Commit fe013246 authored by Matt Tucker's avatar Matt Tucker Committed by matt

Code cleanup, improved how search filters work (JM-792).

git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@4793 b35dd754-fafc-0310-a699-88a17e54d16e
parent b5bbc3b8
...@@ -66,11 +66,11 @@ import java.util.regex.Pattern; ...@@ -66,11 +66,11 @@ import java.util.regex.Pattern;
public class LdapManager { public class LdapManager {
private Collection<String> hosts = new ArrayList<String>(); private Collection<String> hosts = new ArrayList<String>();
private int port = 389; private int port;
private String usernameField = "uid"; private String usernameField;
private String nameField = "cn"; private String nameField;
private String emailField = "mail"; private String emailField;
private String baseDN = ""; private String baseDN;
private String alternateBaseDN = null; private String alternateBaseDN = null;
private String adminDN = null; private String adminDN = null;
private String adminPassword; private String adminPassword;
...@@ -83,8 +83,8 @@ public class LdapManager { ...@@ -83,8 +83,8 @@ public class LdapManager {
private boolean subTreeSearch; private boolean subTreeSearch;
private boolean encloseUserDN; private boolean encloseUserDN;
private String groupNameField = "cn"; private String groupNameField;
private String groupMemberField = "member"; private String groupMemberField;
private String groupDescriptionField = "description"; private String groupDescriptionField = "description";
private boolean posixMode = false; private boolean posixMode = false;
private String groupSearchFilter = null; private String groupSearchFilter = null;
...@@ -114,73 +114,30 @@ public class LdapManager { ...@@ -114,73 +114,30 @@ public class LdapManager {
while (st.hasMoreTokens()) { while (st.hasMoreTokens()) {
hosts.add(st.nextToken()); hosts.add(st.nextToken());
} }
String portStr = JiveGlobals.getXMLProperty("ldap.port"); this.port = JiveGlobals.getXMLProperty("ldap.port", 389);
if (portStr != null) { this.usernameField = JiveGlobals.getXMLProperty("ldap.usernameField", "uid");
try { this.baseDN = JiveGlobals.getXMLProperty("ldap.baseDN", "");
this.port = Integer.parseInt(portStr); this.alternateBaseDN = JiveGlobals.getXMLProperty("ldap.alternateBaseDN", null);
} this.nameField = JiveGlobals.getXMLProperty("ldap.nameField", "cn");
catch (NumberFormatException nfe) { this.emailField = JiveGlobals.getXMLProperty("ldap.emailField", "mail");
// Ignore. this.connectionPoolEnabled = JiveGlobals.getXMLProperty("ldap.connectionPoolEnabled", false);
} this.searchFilter = JiveGlobals.getXMLProperty("ldap.searchFilter");
}
if (JiveGlobals.getXMLProperty("ldap.usernameField") != null) {
this.usernameField = JiveGlobals.getXMLProperty("ldap.usernameField");
}
if (JiveGlobals.getXMLProperty("ldap.baseDN") != null) {
this.baseDN = JiveGlobals.getXMLProperty("ldap.baseDN");
}
if (JiveGlobals.getXMLProperty("ldap.alternateBaseDN") != null) {
this.alternateBaseDN = JiveGlobals.getXMLProperty("ldap.alternateBaseDN");
}
if (JiveGlobals.getXMLProperty("ldap.nameField") != null) {
this.nameField = JiveGlobals.getXMLProperty("ldap.nameField");
}
if (JiveGlobals.getXMLProperty("ldap.emailField") != null) {
this.emailField = JiveGlobals.getXMLProperty("ldap.emailField");
}
if (JiveGlobals.getXMLProperty("ldap.connectionPoolEnabled") != null) {
this.connectionPoolEnabled = Boolean.valueOf(
JiveGlobals.getXMLProperty("ldap.connectionPoolEnabled"));
}
if (JiveGlobals.getXMLProperty("ldap.searchFilter") != null) {
this.searchFilter = JiveGlobals.getXMLProperty("ldap.searchFilter");
}
else {
StringBuilder filter = new StringBuilder();
filter.append("(").append(usernameField).append("={0})");
this.searchFilter = filter.toString();
}
this.subTreeSearch = JiveGlobals.getXMLProperty("ldap.subTreeSearch", true); this.subTreeSearch = JiveGlobals.getXMLProperty("ldap.subTreeSearch", true);
if (JiveGlobals.getXMLProperty("ldap.groupNameField") != null) { this.groupNameField = JiveGlobals.getXMLProperty("ldap.groupNameField", "cn");
this.groupNameField = JiveGlobals.getXMLProperty("ldap.groupNameField"); this.groupMemberField = JiveGlobals.getXMLProperty("ldap.groupMemberField", "member");
