List of usage examples for javax.naming.directory DirContext ADD_ATTRIBUTE
int ADD_ATTRIBUTE
To view the source code for javax.naming.directory DirContext ADD_ATTRIBUTE.
Click Source Link
From source file:org.nuxeo.ecm.directory.ldap.LDAPReference.java
/** * Store new links using the LDAP staticAttributeId strategy. * * @see org.nuxeo.ecm.directory.Reference#addLinks(List, String) */// ww w . ja v a 2 s . co m @Override public void addLinks(List<String> sourceIds, String targetId) throws DirectoryException { String attributeId = getStaticAttributeId(); if (attributeId == null && !sourceIds.isEmpty()) { log.warn("trying to edit a non-static reference: ignoring"); return; } LDAPDirectory ldapTargetDirectory = (LDAPDirectory) getTargetDirectory(); LDAPDirectory ldapSourceDirectory = (LDAPDirectory) getSourceDirectory(); String emptyRefMarker = ldapSourceDirectory.getDescriptor().getEmptyRefMarker(); try (LDAPSession targetSession = (LDAPSession) ldapTargetDirectory.getSession(); LDAPSession sourceSession = (LDAPSession) ldapSourceDirectory.getSession()) { if (!sourceSession.isReadOnly()) { // compute the target dn to add to all the matching source // entries SearchResult ldapEntry = targetSession.getLdapEntry(targetId); if (ldapEntry == null) { throw new DirectoryException( String.format("could not add links to unexisting %s in directory %s", targetId, ldapTargetDirectory.getName())); } String targetAttributeValue; if (staticAttributeIdIsDn) { targetAttributeValue = ldapEntry.getNameInNamespace(); } else { targetAttributeValue = targetId; } for (String sourceId : sourceIds) { // fetch the entry to be able to run the security policy // implemented in an entry adaptor DocumentModel sourceEntry = sourceSession.getEntry(sourceId, false); if (sourceEntry == null) { log.warn(String.format( "entry %s in directory %s not found: could not add link to %s in directory %s", sourceId, ldapSourceDirectory.getName(), targetId, ldapTargetDirectory.getName())); continue; } if (BaseSession.isReadOnlyEntry(sourceEntry)) { // skip this entry since it cannot be edited to add the // reference to targetId log.warn(String.format( "entry %s in directory %s is readonly: could not add link to %s in directory %s", sourceId, ldapSourceDirectory.getName(), targetId, ldapTargetDirectory.getName())); continue; } ldapEntry = sourceSession.getLdapEntry(sourceId); String sourceDn = ldapEntry.getNameInNamespace(); Attribute storedAttr = ldapEntry.getAttributes().get(attributeId); if (storedAttr.contains(targetAttributeValue)) { // no need to readd continue; } try { // add the new dn Attributes attrs = new BasicAttributes(attributeId, targetAttributeValue); if (log.isDebugEnabled()) { log.debug(String.format( "LDAPReference.addLinks([%s], %s): LDAP modifyAttributes dn='%s'" + " mod_op='ADD_ATTRIBUTE' attrs='%s' [%s]", StringUtils.join(sourceIds, ", "), targetId, sourceDn, attrs, this)); } sourceSession.dirContext.modifyAttributes(sourceDn, DirContext.ADD_ATTRIBUTE, attrs); // robustly clean any existing empty marker now that we // are sure that the list in not empty if (storedAttr.contains(emptyRefMarker)) { Attributes cleanAttrs = new BasicAttributes(attributeId, emptyRefMarker); if (log.isDebugEnabled()) { log.debug(String.format( "LDAPReference.addLinks(%s, %s): LDAP modifyAttributes dn='%s'" + " mod_op='REMOVE_ATTRIBUTE' attrs='%s' [%s]", StringUtils.join(sourceIds, ", "), targetId, sourceDn, cleanAttrs.toString(), this)); } sourceSession.dirContext.modifyAttributes(sourceDn, DirContext.REMOVE_ATTRIBUTE, cleanAttrs); } } catch (SchemaViolationException e) { if (isDynamic()) { // we are editing an entry that has no static part log.warn(String.format("cannot add dynamic reference in field %s for target %s", getFieldName(), targetId)); } else { // this is a real schema configuration problem, // wrap the exception throw new DirectoryException(e); } } } } } catch (NamingException e) { throw new DirectoryException("addLinks failed: " + e.getMessage(), e); } }
