Author: bdaw
Date: 2010-02-10 16:52:19 -0500 (Wed, 10 Feb 2010)
New Revision: 1621
Added:
portal/trunk/component/identity/src/test/java/org/exoplatform/services/organization/TestConfigOrganizationService.java
portal/trunk/component/portal/src/main/java/org/exoplatform/portal/filter/
portal/trunk/component/portal/src/main/java/org/exoplatform/portal/filter/UserGroupFilter.java
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme.ldif
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-config.xml
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/Config.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/ExtGroup.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/GroupDAOImpl.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/IDMUserListAccess.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipDAOImpl.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipImpl.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipTypeDAOImpl.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMOrganizationServiceImpl.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMService.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMServiceImpl.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserDAOImpl.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserProfileDAOImpl.java
portal/trunk/component/identity/src/test/java/conf/portal/idm-configuration.xml
portal/trunk/component/web/src/main/java/org/exoplatform/web/login/ClusteredSSOFilter.java
portal/trunk/pom.xml
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/organization-configuration.xml
portal/trunk/web/portal/src/main/webapp/WEB-INF/web.xml
Log:
- PLIDM 1.1.0.Beta3
- Bug fixes
- PLIDM association to MembershipType
- PLIDM exceptions not propagated outside of identity integration layer
- missing @author
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/Config.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/Config.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/Config.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -1,10 +1,5 @@
package org.exoplatform.services.organization.idm;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
/*
* JBoss, a division of Red Hat
* Copyright 2010, Red Hat Middleware, LLC, and individual contributors as indicated
@@ -26,6 +21,14 @@
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
*/
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
public class Config
{
@@ -113,8 +116,24 @@
if (checkParents && !parentId.equals("/") &&
parentId.contains("/"))
{
- String newParentId = parentId.substring(0,
parentId.lastIndexOf("/"));
- return getGroupType(newParentId);
+ // Check if any mapping that contains '/*' match this id
+ for (String key : groupTypeMappings.keySet())
+ {
+ id = key;
+ if (id.endsWith("/*"))
+ {
+ id = id.substring(0, id.length() - 2);
+ }
+ else
+ {
+ continue;
+ }
+
+ if (parentId.startsWith(id))
+ {
+ return groupTypeMappings.get(key);
+ }
+ }
}
return null;
@@ -139,7 +158,7 @@
for (String key : groupTypeMappings.keySet())
{
- if (key.startsWith("id"))
+ if (key.equals(id) || key.equals(id + "/*"))
{
types.add(groupTypeMappings.get(key));
}
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/ExtGroup.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/ExtGroup.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/ExtGroup.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -26,6 +26,9 @@
import java.io.Serializable;
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
public class ExtGroup implements Group, Serializable
{
private String id;
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/GroupDAOImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/GroupDAOImpl.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/GroupDAOImpl.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -29,15 +29,24 @@
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
+import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
public class GroupDAOImpl implements GroupHandler
{
+ private static Logger log = LoggerFactory.getLogger(GroupDAOImpl.class);
+
public static final String GROUP_LABEL = "label";
public static final String GROUP_DESCRIPTION = "description";
@@ -76,9 +85,18 @@
if (parent != null)
{
- parentGroup =
- getIdentitySession().getPersistenceManager().
- findGroup(parent.getGroupName(),
orgService.getConfiguration().getGroupType(parent.getParentId()));
+ try
+ {
+ parentGroup =
+ getIdentitySession().getPersistenceManager().
+ findGroup(parent.getGroupName(),
orgService.getConfiguration().getGroupType(parent.getParentId()));
+ }
+ catch (Exception e)
+ {
+ log.info("Cannot obtain group: " + parent.getGroupName(), e);
+
+ }
+
((ExtGroup)child).setId(parent.getId() + "/" + child.getGroupName());
}
@@ -98,14 +116,21 @@
}
org.picketlink.idm.api.Group childGroup = persistGroup(child);
- if (parentGroup != null)
+ try
{
- getIdentitySession().getRelationshipManager().associateGroups(parentGroup,
childGroup);
+ if (parentGroup != null)
+ {
+ getIdentitySession().getRelationshipManager().associateGroups(parentGroup,
childGroup);
+ }
+ else
+ {
+ getIdentitySession().getRelationshipManager().associateGroups(getRootGroup(),
childGroup);
+ }
}
- else
+ catch (Exception e)
{
- getIdentitySession().getRelationshipManager().associateGroups(getRootGroup(),
childGroup);
+ log.info("Cannot associate groups: ", e);
}
if (broadcast)
@@ -135,10 +160,19 @@
preDelete(group);
}
- org.picketlink.idm.api.Group jbidGroup =
- getIdentitySession().getPersistenceManager().
- findGroup(group.getGroupName(),
orgService.getConfiguration().getGroupType(group.getParentId()));
+ org.picketlink.idm.api.Group jbidGroup = null;
+ try
+ {
+ jbidGroup =
+ getIdentitySession().getPersistenceManager().
+ findGroup(group.getGroupName(),
orgService.getConfiguration().getGroupType(group.getParentId()));
+ }
+ catch (Exception e)
+ {
+ log.info("Cannot obtain group: " + group.getGroupName() + ";
", e);
+ }
+
if (jbidGroup == null)
{
return group;
@@ -146,21 +180,35 @@
// MembershipDAOImpl.removeMembershipEntriesOfGroup(group,
getIdentitySession());
- Collection<org.picketlink.idm.api.Group> oneLevelChilds =
- getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
null, true, false);
+ try
+ {
+ Collection<org.picketlink.idm.api.Group> oneLevelChilds =
+ getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
null, true, false);
- Collection<org.picketlink.idm.api.Group> allChilds =
- getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
null, true, true);
+ Collection<org.picketlink.idm.api.Group> allChilds =
+ getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
null, true, true);
- getIdentitySession().getRelationshipManager().disassociateGroups(jbidGroup,
oneLevelChilds);
+ getIdentitySession().getRelationshipManager().disassociateGroups(jbidGroup,
oneLevelChilds);
- for (org.picketlink.idm.api.Group child : allChilds)
+ for (org.picketlink.idm.api.Group child : allChilds)
+ {
+ //TODO: impl force in IDM
+ getIdentitySession().getPersistenceManager().removeGroup(child, true);
+ }
+ }
+ catch (Exception e)
{
- //TODO: impl force in IDM
- getIdentitySession().getPersistenceManager().removeGroup(child, true);
+ log.info("Cannot clear group relationships: " + group.getGroupName() +
"; ", e);
}
- getIdentitySession().getPersistenceManager().removeGroup(jbidGroup, true);
+ try
+ {
+ getIdentitySession().getPersistenceManager().removeGroup(jbidGroup, true);
+ }
+ catch (Exception e)
+ {
+ log.info("Cannot remove group: " + group.getGroupName() + ";
", e);
+ }
if (broadcast)
{
@@ -171,9 +219,17 @@
public Collection findGroupByMembership(String userName, String membershipType) throws
Exception
{
- Collection<org.picketlink.idm.api.Role> allRoles =
- getIdentitySession().getRoleManager().findRoles(userName, membershipType);
+ Collection<org.picketlink.idm.api.Role> allRoles = new HashSet();
+ try
+ {
+ allRoles = getIdentitySession().getRoleManager().findRoles(userName,
membershipType);
+ }
+ catch (Exception e)
+ {
+ log.info("Identity operation error: ", e);
+ }
+
Set<Group> exoGroups = new HashSet<Group>();
MembershipDAOImpl mmm = (MembershipDAOImpl)orgService.getMembershipHandler();
@@ -188,9 +244,17 @@
if (mmm.isAssociationMapped() &&
mmm.getAssociationMapping().equals(membershipType))
{
- Collection<org.picketlink.idm.api.Group> groups =
- getIdentitySession().getRelationshipManager().findAssociatedGroups(userName,
null);
+ Collection<org.picketlink.idm.api.Group> groups = new HashSet();
+ try
+ {
+ groups =
getIdentitySession().getRelationshipManager().findAssociatedGroups(userName, null);
+ }
+ catch (Exception e)
+ {
+ log.info("Identity operation error: ", e);
+ }
+
for (org.picketlink.idm.api.Group group : groups)
{
exoGroups.add(convertGroup(group));
@@ -226,9 +290,18 @@
}
else
{
- jbidGroup =
- getIdentitySession().getPersistenceManager().
