Skip to content

O
Openfire
Commit 18cc4f4a authored by Matt Tucker's avatar Matt Tucker Committed by matt
Browse files
Options

Bug fixes from Greg Ferguson and Cameron Moore: 

* All searches are done using the SUBTREE_SCOPE instead of the default, OBJECT_SCOPE. 
* The class now correctly uses the ldap.groupNameField section of the XML config file. 
* Correctly sorts groups and members within groups. 
* Correctly handle special characters, commas, within the CN (common name).


git-svn-id: http://svn.igniterealtime.org/svn/repos/messenger/trunk@1687 b35dd754-fafc-0310-a699-88a17e54d16e
parent 6505c538
Hide whitespace changes
Inline Side-by-side
Showing with 56 additions and 36 deletions
src/java/org/jivesoftware/messenger/ldap/LdapGroupProvider.java
View file @ 18cc4f4a
......@@ -17,27 +17,24 @@ import org.jivesoftware.messenger.group.*;
import org.xmpp.packet.JID;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.TreeMap;
import java.util.TreeSet;
import java.util.Collection;
import java.util.Iterator;
import java.util.StringTokenizer;
import java.text.MessageFormat;
import javax.naming.Context;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.*;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.LdapName;
/**
* LDAP implementation of the GroupProvider interface. All data in the directory is
* treated as read-only so any set operations will result in an exception.
*
* @author Greg Ferguson
* @author Greg Ferguson and Cameron Moore
*/
public class LdapGroupProvider implements GroupProvider
public class LdapGroupProvider implements GroupProvider
{
private LdapManager manager;
......@@ -145,7 +142,7 @@ public class LdapGroupProvider implements GroupProvider
}
/**
* Will return the current number of groups in the
* Will return the current number of groups in the
* LDAP server.
*
* @return the number of groups in the LDAP server.
......@@ -173,8 +170,10 @@ public class LdapGroupProvider implements GroupProvider
}
// Search for the dn based on the groupname.
answer = ctx.search("",searchFilter,new SearchControls());
SearchControls ctrls = new SearchControls();
ctrls.setSearchScope(SearchControls.SUBTREE_SCOPE);
answer = ctx.search("",searchFilter,ctrls);
if (manager.isDebugEnabled()) {
Log.debug("... search finished");
}
......@@ -184,7 +183,7 @@ public class LdapGroupProvider implements GroupProvider
if (manager.isDebugEnabled())
Log.debug("Error while searching for groups.",e);
}
try
try
{
while (answer.hasMoreElements())
{
......@@ -211,9 +210,9 @@ public class LdapGroupProvider implements GroupProvider
}
/**
* Will return a collecion of groups in the system
* based on the start index and end index. Useful when
* displaying a certain number of groups per page
* Will return a collecion of groups in the system
* based on the start index and end index. Useful when
* displaying a certain number of groups per page
* on a webpage.
*
* @param start starting index
......@@ -237,7 +236,7 @@ public class LdapGroupProvider implements GroupProvider
}
/**
* Will return a collection of groups in the
* Will return a collection of groups in the
* system that the user provided belongs to.
*
* @param user a user
......@@ -258,7 +257,7 @@ public class LdapGroupProvider implements GroupProvider
return new ArrayList<Group>();
}
}
String filter = MessageFormat.format(manager.getGroupSearchFilter(),username);
return getGroupBasedOnFilter(filter);
}
......@@ -301,7 +300,7 @@ public class LdapGroupProvider implements GroupProvider
* @param username Name of a user.
* @throws UnsupportedOperationException when called.
*/
public void deleteMember(String groupName, String username)
public void deleteMember(String groupName, String username)
throws UnsupportedOperationException
{
throw new UnsupportedOperationException();
......@@ -313,13 +312,13 @@ public class LdapGroupProvider implements GroupProvider
*
* @return true always because all LDAP functions are read only.
