Example 1 with AWSIAMAuthenticator
use of com.denismo.apacheds.auth.AWSIAMAuthenticator in project aws-iam-ldap-bridge by denismo.
the class LDAPIAMPoller method readConfig.
private void readConfig() {
try {
Dn configDn = directory.getDnFactory().create("cn=config,ads-authenticatorid=awsiamauthenticator,ou=authenticators,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config");
if (!utils.exists(configDn)) {
configEntry = directory.newEntry(configDn);
configEntry.put("objectClass", "iamauthenticatorconfig", "top");
configEntry.put(SchemaConstants.ENTRY_CSN_AT, directory.getCSN().toString());
configEntry.put(SchemaConstants.ENTRY_UUID_AT, UUID.randomUUID().toString());
configEntry.put("cn", "config");
configEntry.put(ID_GENERATOR, "1000");
directory.getAdminSession().add(configEntry);
} else {
LookupOperationContext lookupContext = new LookupOperationContext(directory.getAdminSession(), configDn, SchemaConstants.ALL_USER_ATTRIBUTES, SchemaConstants.ALL_OPERATIONAL_ATTRIBUTES);
configEntry = directory.getPartitionNexus().lookup(lookupContext);
}
AWSIAMAuthenticator.Config config = AWSIAMAuthenticator.getConfig();
rootDN = config.rootDN;
pollPeriod = config.pollPeriod;
groupsDN = "ou=groups," + rootDN;
usersDN = "ou=users," + rootDN;
rolesDN = "ou=roles," + rootDN;
GROUP_FMT = "cn=%s," + groupsDN;
USER_FMT = "uid=%s," + usersDN;
ROLE_FMT = "uid=%s,ou=roles," + rootDN;
ensureDNs();
} catch (Throwable e) {
LOG.error("Exception reading config for LDAPIAMPoller", e);
}
}
Also used :
AWSIAMAuthenticator(com.denismo.apacheds.auth.AWSIAMAuthenticator)
Dn(org.apache.directory.api.ldap.model.name.Dn)
LookupOperationContext(org.apache.directory.server.core.api.interceptor.context.LookupOperationContext)
Aggregations
AWSIAMAuthenticator (com.denismo.apacheds.auth.AWSIAMAuthenticator)1
Dn (org.apache.directory.api.ldap.model.name.Dn)1
LookupOperationContext (org.apache.directory.server.core.api.interceptor.context.LookupOperationContext)1