} this.groupDescriptionField = JiveGlobals.getXMLProperty("ldap.groupDescriptionField",
if (JiveGlobals.getXMLProperty("ldap.groupMemberField") != null) { "description");
this.groupMemberField = JiveGlobals.getXMLProperty("ldap.groupMemberField"); this.posixMode = JiveGlobals.getXMLProperty("ldap.posixMode", false);
} this.groupSearchFilter = JiveGlobals.getXMLProperty("ldap.groupSearchFilter");
if (JiveGlobals.getXMLProperty("ldap.groupDescriptionField") != null) {
this.groupDescriptionField = JiveGlobals.getXMLProperty("ldap.groupDescriptionField");
}
if (JiveGlobals.getXMLProperty("ldap.posixMode") != null) {
this.posixMode = Boolean.valueOf(JiveGlobals.getXMLProperty("ldap.posixMode"));
}
if (JiveGlobals.getXMLProperty("ldap.groupSearchFilter") != null) {
this.groupSearchFilter = JiveGlobals.getXMLProperty("ldap.groupSearchFilter");
}
else {
this.groupSearchFilter = "("+groupMemberField+"={0})";
}
this.adminDN = JiveGlobals.getXMLProperty("ldap.adminDN"); this.adminDN = JiveGlobals.getXMLProperty("ldap.adminDN");
if (adminDN != null && adminDN.trim().equals("")) { if (adminDN != null && adminDN.trim().equals("")) {
adminDN = null; adminDN = null;
} }
this.adminPassword = JiveGlobals.getXMLProperty("ldap.adminPassword"); this.adminPassword = JiveGlobals.getXMLProperty("ldap.adminPassword");
this.ldapDebugEnabled = Boolean.valueOf(JiveGlobals.getXMLProperty( this.ldapDebugEnabled = JiveGlobals.getXMLProperty("ldap.debugEnabled", false);
"ldap.debugEnabled")); this.sslEnabled = JiveGlobals.getXMLProperty("ldap.sslEnabled", false);
this.sslEnabled = Boolean.valueOf(JiveGlobals.getXMLProperty( this.followReferrals = JiveGlobals.getXMLProperty("ldap.autoFollowReferrals", false);
"ldap.sslEnabled"));
this.followReferrals = Boolean.valueOf(JiveGlobals.getXMLProperty(
"ldap.autoFollowReferrals"));
encloseUserDN = JiveGlobals.getXMLProperty("ldap.encloseUserDN", true); encloseUserDN = JiveGlobals.getXMLProperty("ldap.encloseUserDN", true);
// Set the pattern to use to wrap userDNs values " // Set the pattern to use to wrap userDNs values "
userDNPattern = Pattern.compile("(=)([^\\\"][^=]*[^\\\"])(?:,|$)"); userDNPattern = Pattern.compile("(=)([^\\\"][^=]*[^\\\"])(?:,|$)");
...@@ -453,9 +410,9 @@ public class LdapManager { ...@@ -453,9 +410,9 @@ public class LdapManager {
* will be performed using the field "uid", but this can be changed by setting * will be performed using the field "uid", but this can be changed by setting
* the <tt>usernameField</tt> property.<p> * the <tt>usernameField</tt> property.<p>
* *
* Searches are performed over all subtrees relative to the <tt>baseDN</tt>. * Searches are performed over all sub-trees relative to the <tt>baseDN</tt> unless
* For example, if the <tt>baseDN</tt> is "o=jivesoftware, o=com" and we * sub-tree searching has been disabled. For example, if the <tt>baseDN</tt> is
* do a search for "mtucker", then we might find a userDN of * "o=jivesoftware, o=com" and we do a search for "mtucker", then we might find a userDN of
* "uid=mtucker,ou=People". This kind of searching is a good thing since * "uid=mtucker,ou=People". This kind of searching is a good thing since
* it doesn't make the assumption that all user records are stored in a flat * it doesn't make the assumption that all user records are stored in a flat
* structure. However, it does add the requirement that "uid" field (or the * structure. However, it does add the requirement that "uid" field (or the
...@@ -465,13 +422,13 @@ public class LdapManager { ...@@ -465,13 +422,13 @@ public class LdapManager {
* "uid=mtucker,ou=Administrators". In such a case, it's not possible to * "uid=mtucker,ou=Administrators". In such a case, it's not possible to
* uniquely identify a user, so this method will throw an error.<p> * uniquely identify a user, so this method will throw an error.<p>
* *
* The dn that's returned is relative to the <tt>baseDN</tt>. * The DN that's returned is relative to the <tt>baseDN</tt>.
* *
* @param username the username to lookup the dn for. * @param username the username to lookup the dn for.
* @param baseDN the base DN to use for this search. * @param baseDN the base DN to use for this search.
