Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.atlassian.crowd.directory
Class SpringLDAPConnector

java.lang.Object
  extended by com.atlassian.crowd.directory.SpringLDAPConnector
All Implemented Interfaces:
LDAPDirectory, RemoteDirectory, Attributes
Direct Known Subclasses:
RFC2307Directory, RFC4519Directory
public abstract class SpringLDAPConnector
extends java.lang.Object
implements LDAPDirectory

This class implements a remote LDAP directory using Spring LdapTemplate.

Warning: CWD-2494: When read timeout is enabled, operations can fail randomly with "javax.naming.NamingException: LDAP response read timed out..." error message without waiting for the timeout to pass.

Field Summary
protected  AttributeValuesHolder attributes
           
protected  org.springframework.ldap.core.ContextSource contextSource
           
protected  org.springframework.ldap.transaction.compensating.manager.ContextSourceTransactionManager contextSourceTransactionManager
           
static int DEFAULT_PAGE_SIZE
           
protected  com.atlassian.event.api.EventPublisher eventPublisher
           
protected  LDAPPropertiesMapper ldapPropertiesMapper
           
protected  LDAPQueryTranslater ldapQueryTranslater
           
protected  LdapTemplateWithClassLoaderWrapper ldapTemplate
           
protected  Converter nameConverter
           
protected  SearchDN searchDN
           
 
Constructor Summary
SpringLDAPConnector(LDAPQueryTranslater ldapQueryTranslater, com.atlassian.event.api.EventPublisher eventPublisher, InstanceFactory instanceFactory)
           
 
Method Summary
protected  void addDefaultSnToUserAttributes(javax.naming.directory.Attributes attrs, java.lang.String defaultSnValue)
          A default install of many directory servers (inc.
protected  void addDefaultValueToUserAttributesForAttribute(java.lang.String attributeName, javax.naming.directory.Attributes attrs, java.lang.String defaultValue)
           
 Group addGroup(GroupTemplate group)
           
 LDAPUserWithAttributes addUser(UserTemplate user, PasswordCredential credential)
          Adds a user to LDAP.
protected  javax.naming.ldap.LdapName asLdapGroupName(java.lang.String dn, java.lang.String groupName)
          Convenience method to convert group DN to LdapName, throwing a GNFE with the supplied group name if unable to construct the LdapName.
protected
<T extends LDAPDirectoryEntity>
javax.naming.ldap.LdapName
asLdapName(java.lang.String dn, java.lang.String entityName, java.lang.Class<T> entityClass)
          This method is required to wrap DN's into LdapNames as spring-ldap doesn't correctly handle operations with String dn arguments.
protected  javax.naming.ldap.LdapName asLdapUserName(java.lang.String dn, java.lang.String userName)
          Convenience method to convert user DN to LdapName, throwing a GNFE with the supplied user name if unable to construct the LdapName.
 User authenticate(java.lang.String name, PasswordCredential credential)
           
protected abstract  java.lang.Object encodePassword(java.lang.String unencodedPassword)
          Given an plain-text password, encodes/encrypts it according to the settings required by the particular directory connector.
<T extends LDAPDirectoryEntity>
T
findEntityByDN(java.lang.String dn, java.lang.Class<T> entityClass)
          Finds a directory entity (principal, group or role) by their distinguished name.
protected
<T extends LDAPDirectoryEntity>
T
findEntityByDN(java.lang.String dn, java.lang.String baseDN, java.lang.String filter, org.springframework.ldap.core.ContextMapper contextMapper, java.lang.Class<T> entityClass)
           
 LDAPGroupWithAttributes findGroupByName(java.lang.String name)
           
protected  LDAPGroupWithAttributes findGroupByNameAndType(java.lang.String name, GroupType groupType)
           
 LDAPGroupWithAttributes findGroupWithAttributesByName(java.lang.String name)
           
 LDAPUserWithAttributes findUserByName(java.lang.String name)
           
 LDAPUserWithAttributes findUserWithAttributesByName(java.lang.String name)
           
 boolean getAttributeAsBoolean(java.lang.String name, boolean defaultValue)
           
 long getAttributeAsLong(java.lang.String name, long defaultValue)
           
