use of org.springframework.ldap.core.AttributesMapperCallbackHandler in project gocd by gocd.
the class LdapUserSearch method search.
public List<User> search(String username, LdapConfig ldapConfig) {
if (ldapConfig.getBasesConfig().isEmpty()) {
throw new RuntimeException("Atleast one Search Base needs to be configured.");
}
OrFilter filter = new OrFilter();
String searchString = MessageFormat.format("*{0}*", username);
filter.or(new LikeFilter(SAM_ACCOUNT_NAME, searchString));
filter.or(new LikeFilter(UID, searchString));
filter.or(new LikeFilter(COMMON_NAME, searchString));
filter.or(new LikeFilter(MAIL_ID, searchString));
// This field is optional to search based on. Only for alias emails.
filter.or(new LikeFilter(ALIAS_EMAIL_ID, searchString));
//List ldapUserList = template.search(ldapConfig.searchBase(), filter.encode(), attributes);
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
controls.setCountLimit(MAX_RESULTS);
AttributesMapperCallbackHandler handler = getAttributesMapperCallbackHandler();
for (BaseConfig baseConfig : ldapConfig.getBasesConfig()) {
try {
ldapTemplate.search(baseConfig.getValue(), filter.encode(), controls, handler);
} catch (org.springframework.ldap.LimitExceededException e) {
throw new NotAllResultsShownException(buildUserList(handler.getList()));
}
}
return buildUserList(handler.getList());
}
use of org.springframework.ldap.core.AttributesMapperCallbackHandler in project gocd by gocd.
the class LdapUserSearchTest method shouldFilterForMatchingUsernamesInMultipleBases.
@Test
public void shouldFilterForMatchingUsernamesInMultipleBases() throws Exception {
AttributesMapperCallbackHandler handler = mock(AttributesMapperCallbackHandler.class);
doReturn(handler).when(spy).getAttributesMapperCallbackHandler();
when(handler.getList()).thenReturn(Arrays.asList());
spy.search("username", ldapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2"))));
verify(handler).getList();
verify(ldapTemplate).search(argThat(is("base1")), anyString(), any(SearchControls.class), eq(handler));
verify(ldapTemplate).search(argThat(is("base2")), anyString(), any(SearchControls.class), eq(handler));
}
use of org.springframework.ldap.core.AttributesMapperCallbackHandler in project spring-security by spring-projects.
the class LdapUserDetailsManager method getUserAuthorities.
/**
* @param dn the distinguished name of the entry - may be either relative to the base
* context or a complete DN including the name of the context (either is supported).
* @param username the user whose roles are required.
* @return the granted authorities returned by the group search
*/
@SuppressWarnings("unchecked")
List<GrantedAuthority> getUserAuthorities(final DistinguishedName dn, final String username) {
SearchExecutor se = (ctx) -> {
DistinguishedName fullDn = LdapUtils.getFullDn(dn, ctx);
SearchControls ctrls = new SearchControls();
ctrls.setReturningAttributes(new String[] { this.groupRoleAttributeName });
return ctx.search(this.groupSearchBase, this.groupSearchFilter, new String[] { fullDn.toUrl(), username }, ctrls);
};
AttributesMapperCallbackHandler roleCollector = new AttributesMapperCallbackHandler(this.roleMapper);
this.template.search(se, roleCollector);
return roleCollector.getList();
}
Aggregations