Package com.atlassian.crowd.directory
Class DbCachingRemoteDirectory
java.lang.Object
com.atlassian.crowd.directory.AbstractForwardingDirectory
com.atlassian.crowd.directory.DbCachingRemoteDirectory
- All Implemented Interfaces:
FastEntityCountProvider,MultiValuesQueriesSupport,RemoteDirectory,SynchronisableDirectory,Attributes
public class DbCachingRemoteDirectory
extends AbstractForwardingDirectory
implements RemoteDirectory, SynchronisableDirectory, FastEntityCountProvider, MultiValuesQueriesSupport
A
RemoteDirectory that provides LDAP and Crowd integration plus local storage in an internal directory
for LDAP user and group attributes, and local groups for LDAP and Crowd users with local caching of remote data.
The implementation delegates to an Remote directory for the "source of truth" and an internal directory for caching
and some special local storage.
All the attributes for the directory itself (e.g. base DN, other configuration options) are stored on the directory instance.
Terminology used in this class:
- Remote user
- A user stored in the LDAP or Remote Crowd directory
- Remote group
- A group stored in the LDAP or Remote Crowd directory.
- Local group
- A group stored in the internal directory. There must not be an Remote group with the same name for a local group to exist.
-
Constructor Summary
ConstructorsConstructorDescriptionDbCachingRemoteDirectory(RemoteDirectory remoteDirectory, InternalRemoteDirectory internalDirectory, DirectoryCacheFactory directoryCacheFactory, CacheRefresherFactory cacheRefresherFactory, AuditService auditService, com.atlassian.crowd.manager.audit.mapper.AuditLogUserMapper auditLogUserMapper, String directoryName, com.atlassian.event.api.EventPublisher eventPublisher, com.atlassian.crowd.embedded.spi.DirectoryDao directoryDao, BatchConfigParser batchConfigParser) -
Method Summary
Modifier and TypeMethodDescriptionaddGroup(GroupTemplate group) voidaddGroupToGroup(String childGroup, String parentGroup) addUser(UserTemplateWithAttributes user, PasswordCredential credential) voidaddUserToGroup(String username, String groupName) authenticate(String name, PasswordCredential credential) protected UserauthenticateAndUpdateInternalUser(String name, PasswordCredential credential) Authenticates user and ensures that internal directory contains the authenticated user.protected voidcheckIfUserCanBeUpdatedWithCurrentGroupFiltering(String username, Set<String> userRemoteGroupNames) voidprotected InternalRemoteDirectorylonglonggetKeys()longbooleanisEmpty()booleanbooleanvoidremoveGroup(String name) voidremoveGroupAttributes(String groupName, String attributeName) voidremoveGroupFromGroup(String childGroup, String parentGroup) voidremoveUser(String name) voidremoveUserAttributes(String username, String attributeName) voidremoveUserFromGroup(String username, String groupName) renameGroup(String oldName, String newName) renameUser(String oldName, String newName) voidsetAttributes(Map<String, String> attributes) voidsetDirectoryId(long directoryId) protected booleanshouldSyncGroupMembershipAfterUserAuthentication(boolean isNewUser) voidvoidbooleanThis implementation will store the active flag locally in the internal directory if local user status is enabled and if the active flag cannot be persisted on the underlying remote directory.booleanbooleanbooleanvoidsynchroniseCache(SynchronisationMode mode, SynchronisationStatusManager synchronisationStatusManager) voidupdateGroup(GroupTemplate group) protected voidupdateGroupsMembershipOnLogin(User user, Set<String> userRemoteGroupNames, Directory directory) updateUser(UserTemplate user) protected UserupdateUserAndSetActiveFlag(User remoteUser, User internalUser) voidupdateUserCredential(String username, PasswordCredential credential) updateUserFromRemoteDirectory(User remoteUser) userAuthenticated(String username) Methods inherited from class com.atlassian.crowd.directory.AbstractForwardingDirectory