 RemoteDirectory getAuthoritativeDirectory()
           
protected  java.util.Map<java.lang.String,java.lang.String> getBaseEnvironmentProperties()
          Returns the properties used to set up the Ldap ContextSource.
 org.springframework.ldap.core.ContextSource getContextSource()
          Exposed so that delegated directories can get a handle on the underlying LDAP context.
protected  java.util.List<AttributeMapper> getCustomGroupAttributeMappers()
          As a minimum, this SHOULD provide an attribute mapper that maps the group members attribute (if available).
protected  java.util.List<AttributeMapper> getCustomUserAttributeMappers()
           
 long getDirectoryId()
           
protected  Encoder getEncoder()
          Returns an Encoder that escapes LDAP special characters for use in object names and in DNs.
 org.springframework.ldap.core.ContextMapper getGroupContextMapper(GroupType groupType)
          Returns a ContextMapper ready to translate LDAP objects into Groups and fetches all member objects.
protected  java.lang.String getInitialGroupMemberDN()
          Returns the default container member DN.
 java.util.Set<java.lang.String> getKeys()
           
 LDAPPropertiesMapper getLdapPropertiesMapper()
           
 java.lang.Iterable<Membership> getMemberships()
           
protected  javax.naming.directory.Attributes getNewGroupAttributes(Group group)
           
protected  void getNewGroupDirectorySpecificAttributes(Group group, javax.naming.directory.Attributes attributes)
          Populates attributes object with directory-specific attributes.
protected  javax.naming.directory.Attributes getNewUserAttributes(User user, PasswordCredential credential)
          Translates the User into LDAP attributes, in preparation for creating a new user.
protected  void getNewUserDirectorySpecificAttributes(User user, javax.naming.directory.Attributes attributes)
          Populates attributes object with directory-specific attributes.
 SearchDN getSearchDN()
           
protected  java.lang.String getStandardisedDN(javax.naming.Name dn)
           
protected  javax.naming.directory.SearchControls getSubTreeSearchControl()
           
 org.springframework.ldap.core.ContextMapper getUserContextMapper()
          Returns a ContextMapper that can transform a Context into a User.
 java.lang.String getValue(java.lang.String name)
           
 java.util.Set<java.lang.String> getValues(java.lang.String name)
           
 boolean isEmpty()
           
 boolean isRolesDisabled()
           
protected  org.springframework.ldap.core.CollectingNameClassPairCallbackHandler pageSearchResults(javax.naming.Name baseDN, java.lang.String filter, org.springframework.ldap.core.ContextMapper contextMapper, javax.naming.directory.SearchControls searchControls, org.springframework.ldap.core.DirContextProcessor ldapRequestControls, int maxResults)
          Performs a paged results search on an LDAP directory server searching using the LDAP paged results control option to fetch results in chunks rather than all at once.
protected  java.util.List<LDAPGroupWithAttributes> postprocessGroups(java.util.List<LDAPGroupWithAttributes> groups)
          Perform any post-processing on groups.
 void removeGroup(java.lang.String name)
           
 void removeGroupAttributes(java.lang.String groupName, java.lang.String attributeName)
           
 void removeUser(java.lang.String name)
           
 void removeUserAttributes(java.lang.String username, java.lang.String attributeName)
           
 Group renameGroup(java.lang.String oldName, java.lang.String newName)
           
 User renameUser(java.lang.String oldName, java.lang.String newName)
           
protected  java.util.List searchEntities(javax.naming.Name baseDN, java.lang.String filter, org.springframework.ldap.core.ContextMapper contextMapper, int startIndex, int maxResults)
          Executes a search with paging if paged results is supported.
protected  java.util.List searchEntitiesWithRequestControls(javax.naming.Name baseDN, java.lang.String filter, org.springframework.ldap.core.ContextMapper contextMapper, javax.naming.directory.SearchControls searchControls, org.springframework.ldap.core.DirContextProcessor ldapRequestControls, int startIndex, int maxResults)
           
protected  java.util.List<LDAPGroupWithAttributes> searchGroupObjects(EntityQuery query)
           
protected  java.util.List<LDAPGroupWithAttributes> searchGroupObjectsOfSpecifiedGroupType(EntityQuery query)
          This method expects that the query contains a non-null groupType in the entityDescriptor.
<T> java.util.List<T>
searchGroupRelationships(MembershipQuery<T> query)
           
protected abstract
<T> java.util.List<T>
searchGroupRelationshipsWithGroupTypeSpecified(MembershipQuery<T> query)
          Execute the search for group relationships given that a group of type GROUP or LEGACY_ROLE has been specified in the EntityDescriptor for the group(s).
<T> java.util.List<T>
searchGroups(EntityQuery<T> query)
           
protected  java.util.List<LDAPUserWithAttributes> searchUserObjects(EntityQuery query)
           
