Example 26 with ExternalIdentityRef
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.
the class LdapProviderTest method testGetGroupByRef.
@Test
public void testGetGroupByRef() throws Exception {
ExternalIdentityRef ref = new ExternalIdentityRef(TEST_GROUP1_DN, IDP_NAME);
ExternalIdentity id = idp.getIdentity(ref);
assertTrue("Group instance", id instanceof ExternalGroup);
assertEquals("Group Name", TEST_GROUP1_NAME, id.getId());
}
Also used :
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)
ExternalIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)
Test(org.junit.Test)
Example 27 with ExternalIdentityRef
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.
the class DefaultSyncContext method createSyncedIdentity.
/**
* Creates a synced identity from the given authorizable.
* @param auth the authorizable
* @return the id
* @throws RepositoryException if an error occurs
*/
@CheckForNull
public static DefaultSyncedIdentity createSyncedIdentity(@Nullable Authorizable auth) throws RepositoryException {
if (auth == null) {
return null;
}
ExternalIdentityRef ref = getIdentityRef(auth);
Value[] lmValues = auth.getProperty(REP_LAST_SYNCED);
long lastModified = -1;
if (lmValues != null && lmValues.length > 0) {
lastModified = lmValues[0].getLong();
}
return new DefaultSyncedIdentity(auth.getID(), ref, auth.isGroup(), lastModified);
}
Also used :
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
Value(javax.jcr.Value)
CheckForNull(javax.annotation.CheckForNull)
Example 28 with ExternalIdentityRef
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.
the class DefaultSyncContext method sync.
/**
* {@inheritDoc}
*/
@Nonnull
@Override
public SyncResult sync(@Nonnull ExternalIdentity identity) throws SyncException {
ExternalIdentityRef ref = identity.getExternalId();
if (!isSameIDP(ref)) {
// create result in accordance with sync(String) where status is FOREIGN
boolean isGroup = (identity instanceof ExternalGroup);
return new DefaultSyncResultImpl(new DefaultSyncedIdentity(identity.getId(), ref, isGroup, -1), SyncResult.Status.FOREIGN);
}
try {
DebugTimer timer = new DebugTimer();
DefaultSyncResultImpl ret;
boolean created = false;
if (identity instanceof ExternalUser) {
User user = getAuthorizable(identity, User.class);
timer.mark("find");
if (user == null) {
user = createUser((ExternalUser) identity);
timer.mark("create");
created = true;
}
ret = syncUser((ExternalUser) identity, user);
timer.mark("sync");
} else if (identity instanceof ExternalGroup) {
Group group = getAuthorizable(identity, Group.class);
timer.mark("find");
if (group == null) {
group = createGroup((ExternalGroup) identity);
timer.mark("create");
created = true;
}
ret = syncGroup((ExternalGroup) identity, group);
timer.mark("sync");
} else {
throw new IllegalArgumentException("identity must be user or group but was: " + identity);
}
if (log.isDebugEnabled()) {
log.debug("sync({}) -> {} {}", ref.getString(), identity.getId(), timer.getString());
}
if (created) {
ret.setStatus(SyncResult.Status.ADD);
}
return ret;
} catch (RepositoryException e) {
throw new SyncException(e);
}
}
Also used :
DebugTimer(org.apache.jackrabbit.oak.commons.DebugTimer)
Group(org.apache.jackrabbit.api.security.user.Group)
ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)
User(org.apache.jackrabbit.api.security.user.User)
ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)
ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)
RepositoryException(javax.jcr.RepositoryException)
SyncException(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncException)
Nonnull(javax.annotation.Nonnull)
Example 29 with ExternalIdentityRef
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.
the class Delegatee method syncExternalUsers.
/**
* @see SynchronizationMBean#syncExternalUsers(String[])
*/
@Nonnull
String[] syncExternalUsers(@Nonnull String[] externalIds) {
List<String> list = new ArrayList<String>();
context.setForceGroupSync(true).setForceUserSync(true);
List<SyncResult> results = new ArrayList<SyncResult>(batchSize);
for (String externalId : externalIds) {
ExternalIdentityRef ref = ExternalIdentityRef.fromString(externalId);
if (!idp.getName().equals(ref.getProviderName())) {
results.add(new DefaultSyncResultImpl(new DefaultSyncedIdentity(ref.getId(), ref, false, -1), SyncResult.Status.FOREIGN));
} else {
try {
ExternalIdentity id = idp.getIdentity(ref);
if (id != null) {
results = syncUser(id, results, list);
} else {
results.add(new DefaultSyncResultImpl(new DefaultSyncedIdentity("", ref, false, -1), SyncResult.Status.NO_SUCH_IDENTITY));
}
} catch (ExternalIdentityException e) {
log.warn("error while fetching the external identity {}", externalId, e);
results.add(new ErrorSyncResult(ref, e));
}
}
}
commit(list, results, NO_BATCH_SIZE);
return list.toArray(new String[list.size()]);
}
Also used :
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
ArrayList(java.util.ArrayList)
DefaultSyncedIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncedIdentity)
ExternalIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)
DefaultSyncResultImpl(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncResultImpl)
SyncResult(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult)
ExternalIdentityException(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException)
Nonnull(javax.annotation.Nonnull)
Example 30 with ExternalIdentityRef
use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef in project jackrabbit-oak by apache.
the class DefaultSyncContextTest method testGetIdentityRefSyncUser.
@Test
public void testGetIdentityRefSyncUser() throws Exception {
ExternalIdentity externalUser = idp.listUsers().next();
sync(externalUser);
ExternalIdentityRef ref = DefaultSyncContext.getIdentityRef(userManager.getAuthorizable(externalUser.getId()));
assertNotNull(ref);
assertEquals(externalUser.getExternalId(), ref);
}
Also used :
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
ExternalIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)
AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)
Test(org.junit.Test)
Aggregations
ExternalIdentityRef (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)64
Test (org.junit.Test)47
ExternalUser (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)23
ExternalIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)18
ExternalGroup (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)15
AbstractExternalAuthTest (org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)14
Group (org.apache.jackrabbit.api.security.user.Group)11
User (org.apache.jackrabbit.api.security.user.User)10
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)7
SyncedIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncedIdentity)6
Nonnull (javax.annotation.Nonnull)5
DebugTimer (org.apache.jackrabbit.oak.commons.DebugTimer)5
ExternalIdentityException (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException)5
SyncResult (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult)5
Principal (java.security.Principal)4
HashMap (java.util.HashMap)4
LdapInvalidAttributeValueException (org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)4
UserManager (org.apache.jackrabbit.api.security.user.UserManager)4
Root (org.apache.jackrabbit.oak.api.Root)4
DefaultSyncedIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncedIdentity)4
