📄 ldapmanager.java
字号:
NamingEnumeration answer = ctx.search("", getSearchFilter(), new String[] {username},
constraints);
if (debug) {
Log.debug("... search finished");
}
if (answer == null || !answer.hasMoreElements()) {
if (debug) {
Log.debug("User DN based on username '" + username + "' not found.");
}
throw new UserNotFoundException("Username " + username + " not found");
}
String userDN = ((SearchResult)answer.next()).getName();
// Make sure there are no more search results. If there are, then
// the username isn't unique on the LDAP server (a perfectly possible
// scenario since only fully qualified dn's need to be unqiue).
// There really isn't a way to handle this, so throw an exception.
// The baseDN must be set correctly so that this doesn't happen.
if (answer.hasMoreElements()) {
if (debug) {
Log.debug("Search for userDN based on username '" + username + "' found multiple " +
"responses, throwing exception.");
}
throw new UserNotFoundException("LDAP username lookup for " + username +
" matched multiple entries.");
}
// Close the enumeration.
answer.close();
// All other methods assume that userDN is not a full LDAP string.
// However if a referal was followed this is not the case. The
// following code converts a referral back to a "partial" LDAP string.
if (userDN.startsWith("ldap://")) {
userDN = userDN.replace("," + baseDN, "");
userDN = userDN.substring(userDN.lastIndexOf("/") + 1);
userDN = java.net.URLDecoder.decode(userDN, "UTF-8");
}
if (encloseUserDN) {
// Enclose userDN values between "
// eg. cn=John\, Doe,ou=People --> cn="John\, Doe",ou="People"
Matcher matcher = userDNPattern.matcher(userDN);
userDN = matcher.replaceAll("$1\"$2\",");
if (userDN.endsWith(",")) {
userDN = userDN.substring(0, userDN.length() - 1);
}
}
return userDN;
}
catch (Exception e) {
if (debug) {
Log.debug("Exception thrown when searching for userDN based on username '" + username + "'", e);
}
throw e;
}
finally {
try { ctx.close(); }
catch (Exception ignored) {
// Ignore.
}
}
}
/**
* Returns a properly encoded URL for use as the PROVIDER_URL.
* If the encoding fails then the URL will contain the raw base dn.
*
* @param baseDN the base dn to use in the URL.
* @return the properly encoded URL for use in as PROVIDER_URL.
*/
private String getProviderURL(String baseDN) {
StringBuffer ldapURL = new StringBuffer();
try {
baseDN = URLEncoder.encode(baseDN, "UTF-8");
// The java.net.URLEncoder class encodes spaces as +, but they need to be %20
baseDN = baseDN.replaceAll("\\+", "%20");
}
catch (java.io.UnsupportedEncodingException e) {
// UTF-8 is not supported, fall back to using raw baseDN
}
for (String host : hosts) {
// Create a correctly-encoded ldap URL for the PROVIDER_URL
ldapURL.append("ldap://");
ldapURL.append(host);
ldapURL.append(":");
ldapURL.append(port);
ldapURL.append("/");
ldapURL.append(baseDN);
ldapURL.append(" ");
}
return ldapURL.toString();
}
/**
* Returns the LDAP servers hosts; e.g. <tt>localhost</tt> or
* <tt>machine.example.com</tt>, etc. This value is stored as the Jive
* Property <tt>ldap.host</tt>.
*
* @return the LDAP server host name.
*/
public Collection<String> getHosts() {
return hosts;
}
/**
* Sets the list of LDAP servers host; e.g., <tt>localhost</tt> or
* <tt>machine.example.com</tt>, etc. This value is store as the Jive
* Property <tt>ldap.host</tt> using a comma as a delimiter for each host.<p>
*
* Note that all LDAP servers have to share the same configuration.
*
* @param hosts the LDAP servers host names.
*/
public void setHosts(Collection<String> hosts) {
this.hosts = hosts;
StringBuilder hostProperty = new StringBuilder();
for (String host : hosts) {
hostProperty.append(host).append(",");
}
if (!hosts.isEmpty()) {
// Remove the last comma
hostProperty.setLength(hostProperty.length()-1);
}
properties.put("ldap.host", hostProperty.toString());
}
/**
* Returns the LDAP server port number. The default is 389. This value is
* stored as the Jive Property <tt>ldap.port</tt>.
