Class LdapGroupDirectory
java.lang.Object
org.ametys.runtime.plugin.component.AbstractLogEnabled
org.ametys.core.util.ldap.AbstractLDAPConnector
org.ametys.plugins.core.impl.group.directory.ldap.LdapGroupDirectory
- All Implemented Interfaces:
GroupDirectory
,Cacheable
,LogEnabled
,Disposable
,Serviceable
public class LdapGroupDirectory
extends AbstractLDAPConnector
implements GroupDirectory, Cacheable, Disposable
Use a LDAP server for getting the groups of users
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.ametys.core.util.Cacheable
Cacheable.SingleCacheConfiguration
-
Field Summary
Modifier and TypeFieldDescriptionprotected static final String
Name of the parameter holding the id of the associated user directoryprotected static final String
Name of the parameter holding the datasource idprotected static final String
Name of the decription attribute.protected static final String
Name of the id attribute.protected static final String
Name of the member DN attribute.protected static final String
Name of the member DN attribute.protected static final String
Filter for limiting the search.protected static final String
Relative DN for groups.protected static final String
The scope used for search.protected static final String
Name of the user uid attribute.protected String
The id of the associated user population where the LDAP group will retrieve the usersprotected String
The id of the associated user directory where the LDAP group will retrieve the usersprotected String
The group description attributeprotected String
The group id attributeprotected String
The attribute which contains the member DNprotected String
The filter to find groupsprotected String
The group DN relative to baseDNprotected int
The scope used for search.protected String
The idprotected I18nizableText
The labelprotected int
The LDAP search page size.protected UserManager
The user managerprotected UserPopulationDAO
The DAO for user populationsprotected String
The attribute which contains the groups of a userprotected String
The user id in 'memberUid' attribute (on groups for retrieving the users of a group).Fields inherited from class org.ametys.core.util.ldap.AbstractLDAPConnector
__DEFAULT_PAGE_SIZE, _ldapAdminPassword, _ldapAdminRelativeDN, _ldapAliasDerefMode, _ldapAuthenticationMethod, _ldapBaseDN, _ldapFollowReferrals, _ldapUrl, _ldapUseSSL, _pagingSupported, _serverSideSorting
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected String
_getGroupId
(SearchResult groupEntry) Get a group id from attributes of a ldap group entry._getGroupIdsOfUser
(Attributes userAttrs, DirContext context) Get group ids from attributes of a ldap user entry.protected String
_getRelativeDn
(String dn) If the given DN is absolute, return the relative DN.protected SearchControls
Get constraints for a search.protected Group
_getUserGroup
(SearchResult entry) Get an UserGroup from attributes of a ldap entry.protected UserIdentity
_getUserInLdapFromDn
(String ldapDn) Gets a user according to its DNprotected UserIdentity
_getUserInLdapFromUid
(String ldapUid) Gets a user according to its UIDprotected Set<UserIdentity>
_getUsersFromMembersOfAttr
(String groupId) Gets all users of a group from the 'runtime.groups.ldap.memberof' attribute on the users_group2JSON
(Group group, boolean users) Get group as JSON objectvoid
dispose()
Returns the instance of the implementation ofAbstractCacheManager
to use.Returns a particular group.Get the id of theGroupDirectoryModel
extension pointReturns all groups.Get groupsgetId()
Get the id of the group directory.getLabel()
Get the label of the group directory.Gets the managed caches.Get the values of parameters (from group directory model)protected String[]
Get the fields to sort by if the search is sortedgetUserGroups
(UserIdentity userIdentity) Get all groups a particular user is in.void
Initialize the group directory with given parameter values.void
service
(ServiceManager serviceManager) void
Set the id of the group directory.void
setLabel
(I18nizableText label) Set the label of the group directory.Methods inherited from class org.ametys.core.util.ldap.AbstractLDAPConnector