*/
public boolean isReadOnly()
public boolean isReadOnly()
{
return true;
}
/**
* An auxilary method used to perform LDAP queries based on a
* An auxilary method used to perform LDAP queries based on a
* provided LDAP search filter.
*
* @return a collection of groups.
......@@ -327,7 +326,7 @@ public class LdapGroupProvider implements GroupProvider
*/
public Collection<Group> getGroupBasedOnFilter (String searchFilter)
{
ArrayList<Group> groups = new ArrayList<Group>();
TreeMap<String,Group> groups = new TreeMap<String,Group>();
boolean debug = Log.isDebugEnabled();
if (debug) {
Log.debug("Trying to find all groups in the system.");
......@@ -344,10 +343,11 @@ public class LdapGroupProvider implements GroupProvider
// Search for the dn based on the groupname.
SearchControls searchControls = new SearchControls();
String returnedAtts[]= { manager.getNameField(),
manager.getGroupDescriptionField(),
String returnedAtts[]= { manager.getGroupNameField(),
manager.getGroupDescriptionField(),
manager.getGroupMemberField() };
searchControls.setReturningAttributes(returnedAtts);
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
answer = ctx.search("",searchFilter,searchControls);
if (manager.isDebugEnabled()) {
......@@ -359,9 +359,13 @@ public class LdapGroupProvider implements GroupProvider
{
if (manager.isDebugEnabled())
Log.debug("Error while searching for groups.",e);
return groups;
return groups.values();
}
SearchControls ctrls = new SearchControls();
ctrls.setReturningAttributes( new String[]{manager.getUsernameField()} );
ctrls.setSearchScope(SearchControls.SUBTREE_SCOPE);
while (answer.hasMoreElements())
{
String name = "";
......@@ -371,14 +375,14 @@ public class LdapGroupProvider implements GroupProvider
String description;
try
{
name = ((String)((a.get(manager.getNameField())).get()));
name = ((String)((a.get(manager.getGroupNameField())).get()));
description = ((String)((a.get(manager.getGroupDescriptionField())).get()));
}
catch (Exception e)
{
description = "";
}
ArrayList<String> members = new ArrayList<String>();
TreeSet<String> members = new TreeSet<String>();
Attribute member = a.get(manager.getGroupMemberField());
NamingEnumeration ne = member.getAll();
while (ne.hasMore())
......@@ -386,16 +390,30 @@ public class LdapGroupProvider implements GroupProvider
String userName = (String)ne.next();
if (!manager.getPosixEnabled())
{ //userName is full dn if not posix
StringTokenizer st = new StringTokenizer(userName,",");
Attributes attrs = ctx.getAttributes(st.nextToken(),
new String[]{manager.getUsernameField()});
Attribute a1 = attrs.get(manager.getUsernameField());
if (a1 != null)
userName = (String)a1.get();
try
{
// Get the CN using LDAP
Name ldapname = new LdapName(userName);
String ldapcn = ldapname.get(ldapname.size()-1);
// We have to do a new search to find the username field
NamingEnumeration usrAnswer = ctx.search("",ldapcn,ctrls);
if (usrAnswer.hasMoreElements())
{
userName = (String)((SearchResult)usrAnswer.next()).getAttributes().get(
manager.getUsernameField()).get();
}
}
catch (Exception e)
{
if (manager.isDebugEnabled())
Log.debug("Error populating user with DN: "+userName,e);
}
}
try
{
User user = userManager.getUser(userName);
User user = userManager.getUser(JID.escapeNode(userName));
members.add(user.getUsername());
}
catch (UserNotFoundException e)
......@@ -404,8 +422,10 @@ public class LdapGroupProvider implements GroupProvider
Log.debug("User not found: "+userName);
}
}
if (manager.isDebugEnabled())
Log.debug("Adding group \""+name+"\" with "+members.size()+" members.");
Group g = new Group(this,name,description,members,new ArrayList<String>());
groups.add(g);
groups.put(name,g);
}
catch (Exception e)
{
......@@ -422,6 +442,6 @@ public class LdapGroupProvider implements GroupProvider
}
catch (Exception e) { }
return groups;
return groups.values();
}
}
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023