Initial import.
git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portal/ldap-export-servlet@120490 82a268e6-3cf1-43bd-a215-b396298e98cfmaster
parent
7892f564ba
commit
f0736212f1
@ -0,0 +1,32 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<classpath>
|
||||
<classpathentry kind="src" output="target/classes" path="src/main/java">
|
||||
<attributes>
|
||||
<attribute name="optional" value="true"/>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
|
||||
<attributes>
|
||||
<attribute name="optional" value="true"/>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.7">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="output" path="target/classes"/>
|
||||
</classpath>
|
@ -0,0 +1,42 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<projectDescription>
|
||||
<name>ldap-export-servlet</name>
|
||||
<comment></comment>
|
||||
<projects>
|
||||
</projects>
|
||||
<buildSpec>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.wst.jsdt.core.javascriptValidator</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.jdt.core.javabuilder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.wst.common.project.facet.core.builder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.wst.validation.validationbuilder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.m2e.core.maven2Builder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
</buildSpec>
|
||||
<natures>
|
||||
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
|
||||
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
|
||||
<nature>org.eclipse.jdt.core.javanature</nature>
|
||||
<nature>org.eclipse.m2e.core.maven2Nature</nature>
|
||||
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
|
||||
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
|
||||
</natures>
|
||||
</projectDescription>
|
@ -0,0 +1,13 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<classpath>
|
||||
<classpathentry kind="src" path="src/main/webapp"/>
|
||||
<classpathentry kind="src" path="target/m2e-wtp/web-resources"/>
|
||||
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.JRE_CONTAINER"/>
|
||||
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.WebProject">
|
||||
<attributes>
|
||||
<attribute name="hide" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.baseBrowserLibrary"/>
|
||||
<classpathentry kind="output" path=""/>
|
||||
</classpath>
|
@ -0,0 +1,4 @@
|
||||
eclipse.preferences.version=1
|
||||
encoding//src/main/java=UTF-8
|
||||
encoding//src/main/resources=UTF-8
|
||||
encoding/<project>=UTF-8
|
@ -0,0 +1,8 @@
|
||||
eclipse.preferences.version=1
|
||||
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
|
||||
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
|
||||
org.eclipse.jdt.core.compiler.compliance=1.7
|
||||
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
|
||||
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
|
||||
org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
|
||||
org.eclipse.jdt.core.compiler.source=1.7
|
@ -0,0 +1,4 @@
|
||||
activeProfiles=
|
||||
eclipse.preferences.version=1
|
||||
resolveWorkspaceProjects=true
|
||||
version=1
|
@ -0,0 +1,10 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
|
||||
<wb-module deploy-name="ldap-export-servlet">
|
||||
<wb-resource deploy-path="/" source-path="/target/m2e-wtp/web-resources"/>
|
||||
<wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
|
||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
|
||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
|
||||
<property name="context-root" value="ldap-export-servlet"/>
|
||||
<property name="java-output-path" value="/ldap-export-servlet/target/classes"/>
|
||||
</wb-module>
|
||||
</project-modules>
|
@ -0,0 +1,7 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<faceted-project>
|
||||
<fixed facet="wst.jsdt.web"/>
|
||||
<installed facet="jst.web" version="2.3"/>
|
||||
<installed facet="wst.jsdt.web" version="1.0"/>
|
||||
<installed facet="java" version="1.7"/>
|
||||
</faceted-project>
|
@ -0,0 +1 @@
|
||||
org.eclipse.wst.jsdt.launching.baseBrowserLibrary
|
@ -0,0 +1 @@
|
||||
Window
|
@ -0,0 +1,2 @@
|
||||
disabled=06target
|
||||
eclipse.preferences.version=1
|
@ -0,0 +1,180 @@
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
<parent>
|
||||
<artifactId>maven-parent</artifactId>
|
||||
<groupId>org.gcube.tools</groupId>
|
||||
<version>1.0.0</version>
|
||||
<relativePath />
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<groupId>org.gcube.portal</groupId>
|
||||
<artifactId>ldap-export-servlet</artifactId>
|
||||
<packaging>war</packaging>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
<name>ldap-export-servlet Maven Webapp</name>
|
||||
<url>http://maven.apache.org</url>
|
||||
<description>This component read periodically exports users and their groups in LDAP</description>
|
||||
<properties>
|
||||
<java-version>1.7</java-version>
|
||||
<liferay-version>6.0.6</liferay-version>
|
||||
<distroDirectory>${project.basedir}/distro</distroDirectory>
|
||||
<webappDirectory>${project.build.directory}/${project.build.finalName}</webappDirectory>
|
||||
<distroDirectory>distro</distroDirectory>
|
||||
|
||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
|
||||
|
||||
</properties>
|
||||
|
||||
<scm>
|
||||
<url>http://svn.d4science.research-infrastructures.eu/gcube/trunk/portal/${project.artifactId}</url>
|
||||
</scm>
|
||||
<dependencyManagement>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.gcube.distribution</groupId>
|
||||
<artifactId>maven-portal-bom</artifactId>
|
||||
<version>LATEST</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</dependencyManagement>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.gcube.common.portal</groupId>
|
||||
<artifactId>portal-manager</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.portal</groupId>
|
||||
<artifactId>custom-portal-handler</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.resources.discovery</groupId>
|
||||
<artifactId>ic-client</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.core</groupId>
|
||||
<artifactId>common-encryption</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.sun.mail</groupId>
|
||||
<artifactId>javax.mail</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.liferay.portal</groupId>
|
||||
<artifactId>portal-service</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>javax.portlet</groupId>
|
||||
<artifactId>portlet-api</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>javax.servlet</groupId>
|
||||
<artifactId>servlet-api</artifactId>
|
||||
<version>2.3</version>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>javax.servlet.jsp</groupId>
|
||||
<artifactId>jsp-api</artifactId>
|
||||
<version>2.0</version>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.slf4j</groupId>
|
||||
<artifactId>slf4j-api</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>junit</groupId>
|
||||
<artifactId>junit</artifactId>
|
||||
<version>3.8.1</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<finalName>ldap-export-servlet</finalName>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-war-plugin</artifactId>
|
||||
<version>2.1.1</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<phase>compile</phase>
|
||||
<goals>
|
||||
<goal>exploded</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
<configuration>
|
||||