_cleanup, _delayedInitialize, _getConfigParameter, _getContextEnv, _getFilter, _getRootContextEnv, _getSearchScope, _hasMoreEntries, _search, _search, _search, _search, _setResultsControls, _testConnectionsPooled, _testPagingSupported, isPagingSupported
Methods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled
getLogger, setLogger
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
Methods inherited from interface org.ametys.core.util.Cacheable
createCaches, getCache, hasComputableSize, isCachingEnabled, removeCaches
-
Field Details
-
__PARAM_DATASOURCE_ID
Name of the parameter holding the datasource id- See Also:
-
__PARAM_ASSOCIATED_USERDIRECTORY_ID
Name of the parameter holding the id of the associated user directory- See Also:
-
__PARAM_GROUPS_RELATIVE_DN
Relative DN for groups.- See Also:
-
__PARAM_GROUPS_OBJECT_FILTER
Filter for limiting the search.- See Also:
-
__PARAM_GROUPS_SEARCH_SCOPE
The scope used for search.- See Also:
-
__PARAM_GROUPS_ID_ATTRIBUTE
Name of the id attribute.- See Also:
-
__PARAM_GROUPS_DESCRIPTION_ATTRIBUTE
Name of the decription attribute.- See Also:
-
__PARAM_USERS_UID_ATTRIBUTE
Name of the user uid attribute.- See Also:
-
__PARAM_GROUPS_MEMBER_ATTRIBUTE
Name of the member DN attribute.- See Also:
-
__PARAM_GROUPS_MEMBEROF_ATTRIBUTE
Name of the member DN attribute.- See Also:
-
_userManager
The user manager -
_userPopulationDAO
The DAO for user populations -
_groupsRelativeDN
The group DN relative to baseDN -
_groupsObjectFilter
The filter to find groups -
_groupsSearchScope
The scope used for search. -
_groupsIdAttribute
The group id attribute -
_groupsDescriptionAttribute
The group description attribute -
_pageSize
The LDAP search page size. -
_groupsMemberAttribute
The attribute which contains the member DN -
_associatedUserDirectoryId
The id of the associated user directory where the LDAP group will retrieve the users -
_associatedPopulationId
The id of the associated user population where the LDAP group will retrieve the users -
_userUidAttribute
The user id in 'memberUid' attribute (on groups for retrieving the users of a group). -
_usersMemberOfAttribute
The attribute which contains the groups of a user -
_id
The id -
_label
The label
-
-
Constructor Details
-
LdapGroupDirectory
public LdapGroupDirectory()
-
-
Method Details
-
getId
Description copied from interface:GroupDirectory
Get the id of the group directory.- Specified by:
getId
in interfaceGroupDirectory
- Returns:
- The id of the group directory
-
getLabel
Description copied from interface:GroupDirectory
Get the label of the group directory.- Specified by:
getLabel
in interfaceGroupDirectory
- Returns:
- The label of the group directory
-
setId
Description copied from interface:GroupDirectory
Set the id of the group directory.- Specified by:
setId
in interfaceGroupDirectory
- Parameters:
id
- The id
-
setLabel
Description copied from interface:GroupDirectory
Set the label of the group directory.- Specified by:
setLabel
in interfaceGroupDirectory
- Parameters:
label
- The label
-
getGroupDirectoryModelId
Description copied from interface:GroupDirectory
Get the id of theGroupDirectoryModel
extension point- Specified by:
getGroupDirectoryModelId
in interfaceGroupDirectory
- Returns:
- the id of extension point
-
getParameterValues
Description copied from interface:GroupDirectory
Get the values of parameters (from group directory model)- Specified by:
getParameterValues
in interfaceGroupDirectory
- Returns:
- the parameters' values
-
service
- Specified by:
service
in interfaceServiceable
- Overrides:
service
in classAbstractLDAPConnector
- Throws:
ServiceException
-
dispose
- Specified by:
dispose
in interfaceDisposable
-
getCacheManager
Description copied from interface:Cacheable
Returns the instance of the implementation ofAbstractCacheManager
to use.
This is not meant to be called manually.- Specified by:
getCacheManager
in interfaceCacheable
- Returns:
- The
AbstractCacheManager
to bind
-
getManagedCaches
Description copied from interface:Cacheable
Gets the managed caches.
