Project

General

Profile

Revision 730

Added by bojilova about 20 years ago

Changes related to running LDAP servers referred each other in one tree modeling the KNB tree.
Currently there are running LDAP server on dev that holds the KNB root and the NCEAS' s subtree.
It also refers to a subtree modeling the LTER's tree which is held by another LDAP server runnig on alpha .

View differences:

src/edu/ucsb/nceas/metacat/AuthLdap.java
33 33

  
34 34
import javax.naming.AuthenticationException;
35 35
import javax.naming.Context;
36
import javax.naming.InitialContext;
36 37
import javax.naming.directory.Attribute;
37 38
import javax.naming.directory.Attributes;
38 39
import javax.naming.directory.BasicAttribute;
......
46 47
import java.util.Iterator;
47 48
import java.util.HashMap;
48 49
import java.util.Hashtable;
50
import java.util.Enumeration;
49 51
import java.util.Set;
50 52
import java.util.Vector;
51 53

  
......
70 72
    this.util = new MetaCatUtil();
71 73
    this.ldapUrl = util.getOption("ldapurl");
72 74
    this.ldapBase = util.getOption("ldapbase");
73
    
74 75
  }
75 76

  
76 77
  /**
......
84 85
  public boolean authenticate(String user, String password)
85 86
                    throws ConnectException
86 87
  {
87
    String distName = null;
88
    String ldapUrl = this.ldapUrl;
89
    String ldapBase = this.ldapBase;
88 90
    boolean authenticated = false;
89

  
91
    
90 92
    // Identify service provider to use
91 93
    Hashtable env = new Hashtable(11);
92 94
    env.put(Context.INITIAL_CONTEXT_FACTORY, 
93 95
            "com.sun.jndi.ldap.LdapCtxFactory");
94
    env.put(Context.PROVIDER_URL, ldapUrl + ldapBase);
96
//    env.put(Context.SECURITY_AUTHENTICATION, "simple");
97
//    env.put(Context.SECURITY_PRINCIPAL, user);
95 98

  
96 99
    try {
97 100

  
98
      // Get the dn for this uid or cn 
99
      String identifier = getIdentifyingName(user);
100
      if (identifier != null) {
101
        distName = identifier + "," + ldapBase;
102
        // Now that we have the dn, we can authenticate, so
103
        // authenticate this time when opening the DirContext
104
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
105
        env.put(Context.SECURITY_PRINCIPAL, distName);
106
        env.put(Context.SECURITY_CREDENTIALS, password);
107
        // If our auth credentials are invalid, an exception will be thrown
108
        DirContext ctx = new InitialDirContext(env);
101
      /*
102
       * get all subtrees first in the current dir context 
103
       * and then the dn for this uid or cn
104
       */
105
      Hashtable subtrees = getSubtrees(user,password,ldapUrl,ldapBase);
106
    
107
      Enumeration enum = subtrees.keys();
108
      while ( enum.hasMoreElements() ) {
109
        ldapBase = (String)enum.nextElement();
110
        ldapUrl = (String)subtrees.get(ldapBase);
111
System.out.println(ldapUrl + ldapBase); 
112
        String identifier = getIdentifyingName(user,ldapUrl,ldapBase);
109 113

  
110
        // If no exception is thrown then authentication succeeded
111
        authenticated = true;
114
        if (identifier != null) {
115
          // Now that we have the dn, we can authenticate, so
116
          // authenticate this time when opening the DirContext
117
          env.put(Context.PROVIDER_URL, ldapUrl + ldapBase);
118
//        env.put(Context.SECURITY_PROTOCOL, "ssl");
119
          env.put(Context.SECURITY_AUTHENTICATION, "simple");
120
          env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase);
121
          env.put(Context.SECURITY_CREDENTIALS, password);
122
          // If our auth credentials are invalid, an exception will be thrown
123
          DirContext ctx = null;
124
          try {
125
            ctx = new InitialDirContext(env);
126
            authenticated = true;
127
            ctx.close();
128
            this.ldapUrl = ldapUrl;
129
            this.ldapBase = ldapBase;
130
            break;
131
          } catch (AuthenticationException ae) {
132
            authenticated = false;
133
            if ( ctx != null ) {
134
              ctx.close();
135
            }
136
          }
137
        } else { 
138
          util.debugMessage("User not found");
139
//System.out.println("NOT FOUND HERE");
140
        }
141
      } /* while ( enum.hasMore() ) */
112 142

  
113
        // Close the context when we're done
114
        ctx.close();
115
      } else {
116
        util.debugMessage("User not found!");
117
      }
118

  
119
    } catch (AuthenticationException ae) {
120
      util.debugMessage("Error authenticating in AuthLdap.authenticate: " + ae);
121
      throw new ConnectException(
122
      "Error authenticating in AuthLdap.authenticate: " + ae);
123 143
    } catch (NamingException e) {
124 144
      util.debugMessage("Naming exception while authenticating in " + 
125 145
                        "AuthLdap.authenticate: " + e);
126 146
      throw new ConnectException(
127 147
      "Naming exception while authenticating in " + 
128 148
                        "AuthLdap.authenticate: " + e);
149
    } catch (Exception e) {
150
      System.out.println(e.getMessage());
129 151
    }
130 152

  
131 153
    return authenticated;
132 154
  }
133 155

  
134 156
  /**
157
   * Get the identifying name for a given userid or name.  This is the name
158
   * that is used in conjunction withthe LDAP BaseDN to create a
159
   * distinguished name (dn) for the record
160
   *
161
   * @param user the user for which the identifying name is requested
162
   * @returns String the identifying name for the user, 
163
   *          or null if not found
164
   */
165
  private String getIdentifyingName(String user, String ldapUrl, String ldapBase) 
166
         throws NamingException
167
  {
168
    String identifier = null;
169

  
170
    // Identify service provider to use
171
    Hashtable env = new Hashtable(11);
172
    env.put(Context.INITIAL_CONTEXT_FACTORY,
173
            "com.sun.jndi.ldap.LdapCtxFactory");
174
    env.put(Context.PROVIDER_URL, ldapUrl + ldapBase);
175
//    env.put(Context.SECURITY_AUTHENTICATION, "EXTERNAL");
176
//    env.put(Context.SECURITY_PROTOCOL, "ssl");
177

  
178
    try {
179

  
180
      // Bind to the LDAP server, in order to search for the right
181
      // distinguished name (dn) based on userid (uid) or common name (cn)
182
      DirContext ctx = new InitialDirContext(env);
183

  
184
      SearchControls ctls = new SearchControls();
185
      ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
186

  
187
      // Search for the user id or name using the uid, then cn and sn attributes
188
      // If we find a record, determine the dn for the record
189
      util.debugMessage("\nStarting search phase...\n");
190

  
191
      String filter = "(uid=" + user + ")";
192
      NamingEnumeration answer = ctx.search("", filter, ctls);
193
      if (answer.hasMore()) {
194
        SearchResult sr = (SearchResult)answer.next();
195
        identifier = sr.getName();
196
        if ( !sr.isRelative() ) { 
197
          this.ldapUrl = identifier.substring(0,identifier.lastIndexOf("/")+1);
198
          this.ldapBase = identifier.substring(identifier.indexOf(",")+1);
199
          identifier = identifier.substring(identifier.lastIndexOf("/")+1,
200
                                            identifier.indexOf(","));
201
        }
202
        util.debugMessage("Found: " + identifier);
203
      } else {
204
        //Attributes matchAttrs2 = new BasicAttributes(true);
205
        //matchAttrs2.put(new BasicAttribute("cn", user));
206
        //NamingEnumeration answer2 = ctx.search("", matchAttrs2);
207
        filter = "(cn=" + user + ")";
208
        NamingEnumeration answer2 = ctx.search("", filter, ctls);
209
        if (answer2.hasMore()) {
210
          SearchResult sr = (SearchResult)answer2.next();
211
          identifier = sr.getName();
212
          if ( !sr.isRelative() ) { 
213
            this.ldapUrl = identifier.substring(0,identifier.lastIndexOf("/")+1);
214
            this.ldapBase = identifier.substring(identifier.indexOf(",")+1);
215
            identifier = identifier.substring(identifier.lastIndexOf("/")+1,
216
                                              identifier.indexOf(","));
217
          }
218
          util.debugMessage("Found: " + identifier);
219
        } else {
220
          //Attributes matchAttrs3 = new BasicAttributes(true);
221
          //matchAttrs3.put(new BasicAttribute("sn", user));
222
          //NamingEnumeration answer3 = ctx.search("", matchAttrs3);
223
          filter = "(sn=" + user + ")";
224
          NamingEnumeration answer3 = ctx.search("", filter, ctls);
225
          if (answer3.hasMore()) {
226
            SearchResult sr = (SearchResult)answer3.next();
227
            identifier = sr.getName();
228
            if ( !sr.isRelative() ) { 
229
              this.ldapUrl = identifier.substring(0,identifier.lastIndexOf("/")+1);
230
              this.ldapBase = identifier.substring(identifier.indexOf(",")+1);
231
              identifier = identifier.substring(identifier.lastIndexOf("/")+1,
232
                                                identifier.indexOf(","));
233
            }
234
            util.debugMessage("Found: " + identifier);
235
          }
236
        }
237
      }
238
      // Close the context when we're done the initial search
239
      ctx.close();
240
    } catch (NamingException e) {
241
      util.debugMessage("Naming exception while getting dn: " + e);
242
      throw new NamingException(
243
      "Naming exception in AuthLdap.getIdentifyingName: " + e);
244
    }
245
    
246
//System.out.println("context: " + identifier);
247
    return identifier;
248
  }
249

  
250
  /**
135 251
   * Get all users from the authentication service
136 252
   */
137 253
  public String[] getUsers(String user, String password) 
......
147 263

  
148 264
    try {
149 265

  
150
      // Get the dn for this uid or cn 
151
      String identifier = getIdentifyingName(user);
152
      if (identifier != null) {
153
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
154
        env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase);
155
        env.put(Context.SECURITY_CREDENTIALS, password);
266
      //// Get the dn for this uid or cn 
267
      //String identifier = getIdentifyingName(user);
268
      //if (identifier != null) {
269
      //  env.put(Context.SECURITY_AUTHENTICATION, "simple");
270
      //  env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase);
271
      //  env.put(Context.SECURITY_CREDENTIALS, password);
156 272

  
157 273
        // Create the initial directory context
158 274
        DirContext ctx = new InitialDirContext(env);
......
188 304

  
189 305
        // Close the context when we're done
190 306
        ctx.close();
191
      } else {
192
        util.debugMessage("User not found!");
193
      }
307
      //} else {
308
      //  util.debugMessage("User not found!");
309
      //}
194 310

  
195 311
    } catch (NamingException e) {
196 312
      System.err.println("Problem getting users in AuthLdap.getUsers:" + e);
......
217 333

  
218 334
    try {
219 335

  
220
      // Get the dn for this uid or cn 
221
      String identifier = getIdentifyingName(user);
222
      if (identifier != null) {
223
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
224
        env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase);
225
        env.put(Context.SECURITY_CREDENTIALS, password);
336
      //// Get the dn for this uid or cn 
337
      //String identifier = getIdentifyingName(user);
338
      //if (identifier != null) {
339
      //  env.put(Context.SECURITY_AUTHENTICATION, "simple");
340
      //  env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase);
341
      //  env.put(Context.SECURITY_CREDENTIALS, password);
226 342

