use of org.forgerock.openam.idrepo.ldap.helpers.ADHelper in project OpenAM by OpenRock.
the class DJLDAPv3Repo method initialize.
/**
* Initializes the IdRepo instance, basically within this method we process
* the configuration settings and set up the connection factories that will
* be used later in the lifetime of the IdRepo plugin.
*
* @param configParams The IdRepo configuration as defined in the service
* configurations.
* @throws IdRepoException Shouldn't be thrown.
*/
@Override
public void initialize(Map<String, Set<String>> configParams) throws IdRepoException {
if (DEBUG.messageEnabled()) {
DEBUG.message("initialize invoked");
}
super.initialize(configParams);
String hostServerId = null;
String hostSiteId = "";
try {
hostServerId = WebtopNaming.getAMServerID();
hostSiteId = WebtopNaming.getSiteID(hostServerId);
} catch (ServerEntryNotFoundException senfe) {
if (DEBUG.warningEnabled()) {
DEBUG.warning("ServerEntryNotFoundException, hostServerId=" + hostServerId + ", hostSiteId=" + hostSiteId);
}
}
dnCacheEnabled = CollectionHelper.getBooleanMapAttr(configMap, LDAP_DNCACHE_ENABLED, true);
if (dnCacheEnabled) {
dnCache = new Cache(CollectionHelper.getIntMapAttr(configParams, LDAP_DNCACHE_SIZE, 1500, DEBUG));
}
ldapServers = LDAPUtils.prioritizeServers(configParams.get(LDAP_SERVER_LIST), hostServerId, hostSiteId);
defaultSizeLimit = CollectionHelper.getIntMapAttr(configParams, LDAP_MAX_RESULTS, 100, DEBUG);
defaultTimeLimit = CollectionHelper.getIntMapAttr(configParams, LDAP_TIME_LIMIT, 5, DEBUG);
int maxPoolSize = CollectionHelper.getIntMapAttr(configParams, LDAP_CONNECTION_POOL_MAX_SIZE, 10, DEBUG);
String username = CollectionHelper.getMapAttr(configParams, LDAP_SERVER_USER_NAME);
char[] password = CollectionHelper.getMapAttr(configParams, LDAP_SERVER_PASSWORD, "").toCharArray();
heartBeatInterval = CollectionHelper.getIntMapAttr(configParams, LDAP_SERVER_HEARTBEAT_INTERVAL, "10", DEBUG);
heartBeatTimeUnit = CollectionHelper.getMapAttr(configParams, LDAP_SERVER_HEARTBEAT_TIME_UNIT, "SECONDS");
String connectionMode = CollectionHelper.getMapAttr(configParams, LDAP_CONNECTION_MODE);
useStartTLS = LDAP_CONNECTION_MODE_STARTTLS.equalsIgnoreCase(connectionMode);
isSecure = LDAP_CONNECTION_MODE_LDAPS.equalsIgnoreCase(connectionMode) || useStartTLS;
bindConnectionFactory = createConnectionFactory(null, null, maxPoolSize);
connectionFactory = createConnectionFactory(username, password, maxPoolSize);
supportedTypesAndOperations = IdRepoUtils.parseSupportedTypesAndOperations(configParams.get(LDAP_SUPPORTED_TYPES_AND_OPERATIONS));
userStatusAttr = CollectionHelper.getMapAttr(configParams, LDAP_USER_STATUS_ATTR_NAME);
if (userStatusAttr == null || userStatusAttr.isEmpty()) {
alwaysActive = true;
userStatusAttr = DEFAULT_USER_STATUS_ATTR;
}
activeValue = CollectionHelper.getMapAttr(configParams, LDAP_STATUS_ACTIVE, STATUS_ACTIVE);
inactiveValue = CollectionHelper.getMapAttr(configParams, LDAP_STATUS_INACTIVE, STATUS_INACTIVE);
creationAttributeMapping = IdRepoUtils.parseAttributeMapping(configParams.get(LDAP_CREATION_ATTR_MAPPING));
userNamingAttr = CollectionHelper.getMapAttr(configParams, LDAP_USER_NAMING_ATTR);
groupNamingAttr = CollectionHelper.getMapAttr(configParams, LDAP_GROUP_NAMING_ATTR);
roleNamingAttr = CollectionHelper.getMapAttr(configParams, LDAP_ROLE_NAMING_ATTR);
filteredRoleNamingAttr = CollectionHelper.getMapAttr(configParams, LDAP_FILTERED_ROLE_NAMING_ATTR);
userSearchAttr = CollectionHelper.getMapAttr(configParams, LDAP_USER_SEARCH_ATTR);
