ready to be deployed
git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portal/ldap-export-servlet@120587 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
e153c9bc50
commit
4faa195280
|
@ -35,6 +35,8 @@ public class LDAPSync implements Runnable {
|
||||||
|
|
||||||
private static final String LDAP_ORG_FILTER = "(objectClass=organizationalUnit)";
|
private static final String LDAP_ORG_FILTER = "(objectClass=organizationalUnit)";
|
||||||
private static final String LDAP_GROUP_FILTER = "(objectClass=posixGroup)";
|
private static final String LDAP_GROUP_FILTER = "(objectClass=posixGroup)";
|
||||||
|
private static final String USER_CONTEXT = ",ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org";
|
||||||
|
private static final String DEFAULT_GID_NUMBER = "1000";
|
||||||
|
|
||||||
private String ldapUrl;
|
private String ldapUrl;
|
||||||
private String filter;
|
private String filter;
|
||||||
|
@ -102,12 +104,13 @@ public class LDAPSync implements Runnable {
|
||||||
try {
|
try {
|
||||||
DirContext ctx = new InitialDirContext(env);
|
DirContext ctx = new InitialDirContext(env);
|
||||||
_log.debug("Initiating LDAP Sync ...");
|
_log.debug("Initiating LDAP Sync ...");
|
||||||
//update the whole list of users (uid="+username+",ou=People,o=Liferay,ou=Organizations,dc=d4science,dc=org")
|
createUsersOrganizationalUnit(ctx);
|
||||||
exportSingleUsers(ctx, env, users);
|
|
||||||
|
|
||||||
//crate or update the whole list of organizations (objectClass=organizationalUnit, ou="+orgName+",dc=d4science,dc=org) and groups ( objectClass=top and POSIXGroup)
|
//crate or update the whole list of organizations (objectClass=organizationalUnit, ou="+orgName+",dc=d4science,dc=org) and groups ( objectClass=top and POSIXGroup)
|
||||||
|
|
||||||
updateGroups(ctx, rootVO);
|
updateGroups(ctx, rootVO);
|
||||||
|
//and update the users list
|
||||||
|
exportSingleUsers(ctx, env, users);
|
||||||
} catch (NamingException e) {
|
} catch (NamingException e) {
|
||||||
_log.error("Something went Wrong during LDAP Sync in Exporting to LDAP");
|
_log.error("Something went Wrong during LDAP Sync in Exporting to LDAP");
|
||||||
e.printStackTrace();
|
e.printStackTrace();
|
||||||
|
@ -116,7 +119,50 @@ public class LDAPSync implements Runnable {
|
||||||
es.printStackTrace();
|
es.printStackTrace();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* create the following: ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org
|
||||||
|
* @param ctx
|
||||||
|
* @throws NamingException
|
||||||
|
*/
|
||||||
|
private void createUsersOrganizationalUnit(DirContext ctx) throws NamingException {
|
||||||
|
if (!checkIfLDAPOrganizationalUnitExists(ctx, "ou=Organizations,dc=d4science,dc=org")) {
|
||||||
|
Attributes attributes = new BasicAttributes();
|
||||||
|
Attribute objectClass = new BasicAttribute("objectClass");
|
||||||
|
objectClass.add("organizationalUnit");
|
||||||
|
attributes.put(objectClass);
|
||||||
|
|
||||||
|
Attribute description = new BasicAttribute("description");
|
||||||
|
description.add("Where to find users");
|
||||||
|
attributes.put(description);
|
||||||
|
// private static final String USER_CONTEXT = ",";
|
||||||
|
ctx.createSubcontext("ou=Organizations,dc=d4science,dc=org", attributes);
|
||||||
|
|
||||||
|
attributes = new BasicAttributes();
|
||||||
|
objectClass = new BasicAttribute("objectClass");
|
||||||
|
objectClass.add("Organization");
|
||||||
|
attributes.put(objectClass);
|
||||||
|
description.add("Default Organization");
|
||||||
|
ctx.createSubcontext("o=D4Science,ou=Organizations,dc=d4science,dc=org", attributes);
|
||||||
|
|
||||||
|
attributes = new BasicAttributes();
|
||||||
|
objectClass = new BasicAttribute("objectClass");
|
||||||
|
objectClass.add("organizationalUnit");