- findGroup(parent.getGroupName(),
orgService.getConfiguration().getGroupType(parent.getParentId()));
+ try
+ {
+ jbidGroup =
+ getIdentitySession().getPersistenceManager().
+ findGroup(parent.getGroupName(),
orgService.getConfiguration().getGroupType(parent.getParentId()));
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
}
if (jbidGroup == null)
@@ -241,9 +314,18 @@
Set<org.picketlink.idm.api.Group> plGroups = new
HashSet<org.picketlink.idm.api.Group>();
- plGroups.addAll(getIdentitySession().getRelationshipManager().
- findAssociatedGroups(jbidGroup, null, true, false));
+ try
+ {
+ plGroups.addAll(getIdentitySession().getRelationshipManager().
+ findAssociatedGroups(jbidGroup, null, true, false));
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
+
// Get members of all types mapped below the parent group id path.
if (orgService.getConfiguration().isForceMembershipOfMappedTypes())
{
@@ -252,17 +334,29 @@
for (String type : orgService.getConfiguration().getTypes(id))
{
- plGroups
- .addAll(getIdentitySession().getPersistenceManager().findGroup(type));
+ try
+ {
+ plGroups
+ .addAll(getIdentitySession().getPersistenceManager().findGroup(type));
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
}
}
Set<Group> exoGroups = new HashSet<Group>();
+ org.picketlink.idm.api.Group root = getRootGroup();
+
for (org.picketlink.idm.api.Group group : plGroups)
{
- exoGroups.add(convertGroup(group));
-
+ if (!group.equals(root))
+ {
+ exoGroups.add(convertGroup(group));
+ }
}
@@ -289,9 +383,19 @@
return Collections.emptyList();
}
- Collection<org.picketlink.idm.api.Group> allGroups =
- getIdentitySession().getRelationshipManager().findRelatedGroups(user, null,
null);
+ Collection<org.picketlink.idm.api.Group> allGroups = new HashSet();
+ try
+ {
+ allGroups =
getIdentitySession().getRelationshipManager().findRelatedGroups(user, null, null);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
List<Group> exoGroups = new LinkedList<Group>();
for (org.picketlink.idm.api.Group group : allGroups)
@@ -308,24 +412,46 @@
Set<org.picketlink.idm.api.Group> plGroups = new
HashSet<org.picketlink.idm.api.Group>();
- plGroups
-
.addAll(getIdentitySession().getRelationshipManager().findAssociatedGroups(getRootGroup(),
null, true, true));
+ try
+ {
+ plGroups
+
.addAll(getIdentitySession().getRelationshipManager().findAssociatedGroups(getRootGroup(),
null, true, true));
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
+
// Check for all type groups mapped as part of the group tree but not connected
with the root group by association
if (orgService.getConfiguration().isForceMembershipOfMappedTypes())
{
for (String type : orgService.getConfiguration().getAllTypes())
{
- plGroups
- .addAll(getIdentitySession().getPersistenceManager().findGroup(type));
+ try
+ {
+ plGroups
+ .addAll(getIdentitySession().getPersistenceManager().findGroup(type));
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
}
}
Set<Group> exoGroups = new HashSet<Group>();
+ org.picketlink.idm.api.Group root = getRootGroup();
+
for (org.picketlink.idm.api.Group group : plGroups)
{
- exoGroups.add(convertGroup(group));
+ if (!group.equals(root))
+ {
+ exoGroups.add(convertGroup(group));
+ }
}
// UI has hardcoded casts to List
@@ -365,24 +491,21 @@
}
}
-// public Group getGroup(String groupName) throws Exception
-// {
-// org.picketlink.idm.api.Group jbidGroup =
-// getIdentitySession().getPersistenceManager().findGroup(groupName,
orgService.getGtnGroupType());
-//
-// if (jbidGroup == null)
-// {
-// return null;
-// }
-//
-// return convertGroup(jbidGroup);
-//
-// }
protected Group convertGroup(org.picketlink.idm.api.Group jbidGroup) throws Exception
{
- Map<String, Attribute> attrs =
getIdentitySession().getAttributesManager().getAttributes(jbidGroup);
+ Map<String, Attribute> attrs = new HashMap();
+ try
+ {
+ attrs = getIdentitySession().getAttributesManager().getAttributes(jbidGroup);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
+
ExtGroup exoGroup = new ExtGroup(jbidGroup.getName());
if (attrs.containsKey(GROUP_DESCRIPTION) &&
attrs.get(GROUP_DESCRIPTION).getValue() != null)
@@ -393,6 +516,11 @@
{
exoGroup.setLabel(attrs.get(GROUP_LABEL).getValue().toString());
}
+ // UI requires that group has label
+ else
+ {
+ exoGroup.setLabel(exoGroup.getGroupName());
+ }
// Resolve full ID
String id = getGroupId(jbidGroup);
@@ -415,14 +543,23 @@
private String getGroupId(org.picketlink.idm.api.Group jbidGroup) throws Exception
{
- if (jbidGroup.getName().equals(orgService.getConfiguration().getRootGroupName()))
+ if (jbidGroup.equals(getRootGroup()))
{
return "";
}
- Collection<org.picketlink.idm.api.Group> parents =
- getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
null, false, false);
+ Collection<org.picketlink.idm.api.Group> parents = new HashSet();
+ try
+ {
+ parents =
getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup, null, false,
false);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
+
if (parents.size() > 1)
{
throw new IllegalStateException("Group has more than one parent: " +
jbidGroup.getName());
@@ -440,7 +577,7 @@
id = id.substring(0, id.length() - 2);
}
- return id + jbidGroup.getName();
+ return id + "/" + jbidGroup.getName();
}
@@ -461,15 +598,32 @@
private org.picketlink.idm.api.Group persistGroup(Group exoGroup) throws Exception
{
- org.picketlink.idm.api.Group jbidGroup =
- getIdentitySession().getPersistenceManager().
- findGroup(exoGroup.getGroupName(),
orgService.getConfiguration().getGroupType(exoGroup.getParentId()));
+ org.picketlink.idm.api.Group jbidGroup = null;
+ try
+ {
+ jbidGroup = getIdentitySession().getPersistenceManager().
+ findGroup(exoGroup.getGroupName(),
orgService.getConfiguration().getGroupType(exoGroup.getParentId()));
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
+
if (jbidGroup == null)
{
- jbidGroup =
- getIdentitySession().getPersistenceManager().
- createGroup(exoGroup.getGroupName(),
orgService.getConfiguration().getGroupType(exoGroup.getParentId()));
+ try
+ {
+ jbidGroup =
+ getIdentitySession().getPersistenceManager().