<webappDirectory>${webappDirectory}</webappDirectory>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-compiler-plugin</artifactId>
|
||||
<version>2.3.2</version>
|
||||
<configuration>
|
||||
<source>1.7</source>
|
||||
<target>1.7</target>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<!-- SA Plugin -->
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-assembly-plugin</artifactId>
|
||||
<version>2.2</version>
|
||||
<configuration>
|
||||
<descriptors>
|
||||
<descriptor>${distroDirectory}/descriptor.xml</descriptor>
|
||||
</descriptors>
|
||||
</configuration>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>servicearchive</id>
|
||||
<phase>install</phase>
|
||||
<goals>
|
||||
<goal>single</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-resources-plugin</artifactId>
|
||||
<version>2.5</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>copy-profile</id>
|
||||
<phase>install</phase>
|
||||
<goals>
|
||||
<goal>copy-resources</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<outputDirectory>target</outputDirectory>
|
||||
<resources>
|
||||
<resource>
|
||||
<directory>${distroDirectory}</directory>
|
||||
<filtering>true</filtering>
|
||||
<includes>
|
||||
<include>profile.xml</include>
|
||||
</includes>
|
||||
</resource>
|
||||
</resources>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</project>
|
||||
|
||||
|
@ -0,0 +1,128 @@
|
||||
package org.gcube.portal.ldapexport;
|
||||
|
||||
import static org.gcube.resources.discovery.icclient.ICFactory.clientFor;
|
||||
import static org.gcube.resources.discovery.icclient.ICFactory.queryFor;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.Executors;
|
||||
import java.util.concurrent.ScheduledExecutorService;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.gcube.common.encryption.StringEncrypter;
|
||||
import org.gcube.common.portal.PortalContext;
|
||||
import org.gcube.common.resources.gcore.ServiceEndpoint;
|
||||
import org.gcube.common.resources.gcore.ServiceEndpoint.AccessPoint;
|
||||
import org.gcube.common.resources.gcore.ServiceEndpoint.Property;
|
||||
import org.gcube.common.resources.gcore.utils.Group;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.gcube.resources.discovery.client.api.DiscoveryClient;
|
||||
import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
||||
@SuppressWarnings("serial")
|
||||
public class LDAPExportService extends HttpServlet {
|
||||
|
||||
private static final Logger _log = LoggerFactory.getLogger(LDAPExportService.class);
|
||||
|
||||
private static final String LDAP_SERVER_NAME = "LDAPServer";
|
||||
private static final String LDAP_SERVER_FILTER_NAME = "filter";
|
||||
private static final String LDAP_SERVER_PRINCPAL_NAME = "ldapPrincipal";
|
||||
|
||||
private static final int LDAP_MINUTES_DELAY = 10;
|
||||
|
||||
private String portalName;
|
||||
private String ldapUrl;
|
||||
private String filter;
|
||||
private String principal;
|
||||
private String ldapPassword;
|
||||
|
||||
public void init() {
|
||||
portalName = PortalContext.getPortalInstanceName();
|
||||
|
||||
PortalContext context = PortalContext.getConfiguration();
|
||||
String scope = "/" + context.getInfrastructureName();
|
||||
ScopeProvider.instance.set(scope);
|
||||
|
||||
SimpleQuery query = queryFor(ServiceEndpoint.class);
|
||||
query.addCondition("$resource/Profile/Category/text() eq 'Portal'");
|
||||
query.addCondition("$resource/Profile/Name/text() eq '" + portalName + "'");
|
||||
|
||||
DiscoveryClient<ServiceEndpoint> client = clientFor(ServiceEndpoint.class);
|
||||
|
||||
List<ServiceEndpoint> list = client.submit(query);
|
||||
if (list == null || list.isEmpty()) {
|
||||
_log.error("Could not find any Service endpoint registred in the infrastructure for this portal: " + portalName);
