Commit 8a9b33c7 authored by Gaston Dombiak's avatar Gaston Dombiak Committed by gato

Alternate DN and base DN are treated as one. JM-722

git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@5715 b35dd754-fafc-0310-a699-88a17e54d16e
parent 4fdfd5a6
...@@ -124,10 +124,8 @@ ...@@ -124,10 +124,8 @@
</li> </li>
<li>ldap.alternateBaseDN -- a second DN in the directory can optionally be set. If set, the <li>ldap.alternateBaseDN -- a second DN in the directory can optionally be set. If set, the
alternate base DN alternate base DN will be used for authentication, loading single users and displaying a
will be used for authentication and loading single users, but will not be used to display a list of users. Content in the base DN and the alternate DN will be treated as one.
list of users
(due to technical limitations).
<li>ldap.adminDN -- a directory administrator's DN. All directory operations will be <li>ldap.adminDN -- a directory administrator's DN. All directory operations will be
performed performed
with this account. The admin must be able to perform searches and load user records. The with this account. The admin must be able to perform searches and load user records. The
......
...@@ -318,15 +318,25 @@ public class LdapManager { ...@@ -318,15 +318,25 @@ public class LdapManager {
/** /**
* Returns a DirContext for the LDAP server that can be used to perform * Returns a DirContext for the LDAP server that can be used to perform
* lookups and searches using the default base DN. The context uses the * lookups and searches using the default base DN. The alternate DN will be used
* in case there is a {@link NamingException} using base DN. The context uses the
* admin login that is defined by <tt>adminDN</tt> and <tt>adminPassword</tt>. * admin login that is defined by <tt>adminDN</tt> and <tt>adminPassword</tt>.
* *
* @return a connection to the LDAP server. * @return a connection to the LDAP server.
* @throws NamingException if there is an error making the LDAP connection. * @throws NamingException if there is an error making the LDAP connection.
*/ */
public LdapContext getContext() throws NamingException { public LdapContext getContext() throws NamingException {
try {
return getContext(baseDN); return getContext(baseDN);
} }
catch (NamingException e) {
if (alternateBaseDN != null) {
return getContext(alternateBaseDN);
} else {
throw(e);
}
}
}
/** /**
* Returns a DirContext for the LDAP server that can be used to perform * Returns a DirContext for the LDAP server that can be used to perform
...@@ -624,6 +634,7 @@ public class LdapManager { ...@@ -624,6 +634,7 @@ public class LdapManager {
if (userDN.startsWith("ldap://")) { if (userDN.startsWith("ldap://")) {
userDN = userDN.replace("," + baseDN, ""); userDN = userDN.replace("," + baseDN, "");
userDN = userDN.substring(userDN.lastIndexOf("/") + 1); userDN = userDN.substring(userDN.lastIndexOf("/") + 1);
userDN = java.net.URLDecoder.decode(userDN, "UTF-8");
} }
if (encloseUserDN) { if (encloseUserDN) {
// Enclose userDN values between " // Enclose userDN values between "
...@@ -908,6 +919,32 @@ public class LdapManager { ...@@ -908,6 +919,32 @@ public class LdapManager {
} }
} }
/**
* Returns the BaseDN for the given username.
*
* @param username username to return its base DN.
* @return the BaseDN for the given username. If no baseDN is found,
* this method will return <tt>null</tt>.
*/
public String getUsersBaseDN(String username) {
try {
findUserDN(username, baseDN);
return baseDN;
}
catch (Exception e) {
try {
if (alternateBaseDN != null) {
findUserDN(username, alternateBaseDN);
return alternateBaseDN;
}
}
catch (Exception ex) {
Log.debug(ex);
}
}
return null;
}
/** /**
* Returns the starting admin DN that searches for admins will performed with. * Returns the starting admin DN that searches for admins will performed with.
* Searches will performed on the entire sub-tree under the admin DN. * Searches will performed on the entire sub-tree under the admin DN.
......
...@@ -136,7 +136,7 @@ public class LdapVCardProvider implements VCardProvider { ...@@ -136,7 +136,7 @@ public class LdapVCardProvider implements VCardProvider {
try { try {
String userDN = manager.findUserDN(username); String userDN = manager.findUserDN(username);
ctx = manager.getContext(); ctx = manager.getContext(manager.getUsersBaseDN(username));
Attributes attrs = ctx.getAttributes(userDN, template.getAttributes()); Attributes attrs = ctx.getAttributes(userDN, template.getAttributes());
for (String attribute : template.getAttributes()) { for (String attribute : template.getAttributes()) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment