Examples with ExternalIdentityRef org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef used on opensource projects

Example 6 with ExternalIdentityRef

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.

the class DelegateeTest method testSyncExternalUsersSaveError.

@Test
public void testSyncExternalUsersSaveError() throws Exception {
    Root r = preventRootCommit(delegatee);
    ;
    List<String> externalIds = new ArrayList();
    for (String id : TEST_IDS) {
        externalIds.add(new ExternalIdentityRef(id, idp.getName()).getString());
    }
    String[] result = delegatee.syncExternalUsers(externalIds.toArray(new String[externalIds.size()]));
    assertResultMessages(result, ImmutableMap.of(TestIdentityProvider.ID_TEST_USER, "ERR", TestIdentityProvider.ID_SECOND_USER, "ERR", TestIdentityProvider.ID_WILDCARD_USER, "ERR"));
    assertFalse(r.hasPendingChanges());
}

Example 7 with ExternalIdentityRef

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.

the class DelegateeTest method testSyncNonExistingExternalUserSaveError.

@Test
public void testSyncNonExistingExternalUserSaveError() throws Exception {
    Root r = preventRootCommit(delegatee);
    ;
    String[] result = delegatee.syncExternalUsers(new String[] { new ExternalIdentityRef("nonExisting", idp.getName()).getString() });
    assertResultMessages(result, "", "nsi");
    assertFalse(r.hasPendingChanges());
}

Example 8 with ExternalIdentityRef

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.

the class LdapIdentityProvider method getDeclaredGroupRefs.

//-----------------------------------------------------------< internal >---
/**
     * Collects the declared (direct) groups of an identity
     * @param ref reference to the identity
     * @return map of identities where the key is the DN of the LDAP entity
     */
Map<String, ExternalIdentityRef> getDeclaredGroupRefs(ExternalIdentityRef ref) throws ExternalIdentityException {
    if (!isMyRef(ref)) {
        return Collections.emptyMap();
    }
    String searchFilter = config.getMemberOfSearchFilter(ref.getId());
    LdapConnection connection = null;
    SearchCursor searchCursor = null;
    try {
        // Create the SearchRequest object
        SearchRequest req = new SearchRequestImpl();
        req.setScope(SearchScope.SUBTREE);
        String idAttribute = config.getGroupConfig().getIdAttribute();
        req.addAttributes(idAttribute == null ? SchemaConstants.NO_ATTRIBUTE : idAttribute);
        req.setTimeLimit((int) config.getSearchTimeout());
        req.setBase(new Dn(config.getGroupConfig().getBaseDN()));
        req.setFilter(searchFilter);
        if (log.isDebugEnabled()) {
            log.debug("getDeclaredGroupRefs: using SearchRequest {}.", req);
        }
        Map<String, ExternalIdentityRef> groups = new HashMap<String, ExternalIdentityRef>();
        DebugTimer timer = new DebugTimer();
        connection = connect();
        timer.mark("connect");
        searchCursor = connection.search(req);
        timer.mark("search");
        while (searchCursor.next()) {
            Response response = searchCursor.get();
            if (response instanceof SearchResultEntry) {
                Entry resultEntry = ((SearchResultEntry) response).getEntry();
                ExternalIdentityRef groupRef = new ExternalIdentityRef(resultEntry.getDn().toString(), this.getName());
                groups.put(groupRef.getId(), groupRef);
            }
        }
        timer.mark("iterate");
        if (log.isDebugEnabled()) {
            log.debug("getDeclaredGroupRefs: search below {} with {} found {} entries. {}", config.getGroupConfig().getBaseDN(), searchFilter, groups.size(), timer.getString());
        }
        return groups;
    } catch (Exception e) {
        log.error("Error during ldap membership search.", e);
        throw new ExternalIdentityException("Error during ldap membership search.", e);
    } finally {
        if (searchCursor != null) {
            try {
                searchCursor.close();
            } catch (IOException e) {
                log.warn("Failed to close search cursor.", e);
            }
        }
        disconnect(connection);
    }
}

Example 9 with ExternalIdentityRef

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.

the class ExternalGroupPrincipalProviderTest method collectExpectedPrincipals.

private void collectExpectedPrincipals(Set<Principal> grPrincipals, @Nonnull Iterable<ExternalIdentityRef> declaredGroups, long depth) throws Exception {
    if (depth <= 0) {
        return;
    }
    for (ExternalIdentityRef ref : declaredGroups) {
        ExternalIdentity ei = idp.getIdentity(ref);
        grPrincipals.add(new PrincipalImpl(ei.getPrincipalName()));
        collectExpectedPrincipals(grPrincipals, ei.getDeclaredGroups(), depth - 1);
    }
}

Example 10 with ExternalIdentityRef

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.

the class ExternalGroupPrincipalProviderTest method testGetPrincipalGroupsWithQueryWildCard.

@Test
public void testGetPrincipalGroupsWithQueryWildCard() throws Exception {
    ExternalUser externalUser = idp.getUser(TestIdentityProvider.ID_WILDCARD_USER);
    sync(externalUser);
    for (ExternalIdentityRef ref : externalUser.getDeclaredGroups()) {
        String pName = idp.getIdentity(ref).getPrincipalName();
        Principal p = principalProvider.getPrincipal(pName);
        assertNotNull(p);
        assertEquals(pName, p.getName());
    }
}