|
||||
}
|
||||
else if (list.size() > 1) {
|
||||
_log.warn("Found more than one Service endpoint registred in the infrastructure for this portal: " + portalName);
|
||||
}
|
||||
else {
|
||||
for (ServiceEndpoint res : list) {
|
||||
Group<AccessPoint> apGroup = res.profile().accessPoints();
|
||||
AccessPoint[] accessPoints = (AccessPoint[]) apGroup.toArray(new AccessPoint[apGroup.size()]);
|
||||
for (int i = 0; i < accessPoints.length; i++) {
|
||||
if (accessPoints[i].name().compareTo(LDAP_SERVER_NAME) == 0) {
|
||||
_log.info("Found credentials for " + LDAP_SERVER_NAME);
|
||||
AccessPoint found = accessPoints[i];
|
||||
ldapUrl = found.address();
|
||||
String encrPassword = found.password();
|
||||
try {
|
||||
ldapPassword = StringEncrypter.getEncrypter().decrypt( encrPassword);
|
||||
} catch (Exception e) {
|
||||
_log.error("Something went wrong while decrypting password for " + LDAP_SERVER_NAME);
|
||||
e.printStackTrace();
|
||||
}
|
||||
Group<Property> propGroup = found.properties();
|
||||
Property[] props = (Property[]) propGroup.toArray(new Property[propGroup.size()]);
|
||||
for (int j = 0; j < props.length; j++) {
|
||||
if (props[j].name().compareTo(LDAP_SERVER_FILTER_NAME) == 0) {
|
||||
_log.info("\tFound properties of " + LDAP_SERVER_FILTER_NAME);
|
||||
String encrValue = props[j].value();
|
||||
System.out.println("Filter encrypted = " + encrValue);
|
||||
try {
|
||||
filter = StringEncrypter.getEncrypter().decrypt(encrValue);
|
||||
} catch (Exception e) {
|
||||
_log.error("Something went wrong while decrypting value for " + LDAP_SERVER_FILTER_NAME);
|
||||
e.printStackTrace();
|
||||
}
|
||||
}
|
||||
else if (props[j].name().compareTo(LDAP_SERVER_PRINCPAL_NAME) == 0) {
|
||||
_log.info("\tFound properties of " + LDAP_SERVER_PRINCPAL_NAME);
|
||||
String encrValue = props[j].value();
|
||||
try {
|
||||
principal = StringEncrypter.getEncrypter().decrypt(encrValue);
|
||||
} catch (Exception e) {
|
||||
_log.error("Something went wrong while decrypting value for " + LDAP_SERVER_PRINCPAL_NAME);
|
||||
e.printStackTrace();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
||||
|
||||
ScheduledExecutorService ldapScheduler = Executors.newScheduledThreadPool(1);
|
||||
ldapScheduler.scheduleAtFixedRate(new LDAPSync(ldapUrl, filter, principal, ldapPassword), 0, LDAP_MINUTES_DELAY, TimeUnit.MINUTES);
|
||||
|
||||
String toReturn = "<DIV>LDAPSync SCRIPT Started ... </DIV>";
|
||||
|
||||
response.setContentType("text/html");
|
||||
response.getWriter().write(toReturn);
|
||||
}
|
||||
|
||||
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {}
|
||||
}
|
@ -0,0 +1,360 @@
|
||||
package org.gcube.portal.ldapexport;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Properties;
|
||||
import java.util.Random;
|
||||
|
||||
import javax.naming.Context;
|
||||
import javax.naming.NamingEnumeration;
|
||||
import javax.naming.NamingException;
|
||||
import javax.naming.directory.Attribute;
|
||||
import javax.naming.directory.Attributes;
|
||||
import javax.naming.directory.BasicAttribute;
|
||||
import javax.naming.directory.BasicAttributes;
|
||||
import javax.naming.directory.DirContext;
|
||||
import javax.naming.directory.InitialDirContext;
|
||||
import javax.naming.directory.SearchControls;
|
||||
import javax.naming.directory.SearchResult;
|
||||
|
||||
import org.gcube.common.portal.PortalContext;
|
||||
import org.gcube.portal.custom.communitymanager.OrganizationsUtil;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import com.liferay.portal.kernel.cache.CacheRegistryUtil;
|
||||
import com.liferay.portal.kernel.exception.PortalException;
|
||||