+ createGroup(exoGroup.getGroupName(),
orgService.getConfiguration().getGroupType(exoGroup.getParentId()));
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
}
String description = exoGroup.getDescription();
@@ -492,7 +646,15 @@
attrs = attrsList.toArray(attrs);
- getIdentitySession().getAttributesManager().updateAttributes(jbidGroup, attrs);
+ try
+ {
+ getIdentitySession().getAttributesManager().updateAttributes(jbidGroup,
attrs);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
}
@@ -506,17 +668,33 @@
private org.picketlink.idm.api.Group getRootGroup() throws Exception
{
- org.picketlink.idm.api.Group rootGroup =
- getIdentitySession().getPersistenceManager().
+ org.picketlink.idm.api.Group rootGroup = null;
+ try
+ {
+ rootGroup = getIdentitySession().getPersistenceManager().
findGroup(orgService.getConfiguration().getRootGroupName(),
orgService.getConfiguration().getGroupType("/"));
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
if (rootGroup == null)
{
- rootGroup =
- getIdentitySession().getPersistenceManager().
- createGroup(
- orgService.getConfiguration().getRootGroupName(),
- orgService.getConfiguration().getGroupType("/"));
+ try
+ {
+ rootGroup =
+ getIdentitySession().getPersistenceManager().
+ createGroup(
+ orgService.getConfiguration().getRootGroupName(),
+ orgService.getConfiguration().getGroupType("/"));
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
}
return rootGroup;
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/IDMUserListAccess.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/IDMUserListAccess.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/IDMUserListAccess.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -26,6 +26,9 @@
import java.util.List;
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
public class IDMUserListAccess implements ListAccess<User>
{
private final UserDAOImpl userDAO;
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipDAOImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipDAOImpl.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipDAOImpl.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -29,6 +29,8 @@
import org.picketlink.idm.api.IdentitySession;
import org.picketlink.idm.api.Role;
import org.picketlink.idm.api.RoleType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.util.Collection;
import java.util.Collections;
@@ -39,10 +41,12 @@
import javax.naming.InvalidNameException;
-/**
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
*/
public class MembershipDAOImpl implements MembershipHandler
{
+ private static Logger log = LoggerFactory.getLogger(MembershipDAOImpl.class);
private PicketLinkIDMService service_;
@@ -147,8 +151,23 @@
getIdentitySession().getPersistenceManager().
createGroupKey(getGroupNameFromId(m.getGroupId()),
getGroupTypeFromId(m.getGroupId()));
- if (getIdentitySession().getRoleManager().hasRole(m.getUserName(), groupId,
m.getMembershipType()))
+
+ boolean hasRole = false;
+
+
+ try
{
+ hasRole = getIdentitySession().getRoleManager().hasRole(m.getUserName(),
groupId, m.getMembershipType());
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
+ if (hasRole)
+ {
return;
}
@@ -160,11 +179,29 @@
if (isCreateMembership(m.getMembershipType()))
{
- getIdentitySession().getRoleManager().createRole(m.getMembershipType(),
m.getUserName(), groupId);
+ try
+ {
+ getIdentitySession().getRoleManager().createRole(m.getMembershipType(),
m.getUserName(), groupId);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
}
if (isAssociationMapped() &&
getAssociationMapping().equals(m.getMembershipType()))
{
- getIdentitySession().getRelationshipManager().associateUserByKeys(groupId,
m.getUserName());
+ try
+ {
+ getIdentitySession().getRelationshipManager().associateUserByKeys(groupId,
m.getUserName());
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
}
if (broadcast)
@@ -182,8 +219,21 @@
getIdentitySession().getPersistenceManager().
createGroupKey(getGroupNameFromId(m.getGroupId()),
getGroupTypeFromId(m.getGroupId()));
- if (!getIdentitySession().getRoleManager().hasRole(m.getUserName(), groupId,
m.getMembershipType()))
+ boolean hasRole = false;
+
+ try
{
+ hasRole = getIdentitySession().getRoleManager().hasRole(m.getUserName(),
groupId, m.getMembershipType());
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
+ if (!hasRole)
+ {
return m;
}
@@ -195,15 +245,45 @@
if (isCreateMembership(m.getMembershipType()))
{
- getIdentitySession().getRoleManager().removeRole(m.getMembershipType(),
m.getUserName(), groupId);
+ try
+ {
+ getIdentitySession().getRoleManager().removeRole(m.getMembershipType(),
m.getUserName(), groupId);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
}
- if (isAssociationMapped() &&
getAssociationMapping().equals(m.getMembershipType()) &&
-
getIdentitySession().getRelationshipManager().isAssociatedByKeys(m.getGroupId(),
m.getUserName()))
+ boolean associated = false;
+
+ try
{
+ associated =
getIdentitySession().getRelationshipManager().isAssociatedByKeys(m.getGroupId(),
m.getUserName());
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
+ if (isAssociationMapped() &&
getAssociationMapping().equals(m.getMembershipType()) && associated)
+ {
Set<String> keys = new HashSet<String>();
keys.add(m.getUserName());
- getIdentitySession().getRelationshipManager().disassociateUsersByKeys(groupId,
keys);
+ try
+ {
+
getIdentitySession().getRelationshipManager().disassociateUsersByKeys(groupId, keys);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
}
if (broadcast)
@@ -216,8 +296,19 @@
public Collection removeMembershipByUser(String userName, boolean broadcast) throws
Exception
{
- Collection<Role> roles =
getIdentitySession().getRoleManager().findRoles(userName, null);
+ Collection<Role> roles = new HashSet();
+ try
+ {
+ roles = getIdentitySession().getRoleManager().findRoles(userName, null);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
HashSet<MembershipImpl> memberships = new HashSet<MembershipImpl>();
for (Role role : roles)
@@ -246,15 +337,34 @@
if (isAssociationMapped())
{
- Collection<org.picketlink.idm.api.Group> groups =
- getIdentitySession().getRelationshipManager().findAssociatedGroups(userName,
null);
+ Collection<org.picketlink.idm.api.Group> groups = new HashSet();
+ try
+ {
+ groups =
getIdentitySession().getRelationshipManager().findAssociatedGroups(userName, null);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
Set<String> keys = new HashSet<String>();
keys.add(userName);
for (org.picketlink.idm.api.Group group : groups)
{
-
getIdentitySession().getRelationshipManager().disassociateUsersByKeys(group.getKey(),
keys);
+ try
+ {
+
getIdentitySession().getRelationshipManager().disassociateUsersByKeys(group.getKey(),
keys);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
}
}
@@ -272,15 +382,38 @@
boolean hasMembership = false;
- if (isAssociationMapped() && getAssociationMapping().equals(type)
&&
- getIdentitySession().getRelationshipManager().isAssociatedByKeys(gid,
userName))
+ boolean associated = false;
+
+ try
{
+ associated =
getIdentitySession().getRelationshipManager().isAssociatedByKeys(gid, userName);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
+ if (isAssociationMapped() && getAssociationMapping().equals(type)
&& associated)
+ {
hasMembership = true;
}
- Role role = getIdentitySession().getRoleManager().getRole(type, userName, gid);
+ Role role = null;
+ try
+ {
+ role = getIdentitySession().getRoleManager().getRole(type, userName, gid);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
if (role != null &&
(!isAssociationMapped() ||
!getAssociationMapping().equals(role.getRoleType()) ||
@@ -316,8 +449,19 @@
getIdentitySession().getPersistenceManager().