  
227 343
        // Create the initial directory context
228 344
        DirContext ctx = new InitialDirContext(env);
......
280 396

  
281 397
        // Close the context when we're done
282 398
        ctx.close();
283
      } else {
284
        util.debugMessage("User not found!");
285
      }
399
      //} else {
400
      //  util.debugMessage("User not found!");
401
      //}
286 402

  
287 403
    } catch (NamingException e) {
288 404
      System.err.println("Problem getting users for a group in AuthLdap.getUsers:" + e);
......
345 461
    } catch (NamingException ne) {
346 462
      System.err.println("Problem getting userID by \"dn\" in AuthLdap.getUserID:" + ne);
347 463
      throw ne;
348
      //throw new ConnectException(
349
      //"Problem getting userID searching by \"dn\" in AuthLdap.getUserID:" + e);
350
      //return null;
351 464
    }
352 465

  
353 466
    if ( users.length > 0 ) {
......
408 521
    } catch (NamingException ne) {
409 522
      System.err.println("Problem getting groupID by \"dn\" in AuthLdap.getGroupID:" + ne);
410 523
      throw ne;
411
      //throw new ConnectException(
412
      //"Problem getting groupID searching by \"dn\" in AuthLdap.getGroupID:" + e);
413
      //return null;
414 524
    }
415 525

  
416 526
    if ( groups.length > 0 ) {
......
435 545

  
436 546
    try {
437 547

  
438
      // Get the dn for this uid or cn 
439
      String identifier = getIdentifyingName(user);
440
      if (identifier != null) {
441
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
442
        env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase);
443
        env.put(Context.SECURITY_CREDENTIALS, password);
548
      //// Get the dn for this uid or cn 
549
      //String identifier = getIdentifyingName(user);
550
      //if (identifier != null) {
551
      //  env.put(Context.SECURITY_AUTHENTICATION, "simple");
552
      //  env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase);
553
      //  env.put(Context.SECURITY_CREDENTIALS, password);
444 554

  
445 555
        // Create the initial directory context
446 556
        DirContext ctx = new InitialDirContext(env);
......
476 586

  
477 587
        // Close the context when we're done
478 588
        ctx.close();
479
      } else {
480
        util.debugMessage("User not found!");
481
      }
589
      //} else {
590
      //  util.debugMessage("User not found!");
591
      //}
482 592

  
483 593
    } catch (NamingException e) {
484 594
      System.err.println("Problem getting groups in AuthLdap.getGroups:" + e);
......
505 615

  
506 616
    try {
507 617

  
508
      // Get the dn for this uid or cn 
509
      String identifier = getIdentifyingName(user);
510
      if (identifier != null) {
511
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
512
        env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase);
513
        env.put(Context.SECURITY_CREDENTIALS, password);
618
      //// Get the dn for this uid or cn 
619
      //String identifier = getIdentifyingName(user);
620
      //if (identifier != null) {
621
      //  env.put(Context.SECURITY_AUTHENTICATION, "simple");
622
      //  env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase);
623
      //  env.put(Context.SECURITY_CREDENTIALS, password);
514 624

  
515 625
        // Create the initial directory context
516 626
        DirContext ctx = new InitialDirContext(env);
......
548 658

  
549 659
        // Close the context when we're done
550 660
        ctx.close();
551
      } else {
552
        util.debugMessage("User not found!");
553
      }
661
      //} else {
662
      //  util.debugMessage("User not found!");
663
      //}
554 664

  
555 665
    } catch (NamingException e) {
556 666
      System.err.println("Problem getting groups in AuthLdap.getGroups:" + e);
......
597 707
    try {
598 708
  
599 709
      if ((user != null) && (password != null)) {
600
        String identifier = getIdentifyingName(user);
710
        String identifier = getIdentifyingName(user,this.ldapUrl,this.ldapBase);
601 711
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
602 712
        env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase);
603 713
        env.put(Context.SECURITY_CREDENTIALS, password);
......
607 717
      DirContext ctx = new InitialDirContext(env);
608 718
        