import com.liferay.portal.kernel.exception.SystemException;
|
||||
import com.liferay.portal.model.Organization;
|
||||
import com.liferay.portal.model.User;
|
||||
import com.liferay.portal.service.OrganizationLocalServiceUtil;
|
||||
import com.liferay.portal.service.UserLocalServiceUtil;
|
||||
|
||||
public class LDAPSync implements Runnable {
|
||||
private static final Logger _log = LoggerFactory.getLogger(LDAPSync.class);
|
||||
|
||||
private static final String LDAP_ORG_FILTER = "(objectClass=organizationalUnit)";
|
||||
private static final String LDAP_GROUP_FILTER = "(objectClass=posixGroup)";
|
||||
|
||||
private String ldapUrl;
|
||||
private String filter;
|
||||
private String principal;
|
||||
private String pwd;
|
||||
|
||||
|
||||
public LDAPSync(String ldapUrl, String filter, String principal, String pwd) {
|
||||
this.ldapUrl = ldapUrl;
|
||||
this.filter = filter;
|
||||
this.principal = principal;
|
||||
this.pwd = pwd;
|
||||
_log.info("Starting LDAPSync over " + ldapUrl);
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @return the Liferay mapped as Root Organization
|
||||
*/
|
||||
private Organization getRootVO() {
|
||||
String rootVoName = PortalContext.getConfiguration().getInfrastructureName();
|
||||
_log.debug("Root organization name found: " + rootVoName);
|
||||
|
||||
//start of iteration of the actual groups
|
||||
List<Organization> organizations;
|
||||
try {
|
||||
organizations = OrganizationLocalServiceUtil.getOrganizations(0, OrganizationLocalServiceUtil.getOrganizationsCount());
|
||||
for (Organization organization : organizations) {
|
||||
if (organization.getName().equals(rootVoName)) {
|
||||
return organization;
|
||||
}
|
||||
}
|
||||
}
|
||||
catch (SystemException e) {
|
||||
_log.error("There were problems retrieving root organization", e);
|
||||
}
|
||||
_log.error("Could not find any root organization");
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
@Override
|
||||
public void run() {
|
||||
_log.debug("Reading Portal Users ...");
|
||||
List<User> users = null;
|
||||
try {
|
||||
users = getAllLiferayUsers();
|
||||
_log.debug("\n***Read " + users.size() + " from LR DB\n");
|
||||
} catch (Exception e1) {
|
||||
e1.printStackTrace();
|
||||
}
|
||||
_log.debug("Reading Portal Organizations ...");
|
||||
Organization rootVO = getRootVO();
|
||||
|
||||
_log.debug("Initializing LDAP exporter ...");
|
||||
|
||||
Properties env = new Properties();
|
||||
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
|
||||
env.put(Context.PROVIDER_URL, ldapUrl);
|
||||
env.put(Context.SECURITY_PRINCIPAL, principal);
|
||||
env.put(Context.SECURITY_CREDENTIALS, pwd);
|
||||
|
||||
try {
|
||||
DirContext ctx = new InitialDirContext(env);
|
||||
_log.debug("Initiating LDAP Sync ...");
|
||||
//update the whole list of users (uid="+username+",ou=People,o=Liferay,ou=Organizations,dc=d4science,dc=org")
|
||||
exportSingleUsers(ctx, env, users);
|
||||
|
||||
//crate or update the whole list of organizations (objectClass=organizationalUnit, ou="+orgName+",dc=d4science,dc=org) and groups ( objectClass=top and POSIXGroup)
|
||||
updateGroups(ctx, rootVO);
|
||||
|
||||
} catch (NamingException e) {
|
||||
_log.error("Something went Wrong during LDAP Sync in Exporting to LDAP");
|
||||
e.printStackTrace();
|
||||
} catch (SystemException es) {
|
||||
_log.error("Something went Wrong during LDAP Sync in retrieving Liferay Organization");
|
||||
es.printStackTrace();
|
||||
}
|
||||
}
|
||||
|
||||
private void updateGroups(DirContext ctx, Organization root) throws NamingException, SystemException {
|
||||
String subCtx = getOrgSubContext(root.getName());
|
||||