*
* @return the LDAP server port number.
*/
public int getPort() {
return port;
}
/**
* Sets the LDAP server port number. The default is 389. This value is
* stored as the Jive property <tt>ldap.port</tt>.
*
* @param port the LDAP server port number.
*/
public void setPort(int port) {
this.port = port;
properties.put("ldap.port", Integer.toString(port));
}
/**
* Returns true if LDAP connection debugging is turned on. When on, trace
* information about BER buffers sent and received by the LDAP provider is
* written to System.out. Debugging is turned off by default.
*
* @return true if LDAP debugging is turned on.
*/
public boolean isDebugEnabled() {
return ldapDebugEnabled;
}
/**
* Sets whether LDAP connection debugging is turned on. When on, trace
* information about BER buffers sent and received by the LDAP provider is
* written to System.out. Debugging is turned off by default.
*
* @param debugEnabled true if debugging should be turned on.
*/
public void setDebugEnabled(boolean debugEnabled) {
this.ldapDebugEnabled = debugEnabled;
properties.put("ldap.ldapDebugEnabled", Boolean.toString(debugEnabled));
}
/**
* Returns true if LDAP connection is via SSL or not. SSL is turned off by default.
*
* @return true if SSL connections are enabled or not.
*/
public boolean isSslEnabled() {
return sslEnabled;
}
/**
* Sets whether the connection to the LDAP server should be made via ssl or not.
*
* @param sslEnabled true if ssl should be enabled, false otherwise.
*/
public void setSslEnabled(boolean sslEnabled) {
this.sslEnabled = sslEnabled;
properties.put("ldap.sslEnabled", Boolean.toString(sslEnabled));
}
/**
* Returns the LDAP field name that the username lookup will be performed
* on. By default this is "uid".
*
* @return the LDAP field that the username lookup will be performed on.
*/
public String getUsernameField() {
return usernameField;
}
/**
* Sets the LDAP field name that the username lookup will be performed on.
* By default this is "uid".
*
* @param usernameField the LDAP field that the username lookup will be
* performed on.
*/
public void setUsernameField(String usernameField) {
this.usernameField = usernameField;
if (usernameField == null) {
properties.remove("ldap.usernameField");
this.usernameField = "uid";
}
else {
properties.put("ldap.usernameField", usernameField);
}
}
/**
* Returns the LDAP field name that the user's name is stored in. By default
* this is "cn". Another common value is "displayName".
*
* @return the LDAP field that that corresponds to the user's name.
*/
public String getNameField() {
return nameField;
}
/**
* Sets the LDAP field name that the user's name is stored in. By default
* this is "cn". Another common value is "displayName".
*
* @param nameField the LDAP field that that corresponds to the user's name.
*/
public void setNameField(String nameField) {
this.nameField = nameField;
if (nameField == null) {
properties.remove("ldap.nameField");
}
else {
properties.put("ldap.nameField", nameField);
}
}
/**
* Returns the LDAP field name that the user's email address is stored in.
* By default this is "mail".
*
* @return the LDAP field that that corresponds to the user's email
* address.
*/
public String getEmailField() {
return emailField;
}
/**
* Sets the LDAP field name that the user's email address is stored in.
* By default this is "mail".
*
* @param emailField the LDAP field that that corresponds to the user's
* email address.
*/
public void setEmailField(String emailField) {
this.emailField = emailField;
if (emailField == null) {
properties.remove("ldap.emailField");
}
else {
properties.put("ldap.emailField", emailField);
}
}
/**
* Returns the starting DN that searches for users will performed with.
* Searches will performed on the entire sub-tree under the base DN.
*
* @return the starting DN used for performing searches.
*/
public String getBaseDN() {
return baseDN;
}
/**
* Sets the starting DN that searches for users will performed with.
* Searches will performed on the entire sub-tree under the base DN.
*
* @param baseDN the starting DN used for performing searches.
*/
public void setBaseDN(String baseDN) {
this.baseDN = baseDN;
properties.put("ldap.baseDN", baseDN);
}
/**
* Returns the alternate starting DN that searches for users will performed with.
* Searches will performed on the entire sub-tree under the alternate base DN after
* they are performed on the main base DN.
*
* @return the alternate starting DN used for performing searches. If no alternate
* DN is set, this method will return <tt>null</tt>.
*/
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -