Author: bdaw Date: 2007-02-19 13:18:08 -0500 (Mon, 19 Feb 2007) New Revision: 6344 Modified: trunk/core/src/resources/portal-core-sar/conf/login-config.xml trunk/identity/src/main/org/jboss/portal/identity/auth/SynchronizingLDAPExtLoginModule.java trunk/identity/src/main/org/jboss/portal/identity/auth/SynchronizingLDAPLoginModule.java Log: - make user synchronized from LDAP enabled after creation. Modified: trunk/core/src/resources/portal-core-sar/conf/login-config.xml =================================================================== --- trunk/core/src/resources/portal-core-sar/conf/login-config.xml 2007-02-19 18:09:29 UTC (rev 6343) +++ trunk/core/src/resources/portal-core-sar/conf/login-config.xml 2007-02-19 18:18:08 UTC (rev 6344) @@ -60,20 +60,21 @@ It is also possible to set option "synchronizeIdentity" to "false" so this module will act exactly like LdapExtLoginModule but it will inject role defined in "additionalRole". For obvious reasons this is designed to use with portal identity modules configured with DB and not LDAP--> - <!--There is also SynchronizingLdapLoginModule which provide the same set of options on top of JBossSX LdapLoginModule--> + <!--There is also SynchronizingLDAPLoginModule which provide the same set of options on top of JBossSX LdapLoginModule--> <!--<login-module code="org.jboss.portal.identity.auth.SynchronizingLDAPExtLoginModule" flag="required"> <module-option name="synchronizeIdentity">true</module-option> - <module-option name="synchronizeRoles">false</module-option> + <module-option name="synchronizeRoles">true</module-option> <module-option name="additionalRole">Authenticated</module-option> <module-option name="defaultAssignedRole">User</module-option> <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option> <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option> <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option> + <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option> <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> - <module-option name="java.naming.provider.url">ldap://example.com:10389/</module-option> + <module-option name="java.naming.provider.url">ldap://dev39.qa.atl.jboss.com:10389/</module-option> <module-option name="java.naming.security.authentication">simple</module-option> <module-option name="bindDN">cn=Directory Manager</module-option> - <module-option name="bindCredential">lolo</module-option> + <module-option name="bindCredential">qpq123qpq</module-option> <module-option name="baseCtxDN">ou=People,o=test,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com</module-option> <module-option name="baseFilter">(uid={0})</module-option> <module-option name="rolesCtxDN">ou=Roles,o=test,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com</module-option> @@ -82,6 +83,7 @@ <module-option name="roleRecursion">-1</module-option> <module-option name="searchTimeLimit">10000</module-option> <module-option name="searchScope">SUBTREE_SCOPE</module-option> + <module-option name="allowEmptyPasswords">false</module-option> </login-module>--> Modified: trunk/identity/src/main/org/jboss/portal/identity/auth/SynchronizingLDAPExtLoginModule.java =================================================================== --- trunk/identity/src/main/org/jboss/portal/identity/auth/SynchronizingLDAPExtLoginModule.java 2007-02-19 18:09:29 UTC (rev 6343) +++ trunk/identity/src/main/org/jboss/portal/identity/auth/SynchronizingLDAPExtLoginModule.java 2007-02-19 18:18:08 UTC (rev 6344) @@ -29,6 +29,7 @@ import org.jboss.portal.identity.User; import org.jboss.portal.identity.Role; import org.jboss.portal.identity.IdentityException; +import org.jboss.portal.identity.UserProfileModule; import org.jboss.portal.common.transaction.Transactions; import javax.security.auth.Subject; @@ -49,6 +50,9 @@ */ public class SynchronizingLDAPExtLoginModule extends LdapExtLoginModule { + private static final org.jboss.logging.Logger log = org.jboss.logging.Logger.getLogger(SynchronizingLDAPExtLoginModule.class); + + protected String additionalRole; protected String defaultAssignedRole; protected String synchronizeIdentity; @@ -56,11 +60,13 @@ protected String userModuleJNDIName; protected String roleModuleJNDIName; protected String membershipModuleJNDIName; + protected String userProfileModuleJNDIName; private UserModule userModule; private RoleModule roleModule; private MembershipModule membershipModule; + private UserProfileModule userProfileModule; public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { @@ -71,6 +77,7 @@ userModuleJNDIName = (String)options.get("userModuleJNDIName"); roleModuleJNDIName = (String)options.get("roleModuleJNDIName"); membershipModuleJNDIName = (String)options.get("membershipModuleJNDIName"); + userProfileModuleJNDIName = (String)options.get("userProfileModuleJNDIName"); additionalRole = (String)options.get("additionalRole"); synchronizeIdentity = (String)options.get("synchronizeIdentity"); synchronizeRoles = (String)options.get("synchronizeRoles"); @@ -81,6 +88,7 @@ log.trace("userModuleJNDIName = " + userModuleJNDIName); log.trace("roleModuleJNDIName = " + roleModuleJNDIName); log.trace("membershipModuleJNDIName = " + membershipModuleJNDIName); + log.trace("userProfileModuleJNDIName = " + userProfileModuleJNDIName); log.trace("synchronizeIdentity = " + synchronizeIdentity); log.trace("synchronizeRoles = " + synchronizeRoles); log.trace("defaultAssignedRole = " + defaultAssignedRole); @@ -128,7 +136,21 @@ return membershipModule; } + protected UserProfileModule getUserProfileModule() throws Exception + { + if (userProfileModule == null) + { + userProfileModule = (UserProfileModule)new InitialContext().lookup(userProfileModuleJNDIName); + } + if (userProfileModule == null) + { + throw new IdentityException("Cannot obtain UserProfileModule using JNDI name:" + userProfileModuleJNDIName); + } + return userProfileModule; + } + + protected boolean validatePassword(String string, String string1) { boolean validate = super.validatePassword(string, string1); @@ -233,6 +255,8 @@ if (user == null) { user = getUserModule().createUser(name, password); + getUserProfileModule().setProperty(user, User.INFO_USER_ENABLED, Boolean.TRUE); + } Set rolesToAssign = new HashSet(); Modified: trunk/identity/src/main/org/jboss/portal/identity/auth/SynchronizingLDAPLoginModule.java =================================================================== --- trunk/identity/src/main/org/jboss/portal/identity/auth/SynchronizingLDAPLoginModule.java 2007-02-19 18:09:29 UTC (rev 6343) +++ trunk/identity/src/main/org/jboss/portal/identity/auth/SynchronizingLDAPLoginModule.java 2007-02-19 18:18:08 UTC (rev 6344) @@ -29,6 +29,7 @@ import org.jboss.portal.identity.IdentityException; import org.jboss.portal.identity.User; import org.jboss.portal.identity.Role; +import org.jboss.portal.identity.UserProfileModule; import org.jboss.portal.common.transaction.Transactions; import javax.security.auth.Subject; @@ -49,6 +50,8 @@ */ public class SynchronizingLDAPLoginModule extends LdapLoginModule { + private static final org.jboss.logging.Logger log = org.jboss.logging.Logger.getLogger(SynchronizingLDAPLoginModule.class); + protected String additionalRole; protected String defaultAssignedRole; protected String synchronizeIdentity; @@ -56,21 +59,23 @@ protected String userModuleJNDIName; protected String roleModuleJNDIName; protected String membershipModuleJNDIName; + protected String userProfileModuleJNDIName; private UserModule userModule; private RoleModule roleModule; private MembershipModule membershipModule; + private UserProfileModule userProfileModule; public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { super.initialize(subject, callbackHandler, sharedState, options); - // Get data userModuleJNDIName = (String)options.get("userModuleJNDIName"); roleModuleJNDIName = (String)options.get("roleModuleJNDIName"); membershipModuleJNDIName = (String)options.get("membershipModuleJNDIName"); + userProfileModuleJNDIName = (String)options.get("userProfileModuleJNDIName"); additionalRole = (String)options.get("additionalRole"); synchronizeIdentity = (String)options.get("synchronizeIdentity"); synchronizeRoles = (String)options.get("synchronizeRoles"); @@ -81,6 +86,7 @@ log.trace("userModuleJNDIName = " + userModuleJNDIName); log.trace("roleModuleJNDIName = " + roleModuleJNDIName); log.trace("membershipModuleJNDIName = " + membershipModuleJNDIName); + log.trace("userProfileModuleJNDIName = " + userProfileModuleJNDIName); log.trace("synchronizeIdentity = " + synchronizeIdentity); log.trace("synchronizeRoles = " + synchronizeRoles); log.trace("defaultAssignedRole = " + defaultAssignedRole); @@ -128,7 +134,21 @@ return membershipModule; } + protected UserProfileModule getUserProfileModule() throws Exception + { + if (userProfileModule == null) + { + userProfileModule = (UserProfileModule)new InitialContext().lookup(userProfileModuleJNDIName); + } + if (userProfileModule == null) + { + throw new IdentityException("Cannot obtain UserProfileModule using JNDI name:" + userProfileModuleJNDIName); + } + return userProfileModule; + } + + protected boolean validatePassword(String string, String string1) { boolean validate = super.validatePassword(string, string1); @@ -233,6 +253,7 @@ if (user == null) { user = getUserModule().createUser(name, password); + getUserProfileModule().setProperty(user, User.INFO_USER_ENABLED, Boolean.TRUE); } Set rolesToAssign = new HashSet();