if (!checkIfLDAPOrganizationalUnitExists(ctx, subCtx))
|
||||
createOrganizationalUnit(ctx, subCtx);
|
||||
for (Organization org : root.getSuborganizations()) {
|
||||
String orgSubCtx = "ou="+org.getName()+","+subCtx;
|
||||
if (!checkIfLDAPOrganizationalUnitExists(ctx, orgSubCtx))
|
||||
createOrganizationalUnit(ctx, orgSubCtx);
|
||||
for (Organization vre : org.getSuborganizations()) {
|
||||
String vreSubCtx = "cn="+vre.getName()+","+orgSubCtx;
|
||||
if (!checkIfLDAPGroupExists(ctx, vreSubCtx))
|
||||
createGroupVRE(ctx, vreSubCtx, vre.getName());
|
||||
//update the list of users in such VRE
|
||||
updateUsersInGroup(ctx, vreSubCtx, vre);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private void updateUsersInGroup(DirContext ctx, String vreSubCtx, Organization vre) throws NamingException, SystemException {
|
||||
List<User> users = UserLocalServiceUtil.getOrganizationUsers(vre.getOrganizationId());
|
||||
for (User userObj : users) {
|
||||
String user = userObj.getScreenName();
|
||||
try {
|
||||
Attribute memberUid = new BasicAttribute("memberUid");
|
||||
memberUid.add(user);
|
||||
Attributes attributes = new BasicAttributes();
|
||||
attributes.put(memberUid);
|
||||
ctx.modifyAttributes(vreSubCtx, DirContext.ADD_ATTRIBUTE, attributes);
|
||||
_log.info("Adding user: " + user);
|
||||
}
|
||||
catch (javax.naming.directory.AttributeInUseException ex) {
|
||||
_log.trace("Not adding already existing user: " + user);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private void exportSingleUsers(DirContext ctx, Properties env, List<User> users) throws NamingException {
|
||||
for (User user : users) {
|
||||
updateUserInLDAP(user.getScreenName(), user.getFirstName(), user.getLastName(), user.getFullName(), user.getEmailAddress(), "{SHA}"+user.getPassword(), ctx, filter);
|
||||
//_log.debug("Updated " + user.getScreenName());
|
||||
}
|
||||
_log.debug("LDAP Users Sync cycle done");
|
||||
if (! users.isEmpty())
|
||||
_log.info("LDAP Users Sync Completed OK!");
|
||||
else
|
||||
_log.warn("LDAP Users Sync cycle skipped this time");
|
||||
}
|
||||
/**
|
||||
*
|
||||
* @param ctx
|
||||
* @param subContext
|
||||
* @throws NamingException
|
||||
*/
|
||||
private void createOrganizationalUnit(DirContext ctx, String subContext) throws NamingException {
|
||||
Attributes attributes = new BasicAttributes();
|
||||
Attribute objectClass = new BasicAttribute("objectClass");
|
||||
objectClass.add("organizationalUnit");
|
||||
attributes.put(objectClass);
|
||||
|
||||
Attribute description = new BasicAttribute("description");
|
||||
description.add("Liferay Organization");
|
||||
attributes.put(description);
|
||||
ctx.createSubcontext(subContext, attributes);
|
||||
_log.info("Added " + subContext);
|
||||
}
|
||||
/**
|
||||
*
|
||||
* @param ctx
|
||||
* @param subContext
|
||||
* @param vreName
|
||||
* @throws NamingException
|
||||
*/
|
||||
private void createGroupVRE(DirContext ctx, String subContext, String vreName) throws NamingException {
|
||||
Attributes attributes = new BasicAttributes();
|
||||
|
||||
Attribute objectClass = new BasicAttribute("objectClass");
|
||||
objectClass.add("top");
|
||||
objectClass.add("posixGroup");
|
||||
// objectClass.add("researchProject");
|
||||
// objectClass.add("groupOfMembers");
|
||||
attributes.put(objectClass);
|
||||
|
||||
Attribute cn = new BasicAttribute("cn");
|
||||
cn.add(vreName);
|
||||
attributes.put(cn);
|
||||
|
||||
Attribute gidNumber = new BasicAttribute("gidNumber");
|
||||
gidNumber.add(getRandomPOSIXidentifier(ctx));
|
||||
attributes.put(gidNumber);
|
||||
|
||||
ctx.createSubcontext(subContext, attributes);
|
||||
_log.info("Added " + subContext);
|
||||
}
|
||||
|
||||
