|
|
|
@ -37,17 +37,18 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
private static final String LDAP_ORG_FILTER = "(objectClass=organizationalUnit)";
|
|
|
|
|
private static final String LDAP_GROUP_FILTER = "(objectClass=posixGroup)";
|
|
|
|
|
private static final String USER_CONTEXT = ",ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org";
|
|
|
|
|
private static final String GROUPS_OU = "ou=Groups,o=D4Science,ou=Organizations,dc=d4science,dc=org";
|
|
|
|
|
private static final String DEFAULT_GID_NUMBER = "1000";
|
|
|
|
|
|
|
|
|
|
private static final String SSH_PUBLIC_KEY_ATTR = "SSH-public-key";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private String ldapUrl;
|
|
|
|
|
private String filter;
|
|
|
|
|
private String principal;
|
|
|
|
|
private String pwd;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public LDAPSync(String ldapUrl, String filter, String principal, String pwd) {
|
|
|
|
|
this.ldapUrl = ldapUrl;
|
|
|
|
|
this.filter = filter;
|
|
|
|
@ -90,24 +91,24 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
_log.debug("Reading Portal Organizations ...");
|
|
|
|
|
GCubeGroup rootVO = getRootVO();
|
|
|
|
|
|
|
|
|
|
_log.debug("Initializing LDAP exporter ...");
|
|
|
|
|
|
|
|
|
|
_log.debug("Initializing LDAP exporter ... ldapUrl="+ldapUrl);
|
|
|
|
|
Properties env = new Properties();
|
|
|
|
|
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
|
|
|
|
|
env.put(Context.PROVIDER_URL, ldapUrl);
|
|
|
|
|
env.put(Context.SECURITY_PRINCIPAL, principal);
|
|
|
|
|
env.put(Context.SECURITY_CREDENTIALS, pwd);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
_log.debug("Initializing LDAP exporter ... principal="+principal);
|
|
|
|
|
try {
|
|
|
|
|
DirContext ctx = new InitialDirContext(env);
|
|
|
|
|
_log.debug("Initiating LDAP Sync ...");
|
|
|
|
|
createUsersOrganizationalUnit(ctx);
|
|
|
|
|
|
|
|
|
|
//crate or update the whole list of organizations (objectClass=organizationalUnit, ou="+orgName+",dc=d4science,dc=org) and groups ( objectClass=top and POSIXGroup)
|
|
|
|
|
|
|
|
|
|
updateGroups(ctx, rootVO);
|
|
|
|
|
//and update the users list
|
|
|
|
|
//update the users list
|
|
|
|
|
exportSingleUsers(ctx, env, users);
|
|
|
|
|
|
|
|
|
|
//crate or update the whole list of organizations (objectClass=organizationalUnit, ou="+orgName+",dc=d4science,dc=org) and groups ( objectClass=top and POSIXGroup)
|
|
|
|
|
updateGroups(ctx, rootVO);
|
|
|
|
|
} catch (NamingException e) {
|
|
|
|
|
_log.error("Something went Wrong during LDAP Sync in Exporting to LDAP");
|
|
|
|
|
e.printStackTrace();
|
|
|
|
@ -132,8 +133,10 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
Attribute description = new BasicAttribute("description");
|
|
|
|
|
description.add("Where to find users");
|
|
|
|
|
attributes.put(description);
|
|
|
|
|
// private static final String USER_CONTEXT = ",";
|
|
|
|
|
|
|
|
|
|
ctx.createSubcontext("ou=Organizations,dc=d4science,dc=org", attributes);
|
|
|
|
|
_log.info("organizationalUnit \"ou=Organizations,dc=d4science,dc=org\" created");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
attributes = new BasicAttributes();
|
|
|
|
|
objectClass = new BasicAttribute("objectClass");
|
|
|
|
@ -141,6 +144,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
