ready to be deployed

git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portal/ldap-export-servlet@120587 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Massimiliano Assante 2015-12-03 17:03:28 +00:00
parent e153c9bc50
commit 4faa195280
1 changed files with 99 additions and 9 deletions

View File

@ -35,6 +35,8 @@ public class LDAPSync implements Runnable {
private static final String LDAP_ORG_FILTER = "(objectClass=organizationalUnit)"; private static final String LDAP_ORG_FILTER = "(objectClass=organizationalUnit)";
private static final String LDAP_GROUP_FILTER = "(objectClass=posixGroup)"; private static final String LDAP_GROUP_FILTER = "(objectClass=posixGroup)";
private static final String USER_CONTEXT = ",ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org";
private static final String DEFAULT_GID_NUMBER = "1000";
private String ldapUrl; private String ldapUrl;
private String filter; private String filter;
@ -102,12 +104,13 @@ public class LDAPSync implements Runnable {
try { try {
DirContext ctx = new InitialDirContext(env); DirContext ctx = new InitialDirContext(env);
_log.debug("Initiating LDAP Sync ..."); _log.debug("Initiating LDAP Sync ...");
//update the whole list of users (uid="+username+",ou=People,o=Liferay,ou=Organizations,dc=d4science,dc=org") createUsersOrganizationalUnit(ctx);
exportSingleUsers(ctx, env, users);
//crate or update the whole list of organizations (objectClass=organizationalUnit, ou="+orgName+",dc=d4science,dc=org) and groups ( objectClass=top and POSIXGroup) //crate or update the whole list of organizations (objectClass=organizationalUnit, ou="+orgName+",dc=d4science,dc=org) and groups ( objectClass=top and POSIXGroup)
updateGroups(ctx, rootVO); updateGroups(ctx, rootVO);
//and update the users list
exportSingleUsers(ctx, env, users);
} catch (NamingException e) { } catch (NamingException e) {
_log.error("Something went Wrong during LDAP Sync in Exporting to LDAP"); _log.error("Something went Wrong during LDAP Sync in Exporting to LDAP");
e.printStackTrace(); e.printStackTrace();
@ -116,7 +119,50 @@ public class LDAPSync implements Runnable {
es.printStackTrace(); es.printStackTrace();
} }
} }
/**
* create the following: ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org
* @param ctx
* @throws NamingException
*/
private void createUsersOrganizationalUnit(DirContext ctx) throws NamingException {
if (!checkIfLDAPOrganizationalUnitExists(ctx, "ou=Organizations,dc=d4science,dc=org")) {
Attributes attributes = new BasicAttributes();
Attribute objectClass = new BasicAttribute("objectClass");
objectClass.add("organizationalUnit");
attributes.put(objectClass);
Attribute description = new BasicAttribute("description");
description.add("Where to find users");
attributes.put(description);
// private static final String USER_CONTEXT = ",";
ctx.createSubcontext("ou=Organizations,dc=d4science,dc=org", attributes);
attributes = new BasicAttributes();
objectClass = new BasicAttribute("objectClass");
objectClass.add("Organization");
attributes.put(objectClass);
description.add("Default Organization");
ctx.createSubcontext("o=D4Science,ou=Organizations,dc=d4science,dc=org", attributes);
attributes = new BasicAttributes();
objectClass = new BasicAttribute("objectClass");
objectClass.add("organizationalUnit");
attributes.put(objectClass);
description.add("People Org Unit");
ctx.createSubcontext("ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org", attributes);
}
else
_log.info("ou=Organizations,dc=d4science,dc=org already present, skip");
}
/**
*
* @param ctx
* @param root
* @throws NamingException
* @throws SystemException
*/
private void updateGroups(DirContext ctx, Organization root) throws NamingException, SystemException { private void updateGroups(DirContext ctx, Organization root) throws NamingException, SystemException {
String subCtx = getOrgSubContext(root.getName()); String subCtx = getOrgSubContext(root.getName());
if (!checkIfLDAPOrganizationalUnitExists(ctx, subCtx)) if (!checkIfLDAPOrganizationalUnitExists(ctx, subCtx))
@ -134,7 +180,14 @@ public class LDAPSync implements Runnable {
} }
} }
} }
/**
*
* @param ctx
* @param vreSubCtx
* @param vre
* @throws NamingException
* @throws SystemException
*/
private void updateUsersInGroup(DirContext ctx, String vreSubCtx, Organization vre) throws NamingException, SystemException { private void updateUsersInGroup(DirContext ctx, String vreSubCtx, Organization vre) throws NamingException, SystemException {
List<User> users = UserLocalServiceUtil.getOrganizationUsers(vre.getOrganizationId()); List<User> users = UserLocalServiceUtil.getOrganizationUsers(vre.getOrganizationId());
for (User userObj : users) { for (User userObj : users) {
