|
|
|
@ -20,6 +20,7 @@ import javax.naming.directory.SearchResult;
|
|
|
|
|
import org.gcube.common.portal.PortalContext;
|
|
|
|
|
import org.gcube.vomanagement.usermanagement.GroupManager;
|
|
|
|
|
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
|
|
|
|
|
import org.gcube.vomanagement.usermanagement.impl.LiferayUserManager;
|
|
|
|
|
import org.gcube.vomanagement.usermanagement.model.GCubeGroup;
|
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
@ -37,12 +38,15 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
private static final String USER_CONTEXT = ",ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org";
|
|
|
|
|
private static final String DEFAULT_GID_NUMBER = "1000";
|
|
|
|
|
|
|
|
|
|
private static final String SSH_PUBLIC_KEY_ATTR = "SSH-public-key";
|
|
|
|
|
|
|
|
|
|
private String ldapUrl;
|
|
|
|
|
private String filter;
|
|
|
|
|
private String principal;
|
|
|
|
|
private String pwd;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public LDAPSync(String ldapUrl, String filter, String principal, String pwd) {
|
|
|
|
|
this.ldapUrl = ldapUrl;
|
|
|
|
|
this.filter = filter;
|
|
|
|
@ -106,7 +110,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
} catch (NamingException e) {
|
|
|
|
|
_log.error("Something went Wrong during LDAP Sync in Exporting to LDAP");
|
|
|
|
|
e.printStackTrace();
|
|
|
|
|
} catch (SystemException es) {
|
|
|
|
|
} catch (Exception es) {
|
|
|
|
|
_log.error("Something went Wrong during LDAP Sync in retrieving Liferay Organization");
|
|
|
|
|
es.printStackTrace();
|
|
|
|
|
}
|
|
|
|
@ -200,9 +204,16 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private void exportSingleUsers(DirContext ctx, Properties env, List<User> users) throws NamingException {
|
|
|
|
|
private void exportSingleUsers(DirContext ctx, Properties env, List<User> users) throws Exception {
|
|
|
|
|
for (User user : users) {
|
|
|
|
|
updateUserInLDAP(user.getScreenName(), user.getFirstName(), user.getLastName(), user.getFullName(), user.getEmailAddress(), "{SHA}"+user.getPassword(), ctx, filter);
|
|
|
|
|
String lastName = "NoLastNameEntered";
|
|
|
|
|
if (user.getLastName() != null && user.getLastName().compareTo("") != 0)
|
|
|
|
|
lastName = user.getLastName();
|
|
|
|
|
|
|
|
|
|
_log.debug("Trying read sshPublicKey for " + user.getScreenName());
|
|
|
|
|
String sshPublicKey = new LiferayUserManager().readCustomAttr(user.getUserId(), SSH_PUBLIC_KEY_ATTR).toString();
|
|
|
|
|
|
|
|
|
|
updateUserInLDAP(user.getScreenName(), user.getFirstName(), lastName, user.getFullName(), user.getEmailAddress(), "{SHA}"+user.getPassword(), sshPublicKey, ctx, filter);
|
|
|
|
|
_log.debug("Updated " + user.getScreenName());
|
|
|
|
|
}
|
|
|
|
|
_log.debug("LDAP Users Sync cycle done");
|
|
|
|
@ -338,11 +349,15 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
* @param ctx
|
|
|
|
|
* @throws NamingException
|
|
|
|
|
*/
|
|
|
|
|
private void updateUserInLDAP(String username, String name, String lastName, String fullName, String email, String passwd, DirContext ctx, String filter) throws NamingException {
|
|
|
|
|
private void updateUserInLDAP(String username, String name, String lastName, String fullName, String email, String passwd, String sshPublicKey, DirContext ctx, String filter) throws NamingException {
|
|
|
|
|
Attributes attributes=new BasicAttributes();
|
|
|
|
|
Attribute objectClass=new BasicAttribute("objectClass");
|
|
|
|
|
objectClass.add("inetOrgPerson");
|
|
|
|
|
objectClass.add("posixAccount");
|
|
|
|
|
objectClass.add("organizationalPerson");
|
|
|
|
|
objectClass.add("person");
|
|
|
|
|
objectClass.add("shadowAccount");
|
|
|
|
|
objectClass.add("ldapPublicKey");
|
|
|
|
|
attributes.put(objectClass);
|
|
|
|
|
|
|
|
|
|
//the main ldap server uses 'givenName' for the First name, 'cn' for "first name last name', 'sn' for the last name
|
|
|
|
@ -353,7 +368,9 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
Attribute userPassword = new BasicAttribute("userPassword");
|
|
|
|
|
Attribute gidNumber = new BasicAttribute("gidNumber");
|
|
|
|
|
Attribute homeDirectory = new BasicAttribute("homeDirectory");
|
|
|
|
|
|
|
|
|
|
Attribute shell = new BasicAttribute("loginShell");
|
|
|
|
|
Attribute sshPublicKeyAttr = new BasicAttribute("sshPublicKey");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
givenName.add(name);
|
|
|
|
|
cn.add(fullName);
|
|
|
|
@ -362,7 +379,9 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
userPassword.add(passwd);
|
|
|
|
|
gidNumber.add(DEFAULT_GID_NUMBER);
|
|
|
|
|
homeDirectory.add("/home/"+username);
|
|
|
|
|
|
|
|
|
|
shell.add("/bin/bash");
|
|
|
|
|
sshPublicKeyAttr.add(sshPublicKey);
|
|
|
|
|
|
|
|
|
|
attributes.put(givenName);
|
|
|
|
|
attributes.put(cn);
|
|
|
|
|
attributes.put(sn);
|
|
|
|
@ -370,8 +389,8 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
attributes.put(userPassword);
|
|
|
|
|
attributes.put(gidNumber);
|
|
|
|
|
attributes.put(homeDirectory);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
attributes.put(shell);
|
|
|
|
|
attributes.put(sshPublicKeyAttr);
|
|
|
|
|
|
|
|
|
|
if (checkIfLDAPUserExists(username, ctx, filter)) {
|
|
|
|
|
//_log.debug("User " + username + " already exists, replacing attributes");
|
|
|
|
|