Examples with LdapConnection org.apache.directory.ldap.client.api.LdapConnection used on opensource projects

Example 81 with LdapConnection

use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.

the class UserDAO method lock.

/**
 * @param user
 * @throws org.apache.directory.fortress.core.UpdateException
 */
void lock(User user) throws UpdateException {
    LdapConnection ld = null;
    String userDn = getDn(user.getUserId(), user.getContextId());
    try {
        List<Modification> mods = new ArrayList<Modification>();
        mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, OPENLDAP_PW_LOCKED_TIME, LOCK_VALUE));
        ld = getAdminConnection();
        modify(ld, userDn, mods, user);
    } catch (LdapException e) {
        String error = "lock user [" + user.getUserId() + "] caught LDAPException=" + e.getMessage();
        throw new UpdateException(GlobalErrIds.USER_PW_LOCK_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
}

Example 82 with LdapConnection

use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.

the class UserDAO method deassign.

/**
 * @param uRole
 * @param roleConstraint
 * @throws UpdateException
 * @throws FinderException
 */
void deassign(UserRole uRole, RoleConstraint roleConstraint) throws UpdateException, FinderException {
    LdapConnection ld = null;
    String szRoleConstraint = "";
    String userDn = getDn(uRole.getUserId(), uRole.getContextId());
    try {
        List<Modification> mods = new ArrayList<Modification>();
        szRoleConstraint = roleConstraint.getRawData(uRole);
        mods.add(new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, GlobalIds.USER_ROLE_DATA, szRoleConstraint));
        ld = getAdminConnection();
        modify(ld, userDn, mods, uRole);
    } catch (LdapException e) {
        String warning = "deassign userId [" + uRole.getUserId() + "] role constraint [" + szRoleConstraint + "] ";
        warning += "caught LDAPException=" + e.getMessage();
        throw new UpdateException(GlobalErrIds.URLE_ASSIGN_FAILED, warning, e);
    } finally {
        closeAdminConnection(ld);
    }
}

Example 83 with LdapConnection

use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.

the class UserDAO method create.

/**
 * Add new user entity to LDAP
 *
 * @param entity
 * @return
 * @throws CreateException
 */
User create(User entity) throws CreateException {
    LdapConnection ld = null;
    try {
        entity.setInternalId();
        String dn = getDn(entity.getUserId(), entity.getContextId());
        Entry myEntry = new DefaultEntry(dn);
        myEntry.add(SchemaConstants.OBJECT_CLASS_AT, getUserObjectClass());
        // myEntry.add( SchemaConstants.OBJECT_CLASS_AT, USER_OBJ_CLASS );
        myEntry.add(GlobalIds.FT_IID, entity.getInternalId());
        myEntry.add(SchemaConstants.UID_AT, entity.getUserId());
        // CN is required on inetOrgPerson object class, if caller did not set, use the userId:
        if (StringUtils.isEmpty(entity.getCn())) {
            entity.setCn(entity.getUserId());
        }
        myEntry.add(SchemaConstants.CN_AT, entity.getCn());
        // SN is required on inetOrgPerson object class, if caller did not set, use the userId:
        if (StringUtils.isEmpty(entity.getSn())) {
            entity.setSn(entity.getUserId());
        }
        myEntry.add(SchemaConstants.SN_AT, entity.getSn());
        if (StringUtils.isNotEmpty(entity.getPassword())) {
            myEntry.add(SchemaConstants.USER_PASSWORD_AT, entity.getPassword());
        } else if (!Config.getInstance().getBoolean(GlobalIds.USER_CREATION_PASSWORD_FIELD, false)) {
            myEntry.add(SchemaConstants.USER_PASSWORD_AT, new String());
        }
        myEntry.add(SchemaConstants.DISPLAY_NAME_AT, entity.getCn());
        if (StringUtils.isNotEmpty(entity.getTitle())) {
            myEntry.add(SchemaConstants.TITLE_AT, entity.getTitle());
        }
        if (StringUtils.isNotEmpty(entity.getEmployeeType())) {
            myEntry.add(EMPLOYEE_TYPE, entity.getEmployeeType());
        }
        // These are multi-valued attributes, use the util function to load.
        // These items are optional.  The utility function will return quietly if item list is empty:
        loadAttrs(entity.getPhones(), myEntry, SchemaConstants.TELEPHONE_NUMBER_AT);
        loadAttrs(entity.getMobiles(), myEntry, MOBILE);
        loadAttrs(entity.getEmails(), myEntry, SchemaConstants.MAIL_AT);
        // The following attributes are optional:
        if (entity.isSystem() != null) {
            myEntry.add(SYSTEM_USER, entity.isSystem().toString().toUpperCase());
        }
        // If password policy is set and either openldap or apacheds in use:
        if ((Config.getInstance().isOpenldap() || Config.getInstance().isApacheds()) && StringUtils.isNotEmpty(entity.getPwPolicy())) {
            myEntry.add(OPENLDAP_POLICY_SUBENTRY, PolicyDAO.getPolicyDn(entity));
        }
        if (StringUtils.isNotEmpty(entity.getOu())) {
            myEntry.add(SchemaConstants.OU_AT, entity.getOu());
        }
        if (StringUtils.isNotEmpty(entity.getDescription())) {
            myEntry.add(SchemaConstants.DESCRIPTION_AT, entity.getDescription());
        }
        // props are optional as well:
        // Add "initial" property here.
        entity.addProperty("initAttrArrays", "");
        loadProperties(entity.getProperties(), myEntry, GlobalIds.PROPS);
        // map the userid to the name field in constraint:
        entity.setName(entity.getUserId());
        myEntry.add(GlobalIds.CONSTRAINT, ConstraintUtil.setConstraint(entity));
        loadAddress(entity.getAddress(), myEntry);
        if (ArrayUtils.isNotEmpty(entity.getJpegPhoto())) {
            myEntry.add(JPEGPHOTO, entity.getJpegPhoto());
        }
        ld = getAdminConnection();
        add(ld, myEntry, entity);
        entity.setDn(dn);
    } catch (LdapEntryAlreadyExistsException e) {
        String error = "create userId [" + entity.getUserId() + "] failed, already exists in directory";
        throw new CreateException(GlobalErrIds.USER_ADD_FAILED_ALREADY_EXISTS, error, e);
    } catch (LdapException e) {
        String error = "create userId [" + entity.getUserId() + "] caught LDAPException=" + e.getMessage();
        throw new CreateException(GlobalErrIds.USER_ADD_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return entity;
}