attributes.put(objectClass);
|
|
|
|
|
description.add("Default Organization");
|
|
|
|
|
ctx.createSubcontext("o=D4Science,ou=Organizations,dc=d4science,dc=org", attributes);
|
|
|
|
|
_log.info("organizationalUnit \"o=D4Science,ou=Organizations,dc=d4science,dc=org\" created");
|
|
|
|
|
|
|
|
|
|
attributes = new BasicAttributes();
|
|
|
|
|
objectClass = new BasicAttribute("objectClass");
|
|
|
|
@ -148,6 +152,15 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
attributes.put(objectClass);
|
|
|
|
|
description.add("People Org Unit");
|
|
|
|
|
ctx.createSubcontext("ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org", attributes);
|
|
|
|
|
_log.info("organizationalUnit \"ou=People,o=D4Science,ou=Organizations,dc=d4science,dc=org\" created");
|
|
|
|
|
|
|
|
|
|
attributes = new BasicAttributes();
|
|
|
|
|
objectClass = new BasicAttribute("objectClass");
|
|
|
|
|
objectClass.add("organizationalUnit");
|
|
|
|
|
attributes.put(objectClass);
|
|
|
|
|
description.add("Groups Org Unit");
|
|
|
|
|
ctx.createSubcontext(GROUPS_OU, attributes);
|
|
|
|
|
_log.info("organizationalUnit \"ou=Groups,o=D4Science,ou=Organizations,dc=d4science,dc=org\" created");
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
_log.info("ou=Organizations,dc=d4science,dc=org already present, skip");
|
|
|
|
@ -160,144 +173,35 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
* @throws NamingException
|
|
|
|
|
* @throws SystemException
|
|
|
|
|
*/
|
|
|
|
|
private void updateGroups(DirContext ctx, GCubeGroup root) throws NamingException, SystemException {
|
|
|
|
|
String subCtx = getOrgSubContext(root.getGroupName());
|
|
|
|
|
if (!checkIfLDAPOrganizationalUnitExists(ctx, subCtx))
|
|
|
|
|
createOrganizationalUnit(ctx, subCtx);
|
|
|
|
|
private void updateGroups(DirContext ctx, GCubeGroup root) throws Exception {
|
|
|
|
|
String subCtx = getGroupContext(root.getGroupName());
|
|
|
|
|
//first we create the groups
|
|
|
|
|
if (!checkIfLDAPGroupExists(ctx, subCtx)) {
|
|
|
|
|
createGroup(ctx, subCtx, root, true);
|
|
|
|
|
}
|
|
|
|
|
for (GCubeGroup vo : root.getChildren()) {
|
|
|
|
|
String orgSubCtx = "ou="+vo.getGroupName()+","+subCtx;
|
|
|
|
|
if (!checkIfLDAPOrganizationalUnitExists(ctx, orgSubCtx))
|
|
|
|
|
createOrganizationalUnit(ctx, orgSubCtx);
|
|
|
|
|
String orgSubCtx = getGroupContext(vo.getGroupName());
|
|
|
|
|
if (!checkIfLDAPGroupExists(ctx, orgSubCtx))
|
|
|
|
|
createGroup(ctx, orgSubCtx, vo, false);
|
|
|
|
|
for (GCubeGroup vre : vo.getChildren()) {
|
|
|
|
|
String vreSubCtx = "cn="+vre.getGroupName()+","+orgSubCtx;
|
|
|
|
|
String vreSubCtx = getGroupContext(vre.getGroupName());
|
|
|
|
|
if (!checkIfLDAPGroupExists(ctx, vreSubCtx))
|
|
|
|
|
createGroupVRE(ctx, vreSubCtx, vre.getGroupName());
|
|
|
|
|
createGroup(ctx, vreSubCtx, vre, false);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
_log.debug("updateUsersInGroup: groups created waiting for adding users and member");
|
|
|
|
|
//the we add/update the users
|
|
|
|
|
updateUsersInGroup(ctx, subCtx, root);
|
|
|
|
|
for (GCubeGroup vo : root.getChildren()) {
|
|
|
|
|
String orgSubCtx = getGroupContext(vo.getGroupName());
|
|
|
|
|
updateUsersInGroup(ctx, orgSubCtx, vo);
|
|
|
|
|
for (GCubeGroup vre : vo.getChildren()) {
|
|
|
|
|