addUser, countDirectMembersOfGroup, findGroupByName, findGroupWithAttributesByName, findUserByExternalId, findUserByName, findUserWithAttributesByName, getMemberships, getUserAvatarByName, isGroupDirectGroupMember, isUserDirectGroupMember, searchGroupRelationships, searchGroups, searchUsersMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface com.atlassian.crowd.directory.MultiValuesQueriesSupport
searchGroupRelationshipsMethods inherited from interface com.atlassian.crowd.directory.RemoteDirectory
addUser, countDirectMembersOfGroup, findGroupByName, findGroupWithAttributesByName, findUserByExternalId, findUserByName, findUserWithAttributesByName, getLocallyFilteredGroupNames, getMemberships, getUserAvatarByName, isGroupDirectGroupMember, isUserDirectGroupMember, searchGroupRelationships, searchGroups, searchUsers
-
Constructor Details
-
DbCachingRemoteDirectory
public DbCachingRemoteDirectory(RemoteDirectory remoteDirectory, InternalRemoteDirectory internalDirectory, DirectoryCacheFactory directoryCacheFactory, CacheRefresherFactory cacheRefresherFactory, AuditService auditService, com.atlassian.crowd.manager.audit.mapper.AuditLogUserMapper auditLogUserMapper, String directoryName, com.atlassian.event.api.EventPublisher eventPublisher, com.atlassian.crowd.embedded.spi.DirectoryDao directoryDao, BatchConfigParser batchConfigParser)
-
-
Method Details
-
getDirectoryId
public long getDirectoryId()- Specified by:
getDirectoryIdin interfaceRemoteDirectory- Overrides:
getDirectoryIdin classAbstractForwardingDirectory
-
setDirectoryId
public void setDirectoryId(long directoryId) - Specified by:
setDirectoryIdin interfaceRemoteDirectory- Overrides:
setDirectoryIdin classAbstractForwardingDirectory
-
getDescriptiveName
- Specified by:
getDescriptiveNamein interfaceRemoteDirectory- Overrides:
getDescriptiveNamein classAbstractForwardingDirectory
-
setAttributes
- Specified by:
setAttributesin interfaceRemoteDirectory- Overrides:
setAttributesin classAbstractForwardingDirectory
-
authenticate
public User authenticate(String name, PasswordCredential credential) throws UserNotFoundException, InactiveAccountException, InvalidAuthenticationException, ExpiredCredentialException, OperationFailedException - Specified by:
authenticatein interfaceRemoteDirectory- Overrides:
authenticatein classAbstractForwardingDirectory- Throws:
UserNotFoundExceptionInactiveAccountExceptionInvalidAuthenticationExceptionExpiredCredentialExceptionOperationFailedException
-
authenticateAndUpdateInternalUser
protected User authenticateAndUpdateInternalUser(String name, PasswordCredential credential) throws UserNotFoundException, InactiveAccountException, InvalidAuthenticationException, ExpiredCredentialException, OperationFailedException Authenticates user and ensures that internal directory contains the authenticated user.Updates user data (including groups membership) if the user exists in the internal directory. Renames user if necessary. If user does not exists tries to add the user and the user's memberships in the internal directory.
User might not exist in the internal directory yet because the user was added after the latest synchronisation. This happens for example when the remote directory uses delegated authentication, and creates users on successful authentication.
- Parameters:
name- of the usercredential- credential of the user- Returns:
- The populated user if the authentication is valid.
