ready to be deployed
git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portal/ldap-export-servlet@120587 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
e153c9bc50
commit
4faa195280
|
@ -35,6 +35,8 @@ public class LDAPSync implements Runnable {
|
|||
|
||||
private static final String LDAP_ORG_FILTER = "(objectClass=organizationalUnit)";
|
||||
private static final String LDAP_GROUP_FILTER = "(objectClass=posixGroup)";
|
||||
private static final String USER_CONTEXT = ",ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org";
|
||||
private static final String DEFAULT_GID_NUMBER = "1000";
|
||||
|
||||
private String ldapUrl;
|
||||
private String filter;
|
||||
|
@ -102,12 +104,13 @@ public class LDAPSync implements Runnable {
|
|||
try {
|
||||
DirContext ctx = new InitialDirContext(env);
|
||||
_log.debug("Initiating LDAP Sync ...");
|
||||
//update the whole list of users (uid="+username+",ou=People,o=Liferay,ou=Organizations,dc=d4science,dc=org")
|
||||
exportSingleUsers(ctx, env, users);
|
||||
createUsersOrganizationalUnit(ctx);
|
||||
|
||||
//crate or update the whole list of organizations (objectClass=organizationalUnit, ou="+orgName+",dc=d4science,dc=org) and groups ( objectClass=top and POSIXGroup)
|
||||
updateGroups(ctx, rootVO);
|
||||
|
||||
updateGroups(ctx, rootVO);
|
||||
//and update the users list
|
||||
exportSingleUsers(ctx, env, users);
|
||||
} catch (NamingException e) {
|
||||
_log.error("Something went Wrong during LDAP Sync in Exporting to LDAP");
|
||||
e.printStackTrace();
|
||||
|
@ -117,6 +120,49 @@ public class LDAPSync implements Runnable {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* create the following: ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org
|
||||
* @param ctx
|
||||
* @throws NamingException
|
||||
*/
|
||||
private void createUsersOrganizationalUnit(DirContext ctx) throws NamingException {
|
||||
if (!checkIfLDAPOrganizationalUnitExists(ctx, "ou=Organizations,dc=d4science,dc=org")) {
|
||||
Attributes attributes = new BasicAttributes();
|
||||
Attribute objectClass = new BasicAttribute("objectClass");
|
||||
objectClass.add("organizationalUnit");
|
||||
attributes.put(objectClass);
|
||||
|
||||
Attribute description = new BasicAttribute("description");
|
||||
description.add("Where to find users");
|
||||
attributes.put(description);
|
||||
// private static final String USER_CONTEXT = ",";
|
||||
ctx.createSubcontext("ou=Organizations,dc=d4science,dc=org", attributes);
|
||||
|
||||
attributes = new BasicAttributes();
|
||||
objectClass = new BasicAttribute("objectClass");
|
||||
objectClass.add("Organization");
|
||||
attributes.put(objectClass);
|
||||
description.add("Default Organization");
|
||||
ctx.createSubcontext("o=D4Science,ou=Organizations,dc=d4science,dc=org", attributes);
|
||||
|
||||
attributes = new BasicAttributes();
|
||||
objectClass = new BasicAttribute("objectClass");
|
||||
objectClass.add("organizationalUnit");
|
||||
attributes.put(objectClass);
|
||||
description.add("People Org Unit");
|
||||
ctx.createSubcontext("ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org", attributes);
|
||||
}
|
||||
else
|
||||
_log.info("ou=Organizations,dc=d4science,dc=org already present, skip");
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param ctx
|
||||
* @param root
|
||||
* @throws NamingException
|
||||
* @throws SystemException
|
||||
*/
|
||||
private void updateGroups(DirContext ctx, Organization root) throws NamingException, SystemException {
|
||||
String subCtx = getOrgSubContext(root.getName());
|
||||
if (!checkIfLDAPOrganizationalUnitExists(ctx, subCtx))
|
||||
|
@ -134,7 +180,14 @@ public class LDAPSync implements Runnable {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param ctx
|
||||
* @param vreSubCtx
|
||||
* @param vre
|
||||
* @throws NamingException
|
||||
* @throws SystemException
|
||||
*/
|
||||
private void updateUsersInGroup(DirContext ctx, String vreSubCtx, Organization vre) throws NamingException, SystemException {
|
||||
List<User> users = UserLocalServiceUtil.getOrganizationUsers(vre.getOrganizationId());
|
||||
for (User userObj : users) {
|
||||
|
@ -206,7 +259,7 @@ public class LDAPSync implements Runnable {
|
|||
attributes.put(cn);
|
||||
|
||||
Attribute gidNumber = new BasicAttribute("gidNumber");
|
||||
gidNumber.add(getRandomPOSIXidentifier(ctx));
|
||||
gidNumber.add(String.valueOf(getRandomPOSIXidentifier()));
|
||||
attributes.put(gidNumber);
|
||||
|
||||
ctx.createSubcontext(subContext, attributes);
|
||||
|
@ -262,7 +315,7 @@ public class LDAPSync implements Runnable {
|
|||
* @return the single user subContext
|
||||
*/
|
||||
private String getSubContext(String username) {
|
||||
return "uid="+username+",ou=People,o=Liferay,ou=Organizations,dc=d4science,dc=org";
|
||||
return "uid="+username+USER_CONTEXT;
|
||||
}
|
||||
/**
|
||||
*
|
||||
|
@ -297,6 +350,7 @@ public class LDAPSync implements Runnable {
|
|||
Attributes attributes=new BasicAttributes();
|
||||
Attribute objectClass=new BasicAttribute("objectClass");
|
||||
objectClass.add("inetOrgPerson");
|
||||
objectClass.add("posixAccount");
|
||||
attributes.put(objectClass);
|
||||
|
||||
//the main ldap server uses 'givenName' for the First name, 'cn' for "first name last name', 'sn' for the last name
|
||||
|
@ -305,24 +359,43 @@ public class LDAPSync implements Runnable {
|
|||
Attribute sn = new BasicAttribute("sn");
|
||||
Attribute mail = new BasicAttribute("mail");
|
||||
Attribute userPassword = new BasicAttribute("userPassword");
|
||||
Attribute gidNumber = new BasicAttribute("gidNumber");
|
||||
Attribute homeDirectory = new BasicAttribute("homeDirectory");
|
||||
|
||||
|
||||
givenName.add(name);
|
||||
cn.add(fullName);
|
||||
sn.add(lastName);
|
||||
mail.add(email);
|
||||
userPassword.add(passwd);
|
||||
gidNumber.add(DEFAULT_GID_NUMBER);
|
||||
homeDirectory.add("/home/"+username);
|
||||
|
||||
attributes.put(givenName);
|
||||
attributes.put(cn);
|
||||
attributes.put(sn);
|
||||
attributes.put(mail);
|
||||
attributes.put(userPassword);
|
||||
attributes.put(gidNumber);
|
||||
attributes.put(homeDirectory);
|
||||
|
||||
|
||||
|
||||
if (checkIfLDAPUserExists(username, ctx, filter)) {
|
||||
//_log.debug("User " + username + " already exists, replacing attributes");
|
||||
ctx.modifyAttributes(getSubContext(username), DirContext.REPLACE_ATTRIBUTE, attributes);
|
||||
_log.debug("Updated attributes for already existing user with uid=" + username);
|
||||
}
|
||||
else {
|
||||
int n = getRandomPOSIXidentifier();
|
||||
while (checkIfPosixUidNumberExists(ctx, n)) {
|
||||
_log.info("Found collision on UidNumber="+n);
|
||||
n = getRandomPOSIXidentifier();
|
||||
_log.info("Trying newone="+n);
|
||||
}
|
||||
Attribute uidNumber = new BasicAttribute("uidNumber");
|
||||
attributes.put(uidNumber);
|
||||
uidNumber.add(String.valueOf(n));
|
||||
ctx.createSubcontext(getSubContext(username),attributes);
|
||||
_log.debug("New User Found with uid=" + username + " created");
|
||||
}
|
||||
|
@ -350,11 +423,28 @@ public class LDAPSync implements Runnable {
|
|||
*
|
||||
* @return an integer between 1000 and 2147483647
|
||||
*/
|
||||
private String getRandomPOSIXidentifier(DirContext ctx) {
|
||||
private int getRandomPOSIXidentifier() {
|
||||
final int Low = 1000;
|
||||
final int High = 2147483647;
|
||||
Random r = new Random();
|
||||
int toReturn = r.nextInt(High-Low) + Low;
|
||||
return toReturn+"";
|
||||
return toReturn;
|
||||
}
|
||||
|
||||
|
||||
private boolean checkIfPosixUidNumberExists(DirContext ctx, int numberToCheck) {
|
||||
SearchControls ctls = new SearchControls();
|
||||
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
||||
NamingEnumeration<SearchResult> answer;
|
||||
try {
|
||||
answer = ctx.search("ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org", "(uidNumber="+numberToCheck+")", ctls);
|
||||
} catch (NamingException e) {
|
||||
_log.info("exception");
|
||||
return false;
|
||||
}
|
||||
|
||||
boolean toReturn = answer.hasMoreElements();
|
||||
_log.info("return " + toReturn);
|
||||
return toReturn;
|
||||
}
|
||||
}
|
||||
|
|
Reference in New Issue