String vreSubCtx = getGroupContext(vre.getGroupName());
|
|
|
|
|
//update the list of users in such VRE
|
|
|
|
|
updateUsersInGroup(ctx, vreSubCtx, vre);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @param ctx
|
|
|
|
|
* @param vreSubCtx
|
|
|
|
|
* @param vre
|
|
|
|
|
* @throws NamingException
|
|
|
|
|
* @throws SystemException
|
|
|
|
|
*/
|
|
|
|
|
private void updateUsersInGroup(DirContext ctx, String vreSubCtx, GCubeGroup vre) throws NamingException, SystemException {
|
|
|
|
|
_log.debug("updateUsersInGroup: " + vre.getGroupName() );
|
|
|
|
|
List<User> users = new ArrayList<>();
|
|
|
|
|
try {
|
|
|
|
|
users = UserLocalServiceUtil.getGroupUsers(vre.getGroupId());
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
_log.error("Could not retrieve members of vre: " + vre.getGroupName() + " having groupid: "+vre.getGroupId(), e);
|
|
|
|
|
}
|
|
|
|
|
for (User userObj : users) {
|
|
|
|
|
String user = userObj.getScreenName();
|
|
|
|
|
try {
|
|
|
|
|
Attribute memberUid = new BasicAttribute("memberUid");
|
|
|
|
|
memberUid.add(user);
|
|
|
|
|
Attributes attributes = new BasicAttributes();
|
|
|
|
|
attributes.put(memberUid);
|
|
|
|
|
ctx.modifyAttributes(vreSubCtx, DirContext.ADD_ATTRIBUTE, attributes);
|
|
|
|
|
_log.info("Adding user: " + user);
|
|
|
|
|
}
|
|
|
|
|
catch (javax.naming.directory.AttributeInUseException ex) {
|
|
|
|
|
_log.trace("Not adding already existing user: " + user);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private void exportSingleUsers(DirContext ctx, Properties env, List<User> users) throws Exception {
|
|
|
|
|
for (User user : users) {
|
|
|
|
|
String lastName = "NoLastNameEntered";
|
|
|
|
|
if (user.getLastName() != null && user.getLastName().compareTo("") != 0)
|
|
|
|
|
lastName = user.getLastName();
|
|
|
|
|
|
|
|
|
|
_log.debug("Trying read sshPublicKey for " + user.getScreenName());
|
|
|
|
|
String sshPublicKey = new LiferayUserManager().readCustomAttr(user.getUserId(), SSH_PUBLIC_KEY_ATTR).toString();
|
|
|
|
|
if (user.getFirstName() != null && user.getFirstName().compareTo("") != 0)
|
|
|
|
|
updateUserInLDAP(user.getScreenName(), user.getFirstName(), lastName, user.getFullName(), user.getEmailAddress(), "{SHA}"+user.getPassword(), sshPublicKey, ctx, filter);
|
|
|
|
|
_log.debug("Updated " + user.getScreenName());
|
|
|
|
|
}
|
|
|
|
|
_log.debug("LDAP Users Sync cycle done");
|
|
|
|
|
if (! users.isEmpty())
|
|
|
|
|
_log.info("LDAP Users Sync Completed OK!");
|
|
|
|
|
else
|
|
|
|
|
_log.warn("LDAP Users Sync cycle skipped this time");
|
|
|
|
|
}
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @param ctx
|
|
|
|
|
* @param subContext
|
|
|
|
|
* @throws NamingException
|
|
|
|
|
*/
|
|
|
|
|
private void createOrganizationalUnit(DirContext ctx, String subContext) throws NamingException {
|
|
|
|
|
Attributes attributes = new BasicAttributes();
|
|
|
|
|
Attribute objectClass = new BasicAttribute("objectClass");
|
|
|
|
|
objectClass.add("organizationalUnit");
|
|
|
|
|
attributes.put(objectClass);
|
|
|
|
|
|
|
|
|
|
Attribute description = new BasicAttribute("description");
|
|
|
|
|
description.add("Liferay Organization");
|
|
|
|
|
attributes.put(description);
|
|
|
|
|
ctx.createSubcontext(subContext, attributes);
|
|
|
|
|