createGroupKey(getGroupNameFromId(groupId), getGroupTypeFromId(groupId));
- Collection<RoleType> roleTypes =
getIdentitySession().getRoleManager().findRoleTypes(userName, gid, null);
+ Collection<RoleType> roleTypes = new HashSet();
+ try
+ {
+ roleTypes = getIdentitySession().getRoleManager().findRoleTypes(userName, gid,
null);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
HashSet<MembershipImpl> memberships = new HashSet<MembershipImpl>();
for (RoleType roleType : roleTypes)
@@ -332,9 +476,21 @@
}
}
- if (isAssociationMapped() &&
- getIdentitySession().getRelationshipManager().isAssociatedByKeys(gid,
userName))
+ boolean associated = false;
+
+ try
{
+ associated =
getIdentitySession().getRelationshipManager().isAssociatedByKeys(gid, userName);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
+ if (isAssociationMapped() && associated)
+ {
MembershipImpl m = new MembershipImpl();
m.setGroupId(groupId);
m.setUserName(userName);
@@ -348,8 +504,19 @@
public Collection findMembershipsByUser(String userName) throws Exception
{
- Collection<Role> roles =
getIdentitySession().getRoleManager().findRoles(userName, null);
+ Collection<Role> roles = new HashSet();
+ try
+ {
+ roles = getIdentitySession().getRoleManager().findRoles(userName, null);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
HashSet<MembershipImpl> memberships = new HashSet<MembershipImpl>();
for (Role role : roles)
@@ -368,9 +535,19 @@
if (isAssociationMapped())
{
- Collection<org.picketlink.idm.api.Group> groups =
- getIdentitySession().getRelationshipManager().findAssociatedGroups(userName,
null);
+ Collection<org.picketlink.idm.api.Group> groups = new HashSet();
+ try
+ {
+ groups =
getIdentitySession().getRelationshipManager().findAssociatedGroups(userName, null);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
for (org.picketlink.idm.api.Group group : groups)
{
MembershipImpl m = new MembershipImpl();
@@ -387,22 +564,6 @@
return new LinkedList(memberships);
}
-// static void removeMembershipEntriesOfGroup(PicketLinkIDMOrganizationServiceImpl
orgService, Group group,
-// IdentitySession session) throws Exception
-// {
-// String gid = session.getPersistenceManager().
-// createGroupKey(group.getGroupName(),
orgService.getConfiguration().getGroupType(group.getParentId()));
-//
-// Collection<Role> roles = session.getRoleManager().findRoles(gid, null);
-//
-// for (Role role : roles)
-// {
-// session.getRoleManager().removeRole(role);
-// }
-//
-//
-// }
-
public Collection findMembershipsByGroup(Group group) throws Exception
{
return findMembershipsByGroupId(group.getId());
@@ -414,8 +575,19 @@
getIdentitySession().getPersistenceManager().createGroupKey(getGroupNameFromId(groupId),
getGroupTypeFromId(groupId));
- Collection<Role> roles = getIdentitySession().getRoleManager().findRoles(gid,
null);
+ Collection<Role> roles = new HashSet();
+ try
+ {
+ roles = getIdentitySession().getRoleManager().findRoles(gid, null);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
HashSet<MembershipImpl> memberships = new HashSet<MembershipImpl>();
for (Role role : roles)
@@ -434,9 +606,19 @@
if (isAssociationMapped())
{
- Collection<org.picketlink.idm.api.User> users =
- getIdentitySession().getRelationshipManager().findAssociatedUsers(gid, false,
null);
+ Collection<org.picketlink.idm.api.User> users = new HashSet();
+ try
+ {
+ users =
getIdentitySession().getRelationshipManager().findAssociatedUsers(gid, false, null);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+
+ }
+
for (org.picketlink.idm.api.User user : users)
{
MembershipImpl m = new MembershipImpl();
@@ -461,21 +643,38 @@
getIdentitySession().getPersistenceManager().createGroupKey(getGroupNameFromId(m.getGroupId()),
getGroupTypeFromId(m.getGroupId()));
- if (isCreateMembership(m.getMembershipType()) &&
- getIdentitySession().getRoleManager().hasRole(m.getUserName(), groupId,
m.getMembershipType()))
+
+ try
{
- return m;
+ if (isCreateMembership(m.getMembershipType()) &&
+ getIdentitySession().getRoleManager().hasRole(m.getUserName(), groupId,
m.getMembershipType()))
+ {
+ return m;
+ }
}
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
- if (isAssociationMapped() &&
getAssociationMapping().equals(m.getMembershipType()) &&
- getIdentitySession().getRelationshipManager().isAssociatedByKeys(groupId,
m.getUserName()))
+ }
+
+ try
{
- return m;
+ if (isAssociationMapped() &&
getAssociationMapping().equals(m.getMembershipType()) &&
+ getIdentitySession().getRelationshipManager().isAssociatedByKeys(groupId,
m.getUserName()))
+ {
+ return m;
+ }
}
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
-
return null;
}
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipImpl.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipImpl.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -21,6 +21,9 @@
import org.exoplatform.services.organization.Membership;
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
public class MembershipImpl implements Membership
{
private String membershipType = "member";
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipTypeDAOImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipTypeDAOImpl.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipTypeDAOImpl.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -33,6 +33,9 @@
import java.util.List;
import java.util.Map;
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
public class MembershipTypeDAOImpl implements MembershipTypeHandler
{
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMOrganizationServiceImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMOrganizationServiceImpl.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMOrganizationServiceImpl.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -33,6 +33,9 @@
import java.util.LinkedList;
import java.util.concurrent.atomic.AtomicInteger;
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
public class PicketLinkIDMOrganizationServiceImpl extends BaseOrganizationService
implements Startable,
ComponentRequestLifecycle
{
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMService.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMService.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMService.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -22,6 +22,9 @@
import org.picketlink.idm.api.IdentitySession;
import org.picketlink.idm.api.IdentitySessionFactory;
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
public interface PicketLinkIDMService
{
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMServiceImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMServiceImpl.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMServiceImpl.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -39,6 +39,9 @@
import javax.naming.InitialContext;
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
public class PicketLinkIDMServiceImpl implements PicketLinkIDMService, Startable
{
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserDAOImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserDAOImpl.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserDAOImpl.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -32,7 +32,9 @@
import org.picketlink.idm.api.AttributesManager;
import org.picketlink.idm.api.IdentitySession;
import org.picketlink.idm.api.query.UserQueryBuilder;
+import org.picketlink.idm.common.exception.IdentityException;
import org.picketlink.idm.impl.api.SimpleAttribute;
+import org.slf4j.LoggerFactory;
import java.text.DateFormat;
import java.util.ArrayList;
@@ -42,12 +44,16 @@
import java.util.List;
import java.util.Map;
import java.util.Set;
+import java.util.logging.Logger;
-/**
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
*/
public class UserDAOImpl implements UserHandler
{
+ private static org.slf4j.Logger log = LoggerFactory.getLogger(UserDAOImpl.class);
+
private final PicketLinkIDMService service_;
private ExoCache cache_;
@@ -124,8 +130,16 @@