- Throws:
UserNotFoundException- if the user does not existExpiredCredentialException- if the password has expired and the user is required to change their passwordInactiveAccountException- if the user account is not activeInvalidAuthenticationException- if the user name/password combination is invalidOperationFailedException- if the operation failed for any other reason
-
updateUserFromRemoteDirectory
public User updateUserFromRemoteDirectory(@Nonnull User remoteUser) throws OperationFailedException, UserNotFoundException - Specified by:
updateUserFromRemoteDirectoryin interfaceRemoteDirectory- Overrides:
updateUserFromRemoteDirectoryin classAbstractForwardingDirectory- Throws:
OperationFailedExceptionUserNotFoundException
-
userAuthenticated
public User userAuthenticated(String username) throws OperationFailedException, UserNotFoundException, InactiveAccountException - Specified by:
userAuthenticatedin interfaceRemoteDirectory- Throws:
OperationFailedExceptionUserNotFoundExceptionInactiveAccountException
-
checkIfUserCanBeUpdatedWithCurrentGroupFiltering
protected void checkIfUserCanBeUpdatedWithCurrentGroupFiltering(String username, Set<String> userRemoteGroupNames) throws OperationFailedException, UserNotFoundException -
updateUserAndSetActiveFlag
protected User updateUserAndSetActiveFlag(User remoteUser, User internalUser) throws UserNotFoundException, InvalidUserException, OperationFailedException -
updateGroupsMembershipOnLogin
protected void updateGroupsMembershipOnLogin(User user, Set<String> userRemoteGroupNames, Directory directory) throws OperationFailedException, UserNotFoundException -
addUser
public UserWithAttributes addUser(UserTemplateWithAttributes user, PasswordCredential credential) throws InvalidUserException, InvalidCredentialException, UserAlreadyExistsException, OperationFailedException - Specified by:
addUserin interfaceRemoteDirectory- Overrides:
addUserin classAbstractForwardingDirectory- Throws:
InvalidUserExceptionInvalidCredentialExceptionUserAlreadyExistsExceptionOperationFailedException
-
updateUser
public User updateUser(UserTemplate user) throws InvalidUserException, UserNotFoundException, OperationFailedException - Specified by:
updateUserin interfaceRemoteDirectory- Overrides:
updateUserin classAbstractForwardingDirectory- Throws:
InvalidUserExceptionUserNotFoundExceptionOperationFailedException
-
updateUserCredential
public void updateUserCredential(String username, PasswordCredential credential) throws UserNotFoundException, InvalidCredentialException, OperationFailedException - Specified by:
updateUserCredentialin interfaceRemoteDirectory- Overrides:
updateUserCredentialin classAbstractForwardingDirectory- Throws:
UserNotFoundExceptionInvalidCredentialExceptionOperationFailedException
-
renameUser
public User renameUser(String oldName, String newName) throws UserNotFoundException, InvalidUserException, OperationFailedException, UserAlreadyExistsException - Specified by:
renameUserin interfaceRemoteDirectory- Overrides:
renameUserin classAbstractForwardingDirectory- Throws:
UserNotFoundExceptionInvalidUserExceptionOperationFailedExceptionUserAlreadyExistsException
-
storeUserAttributes
public void storeUserAttributes(String username, Map<String, Set<String>> attributes) throws UserNotFoundException, OperationFailedException- Specified by:
storeUserAttributesin interfaceRemoteDirectory- Overrides:
storeUserAttributesin classAbstractForwardingDirectory- Throws:
UserNotFoundExceptionOperationFailedException
-
removeUserAttributes
public void removeUserAttributes(String username, String attributeName) throws UserNotFoundException, OperationFailedException - Specified by:
removeUserAttributesin interfaceRemoteDirectory- Overrides:
removeUserAttributesin classAbstractForwardingDirectory- Throws:
UserNotFoundExceptionOperationFailedException
-
removeUser
- Specified by:
removeUserin interfaceRemoteDirectory- Overrides:
removeUserin classAbstractForwardingDirectory- Throws:
UserNotFoundExceptionOperationFailedException
-
addGroup
- Specified by:
addGroupin interfaceRemoteDirectory- Overrides:
addGroupin classAbstractForwardingDirectory- Throws:
InvalidGroupExceptionOperationFailedException
-
updateGroup
public Group updateGroup(GroupTemplate group) throws InvalidGroupException, GroupNotFoundException, OperationFailedException, ReadOnlyGroupException - Specified by:
updateGroupin interfaceRemoteDirectory- Overrides:
updateGroupin classAbstractForwardingDirectory- Throws:
InvalidGroupExceptionGroupNotFoundExceptionOperationFailedExceptionReadOnlyGroupException
-
renameGroup
public Group renameGroup(String oldName, String newName) throws GroupNotFoundException, InvalidGroupException - Specified by:
renameGroupin interfaceRemoteDirectory- Overrides:
renameGroupin classAbstractForwardingDirectory- Throws:
GroupNotFoundExceptionInvalidGroupException
-
storeGroupAttributes
public void storeGroupAttributes(String groupName, Map<String, Set<String>> attributes) throws GroupNotFoundException, OperationFailedException- Specified by:
storeGroupAttributesin interfaceRemoteDirectory- Overrides:
storeGroupAttributesin classAbstractForwardingDirectory- Throws:
GroupNotFoundExceptionOperationFailedException
-
removeGroupAttributes
public void removeGroupAttributes(String groupName, String attributeName) throws GroupNotFoundException, OperationFailedException - Specified by:
removeGroupAttributesin interfaceRemoteDirectory- Overrides:
removeGroupAttributesin classAbstractForwardingDirectory- Throws:
GroupNotFoundExceptionOperationFailedException
-
removeGroup
public void removeGroup(String name) throws GroupNotFoundException, OperationFailedException, ReadOnlyGroupException - Specified by:
removeGroupin interfaceRemoteDirectory- Overrides:
removeGroupin classAbstractForwardingDirectory- Throws:
GroupNotFoundExceptionOperationFailedExceptionReadOnlyGroupException
-
addUserToGroup
public void addUserToGroup(String username, String groupName) throws GroupNotFoundException, UserNotFoundException, OperationFailedException, ReadOnlyGroupException, MembershipAlreadyExistsException - Specified by:
addUserToGroupin interfaceRemoteDirectory- Overrides:
addUserToGroupin classAbstractForwardingDirectory- Throws:
GroupNotFoundExceptionUserNotFoundExceptionOperationFailedExceptionReadOnlyGroupExceptionMembershipAlreadyExistsException
-
addGroupToGroup
public void addGroupToGroup(String childGroup, String parentGroup) throws GroupNotFoundException, InvalidMembershipException, OperationFailedException, ReadOnlyGroupException, MembershipAlreadyExistsException - Specified by:
addGroupToGroupin interfaceRemoteDirectory- Overrides:
addGroupToGroupin classAbstractForwardingDirectory- Throws:
GroupNotFoundExceptionInvalidMembershipExceptionOperationFailedExceptionReadOnlyGroupExceptionMembershipAlreadyExistsException
-
removeUserFromGroup
public void removeUserFromGroup(String username, String groupName) throws GroupNotFoundException, UserNotFoundException, MembershipNotFoundException, OperationFailedException, ReadOnlyGroupException - Specified by:
removeUserFromGroupin interfaceRemoteDirectory- Overrides:
removeUserFromGroupin classAbstractForwardingDirectory- Throws:
GroupNotFoundExceptionUserNotFoundExceptionMembershipNotFoundExceptionOperationFailedExceptionReadOnlyGroupException
-
removeGroupFromGroup
public void removeGroupFromGroup(String childGroup, String parentGroup) throws GroupNotFoundException, InvalidMembershipException, MembershipNotFoundException, OperationFailedException, ReadOnlyGroupException - Specified by:
removeGroupFromGroupin interfaceRemoteDirectory- Overrides:
removeGroupFromGroupin classAbstractForwardingDirectory- Throws:
GroupNotFoundExceptionInvalidMembershipExceptionMembershipNotFoundExceptionOperationFailedExceptionReadOnlyGroupException
-
testConnection
- Specified by:
testConnectionin interfaceRemoteDirectory- Overrides:
testConnectionin classAbstractForwardingDirectory- Throws:
OperationFailedException
-
supportsInactiveAccounts
public boolean supportsInactiveAccounts()This implementation will store the active flag locally in the internal directory if local user status is enabled and if the active flag cannot be persisted on the underlying remote directory.- Specified by:
supportsInactiveAccountsin interfaceRemoteDirectory- Overrides:
supportsInactiveAccountsin classAbstractForwardingDirectory- Returns:
- true if the internal directory supports inactive accounts (which it should always do).
-
supportsNestedGroups
public boolean supportsNestedGroups()- Specified by:
supportsNestedGroupsin interfaceRemoteDirectory- Overrides:
supportsNestedGroupsin classAbstractForwardingDirectory
-
supportsPasswordExpiration
public boolean supportsPasswordExpiration()- Specified by:
supportsPasswordExpirationin interfaceRemoteDirectory- Overrides:
supportsPasswordExpirationin classAbstractForwardingDirectory
-
supportsSettingEncryptedCredential
public boolean supportsSettingEncryptedCredential()- Specified by:
supportsSettingEncryptedCredentialin interfaceRemoteDirectory- Overrides:
supportsSettingEncryptedCredentialin classAbstractForwardingDirectory
-
isRolesDisabled
public boolean isRolesDisabled()- Specified by:
isRolesDisabledin interfaceRemoteDirectory- Overrides:
isRolesDisabledin classAbstractForwardingDirectory
-
shouldSyncGroupMembershipAfterUserAuthentication
protected boolean shouldSyncGroupMembershipAfterUserAuthentication(boolean isNewUser) - Parameters:
isNewUser- true if the user was created during authentication (ie. wasn't synced yet, and was created during this authentication)- Returns:
- whether the user's group memberships should be synced during this authentication
- See Also:
-
getValues
- Specified by:
getValuesin interfaceAttributes- Overrides:
getValuesin classAbstractForwardingDirectory
-
getValue
- Specified by:
getValuein interfaceAttributes- Overrides:
getValuein classAbstractForwardingDirectory
-
isEmpty
public boolean isEmpty()- Specified by:
isEmptyin interfaceAttributes- Overrides:
isEmptyin classAbstractForwardingDirectory
-
getKeys
- Specified by:
getKeysin interfaceAttributes- Overrides:
getKeysin classAbstractForwardingDirectory
-
isIncrementalSyncEnabled
public boolean isIncrementalSyncEnabled()- Specified by:
isIncrementalSyncEnabledin interfaceSynchronisableDirectory
-
synchroniseCache
public void synchroniseCache(SynchronisationMode mode, SynchronisationStatusManager synchronisationStatusManager) throws OperationFailedException - Specified by:
synchroniseCachein interfaceSynchronisableDirectory- Throws:
OperationFailedException
-
getAuthoritativeDirectory
- Specified by:
getAuthoritativeDirectoryin interfaceRemoteDirectory- Overrides:
getAuthoritativeDirectoryin classAbstractForwardingDirectory
-
expireAllPasswords
- Specified by:
expireAllPasswordsin interfaceRemoteDirectory- Overrides:
expireAllPasswordsin classAbstractForwardingDirectory- Throws:
OperationFailedException
-
getUserCount
- Specified by:
getUserCountin interfaceFastEntityCountProvider- Throws:
OperationFailedException
-
getGroupCount
- Specified by:
getGroupCountin interfaceFastEntityCountProvider- Throws:
OperationFailedException
-
getDelegate
- Specified by:
getDelegatein classAbstractForwardingDirectory
-
searchGroupRelationshipsGroupedByName
- Specified by:
searchGroupRelationshipsGroupedByNamein interfaceMultiValuesQueriesSupport
-