_log.info("Added " + subContext);
|
|
|
|
|
}
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @param ctx
|
|
|
|
|
* @param subContext
|
|
|
|
|
* @param vreName
|
|
|
|
|
* @throws NamingException
|
|
|
|
|
*/
|
|
|
|
|
private void createGroupVRE(DirContext ctx, String subContext, String vreName) throws NamingException {
|
|
|
|
|
Attributes attributes = new BasicAttributes();
|
|
|
|
|
|
|
|
|
|
Attribute objectClass = new BasicAttribute("objectClass");
|
|
|
|
|
objectClass.add("top");
|
|
|
|
|
objectClass.add("posixGroup");
|
|
|
|
|
// objectClass.add("researchProject");
|
|
|
|
|
// objectClass.add("groupOfMembers");
|
|
|
|
|
attributes.put(objectClass);
|
|
|
|
|
|
|
|
|
|
Attribute cn = new BasicAttribute("cn");
|
|
|
|
|
cn.add(vreName);
|
|
|
|
|
attributes.put(cn);
|
|
|
|
|
|
|
|
|
|
Attribute gidNumber = new BasicAttribute("gidNumber");
|
|
|
|
|
gidNumber.add(String.valueOf(getRandomPOSIXidentifier()));
|
|
|
|
|
attributes.put(gidNumber);
|
|
|
|
|
|
|
|
|
|
ctx.createSubcontext(subContext, attributes);
|
|
|
|
|
_log.info("Added " + subContext);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private String getOrgSubContext(String orgName) {
|
|
|
|
|
return "ou="+orgName+",dc=d4science,dc=org";
|
|
|
|
|
}
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @param ctx
|
|
|
|
|
* @param orgSubctx
|
|
|
|
|
* @return true if exists
|
|
|
|
|
*/
|
|
|
|
|
private boolean checkIfLDAPOrganizationalUnitExists(DirContext ctx, String orgSubctx) {
|
|
|
|
|
SearchControls ctls = new SearchControls();
|
|
|
|
|
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
|
|
|
|
NamingEnumeration<SearchResult> answer;
|
|
|
|
|
try {
|
|
|
|
|
answer = ctx.search(orgSubctx, LDAP_ORG_FILTER, ctls);
|
|
|
|
|
} catch (NamingException e) {
|
|
|
|
|
_log.debug("not found in LDAP (will add it): Organization: " + orgSubctx);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
boolean toReturn = answer.hasMoreElements();
|
|
|
|
|
_log.debug("Organization: " + orgSubctx + " exists? " + toReturn);
|
|
|
|
|
return toReturn;
|
|
|
|
|
_log.debug("LDAP Groups Sync Completed OK!");
|
|
|
|
|
}
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
@ -319,6 +223,157 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
_log.debug("Group: " + groupSubctx + " exists? " + toReturn);
|
|
|
|
|
return toReturn;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @param ctx
|
|
|
|
|
* @param vreSubCtx
|
|
|
|
|
* @param group
|
|
|
|
|
* @throws NamingException
|
|
|
|
|
* @throws SystemException
|
|
|
|
|
*/
|
|
|
|
|
private void updateUsersInGroup(DirContext ctx, String vreSubCtx, GCubeGroup group) throws NamingException, SystemException {
|
|
|
|
|
_log.debug("updateUsersInGroup: " + group.getGroupName());
|
|
|
|
|
List<User> users = new ArrayList<>();
|
|
|
|
|
try {
|
|
|
|
|
users = UserLocalServiceUtil.getGroupUsers(group.getGroupId());
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
_log.error("Could not retrieve members of group: " + group.getGroupName() + " having groupid: "+group.getGroupId(), e);
|
|
|
|
|
}
|
|
|
|
|
//set the children, if any
|
|
|
|
|
if (group.getChildren() != null) {
|
|
|
|
|
_log.debug("Adding member e.g. cn=env.Name Iterating children of " + group.getGroupName());
|
|
|
|
|
for (GCubeGroup g : group.getChildren()) {
