Revision 2116
Added by sgarg over 20 years ago
src/edu/ucsb/nceas/metacat/AuthLdap.java | ||
---|---|---|
432 | 432 |
// Specify the attributes to match. |
433 | 433 |
// Users are objects that have the attribute objectclass=InetOrgPerson. |
434 | 434 |
SearchControls ctls = new SearchControls(); |
435 |
String[] attrIDs = {"dn", "cn", "mail"}; |
|
435 |
String[] attrIDs = {"dn", "cn", "o", "mail"};
|
|
436 | 436 |
ctls.setReturningAttributes(attrIDs); |
437 | 437 |
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE); |
438 | 438 |
//ctls.setCountLimit(1000); |
... | ... | |
442 | 442 |
// Store the users in a vector |
443 | 443 |
Vector uvec = new Vector(); |
444 | 444 |
Vector uname = new Vector(); |
445 |
Vector uorg = new Vector(); |
|
445 | 446 |
Vector umail = new Vector(); |
446 | 447 |
Attributes tempAttr = null; |
447 | 448 |
try { |
... | ... | |
455 | 456 |
uname.add( tempAttr.get("cn") + ""); |
456 | 457 |
} |
457 | 458 |
|
459 |
if((tempAttr.get("o")+"").startsWith("o: ")){ |
|
460 |
uorg.add( (tempAttr.get("o") + "").substring(3)); |
|
461 |
} else { |
|
462 |
uorg.add( tempAttr.get("o") + ""); |
|
463 |
} |
|
464 |
|
|
458 | 465 |
if((tempAttr.get("mail")+"").startsWith("mail: ")){ |
459 | 466 |
umail.add((tempAttr.get("mail") + "").substring(6)); |
460 | 467 |
} else { |
... | ... | |
469 | 476 |
} |
470 | 477 |
|
471 | 478 |
// initialize users[]; fill users[] |
472 |
users = new String[uvec.size()][3];
|
|
479 |
users = new String[uvec.size()][4];
|
|
473 | 480 |
for (int i=0; i < uvec.size(); i++) { |
474 | 481 |
users[i][0] = (String)uvec.elementAt(i); |
475 | 482 |
users[i][1] = (String)uname.elementAt(i); |
476 |
users[i][2] = (String)umail.elementAt(i); |
|
483 |
users[i][2] = (String)uorg.elementAt(i); |
|
484 |
users[i][3] = (String)umail.elementAt(i); |
|
477 | 485 |
} |
478 | 486 |
|
479 | 487 |
// Close the context when we're done |
... | ... | |
576 | 584 |
public String[][] getGroups(String user, String password, String foruser) |
577 | 585 |
throws ConnectException |
578 | 586 |
{ |
579 |
Vector uvec = new Vector();
|
|
587 |
Vector gvec = new Vector();
|
|
580 | 588 |
Vector desc = new Vector(); |
581 | 589 |
Attributes tempAttr = null; |
582 | 590 |
|
... | ... | |
592 | 600 |
// Create the initial directory context |
593 | 601 |
DirContext ctx = new InitialDirContext(env); |
594 | 602 |
// Specify the ids of the attributes to return |
595 |
String[] attrIDs = {"cn", "description"}; |
|
603 |
String[] attrIDs = {"cn", "o", "description"};
|
|
596 | 604 |
// Specify the attributes to match. |
597 | 605 |
// Groups are objects with attribute objectclass=groupofuniquenames. |
598 | 606 |
// and have attribute uniquemember: uid=foruser,ldapbase. |
... | ... | |
622 | 630 |
desc.add( tempAttr.get("description") + ""); |
623 | 631 |
} |
624 | 632 |
|
625 |
uvec.add(sr.getName()+","+ldapBase);
|
|
633 |
gvec.add(sr.getName()+","+ldapBase);
|
|
626 | 634 |
MetaCatUtil.debugMessage("group " + sr.getName() + |
627 | 635 |
" added to Group vector", 35); |
628 | 636 |
} |
... | ... | |
650 | 658 |
util.debugMessage("Awake after 5 seconds.", 40); |
651 | 659 |
if (referralContext == null) |
652 | 660 |
{ |
653 |
util.debugMessage("thread timed out...returning groups: " + uvec.toString(), 35);
|
|
654 |
String groups[][] = new String[uvec.size()][2];
|
|
655 |
for(int i=0; i<uvec.size(); i++)
|
|
661 |
util.debugMessage("thread timed out...returning groups: " + gvec.toString(), 35);
|
|
662 |
String groups[][] = new String[gvec.size()][2];
|
|
663 |
for(int i=0; i<gvec.size(); i++)
|
|
656 | 664 |
{ |
657 |
groups[i][0] = (String)uvec.elementAt(i);
|
|
665 |
groups[i][0] = (String)gvec.elementAt(i);
|
|
658 | 666 |
groups[i][1] = (String)desc.elementAt(i); |
659 | 667 |
} |
660 | 668 |
t.interrupt(); |
661 | 669 |
return groups; |
662 | 670 |
} |
663 | 671 |