<T> java.util.List<T>
searchUsers(EntityQuery<T> query)
           
 void setAttributes(java.util.Map<java.lang.String,java.lang.String> attributes)
          Called by the DirectoryInstanceLoader after constructing an InternalDirectory.
 void setDirectoryId(long id)
          Called by the DirectoryInstanceLoader after constructing an InternalDirectory.
 void storeGroupAttributes(java.lang.String groupName, java.util.Map<java.lang.String,java.util.Set<java.lang.String>> attributes)
           
 void storeUserAttributes(java.lang.String username, java.util.Map<java.lang.String,java.util.Set<java.lang.String>> attributes)
           
 boolean supportsInactiveAccounts()
          Storing active/inactive flag for users in LDAP is currently not supported.
 boolean supportsNestedGroups()
           
 void testConnection()
           
protected
<T extends LDAPDirectoryEntity>
java.lang.RuntimeException
typedEntityNotFoundException(java.lang.String name, java.lang.Class<T> entityClass)
           
 Group updateGroup(GroupTemplate group)
           
 User updateUser(UserTemplate user)
           
 void updateUserCredential(java.lang.String name, PasswordCredential credential)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface com.atlassian.crowd.directory.RemoteDirectory
addGroupToGroup, addUserToGroup, getDescriptiveName, isGroupDirectGroupMember, isUserDirectGroupMember, removeGroupFromGroup, removeUserFromGroup
 

Field Detail

DEFAULT_PAGE_SIZE

public static final int DEFAULT_PAGE_SIZE
See Also:
Constant Field Values

attributes

protected volatile AttributeValuesHolder attributes

ldapTemplate

protected volatile LdapTemplateWithClassLoaderWrapper ldapTemplate

contextSource

protected volatile org.springframework.ldap.core.ContextSource contextSource

nameConverter

protected volatile Converter nameConverter

searchDN

protected volatile SearchDN searchDN

ldapPropertiesMapper

protected volatile LDAPPropertiesMapper ldapPropertiesMapper

contextSourceTransactionManager

protected volatile org.springframework.ldap.transaction.compensating.manager.ContextSourceTransactionManager contextSourceTransactionManager

ldapQueryTranslater

protected final LDAPQueryTranslater ldapQueryTranslater

eventPublisher

protected final com.atlassian.event.api.EventPublisher eventPublisher
Constructor Detail

SpringLDAPConnector

public SpringLDAPConnector(LDAPQueryTranslater ldapQueryTranslater,
                           com.atlassian.event.api.EventPublisher eventPublisher,
                           InstanceFactory instanceFactory)
Method Detail

getDirectoryId

public long getDirectoryId()
Specified by:
getDirectoryId in interface RemoteDirectory

setDirectoryId

public void setDirectoryId(long id)
Called by the DirectoryInstanceLoader after constructing an InternalDirectory.

Specified by:
setDirectoryId in interface RemoteDirectory
Parameters:
id - The unique id of the Directory stored in the database.

setAttributes

public void setAttributes(java.util.Map<java.lang.String,java.lang.String> attributes)
Called by the DirectoryInstanceLoader after constructing an InternalDirectory.

Specified by:
setAttributes in interface RemoteDirectory
Parameters:
attributes - attributes map.

getContextSource

public org.springframework.ldap.core.ContextSource getContextSource()
Exposed so that delegated directories can get a handle on the underlying LDAP context.