|
|
|
|
|
Attribute member = new BasicAttribute("member");
|
|
|
|
|
member.add(getGroupContext(g.getGroupName()));
|
|
|
|
|
Attributes attributes2 = new BasicAttributes();
|
|
|
|
|
attributes2.put(member);
|
|
|
|
|
ctx.modifyAttributes(vreSubCtx, DirContext.ADD_ATTRIBUTE, attributes2);
|
|
|
|
|
_log.debug("Added Child env. as member: " + getGroupContext(g.getGroupName()));
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
_log.info("Adding users as members to: " + getGroupContext(group.getGroupName()));
|
|
|
|
|
for (User userObj : users) {
|
|
|
|
|
String user = userObj.getScreenName();
|
|
|
|
|
try {
|
|
|
|
|
Attribute memberUid = new BasicAttribute("memberUid");
|
|
|
|
|
memberUid.add(user);
|
|
|
|
|
Attributes attributes = new BasicAttributes();
|
|
|
|
|
attributes.put(memberUid);
|
|
|
|
|
ctx.modifyAttributes(vreSubCtx, DirContext.ADD_ATTRIBUTE, attributes);
|
|
|
|
|
_log.debug("Adding user as memberUid: " + user );
|
|
|
|
|
|
|
|
|
|
Attribute member = new BasicAttribute("member");
|
|
|
|
|
member.add(getSubContext(user));
|
|
|
|
|
Attributes attributes2 = new BasicAttributes();
|
|
|
|
|
attributes2.put(member);
|
|
|
|
|
ctx.modifyAttributes(vreSubCtx, DirContext.ADD_ATTRIBUTE, attributes2);
|
|
|
|
|
_log.debug("Added user as member: " + user );
|
|
|
|
|
}
|
|
|
|
|
catch (javax.naming.directory.AttributeInUseException ex) {
|
|
|
|
|
_log.trace("Not adding already existing user: " + user);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private void exportSingleUsers(DirContext ctx, Properties env, List<User> users) throws Exception {
|
|
|
|
|
for (User user : users) {
|
|
|
|
|
String lastName = "NoLastNameEntered";
|
|
|
|
|
if (user.getLastName() != null && user.getLastName().compareTo("") != 0)
|
|
|
|
|
lastName = user.getLastName();
|
|
|
|
|
|
|
|
|
|
_log.debug("Trying read sshPublicKey for " + user.getScreenName());
|
|
|
|
|
String sshPublicKey = new LiferayUserManager().readCustomAttr(user.getUserId(), SSH_PUBLIC_KEY_ATTR).toString();
|
|
|
|
|
if (user.getFirstName() != null && user.getFirstName().compareTo("") != 0)
|
|
|
|
|
updateUserInLDAP(user.getScreenName(), user.getFirstName(), lastName, user.getFullName(), user.getEmailAddress(), "{SHA}"+user.getPassword(), sshPublicKey, ctx, filter);
|
|
|
|
|
_log.debug("Updated " + user.getScreenName());
|
|
|
|
|
}
|
|
|
|
|
_log.debug("LDAP Users Sync cycle done");
|
|
|
|
|
if (! users.isEmpty())
|
|
|
|
|
_log.info("LDAP Users Sync Completed OK!");
|
|
|
|
|
else
|
|
|
|
|
_log.warn("LDAP Users Sync cycle skipped this time");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @param ctx
|
|
|
|
|
* @param subContext
|
|
|
|
|
* @param d4sContextName e.g, devsec or devVRE
|
|
|
|
|
* @throws NamingException
|
|
|
|
|
*/
|
|
|
|
|
private void createGroup(DirContext ctx, String subContext, GCubeGroup d4sContext, boolean isRoot) throws Exception {
|
|
|
|
|
|
|
|
|
|
_log.debug("in createGroup: " + d4sContext.getGroupName() + " isRoot?"+isRoot);
|
|
|
|
|
|
|
|
|
|
Attributes attributes = new BasicAttributes();
|
|
|
|
|
|
|
|
|
|
Attribute objectClass = new BasicAttribute("objectClass");
|
|
|
|
|
objectClass.add("top");
|
|
|
|
|
objectClass.add("groupofnames");
|
|
|
|
|
objectClass.add("posixGroup");
|
|
|
|
|
if (!isRoot)