|
||||||
|
attributes.put(objectClass);
|
||||||
|
description.add("People Org Unit");
|
||||||
|
ctx.createSubcontext("ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org", attributes);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
_log.info("ou=Organizations,dc=d4science,dc=org already present, skip");
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @param ctx
|
||||||
|
* @param root
|
||||||
|
* @throws NamingException
|
||||||
|
* @throws SystemException
|
||||||
|
*/
|
||||||
private void updateGroups(DirContext ctx, Organization root) throws NamingException, SystemException {
|
private void updateGroups(DirContext ctx, Organization root) throws NamingException, SystemException {
|
||||||
String subCtx = getOrgSubContext(root.getName());
|
String subCtx = getOrgSubContext(root.getName());
|
||||||
if (!checkIfLDAPOrganizationalUnitExists(ctx, subCtx))
|
if (!checkIfLDAPOrganizationalUnitExists(ctx, subCtx))
|
||||||
|
@ -134,7 +180,14 @@ public class LDAPSync implements Runnable {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @param ctx
|
||||||
|
* @param vreSubCtx
|
||||||
|
* @param vre
|
||||||
|
* @throws NamingException
|
||||||
|
* @throws SystemException
|
||||||
|
*/
|
||||||
private void updateUsersInGroup(DirContext ctx, String vreSubCtx, Organization vre) throws NamingException, SystemException {
|
private void updateUsersInGroup(DirContext ctx, String vreSubCtx, Organization vre) throws NamingException, SystemException {
|
||||||
List<User> users = UserLocalServiceUtil.getOrganizationUsers(vre.getOrganizationId());
|
List<User> users = UserLocalServiceUtil.getOrganizationUsers(vre.getOrganizationId());
|
||||||
for (User userObj : users) {
|
for (User userObj : users) {
|
||||||
|
@ -206,7 +259,7 @@ public class LDAPSync implements Runnable {
|
||||||
attributes.put(cn);
|
attributes.put(cn);
|
||||||
|
|
||||||
Attribute gidNumber = new BasicAttribute("gidNumber");
|
Attribute gidNumber = new BasicAttribute("gidNumber");
|
||||||
gidNumber.add(getRandomPOSIXidentifier(ctx));
|
gidNumber.add(String.valueOf(getRandomPOSIXidentifier()));
|
||||||
attributes.put(gidNumber);
|
attributes.put(gidNumber);
|
||||||
|
|
||||||
ctx.createSubcontext(subContext, attributes);
|
ctx.createSubcontext(subContext, attributes);
|
||||||
|
@ -262,7 +315,7 @@ public class LDAPSync implements Runnable {
|
||||||
* @return the single user subContext
|
* @return the single user subContext
|
||||||
*/
|
*/
|
||||||
private String getSubContext(String username) {
|
private String getSubContext(String username) {
|
||||||
return "uid="+username+",ou=People,o=Liferay,ou=Organizations,dc=d4science,dc=org";
|
return "uid="+username+USER_CONTEXT;
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
|
@ -297,6 +350,7 @@ public class LDAPSync implements Runnable {
|
||||||
Attributes attributes=new BasicAttributes();
|
Attributes attributes=new BasicAttributes();
|
||||||
Attribute objectClass=new BasicAttribute("objectClass");
|
Attribute objectClass=new BasicAttribute("objectClass");
|
||||||
objectClass.add("inetOrgPerson");
|
objectClass.add("inetOrgPerson");
|
||||||
|
objectClass.add("posixAccount");
|
||||||
attributes.put(objectClass);
|
attributes.put(objectClass);
|
||||||
|
|
||||||
//the main ldap server uses 'givenName' for the First name, 'cn' for "first name last name', 'sn' for the last name
|
//the main ldap server uses 'givenName' for the First name, 'cn' for "first name last name', 'sn' for the last name
|
||||||
|
@ -305,24 +359,43 @@ public class LDAPSync implements Runnable {
|
||||||
Attribute sn = new BasicAttribute("sn");
|
Attribute sn = new BasicAttribute("sn");
|
||||||
Attribute mail = new BasicAttribute("mail");
|
Attribute mail = new BasicAttribute("mail");
|