609 719
      // Find out the identifying attribute for the user
610
      String userident = getIdentifyingName(foruser);
720
      String userident = getIdentifyingName(foruser,this.ldapUrl,this.ldapBase);
611 721

  
612 722
      // Ask for all attributes of the user 
613 723
      Attributes attrs = ctx.getAttributes(userident);
......
639 749
  }
640 750

  
641 751
  /**
642
   * Get the identifying name for a given userid or name.  This is the name
643
   * that is used in conjunction withthe LDAP BaseDN to create a
644
   * distinguished name (dn) for the record
645
   *
646
   * @param user the user for which the identifying name is requested
647
   * @returns String the identifying name for the user, 
648
   *          or null if not found
752
   * Get list of all subtrees holding Metacat's groups and users
753
   * starting from the Metacat LDAP root, 
754
   * i.e. ldap://dev.nceas.ucsb.edu/dc=ecoinformatics,dc=org
649 755
   */
650
  private String getIdentifyingName(String user) 
651
         throws NamingException
756
  private Hashtable getSubtrees(String user, String password,
757
                                String ldapUrl, String ldapBase)
758
                throws ConnectException
652 759
  {
653
    String identifier = null;
760
    Hashtable trees = new Hashtable();
654 761

  
655 762
    // Identify service provider to use
656 763
    Hashtable env = new Hashtable(11);
657
    env.put(Context.INITIAL_CONTEXT_FACTORY,
764
    env.put(Context.INITIAL_CONTEXT_FACTORY, 
658 765
            "com.sun.jndi.ldap.LdapCtxFactory");
659 766
    env.put(Context.PROVIDER_URL, ldapUrl + ldapBase);
660 767

  
661 768
    try {
662 769

  
663
      // Bind to the LDAP server, in order to search for the right
664
      // distinguished name (dn) based on userid (uid) or common name (cn)
665
      DirContext ctx = new InitialDirContext(env);
770
      //if ( this.authenticate(user, password) ) {
666 771

  
667
      // Search for the user id or name using the uid, then cn and sn attributes
668
      // If we find a record, determine the dn for the record
669
      util.debugMessage("\nStarting search phase...\n");
670
      Attributes matchAttrs = new BasicAttributes(true);
671
      matchAttrs.put(new BasicAttribute("uid", user));
672
      NamingEnumeration answer = ctx.search("", matchAttrs);
673
      if (answer.hasMore()) {
674
        SearchResult sr = (SearchResult)answer.next();
675
        identifier = sr.getName();
676
        util.debugMessage("Found: " + identifier);
677
      } else {
678
        Attributes matchAttrs2 = new BasicAttributes(true);
679
        matchAttrs2.put(new BasicAttribute("cn", user));
680
        NamingEnumeration answer2 = ctx.search("", matchAttrs2);
681
        if (answer2.hasMore()) {
682
          SearchResult sr = (SearchResult)answer2.next();
683
          identifier = sr.getName();
684
          util.debugMessage("Found: " + identifier);
685
        } else {
686
          Attributes matchAttrs3 = new BasicAttributes(true);
687
          matchAttrs3.put(new BasicAttribute("sn", user));
688
          NamingEnumeration answer3 = ctx.search("", matchAttrs3);
689
          if (answer3.hasMore()) {
690
            SearchResult sr = (SearchResult)answer3.next();
691
            identifier = sr.getName();
692
            util.debugMessage("Found: " + identifier);
772
        // Create the initial directory context
773
        DirContext ctx = new InitialDirContext(env);
774

  
775
        // Specify the ids of the attributes to return
776
        String[] attrIDs = {"o","ref"};
777
        SearchControls ctls = new SearchControls();
778
        ctls.setReturningAttributes(attrIDs);
779
        ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
780
          