|
|
|
|
|
objectClass.add("nsMemberOf");
|
|
|
|
|
attributes.put(objectClass);
|
|
|
|
|
|
|
|
|
|
Attribute cn = new BasicAttribute("cn");
|
|
|
|
|
cn.add(d4sContext.getGroupName());
|
|
|
|
|
attributes.put(cn);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// //set the parent, if any
|
|
|
|
|
// if (d4sContext.getParentGroupId() >= 0) {
|
|
|
|
|
// _log.debug("this context " + d4sContext.getGroupName() + " has a parent " );
|
|
|
|
|
// GCubeGroup parent = GM.getGroup(d4sContext.getParentGroupId());
|
|
|
|
|
// _log.debug("parent= " + parent.getGroupName() );
|
|
|
|
|
// Attribute memberOf = new BasicAttribute("memberOf");
|
|
|
|
|
// String memberOfContext = getGroupContext(parent.getGroupName());
|
|
|
|
|
// memberOf.add(memberOfContext);
|
|
|
|
|
// _log.info("Added parent group memberOf: " + memberOfContext);
|
|
|
|
|
// attributes.put(memberOf);
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
// Attribute gidNumber = new BasicAttribute("gidNumber");
|
|
|
|
|
// gidNumber.add(String.valueOf(getRandomPOSIXidentifier()));
|
|
|
|
|
// attributes.put(gidNumber);
|
|
|
|
|
|
|
|
|
|
ctx.createSubcontext(subContext, attributes);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private String getGroupContext(String groupName) {
|
|
|
|
|
return "cn="+groupName+","+GROUPS_OU;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @param ctx
|
|
|
|
|
* @param orgSubctx
|
|
|
|
|
* @return true if exists
|
|
|
|
|
*/
|
|
|
|
|
private boolean checkIfLDAPOrganizationalUnitExists(DirContext ctx, String orgSubctx) {
|
|
|
|
|
SearchControls ctls = new SearchControls();
|
|
|
|
|
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
|
|
|
|
NamingEnumeration<SearchResult> answer;
|
|
|
|
|
try {
|
|
|
|
|
answer = ctx.search(orgSubctx, LDAP_ORG_FILTER, ctls);
|
|
|
|
|
} catch (NamingException e) {
|
|
|
|
|
_log.debug("not found in LDAP (will add it): Organization: " + orgSubctx);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
boolean toReturn = answer.hasMoreElements();
|
|
|
|
|
_log.debug("Organization: " + orgSubctx + " exists? " + toReturn);
|
|
|
|
|
return toReturn;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @param username
|
|
|
|
@ -363,6 +418,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
objectClass.add("posixAccount");
|
|
|
|
|
objectClass.add("organizationalPerson");
|
|
|
|
|
objectClass.add("person");
|
|
|
|
|
objectClass.add("inetUser");
|
|
|
|
|
objectClass.add("shadowAccount");
|
|
|
|
|
objectClass.add("ldapPublicKey");
|
|
|
|
|
attributes.put(objectClass);
|
|
|
|
@ -377,7 +433,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
Attribute homeDirectory = new BasicAttribute("homeDirectory");
|
|
|
|
|
Attribute shell = new BasicAttribute("loginShell");
|
|
|
|
|
Attribute sshPublicKeyAttr = new BasicAttribute("sshPublicKey");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
givenName.add(name);
|
|
|
|
|
cn.add(fullName);
|
|
|
|
@ -388,7 +444,7 @@ public class LDAPSync implements Runnable {
|
|
|
|
|
homeDirectory.add("/home/"+username);
|
|
|
|
|
shell.add("/bin/bash");
|
|
|
|
|
sshPublicKeyAttr.add(sshPublicKey);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
attributes.put(givenName);
|
|
|
|
|
attributes.put(cn);
|
|
|
|
|
attributes.put(sn);
|
|
|
|
|