This is meant to be implemented in order to describe the managed caches and automatically create and remove the corresponding caches inCacheable.createCaches()
andCacheable.removeCaches()
default methods.
This is not meant to be called manually.- Specified by:
getManagedCaches
in interfaceCacheable
- Returns:
- A collection of
Cacheable.SingleCacheConfiguration
s to manage
-
init
Description copied from interface:GroupDirectory
Initialize the group directory with given parameter values.- Specified by:
init
in interfaceGroupDirectory
- Parameters:
groupDirectoryModelId
- The id of group directory extension pointparamValues
- The parameters' values- Throws:
Exception
- If an error occured
-
getGroup
Description copied from interface:GroupDirectory
Returns a particular group.- Specified by:
getGroup
in interfaceGroupDirectory
- Parameters:
groupID
- The id of the group.- Returns:
- The group or null if the group does not exist.
-
getGroups
Description copied from interface:GroupDirectory
Returns all groups.- Specified by:
getGroups
in interfaceGroupDirectory
- Returns:
- The groups as a Set of UserGroup, empty if an error occurs.
-
getUserGroups
Description copied from interface:GroupDirectory
Get all groups a particular user is in.- Specified by:
getUserGroups
in interfaceGroupDirectory
- Parameters:
userIdentity
- The identity of the user- Returns:
- The groups as a Set of String (group ID), empty if the login does not match.
-
_getGroupId
Get a group id from attributes of a ldap group entry.- Parameters:
groupEntry
- The ldap group entry to get attributes from.- Returns:
- The group id as a String.
- Throws:
IllegalArgumentException
- If a needed attribute is missing.
-
_getGroupIdsOfUser
protected Set<String> _getGroupIdsOfUser(Attributes userAttrs, DirContext context) throws NamingException Get group ids from attributes of a ldap user entry.- Parameters:
userAttrs
- The attributes of a ldap user entrycontext
- The context- Returns:
- The group ids as a Set of String.
- Throws:
NamingException
- If a naming exception was encountered while retrieving the group DNsIllegalArgumentException
- If a needed attribute is missing.
-
getGroups
Description copied from interface:GroupDirectory
Get groups- Specified by:
getGroups
in interfaceGroupDirectory
- Parameters:
count
- The maximum number of groups to sax. (-1 to sax all)offset
- The offset to start with, first is 0.parameters
- Parameters for saxing user list differently, see implementation.- Returns:
- The matching groups
-
_getUserGroup
Get an UserGroup from attributes of a ldap entry.- Parameters:
entry
- The ldap entry to get attributes from.- Returns:
- The group as an UserGroup.
- Throws:
IllegalArgumentException
- If a needed attribute is missing.
-
_getRelativeDn
If the given DN is absolute, return the relative DN. Otherwise, return the given DN.- Parameters:
dn
- The absolute or relative DN- Returns:
- The relative DN
-
_getUserInLdapFromDn
Gets a user according to its DN- Parameters:
ldapDn
- The DN of the user in the LDAP- Returns:
- A user
-
_getUserInLdapFromUid
Gets a user according to its UID- Parameters:
ldapUid
- The UID of the user in the LDAP- Returns:
- A user
-
_getUsersFromMembersOfAttr
Gets all users of a group from the 'runtime.groups.ldap.memberof' attribute on the users- Parameters:
groupId
- The id of the group- Returns:
- The users of the given group, only by looking at the 'runtime.groups.ldap.memberof' attribute on the users
-
_getSearchConstraint
Get constraints for a search.- Returns:
- The constraints as a SearchControls.
-
_group2JSON
Get group as JSON object- Parameters:
group
- the groupusers
- true to get users' group- Returns:
- the group as JSON object
-
getSortByFields
Description copied from class:AbstractLDAPConnector
Get the fields to sort by if the search is sorted- Overrides:
getSortByFields
in classAbstractLDAPConnector
- Returns:
- The list of fields to sort by
-