ldaputil.java

iiitAccessServer是一个用Java编写的基于规则的企业鉴别系统。它作为一个服务器工作

/*******************************************************************************
 * Copyright (C) 2002, 2003
 * ingenieurbuero fuer innovative informationstechnik (iiit)
 * Dipl.-Ing. Joerg Beckmann, Dortmund, Germany
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 *
 * version $Id: LdapUtil.java,v 1.14 2003/04/13 20:16:42 joerg Exp $
 ******************************************************************************/

package de.iiit.access.server.util;

import de.iiit.access.server.api.*;

import de.iiit.ldap.*;
import de.iiit.xmlconfig.*;

import org.apache.log4j.Logger;

import java.util.*;
import javax.naming.*;
import javax.naming.ldap.*;
import javax.naming.directory.*;

/** This class is used for all LDAP requests of the LDAP plug-in. */
public class LdapUtil
{
    /** CVS Version Tag */
    private static final String vcid = "$Id: LdapUtil.java,v 1.14 2003/04/13 20:16:42 joerg Exp $";
    
    private final static String REFRESH_INTERVAL     = "RefreshInterval";
    private final static String ROOT_DN              = "RootDN";
    private final static String SERVER_CONFIG        = "Server";

    private static final String LDAP_PERSON_CLASS  = "LdapPersonClass";
    private static final String LDAP_GROUP_CLASS   = "LdapGroupClass";
    private static final String LDAP_FORMULA_CLASS = "LdapFormulaClass";
    
    private static final String LDAP_PERSON_BASE   = "LdapPersonSearchBase";
    private static final String LDAP_GROUP_BASE    = "LdapGroupSearchBase";
    private static final String LDAP_FORMULA_BASE  = "LdapFormulaSearchBase";
    
    private static final String LDAP_EXPRESSION_FIELD   = "LdapExpressionField";
    private static final String LDAP_COMMONNAME_FIELD   = "LdapCommonNameField";
    private static final String LDAP_USERID_FIELD       = "LdapUserIdField";
    private static final String LDAP_MEMBERUSERID_FIELD = "LdapMemberUserIdField";

    private Logger logger = Logger.getLogger(this.getClass());
    
    private LdapConnectionManager connectionManager = null;

    private Configuration config = null;

    private int refreshIntervall;
    
    private String ldapPersonClass  = null;
    private String ldapGroupClass   = null; 
    private String ldapFormulaClass = null;
    
    private String ldapPersonBase   = null;
    private String ldapGroupBase    = null; 
    private String ldapFormulaBase  = null;
    
    private String ldapExpressionField   = null;
    private String ldapCommonNameField   = null;
    private String ldapUserIdField       = null;
    private String ldapMemberUserIdField = null;

    private String rootDN = null;
    
    boolean running = true;
    
    /** Creates a new instance of LdapPlugin */
    public LdapUtil()
    {
    }
    
    /** Initialize the current object. If there is an configuration error,
     * System.exit(1) will be called.
     *
     * These attributes are needed:
     *
     * <table>
     * <tr>
     * <td>LdapPersonClass</td>
     * <td>The LDAP class used for persons</td>
     * </tr>
     * <tr>
     * <td>LdapGroupClass</td>
     * <td>The LDAP class used for groups</td>
     * </tr>
     * <tr>
     * <td>LdapFormulaClass</td>
     * <td>The LDAP class used for expressions</td>
     * </tr>
     * <tr>
     * <td>LdapPersonSearchBase</td>
     * <td>The search base for persons</td>
     * </tr>
     * <tr>
     * <td>LdapGroupSearchBase</td>
     * <td>The search base for groups</td>
     * </tr>
     * <tr>
     * <td>LdapFormulaSearchBase</td>
     * <td>The search base for expressions</td>
     * </tr>
     * </table>
     *
     * Additionaly there must be one or more entities describing LDAP connections a
     * needed by the {@link de.iiit.ldap.LdapConnectionManager LdapConnectionManager}
     * @param config The configuration needed for the LDAP requests.
     */    
    public void initialize(Configuration config)
    {
        boolean cfgError = false;
        
        this.config = config;

        refreshIntervall = Integer.parseInt(config.getAttribute(REFRESH_INTERVAL, "60000"));