781
        // Specify the attributes to match.
782
        // Subtrees from the main server are found as objects with attribute
783
        // objectclass=organization or objectclass=referral to the subtree
784
        // resided on other server.
785
        String filter = "(|(objectclass=organization)(objectclass=referral))";
786

  
787
        // Search for objects in the current context
788
        NamingEnumeration enum = ctx.search("", filter, ctls);
789

  
790
        // Print the subtrees' <ldapURL, baseDN>
791
        while (enum.hasMore()) {
792
          SearchResult sr = (SearchResult)enum.next();
793
          Attributes attrs = sr.getAttributes();
794
          NamingEnumeration enum1 = attrs.getAll(); // "dc" and "ref" attrs
795
          if (enum1.hasMore()) {
796
            Attribute attr = (Attribute)enum1.next();
797
            String attrValue = (String)attr.get();
798
            String attrName = (String)attr.getID();
799
 //System.out.println(attrName + "=" + attrValue);
800
            if ( enum1.hasMore() ) {
801
              attr = (Attribute)enum1.next();
802
              String refValue = (String)attr.get();
803
              String refName = (String)attr.getID();
804
 //System.out.println(refName + "=" + refValue);
805
              if ( ldapBase.startsWith(refName + "=" + refValue) ) {
806
                trees.put(ldapBase,
807
                          attrValue.substring(0,attrValue.lastIndexOf("/")+1) );
808
              } else {
809
                trees.put(refName + "=" + refValue + "," + ldapBase,
810
                          attrValue.substring(0,attrValue.lastIndexOf("/")+1) );
811
              }
812
 //System.out.println("REFERRAL:" + attrValue);
813
            } else if ( ldapBase.startsWith(attrName + "=" + attrValue) ) {
814
                trees.put(ldapBase, ldapUrl);
815
            } else {              
816
                trees.put(attrName + "=" + attrValue + "," + ldapBase, ldapUrl);
817
 //System.out.println(ldapUrl + attrName + "=" + attrValue + "," + ldapBase);
818
            }
693 819
          }
694 820
        }
695
      }
696
      // Close the context when we're done the initial search
697
      ctx.close();
821

  
822
        // Close the context when we're done
823
        ctx.close();
824
      //} else {
825
      //  System.out.println("Not authenticated user: " + user + "@" + ldapUrl + ldapBase);
826
      //}
827

  
698 828
    } catch (NamingException e) {
699
      util.debugMessage("Naming exception while getting dn: " + e);
700
      System.out.println("Naming exception in AuthLdap.getIdentifyingName");
701
      throw new NamingException(
702
      "Naming exception in AuthLdap.getIdentifyingName: " + e);
829
      System.err.println("Problem getting subtrees in AuthLdap.getSubtrees:" + e);
830
      throw new ConnectException(
831
      "Problem getting subtrees in AuthLdap.getSubtrees:" + e);
703 832
    }
704 833

  
705
    return identifier;
834
//System.out.println("number of subtrees:" + trees.size());
835
    return trees;
706 836
  }
707 837

  
708 838
  /**
709
   * Get list of all groups and users from authentication scheme.
839
   * Get all groups and users from authentication scheme.
710 840
   * The output is formatted in XML.
841
   * @param user the user which requests the information
842
   * @param password the user's password
711 843
   */
712
  private String getPrincipals(String user, String password)
844
  public String getPrincipals(String user, String password)
713 845
                throws ConnectException
714 846
  {
715 847
    StringBuffer out = new StringBuffer();
716
    String[] groups = getGroups(user, password);
717 848
    Vector usersIn = new Vector();
718 849
    
850
    //String ldapUrl = "ldap://dev.nceas.ucsb.edu/";
851
    //String ldapBase = "dc=ecoinformatics,dc=org";
852
    //String ldapUrl = "ldap://ldap.nceas.ucsb.edu/";
853
    //String ldapBase = "o=NCEAS,c=US";
854