* @return the dn associated with <tt>username</tt>. * @return the dn associated with <tt>username</tt>.
* @throws Exception if the search for the dn fails. * @throws Exception if the search for the dn fails.
* @see #findUserDN(String) to search using the default baseDN and alternateBaseDN. * @see #findUserDN(String) to search using the default baseDN and alternateBaseDN.
*/ */
public String findUserDN(String username, String baseDN) throws Exception { public String findUserDN(String username, String baseDN) throws Exception {
boolean debug = Log.isDebugEnabled(); boolean debug = Log.isDebugEnabled();
...@@ -497,7 +454,7 @@ public class LdapManager { ...@@ -497,7 +454,7 @@ public class LdapManager {
} }
constraints.setReturningAttributes(new String[] { usernameField }); constraints.setReturningAttributes(new String[] { usernameField });
NamingEnumeration answer = ctx.search("", searchFilter, new String[] {username}, NamingEnumeration answer = ctx.search("", getSearchFilter(), new String[] {username},
constraints); constraints);
if (debug) { if (debug) {
...@@ -703,6 +660,7 @@ public class LdapManager { ...@@ -703,6 +660,7 @@ public class LdapManager {
this.usernameField = usernameField; this.usernameField = usernameField;
if (usernameField == null) { if (usernameField == null) {
JiveGlobals.deleteXMLProperty("ldap.usernameField"); JiveGlobals.deleteXMLProperty("ldap.usernameField");
this.usernameField = "uid";
} }
else { else {
JiveGlobals.setXMLProperty("ldap.usernameField", usernameField); JiveGlobals.setXMLProperty("ldap.usernameField", usernameField);
...@@ -856,32 +814,32 @@ public class LdapManager { ...@@ -856,32 +814,32 @@ public class LdapManager {
} }
/** /**
* Returns the filter used for searching the directory for users. * Returns the filter used for searching the directory for users, which includes
* the default filter (username field search) plus any custom-defined search filter.
* *
* @return the search filter. * @return the search filter.
*/ */
public String getSearchFilter() { public String getSearchFilter() {
return searchFilter; StringBuilder filter = new StringBuilder();
if (searchFilter == null) {
filter.append("(").append(usernameField).append("={0})");
}
else {
filter.append("(&(").append(usernameField).append("={0})");
filter.append(searchFilter).append(")");
}
return filter.toString();
} }
/** /**
* Sets the filter used for searching the directory for users. The filter should * Sets the search filter appended to the default filter when searching for users.
* contain a single token "{0}" that will be dynamically replaced with the
* user's unique ID.
* *
* @param searchFilter the search filter. * @param searchFilter the search filter appended to the default filter
* when searching for users.
*/ */
public void setSearchFilter(String searchFilter) { public void setSearchFilter(String searchFilter) {
if (searchFilter == null || "".equals(searchFilter)) { this.searchFilter = searchFilter;
StringBuilder filter = new StringBuilder(); JiveGlobals.setXMLProperty("ldap.searchFilter", searchFilter);
filter.append("(").append(usernameField).append("={0})");
this.searchFilter = filter.toString();
JiveGlobals.deleteXMLProperty("ldap.searchFilter");
}
else {
this.searchFilter = searchFilter;
JiveGlobals.setXMLProperty("ldap.searchFilter", searchFilter);
}
} }
/** /**
...@@ -998,20 +956,28 @@ public class LdapManager { ...@@ -998,20 +956,28 @@ public class LdapManager {
} }
/** /**
* Return the field used as the search filter when searching for groups. * Returns the filter used for searching the directory for groups, which includes
* Value of groupSearchFilter defaults "(groupMemberField=*)". * the default filter plus any custom-defined search filter.
* *
* @return the field used as the search filter when searching for groups. * @return the search filter when searching for groups.
*/ */
public String getGroupSearchFilter() { public String getGroupSearchFilter() {
return groupSearchFilter; StringBuilder groupFilter = new StringBuilder();
if (groupSearchFilter == null) {
groupFilter.append("(").append(groupNameField).append("={0})");
}
else {
groupFilter.append("(&(").append(groupNameField).append("={0})");
groupFilter.append(groupSearchFilter).append(")");
}
return groupFilter.toString();
} }
/** /**
* Sets the field used as the search filter when searching for groups. * Sets the search filter appended to the default filter when searching for groups.
* Value of groupSearchFilter defaults "(groupMemberField=*)".
* *
* @param groupSearchFilter the field used as the search filter when searching for groups. * @param groupSearchFilter the search filter appended to the default filter
* when searching for groups.
*/ */
public void setGroupSearchFilter(String groupSearchFilter) { public void setGroupSearchFilter(String groupSearchFilter) {
this.groupSearchFilter = groupSearchFilter; this.groupSearchFilter = groupSearchFilter;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment