[jboss-user] [jBPM Users] - Re: identities from LDAP example pls!
shiva0
do-not-reply at jboss.com
Thu Oct 22 07:40:13 EDT 2009
Here is the module I've coded to access a LDAP on ADS. Should get you started on what you need.
public class IdentitySessionImpl implements IdentitySession {
|
| private static IdentitySessionProperties props = null;
|
| public Group findGroupById(String iGroupId) {
| Timer lTimer = Timer.getInstance(getClass(), "findGroupById");
| InitialDirContext lContext = null;
| GroupImpl lGroup = null;
|
| try
| {
| lContext = getLDAPContext();
|
| // Set up Search Controls
| SearchControls lSearchControls = new SearchControls();
| lSearchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
| // set time limit for query. Useful for preventing the application from being blocked
| lSearchControls.setTimeLimit( 3000 );
| lSearchControls.setReturningObjFlag( true );
|
| // set filter
| String lSearchString = "(&(cn=" + iGroupId + ")(objectclass=group))";
|
| // perform search on directory
| NamingEnumeration<SearchResult> lResults = lContext.search( getProps().getLdapBase(), lSearchString, lSearchControls );
|
| if ( lResults.hasMore() )
| lGroup = getGroup(lResults.next());
| }
| catch (Throwable e)
| {
| throw new RuntimeException(e);
| }
| finally
| {
| lTimer.log();
| try { if (lContext != null ) lContext.close(); } catch (NamingException e) { }
| }
|
| return lGroup;
| }
|
| public List<Group> findGroupsByUser(String iUserId) {
| Timer lTimer = Timer.getInstance(getClass(), "findGroupsByUser");
| InitialDirContext lContext = null;
| List<Group> lGroups = null;
|
| try
| {
| lContext = getLDAPContext();
|
| // Set up Search Controls
| SearchControls lSearchControls = new SearchControls();
| lSearchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
| // set time limit for query. Useful for preventing the application from being blocked
| lSearchControls.setTimeLimit( 3000 );
| lSearchControls.setReturningObjFlag( true );
|
| // set filter
| String lSearchString = "(&(|(cn=" + iUserId + ")(samAccountName=" + iUserId + "))(objectclass=user))";
|
| // perform search on directory
| NamingEnumeration<SearchResult> lResults = lContext.search( getProps().getLdapBase(), lSearchString, lSearchControls );
|
| if ( lResults.hasMore() )
| lGroups = getGroups(lResults.next());
| }
| catch (Throwable e)
| {
| throw new RuntimeException(e);
| }
| finally
| {
| lTimer.log();
| try { if (lContext != null ) lContext.close(); } catch (NamingException e) { }
| }
|
| return lGroups;
| }
|
| public List<Group> findGroupsByUserAndGroupType(String iUserId, String iGroupType) {
| return findGroupsByUser(iUserId);
| }
|
| public User findUserById(String iUserId) {
| Timer lTimer = Timer.getInstance(getClass(), "findUserById");
| InitialDirContext lContext = null;
| UserImpl lUser = null;
|
| try
| {
| lContext = getLDAPContext();
|
| // Set up Search Controls
| SearchControls lSearchControls = new SearchControls();
| lSearchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
| // set time limit for query. Useful for preventing the application from being blocked
| lSearchControls.setTimeLimit( 3000 );
| lSearchControls.setReturningObjFlag( true );
|
| // set filter
| String lSearchString = "(&(|(cn=" + iUserId + ")(samAccountName=" + iUserId + "))(objectclass=user))";
|
| // perform search on directory
| NamingEnumeration<SearchResult> lResults = lContext.search( getProps().getLdapBase(), lSearchString, lSearchControls );
|
| if ( lResults.hasMore() )
| lUser = getUser(lResults.next());
| }
| catch (Throwable e)
| {
| throw new RuntimeException(e);
| }
| finally
| {
| lTimer.log();
| try { if (lContext != null ) lContext.close(); } catch (NamingException e) { }
| }
|
| return lUser;
| }
|
| public List<User> findUsers() {
| Timer lTimer = Timer.getInstance(getClass(), "findUsers");
| List<User> lUsers = new ArrayList<User>();
| InitialDirContext lContext = null;
|
| try
| {
| lContext = getLDAPContext();
|
| // Set up Search Controls
| SearchControls lSearchControls = new SearchControls();
| lSearchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
| // set time limit for query. Useful for preventing the application from being blocked
| lSearchControls.setTimeLimit( 3000 );
| lSearchControls.setReturningObjFlag( true );
|
| // set filter
| String lSearchString = "(&(objectclass=user))";
|
| // perform search on directory
| NamingEnumeration<SearchResult> lResults = lContext.search( getProps().getLdapBase(), lSearchString, lSearchControls );
|
| while ( lResults.hasMore() )
| lUsers.add( getUser(lResults.next()) );
| }
| catch (Throwable e)
| {
| throw new RuntimeException(e);
| }
| finally
| {
| lTimer.log();
| try { if (lContext != null ) lContext.close(); } catch (NamingException e) { }
| }
|
| return lUsers;
| }
|
| public List<User> findUsersByGroup(String iGroup) {
| Timer lTimer = Timer.getInstance(getClass(), "findUsersByGroup");
| List<User> lUsers = new ArrayList<User>();
| InitialDirContext lContext = null;
|
| try
| {
| lContext = getLDAPContext();
|
| // Set up Search Controls
| SearchControls lSearchControls = new SearchControls();
| lSearchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
| // set time limit for query. Useful for preventing the application from being blocked