  
719 855
    out.append("<?xml version=\"1.0\"?>\n");
720
    out.append("<principals authSystemURI=\"" + ldapUrl + ldapBase + "\">\n");
856
    out.append("<principals>\n");
721 857
    
722
    // for the groups and users that belong to them
723
    if ( groups.length > 0 ) {
724
      for (int i=0; i < groups.length; i++ ) {
725
        out.append("  <group>\n");
726
        out.append("    <groupname>" + groups[i] + "<groupname>\n");
727
        String[] usersForGroup = getUsers(user,password,groups[i]);
728
        for (int j=0; j < usersForGroup.length; j++ ) {
729
          usersIn.addElement(usersForGroup[j]);
858
    /*
859
     * get all subtrees first in the current dir context 
860
     * and then the Metacat users under them
861
     */
862
    Hashtable subtrees = getSubtrees(user,password,this.ldapUrl,this.ldapBase);
863
    
864
    Enumeration enum = subtrees.keys();
865
    while ( enum.hasMoreElements() ) {
866
      this.ldapBase = (String)enum.nextElement();
867
      this.ldapUrl = (String)subtrees.get(ldapBase);
868
      
869
      out.append("  <authSystem URI=\"" + 
870
                 this.ldapUrl + this.ldapBase + "\">\n");
871

  
872
      // get all groups for directory context
873
      String[] groups = getGroups(user, password);
874

  
875
      // for the groups and users that belong to them
876
      if ( groups.length > 0 ) {
877
        for (int i=0; i < groups.length; i++ ) {
878
          out.append("    <group>\n");
879
          out.append("      <groupname>" + groups[i] + "<groupname>\n");
880
          String[] usersForGroup = getUsers(user,password,groups[i]);
881
          for (int j=0; j < usersForGroup.length; j++ ) {
882
            usersIn.addElement(usersForGroup[j]);
883
            out.append("      <user>\n");
884
            out.append("        <username>" + usersForGroup[j] + "<username>\n");
885
            out.append("      </user>\n");
886
          }
887
          out.append("    </group>\n");
888
        }
889
      }
890
      // for the users not belonging to any group
891
      String[] users = getUsers(user, password);
892
      for (int j=0; j < users.length; j++ ) {
893
        if ( !usersIn.contains(users[j]) ) {
730 894
          out.append("    <user>\n");
731
          out.append("      <username>" + usersForGroup[j] + "<username>\n");
895
          out.append("      <username>" + users[j] + "<username>\n");
732 896
          out.append("    </user>\n");
733 897
        }
734
        out.append("  </group>\n");
735 898
      }
736
    }
737
    // for the users not belonging to any group
738
    String[] users = getUsers(user, password);
739
    for (int j=0; j < users.length; j++ ) {
740
      if ( !usersIn.contains(users[j]) ) {
741
        out.append("  <user>\n");
742
        out.append("    <username>" + users[j] + "<username>\n");
743
        out.append("  </user>\n");
899
    
900
      out.append("  </authSystem>\n");
901
      if ( !usersIn.isEmpty() ) {
902
        usersIn.removeAllElements();
903
        usersIn.trimToSize();
744 904
      }
905
    
745 906
    }
746
    
747 907
    out.append("</principals>");
748 908
    return out.toString();
749 909
  }
......
781 941
          Iterator attvalues = values.iterator();
782 942
          while (attvalues.hasNext()) {
783 943
            String value = (String)attvalues.next();
784
            System.out.println(att + ": " + value);
944
          //  System.out.println(att + ": " + value);
785 945
          }
786 946
        }
787 947

  
......
809 969
*/
810 970
      // get the whole list groups and users in XML format
811 971
      if (isValid) {
972
        authservice = new AuthLdap();
812 973
        String out = authservice.getPrincipals(user, password);
813 974
        java.io.File f = new java.io.File("principals.txt");
814 975
        java.io.FileWriter fw = new java.io.FileWriter(f);
......
820 981
      }
821 982