Returns:
ContextSource.

getLdapPropertiesMapper

public LDAPPropertiesMapper getLdapPropertiesMapper()

getValues

public java.util.Set<java.lang.String> getValues(java.lang.String name)
Specified by:
getValues in interface Attributes

getValue

public java.lang.String getValue(java.lang.String name)
Specified by:
getValue in interface Attributes

isEmpty

public boolean isEmpty()
Specified by:
isEmpty in interface Attributes

getAttributeAsLong

public long getAttributeAsLong(java.lang.String name,
                               long defaultValue)

getAttributeAsBoolean

public boolean getAttributeAsBoolean(java.lang.String name,
                                     boolean defaultValue)

getKeys

public java.util.Set<java.lang.String> getKeys()
Specified by:
getKeys in interface Attributes

getSearchDN

public SearchDN getSearchDN()

getSubTreeSearchControl

protected javax.naming.directory.SearchControls getSubTreeSearchControl()

getEncoder

protected Encoder getEncoder()
Returns an Encoder that escapes LDAP special characters for use in object names and in DNs.

Returns:
an Encoder that escapes LDAP special characters for use in object names and in DNs.

getBaseEnvironmentProperties

protected java.util.Map<java.lang.String,java.lang.String> getBaseEnvironmentProperties()
Returns the properties used to set up the Ldap ContextSource.

Returns:
the properties used to set up the Ldap ContextSource.

pageSearchResults

protected org.springframework.ldap.core.CollectingNameClassPairCallbackHandler pageSearchResults(javax.naming.Name baseDN,
                                                                                                 java.lang.String filter,
                                                                                                 org.springframework.ldap.core.ContextMapper contextMapper,
                                                                                                 javax.naming.directory.SearchControls searchControls,
                                                                                                 org.springframework.ldap.core.DirContextProcessor ldapRequestControls,
                                                                                                 int maxResults)
                                                                                          throws OperationFailedException
Performs a paged results search on an LDAP directory server searching using the LDAP paged results control option to fetch results in chunks rather than all at once.

Parameters:
baseDN - The DN to beging the search from.
filter - The search filter.
contextMapper - Maps from LDAP search results into objects such as Groups.
searchControls - The LDAP search scope type.
ldapRequestControls - Any LDAP request controls (set to null if you do not need additional request controls for the search).
maxResults - maximum number of results to return. Set to -1 if no result limiting is desired (WARNING: doing so is obviously a hazard).
Returns:
The search results.
Throws:
OperationFailedException - Search failed due to a communication error to the remote directory

searchEntities

protected java.util.List searchEntities(javax.naming.Name baseDN,
                                        java.lang.String filter,
                                        org.springframework.ldap.core.ContextMapper contextMapper,
                                        int startIndex,
                                        int maxResults)
                                 throws OperationFailedException
Executes a search with paging if paged results is supported.

Parameters:
baseDN - base DN of search.
filter - encoded LDAP search filter.
contextMapper - directory context to object mapper.
startIndex - index to start at. Set to 0 to start from the first result.
maxResults - maximum number of results to return. Set to -1 if no result limiting is desired (WARNING: doing so is obviously a hazard).
Returns:
list of entities of type corresponding to the contextMapper's output.
Throws:
OperationFailedException - a Communication error occurred when trying to talk to a remote directory

searchEntitiesWithRequestControls

protected java.util.List searchEntitiesWithRequestControls(javax.naming.Name baseDN,
                                                           java.lang.String filter,
                                                           org.springframework.ldap.core.ContextMapper contextMapper,
                                                           javax.naming.directory.SearchControls searchControls,
                                                           org.springframework.ldap.core.DirContextProcessor ldapRequestControls,
                                                           int startIndex,
                                                           int maxResults)
                                                    throws OperationFailedException
Throws:
OperationFailedException

getUserContextMapper

public org.springframework.ldap.core.ContextMapper getUserContextMapper()
Returns a ContextMapper that can transform a Context into a User.

Returns:
a ContextMapper that can transform a Context into a User.

getCustomUserAttributeMappers

protected java.util.List<AttributeMapper> getCustomUserAttributeMappers()
Returns:
a collection of custom attribbute mappers. By default just return an empty list.

getGroupContextMapper

public org.springframework.ldap.core.ContextMapper getGroupContextMapper(GroupType groupType)
Returns a ContextMapper ready to translate LDAP objects into Groups and fetches all member objects.

Parameters:
groupType - the GroupType
Returns:
a ContextMapper ready to translate LDAP objects into Groups and fetches all member objects

getCustomGroupAttributeMappers

protected java.util.List<AttributeMapper> getCustomGroupAttributeMappers()
As a minimum, this SHOULD provide an attribute mapper that maps the group members attribute (if available).