Example 84 with LdapConnection

use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.

the class UserDAO method getUser.

/**
 * @param user
 * @return
 * @throws org.apache.directory.fortress.core.FinderException
 */
User getUser(User user, boolean isRoles) throws FinderException {
    User entity = null;
    LdapConnection ld = null;
    String userDn = getDn(user.getUserId(), user.getContextId());
    String[] uATTRS;
    if (isRoles) {
        // Retrieve the User's assigned RBAC and Admin Role attributes from directory.
        uATTRS = defaultAtrs;
    } else {
        // Do not retrieve the User's assigned RBAC and Admin Role attributes from directory.
        uATTRS = authnAtrs;
    }
    Entry findEntry = null;
    try {
        ld = getAdminConnection();
        findEntry = read(ld, userDn, uATTRS);
    } catch (LdapNoSuchObjectException e) {
        String warning = "getUser COULD NOT FIND ENTRY for user [" + user.getUserId() + "]";
        throw new FinderException(GlobalErrIds.USER_NOT_FOUND, warning);
    } catch (LdapException e) {
        String error = "getUser [" + userDn + "]= caught LDAPException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.USER_READ_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    try {
        if (findEntry != null) {
            entity = unloadLdapEntry(findEntry, 0, user.getContextId());
        }
    } catch (LdapInvalidAttributeValueException e) {
        entity = null;
    }
    if (entity == null) {
        String warning = "getUser userId [" + user.getUserId() + "] not found, Fortress rc=" + GlobalErrIds.USER_NOT_FOUND;
        throw new FinderException(GlobalErrIds.USER_NOT_FOUND, warning);
    }
    return entity;
}

Example 85 with LdapConnection

use of org.apache.directory.ldap.client.api.LdapConnection in project directory-fortress-core by apache.

the class RoleDAO method findAssignedRoles.

/**
 * @param userDn
 * @param contextId
 * @return
 * @throws FinderException
 */
List<String> findAssignedRoles(String userDn, String contextId) throws FinderException {
    List<String> roleNameList = new ArrayList<>();
    LdapConnection ld = null;
    String roleRoot = getRootDn(contextId, GlobalIds.ROLE_ROOT);
    try {
        String filter = GlobalIds.FILTER_PREFIX + GlobalIds.ROLE_OBJECT_CLASS_NM + ")";
        filter += "(" + SchemaConstants.ROLE_OCCUPANT_AT + "=" + userDn + "))";
        ld = getAdminConnection();
        SearchCursor searchResults = search(ld, roleRoot, SearchScope.ONELEVEL, filter, ROLE_NM_ATR, false, GlobalIds.BATCH_SIZE);
        while (searchResults.next()) {
            roleNameList.add(getAttribute(searchResults.getEntry(), ROLE_NM));
        }
    } catch (LdapException e) {
        String error = "findAssignedRoles userDn [" + userDn + "] caught LdapException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.ROLE_OCCUPANT_SEARCH_FAILED, error, e);
    } catch (CursorException e) {
        String error = "findAssignedRoles userDn [" + userDn + "] caught CursorException=" + e.getMessage();
        throw new FinderException(GlobalErrIds.ROLE_OCCUPANT_SEARCH_FAILED, error, e);
    } finally {
        closeAdminConnection(ld);
    }
    return roleNameList;
}