private String getOrgSubContext(String orgName) {
|
||||
return "ou="+orgName+",dc=d4science,dc=org";
|
||||
}
|
||||
/**
|
||||
*
|
||||
* @param ctx
|
||||
* @param orgSubctx
|
||||
* @return true if exists
|
||||
*/
|
||||
private boolean checkIfLDAPOrganizationalUnitExists(DirContext ctx, String orgSubctx) {
|
||||
SearchControls ctls = new SearchControls();
|
||||
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
||||
NamingEnumeration<SearchResult> answer;
|
||||
try {
|
||||
answer = ctx.search(orgSubctx, LDAP_ORG_FILTER, ctls);
|
||||
} catch (NamingException e) {
|
||||
_log.debug("not found in LDAP (will add it): Organization: " + orgSubctx);
|
||||
return false;
|
||||
}
|
||||
boolean toReturn = answer.hasMoreElements();
|
||||
_log.debug("Organization: " + orgSubctx + " exists? " + toReturn);
|
||||
return toReturn;
|
||||
}
|
||||
/**
|
||||
*
|
||||
* @param ctx
|
||||
* @param groupSubctx
|
||||
* @return true if exists
|
||||
*/
|
||||
private boolean checkIfLDAPGroupExists(DirContext ctx, String groupSubctx) {
|
||||
SearchControls ctls = new SearchControls();
|
||||
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
||||
NamingEnumeration<SearchResult> answer;
|
||||
try {
|
||||
answer = ctx.search(groupSubctx, LDAP_GROUP_FILTER, ctls);
|
||||
} catch (NamingException e) {
|
||||
_log.debug("not found in LDAP (will add it): Group: " + groupSubctx);
|
||||
return false;
|
||||
}
|
||||
boolean toReturn = answer.hasMoreElements();
|
||||
_log.debug("Group: " + groupSubctx + " exists? " + toReturn);
|
||||
return toReturn;
|
||||
}
|
||||
/**
|
||||
*
|
||||
* @param username
|
||||
* @return the single user subContext
|
||||
*/
|
||||
private String getSubContext(String username) {
|
||||
return "uid="+username+",ou=People,o=Liferay,ou=Organizations,dc=d4science,dc=org";
|
||||
}
|
||||
/**
|
||||
*
|
||||
* @param username
|
||||
* @param ctx
|
||||
* @param filter
|
||||
* @return true if exists
|
||||
*/
|
||||
private boolean checkIfLDAPUserExists(String username, DirContext ctx, String filter) {
|
||||
SearchControls ctls = new SearchControls();
|
||||
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
||||
NamingEnumeration<SearchResult> answer;
|
||||
try {
|
||||
answer = ctx.search(getSubContext(username), filter, ctls);
|
||||
} catch (NamingException e) {
|
||||
_log.info("user: " + username + " not found in LDAP, trying to export it");
|
||||
return false;
|
||||
}
|
||||
return answer.hasMoreElements();
|
||||
}
|
||||
/**
|
||||
*
|
||||
* @param username
|
||||
* @param name
|
||||
* @param lastName
|
||||
* @param email
|
||||
* @param passwd
|
||||
* @param ctx
|
||||
* @throws NamingException
|
||||
*/
|
||||
private void updateUserInLDAP(String username, String name, String lastName, String fullName, String email, String passwd, DirContext ctx, String filter) throws NamingException {
|
||||
Attributes attributes=new BasicAttributes();
|
||||
Attribute objectClass=new BasicAttribute("objectClass");
|
||||
objectClass.add("inetOrgPerson");
|
||||
attributes.put(objectClass);
|
||||
|
||||
//the main ldap server uses 'givenName' for the First name, 'cn' for "first name last name', 'sn' for the last name
|
||||
Attribute givenName = new BasicAttribute("givenName");
|
||||
Attribute cn = new BasicAttribute("cn");
|
||||
Attribute sn = new BasicAttribute("sn");
|
||||
Attribute mail = new BasicAttribute("mail");
|
||||
Attribute userPassword = new BasicAttribute("userPassword");
|
||||
|
||||
givenName.add(name);
|
||||
cn.add(fullName);
|
||||
sn.add(lastName);
|
||||
mail.add(email);
|
||||
userPassword.add(passwd);
|
||||
|
||||
attributes.put(givenName);
|
||||
attributes.put(cn);
|
||||