From source file:org.nuxeo.ecm.directory.ldap.LDAPReference.java
/** * Remove existing statically defined links for the given target id (dynamic references remain unaltered) * * @see org.nuxeo.ecm.directory.Reference#removeLinksForTarget(String) *///from w ww.j av a 2 s . c o m @Override public void removeLinksForTarget(String targetId) throws DirectoryException { if (!isStatic()) { // nothing to do: dynamic references cannot be updated return; } LDAPDirectory ldapTargetDirectory = (LDAPDirectory) getTargetDirectory(); LDAPDirectory ldapSourceDirectory = (LDAPDirectory) getSourceDirectory(); String attributeId = getStaticAttributeId(); try (LDAPSession targetSession = (LDAPSession) ldapTargetDirectory.getSession(); LDAPSession sourceSession = (LDAPSession) ldapSourceDirectory.getSession()) { if (!sourceSession.isReadOnly()) { // get the dn of the target that matches targetId String targetAttributeValue; if (staticAttributeIdIsDn) { SearchResult targetLdapEntry = targetSession.getLdapEntry(targetId); if (targetLdapEntry == null) { String rdnAttribute = ldapTargetDirectory.getDescriptor().getRdnAttribute(); if (!rdnAttribute.equals(targetSession.idAttribute)) { log.warn(String.format( "cannot remove links to missing entry %s in directory %s for reference %s", targetId, ldapTargetDirectory.getName(), this)); return; } // the entry might have already been deleted, try to // re-forge it if possible (might not work if scope is // subtree) targetAttributeValue = String.format("%s=%s,%s", rdnAttribute, targetId, ldapTargetDirectory.getDescriptor().getSearchBaseDn()); } else { targetAttributeValue = pseudoNormalizeDn(targetLdapEntry.getNameInNamespace()); } } else { targetAttributeValue = targetId; } // build a LDAP query to find entries that point to the target String searchFilter = String.format("(%s=%s)", attributeId, targetAttributeValue); String sourceFilter = ldapSourceDirectory.getBaseFilter(); if (sourceFilter != null && !"".equals(sourceFilter)) { searchFilter = String.format("(&(%s)(%s))", searchFilter, sourceFilter); } SearchControls scts = new SearchControls(); scts.setSearchScope(ldapSourceDirectory.getDescriptor().getSearchScope()); scts.setReturningAttributes(new String[] { attributeId }); // find all source entries that point to the target key and // clean // those references if (log.isDebugEnabled()) { log.debug(String.format( "LDAPReference.removeLinksForTarget(%s): LDAP search baseDn='%s' " + " filter='%s' scope='%s' [%s]", targetId, sourceSession.searchBaseDn, searchFilter, scts.getSearchScope(), this)); } NamingEnumeration<SearchResult> results = sourceSession.dirContext .search(sourceSession.searchBaseDn, searchFilter, scts); String emptyRefMarker = ldapSourceDirectory.getDescriptor().getEmptyRefMarker(); Attributes emptyAttribute = new BasicAttributes(attributeId, emptyRefMarker); try { while (results.hasMore()) { SearchResult result = results.next(); Attributes attrs = result.getAttributes(); Attribute attr = attrs.get(attributeId); try { if (attr.size() == 1) { // the attribute holds the last reference, put // the // empty ref. marker before removing the // attribute // since empty attribute are often not allowed // by // the server schema if (log.isDebugEnabled()) { log.debug(String.format( "LDAPReference.removeLinksForTarget(%s): LDAP modifyAttributes key='%s' " + "mod_op='ADD_ATTRIBUTE' attrs='%s' [%s]", targetId, result.getNameInNamespace(), attrs, this)); } sourceSession.dirContext.modifyAttributes(result.getNameInNamespace(), DirContext.ADD_ATTRIBUTE, emptyAttribute); } // remove the reference to the target key attrs = new BasicAttributes(); attr = new BasicAttribute(attributeId); attr.add(targetAttributeValue); attrs.put(attr); if (log.isDebugEnabled()) { log.debug(String.format( "LDAPReference.removeLinksForTarget(%s): LDAP modifyAttributes key='%s' " + "mod_op='REMOVE_ATTRIBUTE' attrs='%s' [%s]", targetId, result.getNameInNamespace(), attrs, this)); } sourceSession.dirContext.modifyAttributes(result.getNameInNamespace(), DirContext.REMOVE_ATTRIBUTE, attrs); } catch (SchemaViolationException e) { if (isDynamic()) { // we are editing an entry that has no static // part log.warn(String.format("cannot remove dynamic reference in field %s for target %s", getFieldName(), targetId)); } else { // this is a real schema configuration problem, // wrapup the exception throw new DirectoryException(e); } } } } finally { results.close(); } } } catch (NamingException e) { throw new DirectoryException("removeLinksForTarget failed: " + e.getMessage(), e); } }
From source file:org.projectforge.business.ldap.LdapDao.java
/** * @param ctx/*w w w. ja v a 2s . co m*/ * @param ouBase If organizational units are given by the given obj then this parameter will be ignored, otherwise * this is the ou where the new object will be inserted. * @param obj * @param args * @throws NamingException */ public void create(final DirContext ctx, final String ouBase, final T obj, final Object... args) throws NamingException { final String dn = buildDn(ouBase, obj); log.info("Create " + getObjectClass() + ": " + dn + ": " + getLogInfo(obj)); final Attributes attrs = new BasicAttributes(); final List<ModificationItem> modificationItems = getModificationItems(new ArrayList<ModificationItem>(), obj); modificationItems.add(createModificationItem(DirContext.ADD_ATTRIBUTE, "objectClass", getObjectClass())); final String[] additionalObjectClasses = getAdditionalObjectClasses(obj); if (additionalObjectClasses != null) { for (final String objectClass : additionalObjectClasses) { modificationItems.add(createModificationItem(DirContext.ADD_ATTRIBUTE, "objectClass", objectClass)); } } for (final ModificationItem modItem : modificationItems) { final Attribute attr = modItem.getAttribute(); LdapUtils.putAttribute(attrs, attr.getID(), (String) attr.get()); } LdapUtils.putAttribute(attrs, "cn", LdapUtils.escapeCommonName(obj.getCommonName())); onBeforeBind(dn, attrs, args); ctx.bind(dn, null, attrs); }
From source file:org.projectforge.business.ldap.LdapDao.java
/** * Helper method for appending modification item(s) to a given list. At least one entry will be added if no attrValue * is given.//from w ww. jav a 2 s . c o m * * @param list * @param attrId * @param attrValues If null then a null-value will be assumed. If more than one string is given, multiple * modification items will be added. * @return */ protected void createAndAddModificationItems(final List<ModificationItem> list, final String attrId, final String... attrValues) { if (attrValues == null) { list.add(createModificationItem(attrId, null)); return; } boolean added = false; for (final String attrValue : attrValues) { if (StringUtils.isEmpty(attrValue) == true && added == true) { continue; } final String val = StringUtils.isEmpty(attrValue) == true ? null : attrValue; if (added == false) { list.add(createModificationItem(DirContext.REPLACE_ATTRIBUTE, attrId, val)); added = true; } else { list.add(createModificationItem(DirContext.ADD_ATTRIBUTE, attrId, val)); } } }
From source file:org.projectforge.business.ldap.LdapDao.java
/** * Helper method for appending modification item(s) to a given list. At least one entry will be added if no attrValue * is given.// w ww . j a va 2 s. com * * @param list * @param attrId * @param attrValues If null then a null-value will be assumed. If more than one string is given, multiple * modification items will be added. * @return */ protected void createAndAddModificationItems(final List<ModificationItem> list, final String attrId, final Set<String> attrValues) { if (attrValues == null) { list.add(createModificationItem(attrId, null)); return; } boolean added = false; for (final String attrValue : attrValues) { if (StringUtils.isEmpty(attrValue) == true && added == true) { continue; } final String val = StringUtils.isEmpty(attrValue) == true ? null : attrValue; if (added == false) { list.add(createModificationItem(DirContext.REPLACE_ATTRIBUTE, attrId, val)); added = true; } else { list.add(createModificationItem(DirContext.ADD_ATTRIBUTE, attrId, val)); } } }
From source file:org.projectforge.business.ldap.LdapGroupDao.java
/** * Used for bind and update./*from w w w .ja v a2 s. com*/ * * @param person * @return * @see org.projectforge.business.ldap.LdapDao#getModificationItems(org.projectforge.business.ldap.LdapObject) */ @Override protected List<ModificationItem> getModificationItems(final List<ModificationItem> list, final LdapGroup group) { createAndAddModificationItems(list, "businessCategory", group.getBusinessCategory()); createAndAddModificationItems(list, "o", group.getOrganization()); createAndAddModificationItems(list, "description", group.getDescription()); if (CollectionUtils.isNotEmpty(group.getMembers()) == true) { createAndAddModificationItems(list, "uniqueMember", group.getMembers()); } else { createAndAddModificationItems(list, "uniqueMember", NONE_UNIQUE_MEMBER_ID); } final boolean modifyPosixAccount = ldapUserDao.isPosixAccountsConfigured() == true && groupDOConverter.isPosixAccountValuesEmpty(group) == false; if (modifyPosixAccount == true) { if (group.getObjectClasses() != null) { final List<String> missedObjectClasses = LdapUtils.getMissedObjectClasses( getAdditionalObjectClasses(group), getObjectClass(), group.getObjectClasses()); if (CollectionUtils.isNotEmpty(missedObjectClasses) == true) { for (final String missedObjectClass : missedObjectClasses) { list.add( createModificationItem(DirContext.ADD_ATTRIBUTE, "objectClass", missedObjectClass)); } } } } if (modifyPosixAccount == true) { createAndAddModificationItems(list, "gidNumber", String.valueOf(group.getGidNumber())); } return list; }
From source file:org.projectforge.business.ldap.LdapUserDao.java
public void changePassword(final LdapUser user, final String oldPassword, final String newPassword) { log.info("Change password for " + getObjectClass() + ": " + buildDn(null, user)); final List<ModificationItem> modificationItems = new ArrayList<ModificationItem>(); if (oldPassword != null) { modificationItems.add(new ModificationItem(DirContext.REMOVE_ATTRIBUTE, new BasicAttribute("userPassword", oldPassword))); modificationItems.add(new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("userPassword", newPassword))); } else {/* www.j a va2 s .co m*/ modificationItems.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("userPassword", newPassword))); } if (isSambaAccountsConfigured() == true && user.getSambaSIDNumber() != null) { final String sambaNTPassword = SmbEncrypt.NTUNICODEHash(newPassword); modificationItems.add(new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("sambaNTPassword", sambaNTPassword))); } // Perform the update modify(user, modificationItems); }
From source file:org.projectforge.business.ldap.LdapUserDao.java
/** * @see org.projectforge.ldap.LdapPDao#getModificationItems(java.util.List, org.projectforge.business.ldap.LdapUser) *///from ww w . j a v a2 s .c o m @Override protected List<ModificationItem> getModificationItems(List<ModificationItem> list, final LdapUser user) { list = ldapPersonDao.getModificationItems(list, user); createAndAddModificationItems(list, "cn", user.getCommonName()); final boolean modifyPosixAccount = isPosixAccountsConfigured() == true && PFUserDOConverter.isPosixAccountValuesEmpty(user) == false; final boolean modifySambaAccount = isSambaAccountsConfigured() == true && PFUserDOConverter.isSambaAccountValuesEmpty(user) == false; if (modifyPosixAccount == true || modifySambaAccount == true) { if (user.getObjectClasses() != null) { final List<String> missedObjectClasses = LdapUtils.getMissedObjectClasses( getAdditionalObjectClasses(user), getObjectClass(), user.getObjectClasses()); if (CollectionUtils.isNotEmpty(missedObjectClasses) == true) { for (final String missedObjectClass : missedObjectClasses) { list.add( createModificationItem(DirContext.ADD_ATTRIBUTE, "objectClass", missedObjectClass)); } } } } if (modifyPosixAccount == true) { createAndAddModificationItems(list, "uidNumber", String.valueOf(user.getUidNumber())); createAndAddModificationItems(list, "gidNumber", String.valueOf(user.getGidNumber())); createAndAddModificationItems(list, "homeDirectory", user.getHomeDirectory()); createAndAddModificationItems(list, "loginShell", user.getLoginShell()); } if (modifySambaAccount == true) { createAndAddModificationItems(list, "sambaSID", ldapConfig.getSambaAccountsConfig().getSambaSID(user.getSambaSIDNumber())); createAndAddModificationItems(list, "sambaPrimaryGroupSID", ldapConfig.getSambaAccountsConfig() .getSambaPrimaryGroupSID(user.getSambaPrimaryGroupSIDNumber())); createAndAddModificationItems(list, "sambaAcctFlags", "U "); createAndAddModificationItems(list, "sambaPasswordHistory", "0000000000000000000000000000000000000000000000000000000000000000"); createAndAddModificationItems(list, "sambaPwdLastSet", String.valueOf(user.getSambaPwdLastSetAsUnixEpochSeconds())); } return list; }
From source file:org.projectforge.ldap.LdapUserDao.java
/** * @see org.projectforge.ldap.LdapPDao#getModificationItems(java.util.List, org.projectforge.ldap.LdapUser) */// www . j a va2s.com @Override protected List<ModificationItem> getModificationItems(List<ModificationItem> list, final LdapUser user) { list = ldapPersonDao.getModificationItems(list, user); createAndAddModificationItems(list, "cn", user.getCommonName()); final boolean modifyPosixAccount = isPosixAccountsConfigured() == true && PFUserDOConverter.isPosixAccountValuesEmpty(user) == false; final boolean modifySambaAccount = isSambaAccountsConfigured() == true && PFUserDOConverter.isSambaAccountValuesEmpty(user) == false; if (modifyPosixAccount == true || modifySambaAccount == true) { if (user.getObjectClasses() != null) { final List<String> missedObjectClasses = LdapUtils.getMissedObjectClasses( getAdditionalObjectClasses(user), getObjectClass(), user.getObjectClasses()); if (CollectionUtils.isNotEmpty(missedObjectClasses) == true) { for (final String missedObjectClass : missedObjectClasses) { list.add( createModificationItem(DirContext.ADD_ATTRIBUTE, "objectClass", missedObjectClass)); } } } } if (modifyPosixAccount == true) { createAndAddModificationItems(list, "uidNumber", String.valueOf(user.getUidNumber())); createAndAddModificationItems(list, "gidNumber", String.valueOf(user.getGidNumber())); createAndAddModificationItems(list, "homeDirectory", user.getHomeDirectory()); createAndAddModificationItems(list, "loginShell", user.getLoginShell()); } if (modifySambaAccount == true) { createAndAddModificationItems(list, "sambaSID", ldapConfig.getSambaAccountsConfig().getSambaSID(user.getSambaSIDNumber())); createAndAddModificationItems(list, "sambaPrimaryGroupSID", ldapConfig.getSambaAccountsConfig() .getSambaPrimaryGroupSID(user.getSambaPrimaryGroupSIDNumber())); } return list; }
From source file:org.sonar.plugins.activedirectory.server.ApacheDS.java
/** * This seems to be required for objectClass posixGroup. */// w ww .j a v a2 s . c o m private ApacheDS activateNis() throws Exception { Preconditions.checkState(ldapServer.isStarted()); Attribute disabled = new BasicAttribute("m-disabled", "TRUE"); Attribute disabled2 = new BasicAttribute("m-disabled", "FALSE"); ModificationItem[] mods = new ModificationItem[] { new ModificationItem(DirContext.REMOVE_ATTRIBUTE, disabled), new ModificationItem(DirContext.ADD_ATTRIBUTE, disabled2) }; Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, getUrl()); DirContext ctx = new InitialDirContext(env); ctx.modifyAttributes("cn=nis,ou=schema", mods); return this; }