/** * Search the LDAP user DN stored in an existing user profile with provided LDAP user uid stored. * <p> * If more than one profile is found the first one in returned and an error is logged. * * @param uid the LDAP unique id. * @return the found LDAP DN, null if it can't find one or if it's empty. */ public String searchDn(String uid) { XWikiDocument document = searchDocumentByUid(uid); return document == null ? null : getDn(document); } }
/** * Try LDAP login for given context and return {@link Principal}. * * @param ldapUid the name of the ldap user to log in. * @param validXWikiUserName the name of the XWiki user to log in. * @param password the password of the user to log in. * @param context the XWiki context. * @return the {@link Principal}. * @throws XWikiException error when login. * @throws UnsupportedEncodingException error when login. * @throws LDAPException error when login. */ protected Principal ldapAuthenticateInContext(String ldapUid, String validXWikiUserName, String password, XWikiContext context) throws XWikiException, UnsupportedEncodingException, LDAPException { return ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, false); }
/** * @param userDocument the user profile page. * @return the uid store in the user profile. Null if it can't find any or if it's empty. */ public String getUid(XWikiDocument userDocument) { BaseObject ldapObject = userDocument.getObject(this.ldapClass.getName()); return ldapObject == null ? null : getUid(ldapObject); }
/** * @param validXWikiUserName the valid XWiki name of the user to get the profile for. Used for fast lookup relying * on the document cache before doing a database search. * @param ldapUid the UID to get the profile for * @param context the XWiki context * @return the XWiki document of the user with the passed UID * @throws XWikiException when a problem occurs while retrieving the user profile */ public XWikiDocument getUserProfileByUid(String validXWikiUserName, String ldapUid, XWikiContext context) throws XWikiException { LDAPProfileXClass ldapXClass = new LDAPProfileXClass(context); // Try default profile name (generally in the cache) XWikiDocument userProfile = context.getWiki().getDocument( new DocumentReference(context.getDatabase(), XWIKI_USER_SPACE, validXWikiUserName), context); if (!ldapUid.equalsIgnoreCase(ldapXClass.getUid(userProfile))) { // Search for existing profile with provided uid userProfile = ldapXClass.searchDocumentByUid(ldapUid); // Resolve default profile patch of an uid if (userProfile == null) { userProfile = getAvailableUserProfile(validXWikiUserName, ldapUid, context); } } return userProfile; }
String validXWikiUserName = getValidXWikiUserName(ldapUid); principal = ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, true); } catch (Exception e) { context.setWikiId(context.getMainXWiki()); try { principal = ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, false); } catch (Exception e) {
/** * Update LDAP profile object with provided LDAP user informations. * * @param userDocument the user profile page to update. * @param dn the dn to store in the LDAP profile. * @param uid the uid to store in the LDAP profile. * @return true if modifications has been made to provided user profile, false otherwise. */ public boolean updateLDAPObject(XWikiDocument userDocument, String dn, String uid) { BaseObject ldapObject = userDocument.getObject(this.ldapClass.getName(), true, this.context); Map<String, String> map = new HashMap<String, String>(); boolean needsUpdate = false; String objDn = getDn(ldapObject); if (!dn.equalsIgnoreCase(objDn)) { map.put(LDAP_XFIELD_DN, dn); needsUpdate = true; } String objUid = getUid(ldapObject); if (!uid.equalsIgnoreCase(objUid)) { map.put(LDAP_XFIELD_UID, uid); needsUpdate = true; } if (needsUpdate) { this.ldapClass.fromMap(map, ldapObject); } return needsUpdate; }
/** * @param validXWikiUserName a valid XWiki username for which to get a profile document * @param ldapUid ldap UID of the user profile to get * @param context the XWiki context * @return a (new) XWiki document for the passed username * @throws XWikiException when a problem occurs while retrieving the user profile */ private XWikiDocument getAvailableUserProfile(String validXWikiUserName, String ldapUid, XWikiContext context) throws XWikiException { BaseClass userClass = context.getWiki().getUserClass(context); LDAPProfileXClass ldapXClass = new LDAPProfileXClass(context); DocumentReference userReference = new DocumentReference(context.getDatabase(), XWIKI_USER_SPACE, validXWikiUserName); // Check if the default profile document is available for (int i = 0; true; ++i) { if (i > 0) { userReference.setName(validXWikiUserName + "_" + i); } XWikiDocument doc = context.getWiki().getDocument(userReference, context); // Don't use non user existing document if (doc.isNew() || doc.getXObject(userClass.getDocumentReference()) != null) { String ldapUidFromObject = ldapXClass.getUid(doc); // If the user is a LDAP user compare uids if (ldapUidFromObject == null || ldapUid.equalsIgnoreCase(ldapUidFromObject)) { return doc; } } } }