@ -206,7 +259,7 @@ public class LDAPSync implements Runnable {
attributes.put(cn); attributes.put(cn);
Attribute gidNumber = new BasicAttribute("gidNumber"); Attribute gidNumber = new BasicAttribute("gidNumber");
gidNumber.add(getRandomPOSIXidentifier(ctx)); gidNumber.add(String.valueOf(getRandomPOSIXidentifier()));
attributes.put(gidNumber); attributes.put(gidNumber);
ctx.createSubcontext(subContext, attributes); ctx.createSubcontext(subContext, attributes);
@ -262,7 +315,7 @@ public class LDAPSync implements Runnable {
* @return the single user subContext * @return the single user subContext
*/ */
private String getSubContext(String username) { private String getSubContext(String username) {
return "uid="+username+",ou=People,o=Liferay,ou=Organizations,dc=d4science,dc=org"; return "uid="+username+USER_CONTEXT;
} }
/** /**
* *
@ -297,6 +350,7 @@ public class LDAPSync implements Runnable {
Attributes attributes=new BasicAttributes(); Attributes attributes=new BasicAttributes();
Attribute objectClass=new BasicAttribute("objectClass"); Attribute objectClass=new BasicAttribute("objectClass");
objectClass.add("inetOrgPerson"); objectClass.add("inetOrgPerson");
objectClass.add("posixAccount");
attributes.put(objectClass); attributes.put(objectClass);
//the main ldap server uses 'givenName' for the First name, 'cn' for "first name last name', 'sn' for the last name //the main ldap server uses 'givenName' for the First name, 'cn' for "first name last name', 'sn' for the last name
@ -305,24 +359,43 @@ public class LDAPSync implements Runnable {
Attribute sn = new BasicAttribute("sn"); Attribute sn = new BasicAttribute("sn");
Attribute mail = new BasicAttribute("mail"); Attribute mail = new BasicAttribute("mail");
Attribute userPassword = new BasicAttribute("userPassword"); Attribute userPassword = new BasicAttribute("userPassword");
Attribute gidNumber = new BasicAttribute("gidNumber");
Attribute homeDirectory = new BasicAttribute("homeDirectory");
givenName.add(name); givenName.add(name);
cn.add(fullName); cn.add(fullName);
sn.add(lastName); sn.add(lastName);
mail.add(email); mail.add(email);
userPassword.add(passwd); userPassword.add(passwd);
gidNumber.add(DEFAULT_GID_NUMBER);
homeDirectory.add("/home/"+username);
attributes.put(givenName); attributes.put(givenName);
attributes.put(cn); attributes.put(cn);
attributes.put(sn); attributes.put(sn);
attributes.put(mail); attributes.put(mail);
attributes.put(userPassword); attributes.put(userPassword);
attributes.put(gidNumber);
attributes.put(homeDirectory);
if (checkIfLDAPUserExists(username, ctx, filter)) { if (checkIfLDAPUserExists(username, ctx, filter)) {
//_log.debug("User " + username + " already exists, replacing attributes"); //_log.debug("User " + username + " already exists, replacing attributes");
ctx.modifyAttributes(getSubContext(username), DirContext.REPLACE_ATTRIBUTE, attributes); ctx.modifyAttributes(getSubContext(username), DirContext.REPLACE_ATTRIBUTE, attributes);
_log.debug("Updated attributes for already existing user with uid=" + username);
} }
else { else {
int n = getRandomPOSIXidentifier();
while (checkIfPosixUidNumberExists(ctx, n)) {
_log.info("Found collision on UidNumber="+n);
n = getRandomPOSIXidentifier();
_log.info("Trying newone="+n);
}
Attribute uidNumber = new BasicAttribute("uidNumber");
attributes.put(uidNumber);
uidNumber.add(String.valueOf(n));
ctx.createSubcontext(getSubContext(username),attributes); ctx.createSubcontext(getSubContext(username),attributes);
_log.debug("New User Found with uid=" + username + " created"); _log.debug("New User Found with uid=" + username + " created");
} }
@ -350,11 +423,28 @@ public class LDAPSync implements Runnable {
* *
* @return an integer between 1000 and 2147483647 * @return an integer between 1000 and 2147483647
*/ */
private String getRandomPOSIXidentifier(DirContext ctx) { private int getRandomPOSIXidentifier() {
final int Low = 1000; final int Low = 1000;
final int High = 2147483647; final int High = 2147483647;
Random r = new Random(); Random r = new Random();
int toReturn = r.nextInt(High-Low) + Low; int toReturn = r.nextInt(High-Low) + Low;
return toReturn+""; return toReturn;
}
private boolean checkIfPosixUidNumberExists(DirContext ctx, int numberToCheck) {
SearchControls ctls = new SearchControls();
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration<SearchResult> answer;
try {
answer = ctx.search("ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org", "(uidNumber="+numberToCheck+")", ctls);
} catch (NamingException e) {
_log.info("exception");
return false;
}
boolean toReturn = answer.hasMoreElements();
_log.info("return " + toReturn);
return toReturn;
} }
} }