||||||
Attribute userPassword = new BasicAttribute("userPassword");
|
Attribute userPassword = new BasicAttribute("userPassword");
|
||||||
|
Attribute gidNumber = new BasicAttribute("gidNumber");
|
||||||
|
Attribute homeDirectory = new BasicAttribute("homeDirectory");
|
||||||
|
|
||||||
|
|
||||||
givenName.add(name);
|
givenName.add(name);
|
||||||
cn.add(fullName);
|
cn.add(fullName);
|
||||||
sn.add(lastName);
|
sn.add(lastName);
|
||||||
mail.add(email);
|
mail.add(email);
|
||||||
userPassword.add(passwd);
|
userPassword.add(passwd);
|
||||||
|
gidNumber.add(DEFAULT_GID_NUMBER);
|
||||||
|
homeDirectory.add("/home/"+username);
|
||||||
|
|
||||||
attributes.put(givenName);
|
attributes.put(givenName);
|
||||||
attributes.put(cn);
|
attributes.put(cn);
|
||||||
attributes.put(sn);
|
attributes.put(sn);
|
||||||
attributes.put(mail);
|
attributes.put(mail);
|
||||||
attributes.put(userPassword);
|
attributes.put(userPassword);
|
||||||
|
attributes.put(gidNumber);
|
||||||
|
attributes.put(homeDirectory);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
if (checkIfLDAPUserExists(username, ctx, filter)) {
|
if (checkIfLDAPUserExists(username, ctx, filter)) {
|
||||||
//_log.debug("User " + username + " already exists, replacing attributes");
|
//_log.debug("User " + username + " already exists, replacing attributes");
|
||||||
ctx.modifyAttributes(getSubContext(username), DirContext.REPLACE_ATTRIBUTE, attributes);
|
ctx.modifyAttributes(getSubContext(username), DirContext.REPLACE_ATTRIBUTE, attributes);
|
||||||
|
_log.debug("Updated attributes for already existing user with uid=" + username);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
int n = getRandomPOSIXidentifier();
|
||||||
|
while (checkIfPosixUidNumberExists(ctx, n)) {
|
||||||
|
_log.info("Found collision on UidNumber="+n);
|
||||||
|
n = getRandomPOSIXidentifier();
|
||||||
|
_log.info("Trying newone="+n);
|
||||||
|
}
|
||||||
|
Attribute uidNumber = new BasicAttribute("uidNumber");
|
||||||
|
attributes.put(uidNumber);
|
||||||
|
uidNumber.add(String.valueOf(n));
|
||||||
ctx.createSubcontext(getSubContext(username),attributes);
|
ctx.createSubcontext(getSubContext(username),attributes);
|
||||||
_log.debug("New User Found with uid=" + username + " created");
|
_log.debug("New User Found with uid=" + username + " created");
|
||||||
}
|
}
|
||||||
|
@ -350,11 +423,28 @@ public class LDAPSync implements Runnable {
|
||||||
*
|
*
|
||||||
* @return an integer between 1000 and 2147483647
|
* @return an integer between 1000 and 2147483647
|
||||||
*/
|
*/
|
||||||
private String getRandomPOSIXidentifier(DirContext ctx) {
|
private int getRandomPOSIXidentifier() {
|
||||||
final int Low = 1000;
|
final int Low = 1000;
|
||||||
final int High = 2147483647;
|
final int High = 2147483647;
|
||||||
Random r = new Random();
|
Random r = new Random();
|
||||||
int toReturn = r.nextInt(High-Low) + Low;
|
int toReturn = r.nextInt(High-Low) + Low;
|
||||||
return toReturn+"";
|
return toReturn;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
private boolean checkIfPosixUidNumberExists(DirContext ctx, int numberToCheck) {
|
||||||
|
SearchControls ctls = new SearchControls();
|
||||||
|
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
||||||
|
NamingEnumeration<SearchResult> answer;
|
||||||
|
try {
|
||||||
|
answer = ctx.search("ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org", "(uidNumber="+numberToCheck+")", ctls);
|
||||||
|
} catch (NamingException e) {
|
||||||
|
_log.info("exception");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
boolean toReturn = answer.hasMoreElements();
|
||||||
|
_log.info("return " + toReturn);
|
||||||
|
return toReturn;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Reference in New Issue