attributes.put(sn);
|
||||
attributes.put(mail);
|
||||
attributes.put(userPassword);
|
||||
|
||||
if (checkIfLDAPUserExists(username, ctx, filter)) {
|
||||
//_log.debug("User " + username + " already exists, replacing attributes");
|
||||
ctx.modifyAttributes(getSubContext(username), DirContext.REPLACE_ATTRIBUTE, attributes);
|
||||
}
|
||||
else {
|
||||
ctx.createSubcontext(getSubContext(username),attributes);
|
||||
_log.debug("New User Found with uid=" + username + " created");
|
||||
}
|
||||
}
|
||||
/**
|
||||
*
|
||||
* @return the whole list of users
|
||||
*/
|
||||
private List<User> getAllLiferayUsers() {
|
||||
String infraName = PortalContext.getConfiguration().getInfrastructureName();
|
||||
_log.info("TRY Reading non chached users belonging to: /" + infraName);
|
||||
|
||||
List<User> toReturn = new ArrayList<User>();
|
||||
Organization rootInfra;
|
||||
try {
|
||||
CacheRegistryUtil.clear(); //needed to avoid cache use by liferay API
|
||||
rootInfra = OrganizationLocalServiceUtil.getOrganization(OrganizationsUtil.getCompany().getCompanyId(), infraName);
|
||||
toReturn = UserLocalServiceUtil.getOrganizationUsers(rootInfra.getOrganizationId());
|
||||
} catch (PortalException | SystemException e) {
|
||||
_log.error("Error during LDAP Sync, could not retrieve users from LR DB: " + e.getMessage());
|
||||
}
|
||||
return toReturn;
|
||||
}
|
||||
/**
|
||||
*
|
||||
* @return an integer between 1000 and 2147483647
|
||||
*/
|
||||
private String getRandomPOSIXidentifier(DirContext ctx) {
|
||||
final int Low = 1000;
|
||||
final int High = 2147483647;
|
||||
Random r = new Random();
|
||||
int toReturn = r.nextInt(High-Low) + Low;
|
||||
return toReturn+"";
|
||||
}
|
||||
}
|
@ -0,0 +1,20 @@
|
||||
<!DOCTYPE web-app PUBLIC
|
||||
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
|
||||
"http://java.sun.com/dtd/web-app_2_3.dtd" >
|
||||
|
||||
<web-app>
|
||||
<display-name>LDAP Export servlet</display-name>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>start-ldap-export</servlet-name>
|
||||
<servlet-class>org.gcube.portal.ldapexport.LDAPExportService</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>start-ldap-export</servlet-name>
|
||||
<url-pattern>/start-ldap-export</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
|
||||
|
||||
</web-app>
|
@ -0,0 +1,7 @@
|
||||
<html>
|
||||
<body>
|
||||
<h2>Hello From D4Science LDAP Export service!</h2>
|
||||
|
||||
<a href="./start-ldap-export">RUN D4Science LDAP Export service (repeat: every 10 minutes [Default])</a>
|
||||
</body>
|
||||
</html>
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
@ -0,0 +1,20 @@
|
||||
<!DOCTYPE web-app PUBLIC
|
||||
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
|
||||
"http://java.sun.com/dtd/web-app_2_3.dtd" >
|
||||
|
||||
<web-app>
|
||||
<display-name>LDAP Export servlet</display-name>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>start-ldap-export</servlet-name>
|
||||
<servlet-class>org.gcube.portal.ldapexport.LDAPExportService</servlet-class>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>start-ldap-export</servlet-name>
|
||||
<url-pattern>/start-ldap-export</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
|
||||
|
||||
</web-app>
|
@ -0,0 +1,7 @@
|
||||
<html>
|
||||
<body>
|
||||
<h2>Hello From D4Science LDAP Export service!</h2>
|
||||
|
||||
<a href="./start-ldap-export">RUN D4Science LDAP Export service (repeat: every 10 minutes [Default])</a>
|
||||
</body>
|
||||
</html>
|
@ -0,0 +1,5 @@
|
||||
#Generated by Maven
|
||||
#Mon Nov 30 17:15:06 CET 2015
|
||||
version=0.0.1-SNAPSHOT
|
||||
groupId=org.gcube.portal
|
||||
artifactId=ldap-export-servlet
|
Reference in New Issue