Returns:
collection of custom attribute mappers (cannot be null but can be an empty list).

findUserByName

public LDAPUserWithAttributes findUserByName(java.lang.String name)
                                      throws UserNotFoundException,
                                             OperationFailedException
Specified by:
findUserByName in interface RemoteDirectory
Throws:
UserNotFoundException
OperationFailedException

findUserWithAttributesByName

public LDAPUserWithAttributes findUserWithAttributesByName(java.lang.String name)
                                                    throws UserNotFoundException,
                                                           OperationFailedException
Specified by:
findUserWithAttributesByName in interface RemoteDirectory
Throws:
UserNotFoundException
OperationFailedException

searchUserObjects

protected java.util.List<LDAPUserWithAttributes> searchUserObjects(EntityQuery query)
                                                            throws OperationFailedException,
                                                                   java.lang.IllegalArgumentException
Throws:
OperationFailedException
java.lang.IllegalArgumentException

removeUser

public void removeUser(java.lang.String name)
                throws UserNotFoundException,
                       OperationFailedException
Specified by:
removeUser in interface RemoteDirectory
Throws:
UserNotFoundException
OperationFailedException

updateUserCredential

public void updateUserCredential(java.lang.String name,
                                 PasswordCredential credential)
                          throws InvalidCredentialException,
                                 UserNotFoundException,
                                 OperationFailedException
Specified by:
updateUserCredential in interface RemoteDirectory
Throws:
InvalidCredentialException
UserNotFoundException
OperationFailedException

renameUser

public User renameUser(java.lang.String oldName,
                       java.lang.String newName)
                throws UserNotFoundException,
                       InvalidUserException,
                       OperationFailedException
Specified by:
renameUser in interface RemoteDirectory
Throws:
UserNotFoundException
InvalidUserException
OperationFailedException

storeUserAttributes

public void storeUserAttributes(java.lang.String username,
                                java.util.Map<java.lang.String,java.util.Set<java.lang.String>> attributes)
                         throws UserNotFoundException,
                                OperationFailedException
Specified by:
storeUserAttributes in interface RemoteDirectory
Throws:
UserNotFoundException
OperationFailedException

removeUserAttributes

public void removeUserAttributes(java.lang.String username,
                                 java.lang.String attributeName)
                          throws UserNotFoundException,
                                 OperationFailedException
Specified by:
removeUserAttributes in interface RemoteDirectory
Throws:
UserNotFoundException
OperationFailedException

getNewUserAttributes

protected javax.naming.directory.Attributes getNewUserAttributes(User user,
                                                                 PasswordCredential credential)
                                                          throws InvalidCredentialException,
                                                                 org.springframework.ldap.NamingException
Translates the User into LDAP attributes, in preparation for creating a new user.

Parameters:
user - The user object to translate into LDAP attributes
credential - raw password.
Returns:
An Attributes object populated with directory-specific information.
Throws:
InvalidCredentialException - The password, if supplied, was invalid in some manner.
org.springframework.ldap.NamingException - If the User could not be translated to an Attributes

getNewUserDirectorySpecificAttributes

protected void getNewUserDirectorySpecificAttributes(User user,
                                                     javax.naming.directory.Attributes attributes)
Populates attributes object with directory-specific attributes.

Overrider of this method can take advantage of the default group attributes mapping logic in {#getNewUserAttributes(User)}.

Note that the attribute values supplied here will be used raw. This entails that overrider is responsible for supplying values in a format supported by the directory. In some directory implementations, for example, a blank string ("") is considered illegal. Overrider thus would have to make sure the method does not generate a value as such.

Parameters:
user - (potential) source of information that needs to be added.
attributes - attributes to add directory-specific information to.

addUser

public LDAPUserWithAttributes addUser(UserTemplate user,
                                      PasswordCredential credential)
                               throws InvalidUserException,
                                      InvalidCredentialException,
                                      OperationFailedException
Adds a user to LDAP.