preSave(user, true);
}
- session.getPersistenceManager().createUser(user.getUserName());
+ try
+ {
+ session.getPersistenceManager().createUser(user.getUserName());
+ }
+ catch (IdentityException e)
+ {
+ log.info("Identity operation error: ", e);
+ }
+
persistUserInfo(user, session);
if (broadcast)
@@ -156,18 +170,36 @@
{
IdentitySession session = service_.getIdentitySession();
- org.picketlink.idm.api.User foundUser =
session.getPersistenceManager().findUser(userName);
+ org.picketlink.idm.api.User foundUser = null;
+ try
+ {
+ foundUser = session.getPersistenceManager().findUser(userName);
+ }
+ catch (IdentityException e)
+ {
+ log.info("Cannot obtain user: " + userName + "; ", e);
+
+ }
+
if (foundUser == null)
{
cache_.remove(userName);
return null;
}
- // Remove all memberships and profile first
- orgService.getMembershipHandler().removeMembershipByUser(userName, false);
- orgService.getUserProfileHandler().removeUserProfile(userName, false);
-
+ try
+ {
+ // Remove all memberships and profile first
+ orgService.getMembershipHandler().removeMembershipByUser(userName, false);
+ orgService.getUserProfileHandler().removeUserProfile(userName, false);
+ }
+ catch (Exception e)
+ {
+ log.info("Cannot cleanup user relationships: " + userName + ";
", e);
+
+ }
+
User exoUser = getPopulatedUser(userName, session);
if (broadcast)
@@ -175,7 +207,16 @@
preDelete(exoUser);
}
- session.getPersistenceManager().removeUser(foundUser, true);
+ try
+ {
+ session.getPersistenceManager().removeUser(foundUser, true);
+ }
+ catch (IdentityException e)
+ {
+ log.info("Cannot remove user: " + userName + "; ", e);
+
+ }
+
if (broadcast)
{
postDelete(exoUser);
@@ -231,10 +272,18 @@
}
else
{
- IdentitySession session = service_.getIdentitySession();
- org.picketlink.idm.api.User idmUser =
session.getPersistenceManager().findUser(user.getUserName());
+ try
+ {
+ IdentitySession session = service_.getIdentitySession();
+ org.picketlink.idm.api.User idmUser =
session.getPersistenceManager().findUser(user.getUserName());
- authenticated = session.getAttributesManager().validatePassword(idmUser,
password);
+ authenticated = session.getAttributesManager().validatePassword(idmUser,
password);
+ }
+ catch (Exception e)
+ {
+ log.info("Cannot authenticate user: " + username + "; ",
e);
+
+ }
}
if (authenticated)
@@ -285,8 +334,17 @@
{
UserQueryBuilder qb = service_.getIdentitySession().createUserQueryBuilder();
- org.picketlink.idm.api.Group jbidGroup = orgService.getJBIDMGroup(groupId);
+ org.picketlink.idm.api.Group jbidGroup = null;
+ try
+ {
+ jbidGroup = orgService.getJBIDMGroup(groupId);
+ }
+ catch (Exception e)
+ {
+ log.info("Cannot obtain group: " + groupId + "; ", e);
+ }
+
qb.addRelatedGroup(jbidGroup);
return new LazyPageList(new IDMUserListAccess(this, service_, qb, 20, false), 20);
@@ -297,8 +355,18 @@
IdentitySession session = service_.getIdentitySession();
- org.picketlink.idm.api.User plUser;
- plUser = session.getAttributesManager().findUserByUniqueAttribute(USER_EMAIL,
email);
+ org.picketlink.idm.api.User plUser = null;
+
+ try
+ {
+ plUser = session.getAttributesManager().findUserByUniqueAttribute(USER_EMAIL,
email);
+ }
+ catch (IdentityException e)
+ {
+ log.info("Cannot find user by email: " + email + "; ", e );
+
+ }
+
User user = null;
if (plUser != null)
@@ -389,20 +457,49 @@
}
else
{
-
am.updatePassword(session.getPersistenceManager().findUser(user.getUserName()),
user.getPassword());
+ try
+ {
+
am.updatePassword(session.getPersistenceManager().findUser(user.getUserName()),
user.getPassword());
+ }
+ catch (IdentityException e)
+ {
+ log.info("Cannot update password: " + user.getUserName() +
"; ", e);
+
+ }
}
}
Attribute[] attrs = new Attribute[attributes.size()];
attrs = (Attribute[])attributes.toArray(attrs);
- am.addAttributes(user.getUserName(), attrs);
+
+ try
+ {
+ am.updateAttributes(user.getUserName(), attrs);
+ }
+ catch (IdentityException e)
+ {
+ log.info("Cannot update attributes for user: " + user.getUserName() +
"; ", e);
+
+ }
+
}
public static User getPopulatedUser(String userName, IdentitySession session) throws
Exception
{
+ Object u = null;
- if (session.getPersistenceManager().findUser(userName) == null)
+ try
{
+ u = session.getPersistenceManager().findUser(userName);
+ }
+ catch (IdentityException e)
+ {
+ log.info("Cannot obtain user: " + userName + "; ", e);
+
+ }
+
+ if (u == null)
+ {
return null;
}
@@ -419,8 +516,19 @@
AttributesManager am = session.getAttributesManager();
- Map<String, Attribute> attrs = am.getAttributes(user.getUserName());
+ Map<String, Attribute> attrs = null;
+ try
+ {
+ attrs = am.getAttributes(user.getUserName());
+ }
+ catch (IdentityException e)
+ {
+
+ log.info("Cannot obtain attributes for user: " + user.getUserName() +
"; ", e);
+
+ }
+
if (attrs == null)
{
return;
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserProfileDAOImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserProfileDAOImpl.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserProfileDAOImpl.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -28,6 +28,8 @@
import org.picketlink.idm.api.Attribute;
import org.picketlink.idm.api.IdentitySession;
import org.picketlink.idm.impl.api.SimpleAttribute;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.util.ArrayList;
import java.util.Collection;
@@ -37,9 +39,15 @@
import java.util.Map;
import java.util.Set;
+
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
public class UserProfileDAOImpl implements UserProfileHandler
{
+ private static Logger log = LoggerFactory.getLogger(UserProfileDAOImpl.class);
+
static private UserProfile NOT_FOUND = new UserProfileImpl();
private PicketLinkIDMService service_;
@@ -136,8 +144,18 @@
public UserProfile findUserProfileByName(String userName) throws Exception
{
- org.picketlink.idm.api.User foundUser =
getIdentitySession().getPersistenceManager().findUser(userName);
+ org.picketlink.idm.api.User foundUser = null;
+ try
+ {
+ foundUser = getIdentitySession().getPersistenceManager().findUser(userName);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
+
if (foundUser == null)
{
return null;
@@ -214,13 +232,36 @@
public UserProfile getProfile(String userName) throws Exception
{
- if (getIdentitySession().getPersistenceManager().findUser(userName) == null)
+
+ Object u = null;
+
+ try
{
+ u = getIdentitySession().getPersistenceManager().findUser(userName);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
+
+ if (u == null)
+ {
return null;
}
- Map<String, Attribute> attrs =
getIdentitySession().getAttributesManager().getAttributes(userName);
+ Map<String, Attribute> attrs = new HashMap();
+ try
+ {
+ attrs = getIdentitySession().getAttributesManager().getAttributes(userName);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
+
if (attrs == null || attrs.isEmpty())
{
return null;
@@ -264,7 +305,15 @@
Attribute[] attrArray = new Attribute[attrs.size()];
attrArray = attrs.toArray(attrArray);
- getIdentitySession().getAttributesManager().updateAttributes(userName, attrArray);
+ try
+ {
+ getIdentitySession().getAttributesManager().updateAttributes(userName,
attrArray);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
}
@@ -276,7 +325,15 @@
attrKeys = profileAttrs.keySet().toArray(attrKeys);
- getIdentitySession().getAttributesManager().removeAttributes(userName, attrKeys);
+ try
+ {
+ getIdentitySession().getAttributesManager().removeAttributes(userName,
attrKeys);
+ }
+ catch (Exception e)
+ {
+ //TODO:
+ log.info("Identity operation error: ", e);
+ }
}
private IdentitySession getIdentitySession() throws Exception
Modified: portal/trunk/component/identity/src/test/java/conf/portal/idm-configuration.xml
===================================================================
---
portal/trunk/component/identity/src/test/java/conf/portal/idm-configuration.xml 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/identity/src/test/java/conf/portal/idm-configuration.xml 2010-02-10
21:52:19 UTC (rev 1621)
@@ -51,18 +51,22 @@
<key><string>/</string></key>
<value><string>root_type</string></value>
</entry>
- <!--<entry>-->
-
<!--<key><string>/platform</string></key>-->
-
<!--<value><string>platform_type</string></value>-->
- <!--</entry>-->
- <!--<entry>-->
-
<!--<key><string>/platform/users</string></key>-->
-
<!--<value><string>users_type</string></value>-->
- <!--</entry>-->
- <!--<entry>-->
-
<!--<key><string>/organization/acme/france</string></key>-->
-
<!--<value><string>france_type</string></value>-->
- <!--</entry>-->
+ <entry>
+ <key><string>/platform/*</string></key>
+ <value><string>platform_type</string></value>
+ </entry>
+ <entry>
+ <key><string>/platform/users</string></key>
+ <value><string>users_type</string></value>
+ </entry>
+ <entry>
+
<key><string>/organization/acme/france</string></key>
+ <value><string>france_type</string></value>
+ </entry>
+ <entry>
+ <key><string>/toto/*</string></key>
+ <value><string>toto_type</string></value>
+ </entry>
</map>
</field>
<!-- If this option is used then each Membership created with MembrshipType
that is
Added:
portal/trunk/component/identity/src/test/java/org/exoplatform/services/organization/TestConfigOrganizationService.java
===================================================================
---
portal/trunk/component/identity/src/test/java/org/exoplatform/services/organization/TestConfigOrganizationService.java
(rev 0)
+++
portal/trunk/component/identity/src/test/java/org/exoplatform/services/organization/TestConfigOrganizationService.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -0,0 +1,157 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2010, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.exoplatform.services.organization;
+
+import org.exoplatform.commons.utils.PageList;
+import org.exoplatform.container.PortalContainer;
+import org.exoplatform.container.component.ComponentRequestLifecycle;
+import org.exoplatform.container.component.RequestLifeCycle;
+import org.exoplatform.services.organization.idm.Config;
+import org.exoplatform.services.organization.idm.PicketLinkIDMOrganizationServiceImpl;
+import org.exoplatform.test.BasicTestCase;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Created by The eXo Platform SAS Author : Hoa Pham
hoapham@exoplatform.com,phamvuxuanhoa(a)yahoo.com
+ * Oct 27, 2005
+ */
+
+public class TestConfigOrganizationService extends BasicTestCase
+{
+
+ static String Group1 = "Group1";
+
+ static String Group2 = "Group2";
+
+ static String Group3 = "Group3";
+
+ static String Benj = "Benj";
+
+ static String Tuan = "Tuan";
+
+ OrganizationService service_;
+
+ UserHandler userHandler_;
+
+ UserProfileHandler profileHandler_;
+
+ GroupHandler groupHandler_;
+
+ MembershipTypeHandler mtHandler_;
+
+ MembershipHandler membershipHandler_;
+
+ boolean runtest = true;
+
+ private static final String USER = "test";
+
+ private static final List<String> USERS;
+
+ private static final int USERS_LIST_SIZE = 15;
+
+ private PortalContainer manager;
+
+ static
+ {
+ USERS = new ArrayList<String>(USERS_LIST_SIZE);
+ for (int i = 0; i < USERS_LIST_SIZE; i++)
+ USERS.add(USER + "_" + i);
+ }
+
+ public TestConfigOrganizationService(String s)
+ {
+ super(s);
+ }
+
+ public void setUp() throws Exception
+ {
+ if (!runtest)
+ return;
+
+ manager = PortalContainer.getInstance();
+ service_ =
(OrganizationService)manager.getComponentInstanceOfType(OrganizationService.class);
+ userHandler_ = service_.getUserHandler();
+ profileHandler_ = service_.getUserProfileHandler();
+ groupHandler_ = service_.getGroupHandler();
+ mtHandler_ = service_.getMembershipTypeHandler();
+ membershipHandler_ = service_.getMembershipHandler();
+
+// ((ComponentRequestLifecycle)service_).startRequest(manager);
+ RequestLifeCycle.begin((ComponentRequestLifecycle)service_);
+
+ }
+
+ public void tearDown() throws Exception
+ {
+ Query query = new Query();
+ query.setUserName(USER + "*");
+ PageList users = userHandler_.findUsers(query);
+
+ List<User> allUsers = users.getAll();
+
+ for (int i = allUsers.size() - 1; i >= 0; i--)
+ {
+ String userName = allUsers.get(i).getUserName();
+ userHandler_.removeUser(userName, true);
+ }
+
+// ((ComponentRequestLifecycle)service_).endRequest(manager);
+ RequestLifeCycle.end();
+ }
+
+ public void testSimple() throws Exception
+ {
+ assertTrue(true);
+ Config config =
((PicketLinkIDMOrganizationServiceImpl)service_).getConfiguration();
+
+ assertNotNull(config);
+ assertNotNull(config.getGroupTypeMappings());
+ assertNotNull(config.getGroupTypeMappings().keySet());
+
+ assertEquals(config.getGroupTypeMappings().keySet().size(), 5);
+ assertEquals(config.getGroupTypeMappings().get("/"),
"root_type");
+
+ assertEquals(config.getGroupType("/"), "root_type");
+ assertEquals(config.getGroupType(null), "root_type");
+ assertEquals(config.getGroupType("/platform"),
"platform_type");
+ assertEquals(config.getGroupType("/platform/administrators"),
"platform_type");
+ assertEquals(config.getGroupType("/platform/guests"),
"platform_type");
+ assertEquals(config.getGroupType("/platform/users"),
"users_type");
+ assertEquals(config.getGroupType("/platform/users/john"),
"platform_type");
+ assertEquals(config.getGroupType("/organization/acme/france/offices"),
".organization.acme.france.offices");
+
assertEquals(config.getGroupType("/organization/acme/france/offices/paris"),
".organization.acme.france.offices.paris");
+ assertEquals(config.getGroupType("/organization/acme/france"),
"france_type");
+ assertEquals(config.getGroupType("/organization/acme"),
".organization.acme");
+ assertEquals(config.getGroupType("/foo/bar"), ".foo.bar");
+ assertEquals(config.getGroupType("/foo"), ".foo");
+ assertEquals(config.getGroupType("/toto"), "toto_type");
+ assertEquals(config.getGroupType("/toto/lolo"), "toto_type");
+ assertEquals(config.getGroupType("/toto/lolo/tutu"),
"toto_type");
+
+
+ }
+
+
+
+}
\ No newline at end of file
Added:
portal/trunk/component/portal/src/main/java/org/exoplatform/portal/filter/UserGroupFilter.java
===================================================================
---
portal/trunk/component/portal/src/main/java/org/exoplatform/portal/filter/UserGroupFilter.java
(rev 0)
+++
portal/trunk/component/portal/src/main/java/org/exoplatform/portal/filter/UserGroupFilter.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -0,0 +1,185 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2010, Red Hat Middleware, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+
+package org.exoplatform.portal.filter;
+
+import org.exoplatform.container.ExoContainer;
+import org.exoplatform.container.PortalContainer;
+import org.exoplatform.container.component.RequestLifeCycle;
+import org.exoplatform.container.web.AbstractFilter;
+import org.exoplatform.portal.config.DataStorage;
+import org.exoplatform.portal.config.UserPortalConfigService;
+import org.exoplatform.portal.config.model.Container;
+import org.exoplatform.portal.config.model.PageNavigation;
+import org.exoplatform.portal.config.model.PageNode;
+import org.exoplatform.portal.config.model.PortalConfig;
+import org.exoplatform.services.organization.Group;
+import org.exoplatform.services.organization.OrganizationService;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collection;
+
+
+/*
+ * This is mostly fork of the code from UserPortalConfigListener and
GroupPortalConfigListener. If user was placed in
+ * the identity store externally it will lazy create portal objects
+ *
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
+public class UserGroupFilter extends AbstractFilter
+{
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain
chain) throws IOException, ServletException
+ {
+
+ HttpServletRequest httpRequest = (HttpServletRequest)request;
+ ExoContainer container = getContainer();
+
+
+
+ if (httpRequest.getRemoteUser() != null)
+ {
+ OrganizationService orgService = (OrganizationService)container.