/** * @param userDocument the user profile page. * @return the dn store in the user profile. Null if it can't find any or if it's empty. */ public String getDn(XWikiDocument userDocument) { BaseObject ldapObject = userDocument.getObject(this.ldapClass.getName()); return ldapObject == null ? null : getDn(ldapObject); }
/** * Update or create LDAP profile of an existing user profile with provided LDAP user informations. * * @param xwikiUserName the name of the XWiki user to update LDAP profile. * @param dn the dn to store in the LDAP profile. * @param uid the uid to store in the LDAP profile. * @throws XWikiException error when storing information in user profile. */ public void updateLDAPObject(String xwikiUserName, String dn, String uid) throws XWikiException { XWikiDocument userDocument = this.context.getWiki().getDocument(XWIKI_USER_SPACE + "." + xwikiUserName, this.context); boolean needsUpdate = updateLDAPObject(userDocument, dn, uid); if (needsUpdate) { this.context.getWiki().saveDocument(userDocument, "Update LDAP user profile", this.context); } }
/** * Synchronize user XWiki membership with it's LDAP membership. * * @param xwikiUserName the name of the user. * @param ldapDn the LDAP DN of the user. * @param createuser indicate if the user is created or updated. * @param ldapUtils the LDAP communication tool. * @param context the XWiki context. * @throws XWikiException error when synchronizing user membership. */ protected void syncGroupsMembership(String xwikiUserName, String ldapDn, boolean createuser, XWikiLDAPUtils ldapUtils, XWikiContext context) throws XWikiException { XWikiLDAPConfig config = XWikiLDAPConfig.getInstance(); // got valid group mappings Map<String, Set<String>> groupMappings = config.getGroupMappings(context); // update group membership, join and remove from given groups // sync group membership for this user if (groupMappings.size() > 0) { // flag if always sync or just on create of the user String syncmode = config.getLDAPParam("ldap_mode_group_sync", "always", context); if (!syncmode.equalsIgnoreCase("create") || createuser) { syncGroupsMembership(xwikiUserName, ldapDn, groupMappings, ldapUtils, context); } } }
/** * @param validXWikiUserName the valid XWiki name of the user to get the profile for. Used for fast lookup relying * on the document cache before doing a database search. * @param ldapUid the UID to get the profile for * @param context the XWiki context * @return the XWiki document of the user with the passed UID * @throws XWikiException when a problem occurs while retrieving the user profile */ public XWikiDocument getUserProfileByUid(String validXWikiUserName, String ldapUid, XWikiContext context) throws XWikiException { LDAPProfileXClass ldapXClass = new LDAPProfileXClass(context); // Try default profile name (generally in the cache) XWikiDocument userProfile = context.getWiki() .getDocument(new DocumentReference(context.getWikiId(), XWIKI_USER_SPACE, validXWikiUserName), context); if (!ldapUid.equalsIgnoreCase(ldapXClass.getUid(userProfile))) { // Search for existing profile with provided uid userProfile = ldapXClass.searchDocumentByUid(ldapUid); // Resolve default profile patch of an uid if (userProfile == null) { userProfile = getAvailableUserProfile(validXWikiUserName, ldapUid, context); } } return userProfile; }
/** * Search the LDAP user DN stored in an existing user profile with provided LDAP user uid stored. * <p> * If more than one profile is found the first one in returned and an error is logged. * * @param uid the LDAP unique id. * @return the found LDAP DN, null if it can't find one or if it's empty. */ public String searchDn(String uid) { XWikiDocument document = searchDocumentByUid(uid); return document == null ? null : getDn(document); } }