        ldapPersonClass  = config.getAttribute(LDAP_PERSON_CLASS);
        ldapGroupClass   = config.getAttribute(LDAP_GROUP_CLASS); 
        ldapFormulaClass = config.getAttribute(LDAP_FORMULA_CLASS);

        ldapPersonBase   = config.getAttribute(LDAP_PERSON_BASE);
        ldapGroupBase    = config.getAttribute(LDAP_GROUP_BASE); 
        ldapFormulaBase  = config.getAttribute(LDAP_FORMULA_BASE);

        ldapExpressionField   = config.getAttribute(LDAP_EXPRESSION_FIELD);
        ldapCommonNameField   = config.getAttribute(LDAP_COMMONNAME_FIELD);
        ldapUserIdField       = config.getAttribute(LDAP_USERID_FIELD);
        ldapMemberUserIdField = config.getAttribute(LDAP_MEMBERUSERID_FIELD);

        rootDN = config.getAttribute(ROOT_DN);

        Vector serverConfig = config.getSubConfigurations(SERVER_CONFIG);
        
        if (ldapPersonClass == null)
        {
            logger.fatal("No LDAP person class configuration found");  
            cfgError = true;
        }

        if (ldapGroupClass == null)
        {
            logger.fatal("No LDAP group class configuration found");  
            cfgError = true;
        }

        if (ldapFormulaClass == null)
        {
            logger.fatal("No LDAP formula class configuration found");  
            cfgError = true;
        }
        
        if (ldapPersonBase == null)
        {
            logger.fatal("No LDAP person search base configuration found");  
            cfgError = true;
        }

        if (ldapGroupBase == null)
        {
            logger.fatal("No LDAP group search base configuration found");  
            cfgError = true;
        }

        if (ldapFormulaBase == null)
        {
            logger.fatal("No LDAP formula search base configuration found");  
            cfgError = true;
        }
        
        if (ldapExpressionField == null)
        {
            logger.fatal("No LDAP expression field name configuration found");  
            cfgError = true;
        }
        
        if (ldapCommonNameField == null)
        {
            logger.fatal("No LDAP common name field name configuration found");  
            cfgError = true;
        }
        
        if (ldapUserIdField == null)
        {
            logger.fatal("No LDAP user id field name configuration found");  
            cfgError = true;
        }
        
        if (ldapMemberUserIdField == null)
        {
            logger.fatal("No LDAP member user id field name configuration found");  
            cfgError = true;
        }
        
        if (rootDN == null)
        {
            logger.fatal("No LDAP root DN configuration found");  
            cfgError = true;
        }
        
        if (serverConfig == null)
        {
            logger.fatal("No Configuration for LDAP server found!");
            cfgError = true;
        }

        if (cfgError)
            System.exit(1);
        
        connectionManager = new LdapConnectionManager(serverConfig, -1, refreshIntervall);
    }
    
    /** Stop the refresher thread 
     */
    public void shutdown()
    {
        running = false;
        
        if (connectionManager != null)
            connectionManager.shutdown();
    }
    
    /** Retrieves the configured LDAP search base for persons
     * @return the configured LDAP search base for persons
     */    
    public String getLdapPersonBase()
    {
        return ldapPersonBase;
    }
    
    /** Retrieves the configured LDAP object class to use for persons
     * @return the configured LDAP object class to use for persons
     */    
    public String getLdapPersonClass()
    {
        return ldapPersonClass;
    }
    
    /** Retrieves the configured LDAP search base for expressions
     * @return the configured LDAP search base for expressions
     */    
    public String getLdapFormulaBase()
    {
        return ldapFormulaBase;
    }
    
    /** Retrieves the configured LDAP object class to use for expressions
     * @return the configured LDAP object class to use for expressions
     */    
    public String getLdapFormulaClass()
    {
        return ldapFormulaClass;
    }
    
    /** Retrieves the configured LDAP search base for groups
     * @return the configured LDAP search base for groups
     */    
    public String getLdapGroupBase()
    {
        return ldapGroupBase;
    }
    
    /** Retrieves the configured LDAP object class to use for groups
     * @return the configured LDAP object class to use for groups
     */    
    public String getLdapGroupClass()
    {
        return ldapGroupClass;
    }
    
    /** The LDAP attribute to use for expressions
     * @return the configured LDAP field name for expressions
     */    
    public String getLdapExpression()
    {
        return ldapExpressionField;
    }
    