+ getComponentInstanceOfType(OrganizationService.class);
+ UserPortalConfigService portalConfigService =
(UserPortalConfigService)container.
+ getComponentInstanceOfType(UserPortalConfigService.class);
+ DataStorage dataStorage = (DataStorage)container.
+ getComponentInstanceOfType(DataStorage.class);
+
+ String userName = httpRequest.getRemoteUser();
+
+ try
+ {
+ try
+ {
+ RequestLifeCycle.begin(PortalContainer.getInstance());
+ checkUser(orgService, portalConfigService, dataStorage, userName);
+ checkUserGroups(orgService, portalConfigService, dataStorage, userName);
+ }
+ catch (Exception e)
+ {
+ throw e;
+ }
+ finally
+ {
+ RequestLifeCycle.end();
+ }
+ }
+ catch (Exception e)
+ {
+ System.out.println("Error while checking user portal config and
navigations");
+ e.printStackTrace();
+ }
+
+
+
+ }
+
+ chain.doFilter(request, response);
+
+ }
+
+ public void checkUser(OrganizationService orgService,
+ UserPortalConfigService portalConfigService,
+ DataStorage dataStorage,
+ String userName) throws Exception
+ {
+
+ PortalConfig config = dataStorage.getPortalConfig(PortalConfig.USER_TYPE,
userName);
+
+ if (config == null)
+ {
+ System.out.println("Detected user without PortalConfig present: " +
userName + "; lazy creation initiated.");
+
+ // Create the portal from the template
+ portalConfigService.createUserPortalConfig(PortalConfig.USER_TYPE, userName,
"user");
+
+ // Need to insert the corresponding user site if needed
+ PortalConfig cfg = dataStorage.getPortalConfig(PortalConfig.USER_TYPE,
userName);
+ if (cfg == null)
+ {
+ cfg = new PortalConfig(PortalConfig.USER_TYPE);
+ cfg.setPortalLayout(new Container());
+ cfg.setName(userName);
+ dataStorage.create(cfg);
+ }
+ }
+ // Create a blank navigation if needed
+ PageNavigation navigation = dataStorage.getPageNavigation(PortalConfig.USER_TYPE,
userName);
+ if (navigation == null)
+ {
+ PageNavigation pageNav = new PageNavigation();
+ pageNav.setOwnerType(PortalConfig.USER_TYPE);
+ pageNav.setOwnerId(userName);
+ pageNav.setPriority(5);
+ pageNav.setNodes(new ArrayList<PageNode>());
+ portalConfigService.create(pageNav);
+ }
+
+ }
+
+ public void checkUserGroups(OrganizationService orgService,
+ UserPortalConfigService portalConfigService,
+ DataStorage dataStorage,
+ String userName) throws Exception
+ {
+
+ Collection<Group> groups =
orgService.getGroupHandler().findGroupsOfUser(userName);
+
+ for (Group group : groups)
+ {
+ String groupId = group.getId();
+
+ if (dataStorage.getPortalConfig(PortalConfig.GROUP_TYPE, groupId) == null)
+ {
+ System.out.println("Detected group without PortalConfig present: "
+ groupId + "; lazy creation initiated.");
+
+
+ // Create the portal from the template
+ portalConfigService.createUserPortalConfig(PortalConfig.GROUP_TYPE, groupId,
"group");
+
+ // Need to insert the corresponding group site
+ PortalConfig cfg = dataStorage.getPortalConfig(PortalConfig.GROUP_TYPE,
groupId);
+ if (cfg == null)
+ {
+ cfg = new PortalConfig(PortalConfig.GROUP_TYPE);
+ cfg.setPortalLayout(new Container());
+ cfg.setName(groupId);
+ dataStorage.create(cfg);
+ }
+ }
+ }
+ }
+
+
+
+
+ public void destroy()
+ {
+
+ }
+}
Modified:
portal/trunk/component/web/src/main/java/org/exoplatform/web/login/ClusteredSSOFilter.java
===================================================================
---
portal/trunk/component/web/src/main/java/org/exoplatform/web/login/ClusteredSSOFilter.java 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/component/web/src/main/java/org/exoplatform/web/login/ClusteredSSOFilter.java 2010-02-10
21:52:19 UTC (rev 1621)
@@ -39,6 +39,9 @@
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
+/*
+ * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
+ */
public class ClusteredSSOFilter extends AbstractFilter
{
Modified: portal/trunk/pom.xml
===================================================================
--- portal/trunk/pom.xml 2010-02-10 19:40:15 UTC (rev 1620)
+++ portal/trunk/pom.xml 2010-02-10 21:52:19 UTC (rev 1621)
@@ -47,7 +47,7 @@
<org.gatein.common.version>2.0.0-CR03</org.gatein.common.version>
<org.gatein.wci.version>2.0.0-CR02</org.gatein.wci.version>
<org.gatein.pc.version>2.1.0-CR02</org.gatein.pc.version>
- <org.picketlink.idm>1.1.0.Beta2</org.picketlink.idm>
+ <org.picketlink.idm>1.1.0.Beta3</org.picketlink.idm>
<org.gatein.wsrp.version>1.0.0-Beta06</org.gatein.wsrp.version>
<org.gatein.mop.version>1.0.0-Beta16</org.gatein.mop.version>
<org.slf4j.version>1.5.6</org.slf4j.version>
Modified:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml 2010-02-10
21:52:19 UTC (rev 1621)
@@ -57,6 +57,9 @@
<!--Sample LDAP config-->
<!--<value>war:/conf/organization/picketlink-idm/picketlink-idm-ldap-config.xml</value>-->
+
+ <!--ACME LDAP Example-->
+
<!--<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-config.xml</value>-->
</value-param>
<value-param>
<name>portalRealm</name>
@@ -88,7 +91,7 @@
This option may be useful with LDAP config as it will make (if set to
true) every entry
added to LDAP (not via GateIn management UI) appear in GateIn-->
<field name="forceMembershipOfMappedTypes">
- <boolean>false</boolean>
+ <boolean>true</boolean>
</field>
<!-- When 'userParentIdAsGroupType is set to true this value will be
used to
replace all "/" chars in id. This is because "/" is
not allowed to be
@@ -125,6 +128,19 @@
<value><string>organization_type</string></value>
</entry>
-->
+
+
+ <!-- Uncomment for ACME LDAP example -->
+ <!--
+ <entry>
+ <key><string>/acme/roles/*</string></key>
+ <value><string>acme_roles_type</string></value>
+ </entry>
+ <entry>
+
<key><string>/acme/organization_units/*</string></key>
+ <value><string>acme_ou_type</string></value>
+ </entry>
+ -->
</map>
</field>
<!-- If this option is used then each Membership created with MembrshipType
that is
Modified:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/organization-configuration.xml
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/organization-configuration.xml 2010-02-10
19:40:15 UTC (rev 1620)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/organization-configuration.xml 2010-02-10
21:52:19 UTC (rev 1621)
@@ -35,7 +35,7 @@
<value-param>
<name>checkDatabaseAlgorithm</name>
<description>check database</description>
- <value>entry</value>
+ <value>empty</value>
</value-param>
<value-param>
<name>printInformation</name>
Added:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme.ldif
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme.ldif
(rev 0)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme.ldif 2010-02-10
21:52:19 UTC (rev 1621)
@@ -0,0 +1,151 @@
+dn: o=acme,dc=example,dc=com
+objectclass: top
+objectclass: dcObject
+objectclass: organization
+o: acme
+dc: acme
+
+dn: ou=People,o=acme,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+
+dn: uid=admin,ou=People,o=acme,dc=example,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: admin
+cn: Administrator
+sn: Duke
+userPassword: admin
+mail: admin(a)acme.example.com
+
+dn: uid=user,ou=People,o=acme,dc=example,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: user
+cn: User
+sn: Sample
+userPassword: user
+mail: user(a)acme.example.com
+
+dn: uid=jduke,ou=People,o=acme,dc=example,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke
+cn: Java
+sn: Duke
+userPassword: theduke
