List of usage examples for javax.naming.directory SearchControls SUBTREE_SCOPE
int SUBTREE_SCOPE
To view the source code for javax.naming.directory SearchControls SUBTREE_SCOPE.
Click Source Link
From source file:org.apache.archiva.redback.common.ldap.role.DefaultLdapRoleMapper.java
public List<String> getAllGroups(DirContext context) throws MappingException { NamingEnumeration<SearchResult> namingEnumeration = null; try {//w ww .j a v a 2s . co m SearchControls searchControls = new SearchControls(); searchControls.setDerefLinkFlag(true); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); String filter = "objectClass=" + getLdapGroupClass(); if (!StringUtils.isEmpty(this.groupFilter)) { filter = "(&(" + filter + ")(" + this.groupFilter + "))"; } namingEnumeration = context.search(getGroupsDn(), filter, searchControls); List<String> allGroups = new ArrayList<String>(); while (namingEnumeration.hasMore()) { SearchResult searchResult = namingEnumeration.next(); String groupName = searchResult.getName(); // cn=blabla we only want bla bla groupName = StringUtils.substringAfter(groupName, "="); log.debug("found groupName: '{}", groupName); allGroups.add(groupName); } return allGroups; } catch (LdapException e) { throw new MappingException(e.getMessage(), e); } catch (NamingException e) { throw new MappingException(e.getMessage(), e); } finally { close(namingEnumeration); } }
From source file:org.jasig.portlet.contacts.adapters.impl.ldap.LdapSearchAdapter.java
/** * Construct a new search controls object for our search */// w ww. j a v a 2 s .c o m protected SearchControls getSearchControls() { SearchControls searchControls = new SearchControls(); searchControls.setTimeLimit(timeLimit); searchControls.setCountLimit(countLimit); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); return searchControls; }
From source file:jp.ikedam.jenkins.plugins.ldap_sasl.SearchGroupResolver.java
/** * Resolves groups by querying the LDAP directory. * //from w w w. ja va2 s. c om * Never return null in any case. Returns empty list instead. * * @param ctx * @param dn * @param username * @return List of authorities (not null) * @see jp.ikedam.jenkins.plugins.ldap_sasl.GroupResolver#resolveGroup(javax.naming.ldap.LdapContext, java.lang.String, java.lang.String) */ @Override public List<GrantedAuthority> resolveGroup(LdapContext ctx, String dn, String username) { List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>(); Logger logger = getLogger(); if (dn == null) { logger.warning("Group cannot be resolved: DN of the user is not resolved!"); return authorities; } try { SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); logger.fine(String.format("Searching groups base=%s, dn=%s", getSearchBase(), dn)); NamingEnumeration<SearchResult> entries = ctx.search((getSearchBase() != null) ? getSearchBase() : "", getGroupSearchQuery(dn), searchControls); while (entries.hasMore()) { SearchResult entry = entries.next(); String groupName = entry.getAttributes().get("cn").get().toString(); if (getPrefix() != null) { groupName = getPrefix() + groupName; } authorities.add(new GrantedAuthorityImpl(groupName)); logger.fine(String.format("group: %s", groupName)); } entries.close(); } catch (NamingException e) { logger.log(Level.WARNING, "Failed to search groups", e); } return authorities; }
From source file:com.surevine.chat.auth.GroupAuthorisationFilter.java
/** * Get a list of the members of a group, searching for the group using an * LDAP filter expression and scope./*from w w w. j a v a2s.c o m*/ * * @param filter * LDAP search filter (see RFC2254) * @param scope * One of SearchControls.OBJECT_SCOPE, * SearchControls.ONELEVEL_SCOPE, or SearchControls.SUBTREE_SCOPE * (see javax.naming.directory.SearchControls) * @return List of usernames * @throws NamingException * @throws LdapException * On any LDAP error */ private Collection<String> getGroupMembers(final String groupName) throws NamingException { _logger.debug("Looking for members of " + groupName); String filter = "cn=" + groupName; Collection<String> memberList = new HashSet<String>(20); SearchControls controls = new SearchControls(); controls.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration<SearchResult> objects; DirContext ctx = getLdapConnection(); objects = ctx.search("ou=groups", filter, controls); while (objects.hasMore()) { SearchResult sr = (SearchResult) objects.next(); Attributes attributes = sr.getAttributes(); Attribute attribute = attributes.get("member"); if (attribute != null) { NamingEnumeration<?> valueEnum = attribute.getAll(); while (valueEnum.hasMore()) { String value = valueEnum.next().toString(); final String searchFor = "cn="; int start = value.indexOf(searchFor); int end = value.indexOf(',', start); if (start >= 0 && end >= 0) { String name = value.substring(start + searchFor.length(), end); _logger.debug(name + " is a chatter"); memberList.add(name); } } } } _logger.debug("Returning a total of " + memberList.size() + " chatters"); return memberList; }
