From 843fa4420c9da817a89e3032671a702a7a961b68 Mon Sep 17 00:00:00 2001
From: Massimiliano Assante <massimiliano.assante@isti.cnr.it>
Date: Mon, 20 Jul 2015 16:28:50 +0000
Subject: [PATCH] added the LDAP Sync, still have to create the executor though

git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portal/social-mail-servlet@117363 82a268e6-3cf1-43bd-a215-b396298e98cf
---
 .../gcube/portal/ldapexport/LDAPExporter.java | 183 ++++++++++++++++++
 .../portal/ldapexport/settings.properties     |   6 +
 src/main/webapp/WEB-INF/web.xml               |  12 ++
 src/main/webapp/index.jsp                     |   2 +-
 4 files changed, 202 insertions(+), 1 deletion(-)
 create mode 100644 src/main/java/org/gcube/portal/ldapexport/LDAPExporter.java
 create mode 100644 src/main/java/org/gcube/portal/ldapexport/settings.properties

diff --git a/src/main/java/org/gcube/portal/ldapexport/LDAPExporter.java b/src/main/java/org/gcube/portal/ldapexport/LDAPExporter.java
new file mode 100644
index 0000000..a159ce1
--- /dev/null
+++ b/src/main/java/org/gcube/portal/ldapexport/LDAPExporter.java
@@ -0,0 +1,183 @@
+package org.gcube.portal.ldapexport;
+
+import java.io.IOException;
+import java.sql.Connection;
+import java.sql.DriverManager;
+import java.sql.SQLException;
+import java.util.List;
+import java.util.Properties;
+import java.util.ResourceBundle;
+
+import javax.naming.Context;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.ModificationItem;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.gcube.common.portal.PortalContext;
+import org.gcube.portal.custom.communitymanager.OrganizationsUtil;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.liferay.portal.kernel.exception.PortalException;
+import com.liferay.portal.kernel.exception.SystemException;
+import com.liferay.portal.kernel.util.PropsUtil;
+import com.liferay.portal.model.Organization;
+import com.liferay.portal.model.User;
+import com.liferay.portal.service.GroupLocalServiceUtil;
+import com.liferay.portal.service.OrganizationLocalServiceUtil;
+import com.liferay.portal.service.UserLocalServiceUtil;
+
+@SuppressWarnings("serial")
+public class LDAPExporter extends HttpServlet {
+
+	private static final Logger _log = LoggerFactory.getLogger(LDAPExporter.class);
+
+	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+		sync();
+	}
+
+	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {}
+
+	private List<User> getAllLiferayUsers() throws SystemException, PortalException {
+		String infraName = PortalContext.getConfiguration().getInfrastructureName();		
+		_log.debug("Reading users belonging to: /" + infraName);
+
+		Organization rootInfra = OrganizationLocalServiceUtil.getOrganization(OrganizationsUtil.getCompany().getCompanyId(), infraName);
+		return UserLocalServiceUtil.getOrganizationUsers(rootInfra.getOrganizationId());
+	}
+
+
+	public void sync() {				
+		ResourceBundle rb = ResourceBundle.getBundle("org.gcube.portal.ldapexport.settings");		
+		_log.debug("Reading Portal Users ...");
+		List<User> users = null; 
+		try {
+			users = getAllLiferayUsers();
+			_log.debug("Read " + users.size() + " from LR DB");
+		} catch (Exception e1) {
+			e1.printStackTrace();
+		}
+
+		_log.debug("Initializing LDAP exporter ...");
+		String baseDN = rb.getString("LDAP_BASE_DN");
+		String ldapUrl = rb.getString("LDAP_PROVIDER_URL");
+		String ldapPrincipal = rb.getString("LDAP_SECURITY_PRINCIPAL");
+		String ldapPwd = rb.getString("LDAP_SECURITY_CREDENTIALS");
+		String filter = rb.getString("LDAP_FILTER");
+
+		Properties env = new Properties();
+		env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
+		env.put(Context.PROVIDER_URL, ldapUrl);
+		env.put(Context.SECURITY_PRINCIPAL, ldapPrincipal);
+		env.put(Context.SECURITY_CREDENTIALS, ldapPwd);
+
+		try {
+			DirContext ctx = new InitialDirContext(env);
+
+			_log.debug("Initiating LDAP Sync ...");
+			for (User user : users) {
+				updateUserInLDAP(user.getScreenName(), user.getFirstName(), user.getLastName(), user.getEmailAddress(), "{SHA}"+user.getPassword(), ctx, filter);
+				_log.debug("Updated " + user.getScreenName());
+			}			
+			//updateUserInLDAP("testino.testone", "Testa", "LastName", "email@email.com", "SECRET", ctx);
+