+mail: jduke(a)acme.example.com
+
+dn: uid=jduke1,ou=People,o=acme,dc=example,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke1
+cn: Java 1
+sn: Duke1
+userPassword: theduke
+mail: jduke1(a)acme.example.com
+
+
+dn: uid=jduke2,ou=People,o=acme,dc=example,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke2
+cn: Java 2
+sn: Duke2
+userPassword: theduke
+mail: jduke2(a)acme.example.com
+
+dn: uid=jduke3,ou=People,o=acme,dc=example,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke3
+cn: Java 3
+sn: Duke3
+userPassword: theduke
+mail: jduke3(a)acme.example.com
+
+dn: uid=jduke4,ou=People,o=acme,dc=example,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke4
+cn: Java 4
+sn: Duke4
+userPassword: theduke
+mail: jduke4(a)acme.example.com
+
+dn: ou=Roles,o=acme,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: cn=admins,ou=Roles,o=acme,dc=example,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: admins
+description: Portal admin role
+member: uid=admin,ou=People,o=acme,dc=example,dc=com
+
+dn: cn=employees,ou=Roles,o=acme,dc=example,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: employees
+description: ACME Employees
+member: uid=admin,ou=People,o=acme,dc=example,dc=com
+member: uid=user,ou=People,o=acme,dc=example,dc=com
+member: uid=jduke,ou=People,o=acme,dc=example,dc=com
+member: uid=jduke1,ou=People,o=acme,dc=example,dc=com
+member: uid=jduke2,ou=People,o=acme,dc=example,dc=com
+member: uid=jduke3,ou=People,o=acme,dc=example,dc=com
+member: uid=jduke4,ou=People,o=acme,dc=example,dc=com
+
+dn: cn=echo,ou=Roles,o=acme,dc=example,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: echo
+description: Echo role
+member: uid=jduke1,ou=People,o=acme,dc=example,dc=com
+member: uid=jduke3,ou=People,o=acme,dc=example,dc=com
+member: uid=jduke4,ou=People,o=acme,dc=example,dc=com
+
+dn: cn=echo1,ou=Roles,o=acme,dc=example,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: echo1
+description: Echo1 role
+member: uid=jduke2,ou=People,o=acme,dc=example,dc=com
+member: uid=jduke3,ou=People,o=acme,dc=example,dc=com
+
+dn: cn=theduke,ou=Roles,o=acme,dc=example,dc=com
+objectClass: groupOfNames
+objectClass: top
+cn: theduke
+description: TheDuke role
+member: uid=jduke,ou=People,o=acme,dc=example,dc=com
+
+dn: ou=OrganizationUnits,o=acme,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: OrganizationUnits
+
+dn: cn=foo,ou=OrganizationUnits,o=acme,dc=example,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: foo
+description: Foo organization unit
+
+
+dn: cn=bar,ou=OrganizationUnits,o=acme,dc=example,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: bar
+description: Bar organization
+
Added:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-config.xml
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-config.xml
(rev 0)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-config.xml 2010-02-10
21:52:19 UTC (rev 1621)
@@ -0,0 +1,381 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Copyright (C) 2009 eXo Platform SAS.
+
+ This is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation; either version 2.1 of
+ the License, or (at your option) any later version.
+
+ This software is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this software; if not, write to the Free
+ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+
+-->
+
+<jboss-identity xmlns="urn:picketlink:idm:config:v1_0_0_ga"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:picketlink:idm:config:v1_0_0_ga
identity-config.xsd">
+ <realms>
+ <realm>
+ <id>realm</id>
+ <repository-id-ref>PortalRepository</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm_portal</id>
+ <repository-id-ref>PortalRepository</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm_sample-portal</id>
+ <repository-id-ref>SamplePortalRepository</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>PortalRepository</id>
+
<class>org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>HibernateStore</default-identity-store-id>
+
<default-attribute-store-id>HibernateStore</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>PortalLDAPStore</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>acme_roles_type</identity-object-type>
+ <identity-object-type>acme_ou_type</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>readOnly</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>SamplePortalRepository</id>
+
<class>org.picketlink.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>HibernateStore</default-identity-store-id>
+
<default-attribute-store-id>HibernateStore</default-attribute-store-id>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>HibernateStore</id>
+
<class>org.picketlink.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>hibernateSessionFactoryRegistryName</name>
+ <value>hibernateSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>PortalLDAPStore</id>
+
<class>org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>firstName</name>
+ <mapping>cn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>lastName</name>
+ <mapping>sn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>uid</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>userPassword</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=People,o=acme,dc=example,dc=com</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <value>cn= </value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>acme_roles_type</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>acme_roles_type</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes>
+ <attribute>
+ <name>label</name>
+ <mapping>cn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Roles,o=acme,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>acme_ou_type</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>acme_ou_type</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes>
+ <attribute>
+ <name>label</name>
+ <mapping>cn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=OrganizationUnits,o=acme,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://localhost:1389</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>cn=Directory Manager</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>password</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ <option>
+ <name>createMissingContexts</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+</jboss-identity>
\ No newline at end of file
Modified: portal/trunk/web/portal/src/main/webapp/WEB-INF/web.xml
===================================================================
--- portal/trunk/web/portal/src/main/webapp/WEB-INF/web.xml 2010-02-10 19:40:15 UTC (rev
1620)
+++ portal/trunk/web/portal/src/main/webapp/WEB-INF/web.xml 2010-02-10 21:52:19 UTC (rev
1621)
@@ -86,6 +86,11 @@
<filter-class>org.exoplatform.web.login.ClusteredSSOFilter</filter-class>
</filter>
+ <filter>
+ <filter-name>UserGroupFilter</filter-name>
+ <filter-class>org.exoplatform.portal.filter.UserGroupFilter</filter-class>
+ </filter>
+
<filter-mapping>
<filter-name>ClusteredSSOFilter</filter-name>
<url-pattern>/*</url-pattern>
@@ -127,6 +132,11 @@
</filter-mapping>
<filter-mapping>
+ <filter-name>UserGroupFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+
+ <filter-mapping>
<filter-name>CacheUserProfileFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>