If the displayName on the user is blank, then the

Specified by:
addUser in interface RemoteDirectory
Parameters:
user - template of the user to add.
credential - password.
Returns:
LDAP user retrieved from LDAP after successfully adding the user to LDAP.
Throws:
InvalidUserException - if the user to create was deemed invalid by the LDAP server or already exists.
InvalidCredentialException - if the password credential was deemed invalid by the password encoder.
OperationFailedException - if we were unable to add the user to LDAP.

addDefaultSnToUserAttributes

protected void addDefaultSnToUserAttributes(javax.naming.directory.Attributes attrs,
                                            java.lang.String defaultSnValue)
A default install of many directory servers (inc. Sun DSEE 6.2 and Apache DS 1.0.2) requires the following to be set before user creation is allowed: objectClass -> inetorgperson cn -> sn -> If a call is being made from an external system (eg JIRA), the user is created with the bare minimum of attributes, then later updated. We need to make sure to add sn if it's not present in the information provided.

Parameters:
attrs - The LDAP user attributes to be checked and potentially updated.
defaultSnValue - default lastname/surname value

addDefaultValueToUserAttributesForAttribute

protected void addDefaultValueToUserAttributesForAttribute(java.lang.String attributeName,
                                                           javax.naming.directory.Attributes attrs,
                                                           java.lang.String defaultValue)

findEntityByDN

public <T extends LDAPDirectoryEntity> T findEntityByDN(java.lang.String dn,
                                                        java.lang.Class<T> entityClass)
                                             throws UserNotFoundException,
                                                    GroupNotFoundException,
                                                    OperationFailedException
Description copied from interface: LDAPDirectory
Finds a directory entity (principal, group or role) by their distinguished name.

The object class of an entity is used to determine the entity type.

If an object represents both a group and role, then the object is mapped to a group.

Specified by:
findEntityByDN in interface LDAPDirectory
Parameters:
dn - standardised distinguished name.
entityClass - class of the entity to find (either LDAPUserWithAttributes or LDAPGroupWithAttributes).
Returns:
directory entity corresponding to DN.
Throws:
UserNotFoundException - if a user does not exist at the specified DN or the DN does not exist in the directory. This will also be thrown if the entity DOES exist but does not match the base DN or object filter for the entity type.
GroupNotFoundException - if a user does not exist at the specified DN or the DN does not exist in the directory. This will also be thrown if the entity DOES exist but does not match the base DN or object filter for the entity type.
OperationFailedException - if underlying directory implementation failed to execute the operation.

typedEntityNotFoundException

protected <T extends LDAPDirectoryEntity> java.lang.RuntimeException typedEntityNotFoundException(java.lang.String name,
                                                                                                  java.lang.Class<T> entityClass)
                                                           throws UserNotFoundException,
                                                                  GroupNotFoundException
Throws:
UserNotFoundException
GroupNotFoundException

findEntityByDN

protected <T extends LDAPDirectoryEntity> T findEntityByDN(java.lang.String dn,
                                                           java.lang.String baseDN,
                                                           java.lang.String filter,
                                                           org.springframework.ldap.core.ContextMapper contextMapper,
                                                           java.lang.Class<T> entityClass)
                                                throws UserNotFoundException,
                                                       GroupNotFoundException,
                                                       OperationFailedException
Throws:
UserNotFoundException
GroupNotFoundException
OperationFailedException

updateUser

public User updateUser(UserTemplate user)
                throws UserNotFoundException,
                       OperationFailedException
Specified by:
updateUser in interface RemoteDirectory
Throws:
UserNotFoundException
OperationFailedException

searchUsers

public <T> java.util.List<T> searchUsers(EntityQuery<T> query)
                              throws OperationFailedException
Specified by:
searchUsers in interface RemoteDirectory
Throws:
OperationFailedException

authenticate

public User authenticate(java.lang.String name,
                         PasswordCredential credential)
                  throws InvalidAuthenticationException,
                         UserNotFoundException,
                         OperationFailedException
Specified by:
authenticate in interface RemoteDirectory
Throws:
InvalidAuthenticationException
UserNotFoundException
OperationFailedException

findGroupByName

public LDAPGroupWithAttributes findGroupByName(java.lang.String name)
                                        throws GroupNotFoundException,
                                               OperationFailedException
Specified by:
findGroupByName in interface RemoteDirectory
Throws:
GroupNotFoundException
OperationFailedException

findGroupWithAttributesByName

public LDAPGroupWithAttributes findGroupWithAttributesByName(java.lang.String name)
                                                      throws GroupNotFoundException,
                                                             OperationFailedException
Specified by:
findGroupWithAttributesByName in interface RemoteDirectory
Throws:
GroupNotFoundException
OperationFailedException

findGroupByNameAndType

protected LDAPGroupWithAttributes findGroupByNameAndType(java.lang.String name,
                                                         GroupType groupType)
                                                  throws GroupNotFoundException,
                                                         OperationFailedException
Throws:
GroupNotFoundException
OperationFailedException

searchGroupObjectsOfSpecifiedGroupType

protected java.util.List<LDAPGroupWithAttributes> searchGroupObjectsOfSpecifiedGroupType(EntityQuery query)
                                                                                  throws OperationFailedException
This method expects that the query contains a non-null groupType in the entityDescriptor.

