Package org.ametys.plugins.core.impl.user.directory

Class LdapUserDirectory

java.lang.Object

org.ametys.runtime.plugin.component.AbstractLogEnabled

org.ametys.core.util.ldap.AbstractLDAPConnector

org.ametys.plugins.core.impl.user.directory.LdapUserDirectory

All Implemented Interfaces:

UserDirectory, Cacheable, LogEnabled, Disposable, Component, Serviceable

public class LdapUserDirectory
extends AbstractLDAPConnector
implements UserDirectory, Component, Cacheable, Disposable

Use an ldap directory for getting the list of users and also authenticating them.

Nested Class Summary

Nested classes/interfaces inherited from interface org.ametys.core.util.Cacheable

Cacheable.SingleCacheConfiguration

Field Summary

Fields

Modifier and Type	Field	Description
protected int	_pageSize	The LDAP search page size.
protected boolean	_userEmailIsMandatory	To know if email is a mandatory attribute
protected String	_usersEmailAttribute	Name of the email attribute.
protected String	_usersFirstnameAttribute	Name of the first name attribute.
protected String	_usersLastnameAttribute	Name of the last name attribute.
protected String	_usersLoginAttribute	Name of the login attribute.
protected String	_usersObjectFilter	Filter for limiting the search.
protected String	_usersRelativeDN	Relative DN for users.
protected int	_usersSearchScope	The scope used for search.
static final String	PARAM_DATASOURCE_ID	Name of the parameter holding the datasource id
static final String	PARAM_SERVER_SIDE_SORTING	True to sort the results on the server side, false to get the results unsorted.
static final String	PARAM_USERS_EMAIL_ATTRIBUTE	Name of the email attribute.
static final String	PARAM_USERS_EMAIL_IS_MANDATORY	To know if email is a mandatory attribute
static final String	PARAM_USERS_FIRSTNAME_ATTRIBUTE	Name of the first name attribute.
static final String	PARAM_USERS_LASTNAME_ATTRIBUTE	Name of the last name attribute.
static final String	PARAM_USERS_LOGIN_ATTRIBUTE	Name of the login attribute.
static final String	PARAM_USERS_OBJECT_FILTER	Filter for limiting the search.
static final String	PARAM_USERS_RELATIVE_DN	Relative DN for users.
static final String	PARAM_USERS_SEARCH_SCOPE	The scope used for search.

Fields inherited from class org.ametys.core.util.ldap.AbstractLDAPConnector

__DEFAULT_PAGE_SIZE, _ldapAdminPassword, _ldapAdminRelativeDN, _ldapAliasDerefMode, _ldapAuthenticationMethod, _ldapBaseDN, _ldapFollowReferrals, _ldapUrl, _ldapUseSSL, _pagingSupported, _serverSideSorting

Constructor Summary

Constructors

Constructor	Description
LdapUserDirectory()

Method Summary

Modifier and Type	Method	Description
protected User	_createUser(Map<String,Object> attributes)	Create a new user from LDAP attributes
protected User	_entry2User(Map<String,Object> attributes)	Deprecated.
protected Map<String,Object>	_getAttributes(SearchResult entry)	Get attributes from a ldap entry.
protected Map<String,Object>	_getPatternFilter(String pattern)	Get the filter from a pattern.
protected SearchControls	_getSearchConstraint(int maxResults)	Get constraints for a search.
protected Control[]	_getSortControls()	Get the sort control.
protected List<User>	_internalGetUsers(Map<String,Map<String,Object>> entries, int count, int offset, String pattern, int possibleErrors)	Get the user list.
boolean	checkCredentials(String login, String password)	Authenticate a user with its credentials
void	dispose()
AbstractCacheManager	getCacheManager()	Returns the instance of the implementation of AbstractCacheManager to use.
String	getId()	A unique identifier
String	getLabel()	Get the label of the CredentialProvider
Collection<Cacheable.SingleCacheConfiguration>	getManagedCaches()	Gets the managed caches.
Map<String,Object>	getParameterValues()	Get the values of parameters (from user directory model)
String	getPopulationId()	Get the id of the population this user directory belongs to.
protected String[]	getSortByFields()	Get the fields to sort by if the search is sorted
User	getUser(String login)	Get a particular user by his login.
User	getUserByEmail(String email)	Get a particular user by his email (search should be case insensitive).
String	getUserDirectoryModelId()	Get the id of the UserDirectoryModel extension point
String	getUserDN(String login)	Get the distinguished name of an user by his login.
Collection<User>	getUsers()	Get the list of all users of one directory.
List<User>	getUsers(int count, int offset, Map<String,Object> parameters)	Get a list of users from a directory given the parameters
void	init(String id, String udModelId, Map<String,Object> paramValues, String label)	Initialize the user's directory with given parameters' values.
boolean	isCaseSensitive()	Is the user directory case sensitive for login?
void	service(ServiceManager serviceManager)
void	setPopulationId(String populationId)	Set the value of the id of the population this user directory belong to.