String validXWikiUserName = getValidXWikiUserName(ldapUid); principal = ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, true); } catch (Exception e) { context.setDatabase(context.getMainXWiki()); try { principal = ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, false); } catch (Exception e) {
/** * Update LDAP profile object with provided LDAP user informations. * * @param userDocument the user profile page to update. * @param dn the dn to store in the LDAP profile. * @param uid the uid to store in the LDAP profile. * @return true if modifications has been made to provided user profile, false otherwise. */ public boolean updateLDAPObject(XWikiDocument userDocument, String dn, String uid) { BaseObject ldapObject = userDocument.getXObject(this.ldapClass.getDocumentReference(), true, this.context); Map<String, String> map = new HashMap<String, String>(); boolean needsUpdate = false; String objDn = getDn(ldapObject); if (!dn.equalsIgnoreCase(objDn)) { map.put(LDAP_XFIELD_DN, dn); needsUpdate = true; } String objUid = getUid(ldapObject); if (!uid.equalsIgnoreCase(objUid)) { map.put(LDAP_XFIELD_UID, uid); needsUpdate = true; } if (needsUpdate) { this.ldapClass.fromMap(map, ldapObject); } return needsUpdate; }
LDAPProfileXClass ldapXClass = new LDAPProfileXClass(context); String ldapUidFromObject = ldapXClass.getUid(doc);
/** * Try LDAP login for given context and return {@link Principal}. * * @param ldapUid the name of the ldap user to log in. * @param validXWikiUserName the name of the XWiki user to log in. * @param password the password of the user to log in. * @param context the XWiki context. * @return the {@link Principal}. * @throws XWikiException error when login. * @throws UnsupportedEncodingException error when login. * @throws LDAPException error when login. */ protected Principal ldapAuthenticateInContext(String ldapUid, String validXWikiUserName, String password, XWikiContext context) throws XWikiException, UnsupportedEncodingException, LDAPException { return ldapAuthenticateInContext(ldapUid, validXWikiUserName, password, context, false); }
/** * @param userDocument the user profile page. * @return the uid store in the user profile. Null if it can't find any or if it's empty. */ public String getUid(XWikiDocument userDocument) { BaseObject ldapObject = userDocument.getXObject(this.ldapClass.getDocumentReference()); return ldapObject == null ? null : getUid(ldapObject); }
/** * @param userDocument the user profile page. * @return the dn store in the user profile. Null if it can't find any or if it's empty. */ public String getDn(XWikiDocument userDocument) { BaseObject ldapObject = userDocument.getXObject(this.ldapClass.getDocumentReference()); return ldapObject == null ? null : getDn(ldapObject); }
/** * Update or create LDAP profile of an existing user profile with provided LDAP user informations. * * @param xwikiUserName the name of the XWiki user to update LDAP profile. * @param dn the dn to store in the LDAP profile. * @param uid the uid to store in the LDAP profile. * @throws XWikiException error when storing information in user profile. */ public void updateLDAPObject(String xwikiUserName, String dn, String uid) throws XWikiException { XWikiDocument userDocument = this.context.getWiki().getDocument(new LocalDocumentReference(XWIKI_USER_SPACE, xwikiUserName), this.context); boolean needsUpdate = updateLDAPObject(userDocument, dn, uid); if (needsUpdate) { this.context.getWiki().saveDocument(userDocument, "Update LDAP user profile", this.context); } }
/** * Synchronize user XWiki membership with it's LDAP membership. * * @param xwikiUserName the name of the user. * @param ldapDn the LDAP DN of the user. * @param createuser indicate if the user is created or updated. * @param ldapUtils the LDAP communication tool. * @param context the XWiki context. * @throws XWikiException error when synchronizing user membership. */ protected void syncGroupsMembership(String xwikiUserName, String ldapDn, boolean createuser, XWikiLDAPUtils ldapUtils, XWikiContext context) throws XWikiException { XWikiLDAPConfig config = XWikiLDAPConfig.getInstance(); // got valid group mappings Map<String, Set<String>> groupMappings = config.getGroupMappings(context); // update group membership, join and remove from given groups // sync group membership for this user if (groupMappings.size() > 0) { // flag if always sync or just on create of the user String syncmode = config.getLDAPParam("ldap_mode_group_sync", "always", context); if (!syncmode.equalsIgnoreCase("create") || createuser) { syncGroupsMembership(xwikiUserName, ldapDn, groupMappings, ldapUtils, context); } } }