Parameters:
query - search query.
Returns:
list of results.
Throws:
OperationFailedException - represents a Communication error when trying to talk to a remote directory

searchGroupObjects

protected java.util.List<LDAPGroupWithAttributes> searchGroupObjects(EntityQuery query)
                                                              throws OperationFailedException
Throws:
OperationFailedException

searchGroups

public <T> java.util.List<T> searchGroups(EntityQuery<T> query)
                               throws OperationFailedException
Specified by:
searchGroups in interface RemoteDirectory
Throws:
OperationFailedException

postprocessGroups

protected java.util.List<LDAPGroupWithAttributes> postprocessGroups(java.util.List<LDAPGroupWithAttributes> groups)
Perform any post-processing on groups.

Parameters:
groups - to post-process
Returns:
list of groups that have been processed if required

getNewGroupAttributes

protected javax.naming.directory.Attributes getNewGroupAttributes(Group group)
                                                           throws org.springframework.ldap.NamingException
Throws:
org.springframework.ldap.NamingException

getNewGroupDirectorySpecificAttributes

protected void getNewGroupDirectorySpecificAttributes(Group group,
                                                      javax.naming.directory.Attributes attributes)
Populates attributes object with directory-specific attributes.

Overrider of this method can take advantage of the default group attributes mapping logic in {#getNewGroupAttributes(Group)}.

Note that the attribute values supplied here will be used raw. This entails that overrider is responsible for supplying values in a format supported by the directory. In some directory implementations, for example, a blank string ("") is considered illegal. Overrider thus would have to make sure the method does not generate a value as such.

Parameters:
group - (potential) source of information that needs to be added.
attributes - attributes to add directory-specific information to.

getInitialGroupMemberDN

protected java.lang.String getInitialGroupMemberDN()
Returns the default container member DN.

If this method returns null or blank string, no member DN will be added.

Returns:
empty member.

addGroup

public Group addGroup(GroupTemplate group)
               throws InvalidGroupException,
                      OperationFailedException
Specified by:
addGroup in interface RemoteDirectory
Throws:
InvalidGroupException
OperationFailedException

updateGroup

public Group updateGroup(GroupTemplate group)
                  throws GroupNotFoundException,
                         OperationFailedException
Specified by:
updateGroup in interface RemoteDirectory
Throws:
GroupNotFoundException
OperationFailedException

removeGroup

public void removeGroup(java.lang.String name)
                 throws GroupNotFoundException,
                        OperationFailedException
Specified by:
removeGroup in interface RemoteDirectory
Throws:
GroupNotFoundException
OperationFailedException

renameGroup

public Group renameGroup(java.lang.String oldName,
                         java.lang.String newName)
                  throws GroupNotFoundException,
                         InvalidGroupException,
                         OperationFailedException
Specified by:
renameGroup in interface RemoteDirectory
Throws:
GroupNotFoundException
InvalidGroupException
OperationFailedException

storeGroupAttributes

public void storeGroupAttributes(java.lang.String groupName,
                                 java.util.Map<java.lang.String,java.util.Set<java.lang.String>> attributes)
                          throws GroupNotFoundException,
                                 OperationFailedException
Specified by:
storeGroupAttributes in interface RemoteDirectory
Throws:
GroupNotFoundException
OperationFailedException

removeGroupAttributes

public void removeGroupAttributes(java.lang.String groupName,
                                  java.lang.String attributeName)
                           throws GroupNotFoundException,
                                  OperationFailedException
Specified by:
removeGroupAttributes in interface RemoteDirectory
Throws:
GroupNotFoundException
OperationFailedException

searchGroupRelationships

public <T> java.util.List<T> searchGroupRelationships(MembershipQuery<T> query)
                                           throws OperationFailedException
Specified by:
searchGroupRelationships in interface RemoteDirectory
Throws:
OperationFailedException

searchGroupRelationshipsWithGroupTypeSpecified

protected abstract <T> java.util.List<T> searchGroupRelationshipsWithGroupTypeSpecified(MembershipQuery<T> query)
                                                                             throws OperationFailedException
Execute the search for group relationships given that a group of type GROUP or LEGACY_ROLE has been specified in the EntityDescriptor for the group(s).

Parameters:
query - membership query with all GroupType's not null.
Returns:
list of members or memberships depending on the query.
Throws:
OperationFailedException - if the operation failed due to a communication error with the remote directory, or if the query is invalid

encodePassword

protected abstract java.lang.Object encodePassword(java.lang.String unencodedPassword)
                                            throws InvalidCredentialException
Given an plain-text password, encodes/encrypts it according to the settings required by the particular directory connector. Return type should be either String or byte[].

Parameters:
unencodedPassword - The password to be transformed
Returns:
An encoded password, suitable for passing to the directory.
Throws:
InvalidCredentialException - If the password could not be converted.

supportsNestedGroups

public boolean supportsNestedGroups()
Specified by:
supportsNestedGroups in interface RemoteDirectory

isRolesDisabled

public boolean isRolesDisabled()
Specified by:
isRolesDisabled in interface RemoteDirectory

testConnection

public void testConnection()
                    throws OperationFailedException
Specified by:
testConnection in interface RemoteDirectory
Throws:
OperationFailedException

getStandardisedDN

protected java.lang.String getStandardisedDN(javax.naming.Name dn)
                                      throws OperationFailedException
Throws:
OperationFailedException

asLdapName

protected <T extends LDAPDirectoryEntity> javax.naming.ldap.LdapName asLdapName(java.lang.String dn,
                                                                                java.lang.String entityName,
                                                                                java.lang.Class<T> entityClass)
                                         throws UserNotFoundException,
                                                GroupNotFoundException
This method is required to wrap DN's into LdapNames as spring-ldap doesn't correctly handle operations with String dn arguments.

This mainly affects the escaping of slashes in DNs.

The resulting javax.naming.Name is not designed to be used for caching or comparisons, rather, it is to be used for direct calls into spring-ldap's ldapTemplate.

Parameters:
dn - string version of DN.
entityName - used if NotFoundException needs to be thrown.
entityClass - in case there is a problem converting the dn into an LdapName a NotFoundException of this type (group/user) will be thrown. Must implement User or Group, otherwise an IllegalArgumentException will be thrown.
Returns:
LdapName for use with spring-ldap.
Throws:
UserNotFoundException - unable to construct LdapName for User.
GroupNotFoundException - unable to construct LdapName for Group.

asLdapGroupName

protected javax.naming.ldap.LdapName asLdapGroupName(java.lang.String dn,
                                                     java.lang.String groupName)
                                              throws GroupNotFoundException
Convenience method to convert group DN to LdapName, throwing a GNFE with the supplied group name if unable to construct the LdapName.

Parameters:
dn - DN of the Group.
groupName - for GNFE exception.
Returns:
LdapName for DN.
Throws:
GroupNotFoundException - unable to construct LdapName.

asLdapUserName

protected javax.naming.ldap.LdapName asLdapUserName(java.lang.String dn,
                                                    java.lang.String userName)
                                             throws UserNotFoundException
Convenience method to convert user DN to LdapName, throwing a GNFE with the supplied user name if unable to construct the LdapName.

Parameters:
dn - DN of the User.
userName - for GNFE exception.
Returns:
LdapName for DN.
Throws:
UserNotFoundException - unable to construct LdapName.

supportsInactiveAccounts

public boolean supportsInactiveAccounts()
Storing active/inactive flag for users in LDAP is currently not supported.

Specified by:
supportsInactiveAccounts in interface RemoteDirectory
Returns:
false

getAuthoritativeDirectory

public RemoteDirectory getAuthoritativeDirectory()
Specified by:
getAuthoritativeDirectory in interface RemoteDirectory

getMemberships

public java.lang.Iterable<Membership> getMemberships()
                                              throws OperationFailedException
Specified by:
getMemberships in interface RemoteDirectory
Throws:
OperationFailedException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2012 Atlassian. All Rights Reserved.