Methods inherited from class org.ametys.core.util.ldap.AbstractLDAPConnector

_cleanup, _delayedInitialize, _getConfigParameter, _getContextEnv, _getFilter, _getRootContextEnv, _getSearchScope, _hasMoreEntries, _search, _search, _search, _search, _setResultsControls, _testConnectionsPooled, _testPagingSupported, isPagingSupported

Methods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled

getLogger, setLogger

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.ametys.core.util.Cacheable

createCaches, getCache, hasComputableSize, isCachingEnabled, removeCaches

Field Details

PARAM_DATASOURCE_ID

public static final String PARAM_DATASOURCE_ID

Name of the parameter holding the datasource id

See Also:

• Constant Field Values

PARAM_USERS_RELATIVE_DN

public static final String PARAM_USERS_RELATIVE_DN

Relative DN for users.

See Also:

• Constant Field Values

PARAM_USERS_OBJECT_FILTER

public static final String PARAM_USERS_OBJECT_FILTER

Filter for limiting the search.

See Also:

• Constant Field Values

PARAM_USERS_SEARCH_SCOPE

public static final String PARAM_USERS_SEARCH_SCOPE

The scope used for search.

See Also:

• Constant Field Values

PARAM_USERS_LOGIN_ATTRIBUTE

public static final String PARAM_USERS_LOGIN_ATTRIBUTE

Name of the login attribute.

See Also:

• Constant Field Values

PARAM_USERS_FIRSTNAME_ATTRIBUTE

public static final String PARAM_USERS_FIRSTNAME_ATTRIBUTE

Name of the first name attribute.

See Also:

• Constant Field Values

PARAM_USERS_LASTNAME_ATTRIBUTE

public static final String PARAM_USERS_LASTNAME_ATTRIBUTE

Name of the last name attribute.

See Also:

• Constant Field Values

PARAM_USERS_EMAIL_ATTRIBUTE

public static final String PARAM_USERS_EMAIL_ATTRIBUTE

Name of the email attribute.

See Also:

• Constant Field Values

PARAM_USERS_EMAIL_IS_MANDATORY

public static final String PARAM_USERS_EMAIL_IS_MANDATORY

To know if email is a mandatory attribute

See Also:

• Constant Field Values

PARAM_SERVER_SIDE_SORTING

public static final String PARAM_SERVER_SIDE_SORTING

True to sort the results on the server side, false to get the results unsorted.

See Also:

• Constant Field Values

_usersRelativeDN

protected String _usersRelativeDN

Relative DN for users.

_usersObjectFilter

protected String _usersObjectFilter

Filter for limiting the search.

_usersSearchScope

protected int _usersSearchScope

The scope used for search.

_usersLoginAttribute

protected String _usersLoginAttribute

Name of the login attribute.

_usersFirstnameAttribute

protected String _usersFirstnameAttribute

Name of the first name attribute.

_usersLastnameAttribute

protected String _usersLastnameAttribute

Name of the last name attribute.

_usersEmailAttribute

protected String _usersEmailAttribute

Name of the email attribute.

_userEmailIsMandatory

protected boolean _userEmailIsMandatory

To know if email is a mandatory attribute

_pageSize

protected int _pageSize

The LDAP search page size.

Constructor Details

LdapUserDirectory

public LdapUserDirectory()

Method Details

getId

public String getId()

Description copied from interface: UserDirectory

A unique identifier

Specified by:

getId in interface UserDirectory

Returns:

The non-null and non-empty identifier

getLabel

public String getLabel()

Description copied from interface: UserDirectory

Get the label of the CredentialProvider

Specified by:

getLabel in interface UserDirectory

Returns:

The optionnal label

isCaseSensitive

public boolean isCaseSensitive()

Description copied from interface: UserDirectory

Is the user directory case sensitive for login?

Specified by:

isCaseSensitive in interface UserDirectory

Returns:

true is the user directory is case sensitive

service

public void service(ServiceManager serviceManager)
             throws ServiceException

Specified by:

service in interface Serviceable

Overrides:

service in class AbstractLDAPConnector

Throws:

ServiceException

dispose

public void dispose()

Specified by:

dispose in interface Disposable

getCacheManager

public AbstractCacheManager getCacheManager()

Description copied from interface: Cacheable

Returns the instance of the implementation of AbstractCacheManager to use.
This is not meant to be called manually.

Specified by:

getCacheManager in interface Cacheable

Returns:

The AbstractCacheManager to bind

getManagedCaches

public Collection<Cacheable.SingleCacheConfiguration> getManagedCaches()

Description copied from interface: Cacheable

Gets the managed caches.
This is meant to be implemented in order to describe the managed caches and automatically create and remove the corresponding caches in Cacheable.createCaches() and Cacheable.removeCaches() default methods.
This is not meant to be called manually.

Specified by:

getManagedCaches in interface Cacheable

Returns:

A collection of Cacheable.SingleCacheConfigurations to manage

init

public void init(String id,
 String udModelId,
 Map<String,Object> paramValues,
 String label)
          throws Exception

Description copied from interface: UserDirectory

Initialize the user's directory with given parameters' values.

Specified by:

init in interface UserDirectory

Parameters:

id - The non-null and non-empty unique identifier

udModelId - The id of user directory extension point

paramValues - The parameters' values

label - The optional label

Throws:

Exception - If an error occurred

setPopulationId

public void setPopulationId(String populationId)

Description copied from interface: UserDirectory

Set the value of the id of the population this user directory belong to.

Specified by:

setPopulationId in interface UserDirectory

Parameters:

populationId - The id of the population the user directory belongs to.

getPopulationId

public String getPopulationId()

Description copied from interface: UserDirectory

Get the id of the population this user directory belongs to.

Specified by:

getPopulationId in interface UserDirectory

Returns:

The id of the population

getParameterValues

public Map<String,Object> getParameterValues()

Description copied from interface: UserDirectory

Get the values of parameters (from user directory model)

Specified by:

getParameterValues in interface UserDirectory

Returns:

the parameters' values

getUserDirectoryModelId

public String getUserDirectoryModelId()

Description copied from interface: UserDirectory

Get the id of the UserDirectoryModel extension point

Specified by:

getUserDirectoryModelId in interface UserDirectory

Returns:

the id of extension point

getUsers

public Collection<User> getUsers()

Description copied from interface: UserDirectory

Get the list of all users of one directory.

Specified by:

getUsers in interface UserDirectory

Returns:

list of users as Collection of Users, empty if a problem occurs.

getUsers

public List<User> getUsers(int count,
 int offset,
 Map<String,Object> parameters)

Description copied from interface: UserDirectory

Get a list of users from a directory given the parameters

Specified by:

getUsers in interface UserDirectory

Parameters:

count - The limit of users to retrieve

offset - The number of result to ignore before starting to collect users.

parameters - A map of additional parameters, see implementation.

Returns:

The list of retrieved User

getUserByEmail

public User getUserByEmail(String email)
                    throws NotUniqueUserException

Description copied from interface: UserDirectory

Get a particular user by his email (search should be case insensitive).

Specified by:

getUserByEmail in interface UserDirectory

Parameters:

email - Email of the user to get. Cannot be null.

Returns:

User's information as a User instance or null if the user email does not exist.

Throws:

NotUniqueUserException - If many users match this email

getUser

public User getUser(String login)

Description copied from interface: UserDirectory

Get a particular user by his login.

Specified by:

getUser in interface UserDirectory

Parameters:

login - Login of the user to get. Cannot be null.

Returns:

User's information as a User instance or null if the user login does not exist.

checkCredentials

public boolean checkCredentials(String login,
 String password)

Description copied from interface: UserDirectory

Authenticate a user with its credentials

Specified by:

checkCredentials in interface UserDirectory

Parameters:

login - The login to check. Cannot be null.

password - The password to check.

Returns:

true if the user is authenticated, false otherwise.

getUserDN

public String getUserDN(String login)

Get the distinguished name of an user by his login.

Parameters:

login - Login of the user.

Returns:

The dn of the user, or null if there is no match or if multiple matches.

_createUser

protected User _createUser(Map<String,Object> attributes)

Create a new user from LDAP attributes

Parameters:

attributes - the LDAP attributes

Returns:

the user

_internalGetUsers

protected List<User> _internalGetUsers(Map<String,Map<String,Object>> entries,
 int count,
 int offset,
 String pattern,
 int possibleErrors)

Get the user list.

Parameters:

entries - Where to store entries

count - The maximum number of users to sax. Cannot be 0. Can be -1 to all.

offset - The results to ignore

pattern - The pattern to match.

possibleErrors - This number will be added to count to set the max of the request, but count results will still be returned. The difference stands for errors.

Returns:

the final offset

_getSortControls

protected Control[] _getSortControls()

Get the sort control.

Returns:

the sort controls. May be empty if a small error occurs

_getPatternFilter

protected Map<String,Object> _getPatternFilter(String pattern)

Get the filter from a pattern.

Parameters:

pattern - The pattern to match.

Returns:

The result as a Map containing the filter and the parameters.

_getSearchConstraint

protected SearchControls _getSearchConstraint(int maxResults)

Get constraints for a search.

Parameters:

maxResults - The maximum number of items that will be retrieve (0 means all)

Returns:

The constraints as a SearchControls.

_entry2User

@Deprecated
protected User _entry2User(Map<String,Object> attributes)

Deprecated.

Get the User corresponding to an user ldap entry

Parameters:

attributes - The ldap attributes of the entry to sax.

Returns:

the JSON representation

_getAttributes

protected Map<String,Object> _getAttributes(SearchResult entry)
                                     throws NamingException

Get attributes from a ldap entry.

Parameters:

entry - The ldap entry to get attributes from.

Returns:

The attributes in a map.

Throws:

NamingException - If an error with attributes occurred

getSortByFields

protected String[] getSortByFields()

Description copied from class: AbstractLDAPConnector

Get the fields to sort by if the search is sorted

Overrides:

getSortByFields in class AbstractLDAPConnector

Returns:

The list of fields to sort by