  
822 983
    } catch (ConnectException ce) {
823
      System.err.println("Error connecting to LDAP server in authldap.main");
984
      System.err.println(ce.getMessage());
824 985
    } catch (java.io.IOException ioe) {
825 986
      System.err.println("I/O Error writing to file principals.txt");
826 987
    }
src/edu/ucsb/nceas/metacat/AuthSession.java
41 41
  private String authClass = null;
42 42
  private HttpSession session = null;
43 43
  private AuthInterface authService = null;
44
  private String ldapUrl;
45
  private String ldapBase;
46 44
  private String statusMessage = null;
47 45
 
48 46
  /** 
......
55 53
    MetaCatUtil util = new MetaCatUtil();
56 54
    this.authClass = util.getOption("authclass");
57 55
    this.authService = (AuthInterface)createObject(authClass);
58
    this.ldapUrl = util.getOption("ldapurl");
59
    this.ldapBase = util.getOption("ldapbase");
60 56
    
61 57
  }
62 58

  
......
132 128
  }
133 129

  
134 130
  /**
135
   * Get list of all groups and users from authentication scheme.
131
   * Get all groups and users from authentication scheme.
136 132
   * The output is formatted in XML.
133
   * @param user the user which requests the information
134
   * @param password the user's password
137 135
   */
138 136
  public String getPrincipals(String user, String password)
139 137
                throws ConnectException
140 138
  {
141
    StringBuffer out = new StringBuffer();
142
    String[] groups = authService.getGroups(user, password);
143
    
144
    out.append("<?xml version=\"1.0\"?>\n");
145
    out.append("<principals authSystemURI=\"" + ldapUrl + ldapBase + "\">\n");
146
    
147
    // for the groups and users that belong to them
148
    if ( groups.length > 0 ) {
149
      for (int i=0; i < groups.length; i++ ) {
150
        out.append("  <group>\n");
151
        out.append("    <groupname>" + groups[i] + "<groupname>\n");
152
        String[] usersForGroup = authService.getUsers(user,password,groups[i]);
153
        for (int j=0; j < usersForGroup.length; j++ ) {
154
          out.append("    <user>\n");
155
          out.append("      <username>" + usersForGroup[j] + "<username>\n");
156
          out.append("    </user>\n");
157
        }
158
        out.append("</group>\n");
159
      }
160
    // for the users only when there are no any groups defined
161
    } else {
162
      String[] users = authService.getUsers(user, password);
163
      for (int j=0; j < users.length; j++ ) {
164
        out.append("  <user>\n");
165
        out.append("    <username>" + users[j] + "<username>\n");
166
        out.append("  </user>\n");
167
      }
168
    }
169
    
170
    out.append("</principals>");
171
    return out.toString();
139
    return authService.getPrincipals(user, password);
172 140
  }
173 141

  
174 142
  /* 
src/edu/ucsb/nceas/metacat/AuthMcat.java
426 426
  }
427 427

  
428 428
  /**
429
   * Get all groups and users from authentication scheme.
430
   * The output is formatted in XML.
431
   * @param user the user which requests the information
432
   * @param password the user's password
433
   */
434
  public String getPrincipals(String user, String password)
435
                throws ConnectException
436
  {
437
    // NOT IMPLEMENTED YET
438
    return null;
439
  }
440

  
441
  /**
429 442
   * Test method for the class
430 443
   */
431 444
  public static void main(String[] args) {
src/edu/ucsb/nceas/metacat/AuthInterface.java
93 93
   */
94 94
  public HashMap getAttributes(String user, String password, String foruser) 
95 95
         throws ConnectException;
96

  
97
  /**
98
   * Get all groups and users from authentication service.
99
   * The output is formatted in XML.
100
   * @param user the user which requests the information
101
   * @param password the user's password
102
   */
103
  public String getPrincipals(String user, String password)
104
                throws ConnectException;
96 105
}

Also available in: Unified diff