From source file:org.kuali.rice.kim.dao.impl.LdapPrincipalDaoImpl.java
protected SearchControls getSearchControls() { SearchControls retval = new SearchControls(); retval.setCountLimit(getSearchResultsLimit(PersonImpl.class).longValue()); retval.setSearchScope(SearchControls.SUBTREE_SCOPE); return retval; }
From source file:it.infn.ct.security.utilities.LDAPUtils.java
public static boolean isCNregistered(String cn) { boolean registered = false; NamingEnumeration results = null; DirContext ctx = null;/*from w w w . j a v a 2 s . co m*/ try { ctx = getContext(); SearchControls controls = new SearchControls(); controls.setSearchScope(SearchControls.SUBTREE_SCOPE); ResourceBundle rb = ResourceBundle.getBundle("ldap"); results = ctx.search(rb.getString("peopleRoot"), "(cn=" + cn + ")", controls); if (results.hasMore()) { registered = true; } } catch (NameNotFoundException ex) { _log.error(ex); } catch (NamingException e) { registered = true; } finally { if (results != null) { try { results.close(); } catch (Exception e) { // Never mind this. } } if (ctx != null) { try { ctx.close(); } catch (Exception e) { // Never mind this. } } } return registered; }
From source file:org.apache.archiva.redback.users.ldap.ctl.DefaultLdapController.java
protected NamingEnumeration<SearchResult> searchUsers(DirContext context, String[] returnAttributes, LdapUserQuery query) throws NamingException { if (query == null) { query = new LdapUserQuery(); }// w w w . j a v a 2s . c o m SearchControls ctls = new SearchControls(); ctls.setDerefLinkFlag(true); ctls.setSearchScope(SearchControls.SUBTREE_SCOPE); ctls.setReturningAttributes(mapper.getReturningAttributes()); ctls.setCountLimit(((LdapUserMapper) mapper).getMaxResultCount()); String finalFilter = new StringBuilder("(&(objectClass=" + mapper.getUserObjectClass() + ")") .append((mapper.getUserFilter() != null ? mapper.getUserFilter() : "")) .append(query.getLdapFilter(mapper) + ")").toString(); log.debug("Searching for users with filter: '{}' from base dn: {}", finalFilter, mapper.getUserBaseDn()); return context.search(mapper.getUserBaseDn(), finalFilter, ctls); }
From source file:ru.runa.wfe.security.logic.LdapLogic.java
private int synchronizeActors(DirContext dirContext, Map<String, Actor> actorsByDistinguishedName) throws Exception { int changesCount = 0; List<Actor> existingActorsList = executorDao.getAllActors(BatchPresentationFactory.ACTORS.createNonPaged()); Map<String, Actor> existingActorsMap = Maps.newHashMap(); for (Actor actor : existingActorsList) { existingActorsMap.put(actor.getName().toLowerCase(), actor); }/*from w w w. j av a2s. co m*/ Set<Actor> ldapActorsToDelete = Sets.newHashSet(); if (LdapProperties.isSynchronizationDeleteExecutors()) { ldapActorsToDelete.addAll(executorDao.getGroupActors(importGroup)); } SearchControls controls = new SearchControls(); controls.setSearchScope(SearchControls.SUBTREE_SCOPE); for (String ou : LdapProperties.getSynchronizationOrganizationUnits()) { List<SearchResult> resultList = Lists.newArrayList(); try { NamingEnumeration<SearchResult> list = dirContext.search(ou, OBJECT_CLASS_USER_FILTER, controls); while (list.hasMore()) { SearchResult searchResult = list.next(); resultList.add(searchResult); } list.close(); } catch (SizeLimitExceededException e) { resultList.clear(); for (String y : ALPHABETS) { NamingEnumeration<SearchResult> list = dirContext.search(ou, MessageFormat.format(LOGIN_FIRST_LETTER_FILTER, ATTR_ACCOUNT_NAME, y, y.toLowerCase(), OBJECT_CLASS_USER_FILTER), controls); while (list.hasMore()) { SearchResult searchResult = list.next(); resultList.add(searchResult); } list.close(); } } for (SearchResult searchResult : resultList) { String name = getStringAttribute(searchResult, ATTR_ACCOUNT_NAME); String description = getStringAttribute(searchResult, LdapProperties.getSynchronizationUserDescriptionAttribute()); String fullName = getStringAttribute(searchResult, LdapProperties.getSynchronizationUserFullNameAttribute()); String email = getStringAttribute(searchResult, LdapProperties.getSynchronizationUserEmailAttribute()); String phone = getStringAttribute(searchResult, LdapProperties.getSynchronizationUserPhoneAttribute()); String title = getStringAttribute(searchResult, LdapProperties.getSynchronizationUserTitleAttribute()); String department = getStringAttribute(searchResult, LdapProperties.getSynchronizationUserDepartmentAttribute()); ToStringHelper toStringHelper = MoreObjects.toStringHelper("user info"); toStringHelper.add("name", name).add("description", description).add("fullName", fullName) .add("email", email); toStringHelper.add("phone", phone).add("title", title).add("department", department) .omitNullValues(); log.debug("Read " + toStringHelper.toString()); Actor actor = existingActorsMap.get(name.toLowerCase()); if (actor == null) { if (!LdapProperties.isSynchronizationCreateExecutors()) { continue; } actor = new Actor(name, description, fullName, null, email, phone, title, department); log.info("Creating " + actor); executorDao.create(actor); executorDao.addExecutorsToGroup(Lists.newArrayList(actor), importGroup); permissionDao.setPermissions(importGroup, Lists.newArrayList(Permission.LIST), actor); changesCount++; } else { ldapActorsToDelete.remove(actor); if (LdapProperties.isSynchronizationUpdateExecutors()) { List<IChange> changes = Lists.newArrayList(); if (isAttributeNeedsChange(description, actor.getDescription())) { changes.add(new AttributeChange("description", actor.getDescription(), description)); actor.setDescription(description); } if (isAttributeNeedsChange(fullName, actor.getFullName())) { changes.add(new AttributeChange("fullName", actor.getFullName(), fullName)); actor.setFullName(fullName); } if (isAttributeNeedsChange(email, actor.getEmail())) { changes.add(new AttributeChange("email", actor.getEmail(), email)); actor.setEmail(email); } if (isAttributeNeedsChange(phone, actor.getPhone())) { changes.add(new AttributeChange("phone", actor.getPhone(), phone)); actor.setPhone(phone); } if (isAttributeNeedsChange(title, actor.getTitle())) { changes.add(new AttributeChange("title", actor.getTitle(), title)); actor.setTitle(title); } if (isAttributeNeedsChange(department, actor.getDepartment())) { changes.add(new AttributeChange("department", actor.getDepartment(), department)); actor.setDepartment(department); } if (!actor.isActive()) { if (LdapProperties.isSynchronizationUserStatusEnabled()) { actor.setActive(true); changes.add(new AttributeChange("active", "false", "true")); } if (executorDao.removeExecutorFromGroup(actor, wasteGroup)) { changes.add(new Change("waste group removal")); } if (executorDao.addExecutorToGroup(actor, importGroup)) { changes.add(new Change("import group addition")); } } if (!changes.isEmpty()) { executorDao.update(actor); log.info("Updating " + actor + ": " + changes); changesCount++; } } } actorsByDistinguishedName.put(searchResult.getNameInNamespace(), actor); } } if (LdapProperties.isSynchronizationDeleteExecutors() && ldapActorsToDelete.size() > 0) { if (LdapProperties.isSynchronizationUserStatusEnabled()) { for (Actor actor : ldapActorsToDelete) { actor.setActive(false); executorDao.update(actor); log.info("Inactivating " + actor); changesCount++; } } executorDao.removeExecutorsFromGroup(ldapActorsToDelete, importGroup); executorDao.addExecutorsToGroup(ldapActorsToDelete, wasteGroup); changesCount += ldapActorsToDelete.size(); } return changesCount; }
From source file:org.opennms.web.springframework.security.UserGroupLdapAuthoritiesPopulator.java
@Override public void setSearchSubtree(boolean searchSubtree) { super.setSearchSubtree(searchSubtree); int searchScope = searchSubtree ? SearchControls.SUBTREE_SCOPE : SearchControls.ONELEVEL_SCOPE; this.searchControls.setSearchScope(searchScope); }
From source file:com.alfaariss.oa.engine.user.provisioning.storage.external.jndi.JNDIExternalStorage.java
/** * Returns <code>true</code> if the supplied id is found in the JNDI storage. * @see IStorage#exists(java.lang.String) *///w w w .j av a 2 s . co m public boolean exists(String id) throws UserException { DirContext oDirContext = null; NamingEnumeration oNamingEnumeration = null; boolean bReturn = false; try { try { oDirContext = new InitialDirContext(_htJNDIEnvironment); } catch (NamingException e) { _logger.error("Could not create the connection: " + _htJNDIEnvironment); throw new UserException(SystemErrors.ERROR_RESOURCE_CONNECT, e); } SearchControls oScope = new SearchControls(); oScope.setSearchScope(SearchControls.SUBTREE_SCOPE); String searchFilter = resolveSearchQuery(id); try { oNamingEnumeration = oDirContext.search(_sDNBase, searchFilter, oScope); bReturn = oNamingEnumeration.hasMore(); } catch (InvalidSearchFilterException e) { _logger.error("Wrong filter: " + searchFilter); throw new UserException(SystemErrors.ERROR_RESOURCE_RETRIEVE, e); } catch (NamingException e) { _logger.debug("User unknown, naming exception. query: " + searchFilter, e); return false; //user unknown } } catch (UserException e) { throw e; } catch (Exception e) { _logger.error("Could not verify if user exists: " + id, e); throw new UserException(SystemErrors.ERROR_INTERNAL, e); } finally { if (oNamingEnumeration != null) { try { oNamingEnumeration.close(); } catch (Exception e) { _logger.error("Could not close Naming Enumeration after searching for user with id: " + id, e); } } if (oDirContext != null) { try { oDirContext.close(); } catch (NamingException e) { _logger.error("Could not close Dir Context after searching for user with id: " + id, e); } } } return bReturn; }