userAttributesAllowed = new CaseInsensitiveHashSet();
Set<String> allowAttrs = configParams.get(LDAP_USER_ATTRS);
if (allowAttrs != null) {
userAttributesAllowed.addAll(allowAttrs);
}
groupAttributesAllowed = new CaseInsensitiveHashSet();
allowAttrs = configParams.get(LDAP_GROUP_ATTRS);
if (allowAttrs != null) {
groupAttributesAllowed.addAll(allowAttrs);
}
roleAttributesAllowed = new CaseInsensitiveHashSet();
allowAttrs = configParams.get(LDAP_ROLE_ATTRS);
if (allowAttrs != null) {
roleAttributesAllowed.addAll(allowAttrs);
}
filteredRoleAttributesAllowed = new CaseInsensitiveHashSet();
allowAttrs = configParams.get(LDAP_FILTERED_ROLE_ATTRS);
if (allowAttrs != null) {
filteredRoleAttributesAllowed.addAll(allowAttrs);
}
userObjectClasses = getNonNullSettingValues(LDAP_USER_OBJECT_CLASS);
groupObjectClasses = getNonNullSettingValues(LDAP_GROUP_OBJECT_CLASS);
roleObjectClasses = getNonNullSettingValues(LDAP_ROLE_OBJECT_CLASS);
filteredRoleObjectClasses = getNonNullSettingValues(LDAP_FILTERED_ROLE_OBJECT_CLASS);
defaultGroupMember = CollectionHelper.getMapAttr(configParams, LDAP_DEFAULT_GROUP_MEMBER);
uniqueMemberAttr = CollectionHelper.getMapAttr(configParams, LDAP_UNIQUE_MEMBER, UNIQUE_MEMBER_ATTR);
memberURLAttr = CollectionHelper.getMapAttr(configParams, LDAP_MEMBER_URL);
memberOfAttr = CollectionHelper.getMapAttr(configParams, LDAP_MEMBER_OF);
peopleContainerName = CollectionHelper.getMapAttr(configParams, LDAP_PEOPLE_CONTAINER_NAME);
peopleContainerValue = CollectionHelper.getMapAttr(configParams, LDAP_PEOPLE_CONTAINER_VALUE);
groupContainerName = CollectionHelper.getMapAttr(configParams, LDAP_GROUP_CONTAINER_NAME);
groupContainerValue = CollectionHelper.getMapAttr(configParams, LDAP_GROUP_CONTAINER_VALUE);
roleAttr = CollectionHelper.getMapAttr(configParams, LDAP_ROLE_ATTR, ROLE_ATTR);
roleDNAttr = CollectionHelper.getMapAttr(configParams, LDAP_ROLE_DN_ATTR, ROLE_DN_ATTR);
roleFilterAttr = CollectionHelper.getMapAttr(configParams, LDAP_ROLE_FILTER_ATTR, ROLE_FILTER_ATTR);
rootSuffix = CollectionHelper.getMapAttr(configParams, LDAP_SERVER_ROOT_SUFFIX);
userSearchFilter = LDAPUtils.parseFilter(CollectionHelper.getMapAttr(configParams, LDAP_USER_SEARCH_FILTER), Filter.objectClassPresent());
groupSearchFilter = LDAPUtils.parseFilter(CollectionHelper.getMapAttr(configParams, LDAP_GROUP_SEARCH_FILTER), Filter.objectClassPresent());
roleSearchFilter = LDAPUtils.parseFilter(CollectionHelper.getMapAttr(configParams, LDAP_ROLE_SEARCH_FILTER), DEFAULT_ROLE_SEARCH_FILTER);
filteredRoleSearchFilter = LDAPUtils.parseFilter(CollectionHelper.getMapAttr(configParams, LDAP_FILTERED_ROLE_SEARCH_FILTER), DEFAULT_FILTERED_ROLE_SEARCH_FILTER);
String serviceInfo = CollectionHelper.getMapAttr(configParams, LDAP_SERVICE_ATTRS);
serviceMap = new HashMap<String, Map<String, Set<String>>>(new SOAPClient("dummy").decodeMap(serviceInfo));
defaultScope = LDAPUtils.getSearchScope(CollectionHelper.getMapAttr(configParams, LDAP_SEARCH_SCOPE), SearchScope.WHOLE_SUBTREE);
roleScope = LDAPUtils.getSearchScope(CollectionHelper.getMapAttr(configParams, LDAP_ROLE_SEARCH_SCOPE), SearchScope.WHOLE_SUBTREE);
if (configParams.containsKey(LDAP_ADAM_TYPE)) {
helper = new ADAMHelper();
} else if (configParams.containsKey(LDAP_AD_TYPE)) {
helper = new ADHelper();
} else {
helper = new DirectoryHelper();
}
if (DEBUG.messageEnabled()) {
DEBUG.message("IdRepo configuration:\n" + IdRepoUtils.getAttrMapWithoutPasswordAttrs(configMap, asSet(LDAP_SERVER_PASSWORD)));
}
}
Aggregations