DirContext dc = (DirContext)referralContext; |
664 |
String[] attrIDs = {"cn", "description"}; |
|
672 |
String[] attrIDs = {"cn", "o", "description"};
|
|
665 | 673 |
// Specify the attributes to match. |
666 | 674 |
// Groups are objects with attribute objectclass=groupofuniquenames. |
667 | 675 |
// and have attribute uniquemember: uid=foruser,ldapbase. |
... | ... | |
691 | 699 |
desc.add( tempAttr.get("description") + ""); |
692 | 700 |
} |
693 | 701 |
|
694 |
uvec.add(sr.getName()+","+ldapBase);
|
|
702 |
gvec.add(sr.getName()+","+ldapBase);
|
|
695 | 703 |
} |
696 | 704 |
|
697 | 705 |
referralContext.close(); |
... | ... | |
703 | 711 |
} |
704 | 712 |
} catch (NamingException e) { |
705 | 713 |
e.printStackTrace(System.err); |
706 |
String groups[][] = new String[uvec.size()][2];
|
|
707 |
for(int i=0; i<uvec.size(); i++)
|
|
714 |
String groups[][] = new String[gvec.size()][2];
|
|
715 |
for(int i=0; i<gvec.size(); i++)
|
|
708 | 716 |
{ |
709 |
groups[i][0] = (String)uvec.elementAt(i);
|
|
717 |
groups[i][0] = (String)gvec.elementAt(i);
|
|
710 | 718 |
groups[i][1] = (String)desc.elementAt(i); |
711 | 719 |
} |
712 | 720 |
return groups; |
... | ... | |
715 | 723 |
} |
716 | 724 |
|
717 | 725 |
MetaCatUtil.debugMessage("The user is in the following groups: " + |
718 |
uvec.toString(), 35);
|
|
719 |
String groups[][] = new String[uvec.size()][2];
|
|
720 |
for(int i=0; i<uvec.size(); i++)
|
|
726 |
gvec.toString(), 35);
|
|
727 |
String groups[][] = new String[gvec.size()][2];
|
|
728 |
for(int i=0; i<gvec.size(); i++)
|
|
721 | 729 |
{ |
722 |
groups[i][0] = (String)uvec.elementAt(i);
|
|
730 |
groups[i][0] = (String)gvec.elementAt(i);
|
|
723 | 731 |
groups[i][1] = (String)desc.elementAt(i); |
724 | 732 |
} |
725 | 733 |
return groups; |
... | ... | |
902 | 910 |
this.ldapBase = (String)enum.nextElement(); |
903 | 911 |
this.ldapUrl = (String)subtrees.get(ldapBase); |
904 | 912 |
|
913 |
String orgName = this.ldapBase; |
|
914 |
if(orgName != null && orgName.indexOf("o=") > -1){ |
|
915 |
orgName = orgName.substring(orgName.indexOf("o=") +2); |
|
916 |
orgName = orgName.substring(0, orgName.indexOf(",")); |
|
917 |
} else { |
|
918 |
orgName = ""; |
|
919 |
} |
|
920 |
out.append(orgName); |
|
905 | 921 |
out.append(" <authSystem URI=\"" + |
906 |
this.ldapUrl + this.ldapBase + "\">\n"); |
|
922 |
this.ldapUrl + this.ldapBase + "\" organization=\"" + orgName +"\">\n");
|
|
907 | 923 |
|
908 | 924 |
// get all groups for directory context |
909 | 925 |
String[][] groups = getGroups(user, password); |
... | ... | |
929 | 945 |
} else { |
930 | 946 |
out.append(" <username>" + users[userIndex][0] + "</username>\n"); |
931 | 947 |
out.append(" <name>" + users[userIndex][1] + "</name>\n"); |
932 |
out.append(" <email>" + users[userIndex][2] + "</email>\n"); |
|
948 |
out.append(" <organization>" + users[userIndex][2] + "</organization>\n"); |
|
949 |
out.append(" <email>" + users[userIndex][3] + "</email>\n"); |
|
933 | 950 |
} |
934 | 951 |
|
935 | 952 |
out.append(" </user>\n"); |
... | ... | |
944 | 961 |
out.append(" <user>\n"); |
945 | 962 |
out.append(" <username>" + users[j][0] + "</username>\n"); |
946 | 963 |
out.append(" <name>" + users[j][1] + "</name>\n"); |
947 |
out.append(" <email>" + users[j][2] + "</email>\n"); |
|
964 |
out.append(" <organization>" + users[userIndex][2] + "</organization>\n"); |
|
965 |
out.append(" <email>" + users[j][3] + "</email>\n"); |
|
948 | 966 |
out.append(" </user>\n"); |
949 | 967 |
} |
950 | 968 |
} |
Also available in: Unified diff
Made changes in XML that is sent back as result of action=getprincipals. Changes are as following:
1. <authSystem> tag contains organization attribute which specifies organization name
2. <user> tag now has <organization> tag which specifies the organization name of the user. This is being generated as null for LTER as of now.