interface:UserDirectory
Get a list of users from a directory given the parameters- Specified by:
getUsers
in interfaceUserDirectory
- Parameters:
count
- The limit of users to retrieveoffset
- The number of result to ignore before starting to collect users.parameters
- A map of additional parameters, see implementation.- Returns:
- The list of retrieved
User
-
getUserByEmail
public User getUserByEmail(String email) throws NotUniqueUserException
Description copied from interface:UserDirectory
Get a particular user by his email.- Specified by:
getUserByEmail
in interfaceUserDirectory
- Parameters:
email
- Email of the user to get. Cannot be null.- Returns:
- User's information as a
User
instance or null if the user email does not exist. - Throws:
NotUniqueUserException
- If many users match this email
-
getUser
public User getUser(String login)
Description copied from interface:UserDirectory
Get a particular user by his login.- Specified by:
getUser
in interfaceUserDirectory
- Parameters:
login
- Login of the user to get. Cannot be null.- Returns:
- User's information as a
User
instance or null if the user login does not exist.
-
checkCredentials
public boolean checkCredentials(String login, String password)
Description copied from interface:UserDirectory
Authenticate a user with its credentials- Specified by:
checkCredentials
in interfaceUserDirectory
- Parameters:
login
- The login to check. Cannot be null.password
- The password to check.- Returns:
- true if the user is authenticated, false otherwise.
-
getUserDN
public String getUserDN(String login)
Get the distinguished name of an user by his login.- Parameters:
login
- Login of the user.- Returns:
- The dn of the user, or null if there is no match or if multiple matches.
-
_createUser
protected User _createUser(Map<String,Object> attributes)
Create a new user from LDAP attributes- Parameters:
attributes
- the LDAP attributes- Returns:
- the user
-
_internalGetUsers
protected List<User> _internalGetUsers(Map<String,Map<String,Object>> entries, int count, int offset, String pattern, int possibleErrors)
Get the user list.- Parameters:
entries
- Where to store entriescount
- The maximum number of users to sax. Cannot be 0. Can be -1 to all.offset
- The results to ignorepattern
- The pattern to match.possibleErrors
- This number will be added to count to set the max of the request, but count results will still be returned. The difference stands for errors.- Returns:
- the final offset
-
_users
private List<User> _users(Map<String,Map<String,Object>> entries, int count, int offset, String pattern, NamingEnumeration<SearchResult> results, int possibleErrors)
-
_getSortControls
protected Control[] _getSortControls()
Get the sort control.- Returns:
- the sort controls. May be empty if a small error occurs
-
_getPatternFilter
protected Map<String,Object> _getPatternFilter(String pattern)
Get the filter from a pattern.- Parameters:
pattern
- The pattern to match.- Returns:
- The result as a Map containing the filter and the parameters.
-
_getSearchConstraint
protected SearchControls _getSearchConstraint(int maxResults)
Get constraints for a search.- Parameters:
maxResults
- The maximum number of items that will be retrieve (0 means all)- Returns:
- The constraints as a SearchControls.
-
_entry2User
@Deprecated protected User _entry2User(Map<String,Object> attributes)
Deprecated.Get the User corresponding to an user ldap entry- Parameters:
attributes
- The ldap attributes of the entry to sax.- Returns:
- the JSON representation
-
_getAttributes
protected Map<String,Object> _getAttributes(SearchResult entry)
Get attributes from a ldap entry.- Parameters:
entry
- The ldap entry to get attributes from.- Returns:
- The attributes in a map.
- Throws:
IllegalArgumentException
- If a needed attribute is missing.
-
getSortByFields
protected String[] getSortByFields()
Description copied from class:AbstractLDAPConnector
Get the fields to sort by if the search is sorted- Overrides:
getSortByFields
in classAbstractLDAPConnector
- Returns:
- The list of fields to sort by
-
-