+			_log.debug("LDAP Sync done ... reading LDAP users now ..");
+
+			SearchControls ctls = new SearchControls();
+			ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+
+			NamingEnumeration<SearchResult> answer = ctx.search(baseDN, filter, ctls);
+
+			while (answer.hasMoreElements()) {
+
+				SearchResult a = answer.nextElement();
+				Attributes result = a.getAttributes();
+
+				if (result == null){
+					System.out.println("Attributes not present");
+				}else{
+					Attribute attr = result.get("uid");
+					if (attr != null){
+						for (NamingEnumeration vals = attr.getAll(); vals.hasMoreElements(); System.out.println(vals.nextElement().toString()));
+					}
+
+					attr = result.get("userPassword");
+
+					if (attr != null){
+						for (NamingEnumeration vals = attr.getAll(); vals.hasMoreElements(); ) {
+							_log.debug("sha pwd: " + new String((byte[])vals.nextElement()));
+						}
+					}
+				} 
+
+			}
+		} catch (NamingException e) {
+			_log.error("Something went Wrong during LDAP Sync");
+			e.printStackTrace();
+		}			
+		_log.debug("LDAP Sync Completed");
+	}
+
+	private static boolean checkIfLDAPUserExists(String username, DirContext ctx, String filter) throws NamingException {
+		SearchControls ctls = new SearchControls();
+		ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+		NamingEnumeration<SearchResult> answer = ctx.search(getSubContext(username), filter, ctls);
+		return answer.hasMoreElements();
+	}
+	/**
+	 * 
+	 * @param username
+	 * @param name
+	 * @param lastName
+	 * @param email
+	 * @param passwd
+	 * @param ctx
+	 * @throws NamingException
+	 */
+	private static void updateUserInLDAP(String username, String name, String lastName, String email, String passwd, DirContext ctx, String filter) throws NamingException {
+		Attributes attributes=new BasicAttributes();
+		Attribute objectClass=new BasicAttribute("objectClass");
+		objectClass.add("inetOrgPerson");
+		attributes.put(objectClass);
+
+		Attribute sn = new BasicAttribute("sn");
+		Attribute cn = new BasicAttribute("cn");
+		Attribute mail = new BasicAttribute("mail");
+		Attribute userPassword = new BasicAttribute("userPassword");
+
+		sn.add(name);
+		cn.add(lastName);
+		mail.add(email);
+		userPassword.add(passwd);
+
+		attributes.put(sn);
+		attributes.put(cn);
+		attributes.put(mail);
+		attributes.put(userPassword);
+
+		if (checkIfLDAPUserExists(username, ctx, filter)) {
+			_log.debug("User " +  username + " already exists, replacing attributes");
+			ctx.modifyAttributes(getSubContext(username), DirContext.REPLACE_ATTRIBUTE, attributes);
+		}
+		else {
+			ctx.createSubcontext(getSubContext(username),attributes);
+			_log.debug("New User with uid=" +  username + " created");
+		}
+	}
+
+	private static String getSubContext(String username) {
+		return "uid="+username+",ou=People,o=Liferay,ou=Organizations,dc=d4science,dc=org";
+	}
+}
diff --git a/src/main/java/org/gcube/portal/ldapexport/settings.properties b/src/main/java/org/gcube/portal/ldapexport/settings.properties
new file mode 100644
index 0000000..e780d27
--- /dev/null
+++ b/src/main/java/org/gcube/portal/ldapexport/settings.properties
@@ -0,0 +1,6 @@
+
+LDAP_PROVIDER_URL=
+LDAP_BASE_DN=
+LDAP_SECURITY_PRINCIPAL=
+LDAP_SECURITY_CREDENTIALS=
+LDAP_FILTER=
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index 0dbac63..b8c14c6 100644
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -9,9 +9,21 @@
 		<servlet-name>read-mail</servlet-name>
 		<servlet-class>org.gcube.portal.socialmail.MailReader</servlet-class>
 	</servlet>
+	
+	<servlet>
+		<servlet-name>export-users</servlet-name>
+		<servlet-class>org.gcube.portal.ldapexport.LDAPExporter</servlet-class>
+	</servlet>
+	
 	<servlet-mapping>
 		<servlet-name>read-mail</servlet-name>
 		<url-pattern>/read-mail</url-pattern>
 	</servlet-mapping>
 
+	<servlet-mapping>
+		<servlet-name>export-users</servlet-name>
+		<url-pattern>/export-users</url-pattern>
+	</servlet-mapping>
+
+
 </web-app>
diff --git a/src/main/webapp/index.jsp b/src/main/webapp/index.jsp
index 04fa808..e75a1d4 100644
--- a/src/main/webapp/index.jsp
+++ b/src/main/webapp/index.jsp
@@ -1,5 +1,5 @@
 <html>
 <body>
-<h2>Hello From Mail Reader Scheduler service!</h2>
+<h2>Hello From Portal Scheduler service!</h2>
 </body>
 </html>