    /** The LDAP attribute to use for names
     * @return the configured LDAP field name for names
     */    
    public String getLdapCommonName()
    {
        return ldapCommonNameField;
    }
    
    /** The LDAP attribute to use for user IDs
     * @return the configured LDAP field name for user IDs
     */    
    public String getLdapUserId()
    {
        return ldapUserIdField;
    }
    
    /** The LDAP attribute to use for user IDs of group members
     * @return the configured LDAP field name for user IDs of group members
     */    
    public String getLdapGroupMember()
    {
        return ldapMemberUserIdField;
    }
    
    private LdapContext getContext()
    {
        return connectionManager.getContext();
    }
    
    private NamingEnumeration searchEnumeration(DirContext context, String searchBase, String filter, String[] attrs) throws NamingException
    {
        if (searchBase == null)
            searchBase = rootDN;  
        
        if (context == null)
            throw new NamingException("Context is invalid");
        
        return context.search(searchBase, filter, 
            new SearchControls(SearchControls.SUBTREE_SCOPE, 0, 0, attrs, true, true));
    }
    
    private Vector searchVector(DirContext context, String searchBase, String filter, String[] attrs) throws NamingException
    {
        List l = new ArrayList(Arrays.asList(attrs));
        l.add("objectClass");
        attrs = (String[]) l.toArray(attrs);
        
        NamingEnumeration ne = searchEnumeration(context, searchBase, filter, attrs);
        Vector result = new Vector();
        
        while (ne.hasMore())
        {
            SearchResult sr = (SearchResult) ne.next();

            LdapGenericObject o = new LdapGenericObject((LdapContext) sr.getObject(), sr.getName(), searchBase);
            o.setAttributes(sr.getAttributes());

            result.add(o);
        }
        
        return result;
    }

    /** Retrieves records from the LDAP database.
     * @param searchBase The search base to use for the request.
     * @param filter The search filter to use for the request
     * @param attrs The attributes to retrieve
     * @throws NamingException if a LDAP error occured
     * @return the results encapsulated as {@link de.iiit.ldap.LdapGenericObject LdapGenericObject }
     */    
    public Vector search(String searchBase, String filter, String[] attrs) throws NamingException
    {
        return searchVector(connectionManager.getContext(), searchBase, filter, attrs);
    }
}

/**
 * $Log: LdapUtil.java,v $
 * Revision 1.14  2003/04/13 20:16:42  joerg
 * Package structure modified
 *
 * Revision 1.13  2003/01/16 21:47:13  joerg
 * Kleine Bugfixes
 *
 * Revision 1.12  2003/01/01 21:04:18  joerg
 * Copyright-Statement aktualisiert
 *
 * Revision 1.11  2002/12/27 20:19:36  joerg
 * Interne Methode search() umbenannt.
 *
 * Revision 1.10  2002/12/24 21:04:33  joerg
 * Umbau der Paketstruktur
 * iiitLdapPlugin integriert
 * JavaDoc-Kommentare weiter vervollstaendigt.
 *
 * Revision 1.9  2002/12/23 11:27:53  joerg
 * shutdown()-Methode hinzugefuegt.
 *
 * Revision 1.8  2002/12/21 19:55:03  joerg
 * Nicht mehr benoetigte Methoden entfernt, interne Methoden auf
 * private oder protected geaendert.
 * JavaDoc Kommentare ergaenzt.
 *
 * Revision 1.7  2002/12/19 15:54:33  joerg
 * Paket umbenannt in iiitLdapPlugin
 *
 * Revision 1.6  2002/12/08 16:37:33  joerg
 * Aufraeumungsarbeiten nach dem grossen Umbau
 *
 * Revision 1.5  2002/12/08 16:09:46  joerg
 * Paket-Struktur ueberarbeitet
 *
 * Revision 1.4  2002/12/08 13:56:27  joerg
 * Das LdapPlugin ist jetzt nicht mehr eine Implementierung
 * des LdapPluginIf sondern eigenstaendig
 *
 * Revision 1.3  2002/11/26 10:56:40  joerg
 * Package exprparser durch parser erstzt.
 *
 * Revision 1.2  2002/11/20 20:29:29  joerg
 * Neue Methode getLdapUserId()
 *
 * Revision 1.1  2002/11/18 21:23:36  joerg
 * LDAP-Anbindung auf LdapPlugin umgestellt.
 *
 */