| lSearchControls.setTimeLimit( 3000 );
| lSearchControls.setReturningObjFlag( true );
|
| // set filter
| String lSearchString = "(&(memberof=CN=" + iGroup + ",CN=Users," + getProps().getLdapBase() + ")(objectclass=user))";
|
| // perform search on directory
| NamingEnumeration<SearchResult> lResults = lContext.search( getProps().getLdapBase(), lSearchString, lSearchControls );
|
| while ( lResults.hasMore() )
| {
| lUsers.add( getUser(lResults.next()) );
| }
| }
| catch (Throwable e)
| {
| throw new RuntimeException(e);
| }
| finally
| {
| lTimer.log();
| try { if (lContext != null ) lContext.close(); } catch (NamingException e) { }
| }
|
| return lUsers;
| }
|
| public List<User> findUsersById(String... iUserIds) {
| Timer lTimer = Timer.getInstance(getClass(), "findUsersById");
| List<User> lUsers = new ArrayList<User>(iUserIds.length);
|
| try
| {
| for (String lUserId : iUserIds) {
| lUsers.add( findUserById(lUserId) );
| }
| }
| finally
| {
| lTimer.log();
| }
|
| return lUsers;
| }
|
| private UserImpl getUser(SearchResult iResult) throws NamingException, IOException {
| final String iUserId = getAttributeValue(iResult, getProps().getUserIdAttr());
| final String lEmail = getAttributeValue(iResult, getProps().getUserEmailAttr());
| final String lFirstname = getAttributeValue(iResult, getProps().getUserFirstNameAttr());
| final String lLastname = getAttributeValue(iResult, getProps().getUserLastNameAttr());
|
| final UserImpl lUser = new UserImpl(iUserId, lFirstname, lLastname);
| lUser.setBusinessEmail(lEmail + "@DUMMY.gc.ca");
|
| return lUser;
| }
|
| private GroupImpl getGroup(SearchResult iResult) throws NamingException, IOException {
| final String iGroupId = getAttributeValue(iResult, getProps().getGroupIdAttr());
|
| final GroupImpl lGroup = new GroupImpl(iGroupId);
|
| return lGroup;
| }
|
| private List<Group> getGroups(SearchResult iResult) throws NamingException, IOException {
| NamingEnumeration<?> lAllAttrValues = null;
|
| final List<Group> lGroups = new ArrayList<Group>();
| final Attribute lAttr = iResult.getAttributes().get(getProps().getMemberOfAttr());
|
| if ( lAttr != null )
| lAllAttrValues = lAttr.getAll();
|
| while ( lAllAttrValues.hasMore() )
| {
| String lGroupDN = (String) lAllAttrValues.next();
| lGroups.add(new GroupImpl(getExtractedIdFromDN(lGroupDN)));
| }
|
| return lGroups;
| }
|
| /**
| * Remove the DN information and extract on the group CN (id)
| * CN=BPE-Management,CN=Users,DC=portaildev,DC=,DC=gc,DC=ca becomes BPE-Management
| * @param iGroupDN
| * @return
| */
| private String getExtractedIdFromDN(String iGroupDN) {
| StringTokenizer lTok = new StringTokenizer(iGroupDN, ",");
|
| String lGroupCN = lTok.nextToken();
|
| return lGroupCN.substring(3);
| }
|
| private String getAttributeValue(SearchResult iResult, String iAttributeName) throws NamingException {
| NamingEnumeration<?> lAllAttrValues = null;
| Attribute lAttr = iResult.getAttributes().get(iAttributeName);
|
| if ( lAttr != null )
| lAllAttrValues = lAttr.getAll();
|
| if ( lAllAttrValues != null && lAllAttrValues.hasMore() )
| return (String) lAllAttrValues.next();
| else
| return null;
| }
|
| /**
| * Fetch the LDAP Initial Context
| *
| * @return The InitialDirContext
| *
| * @throws NamingException
| * @throws IOException
| */
| private InitialDirContext getLDAPContext() throws NamingException, IOException {
| InitialDirContext lLdapCtx = null;
|
| // Set up LDAP configuration settings
| Hashtable<String, String> lContextValues = new Hashtable<String, String>();
|
| lContextValues.put("java.naming.ldap.version", "3");
| lContextValues.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
| lContextValues.put("java.naming.security.authentication", "Simple");
| lContextValues.put("java.naming.referral", "follow");
| lContextValues.put("java.naming.provider.url", getProps().getLdapUrl());
| lContextValues.put("java.naming.security.principal", getProps().getLdapProvider());
| lContextValues.put("java.naming.security.credentials", getProps().getLdapCredentials());
|
| // Make LDAP connection
| lLdapCtx = new InitialDirContext(lContextValues);
|
| return lLdapCtx;
| }
|
| private static IdentitySessionProperties getProps() throws IOException
| {
| if ( props == null )
| {
| props = new IdentitySessionProperties();
| }
|
| return props;
| }
|
| /* The following methods won't be implemented */
| public String createGroup(String arg0, String arg1, String arg2) {
| throw new UnsupportedOperationException();
| }
|
| public void createMembership(String arg0, String arg1, String arg2) {
| throw new UnsupportedOperationException();
| }
|
| public String createUser(String arg0, String arg1, String arg2, String arg3) {
| throw new UnsupportedOperationException();
| }
|
| public void deleteGroup(String arg0) {
| throw new UnsupportedOperationException();
| }
|
| public void deleteMembership(String arg0, String arg1, String arg2) {
| throw new UnsupportedOperationException();
| }
|
| public void deleteUser(String arg0) {
| throw new UnsupportedOperationException();
| }
| }
|
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261691#4261691
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261691
More information about the jboss-user
mailing list