diff options
| author | Andrew Branson <andrew.branson@cern.ch> | 2014-06-12 19:49:01 +0200 |
|---|---|---|
| committer | Andrew Branson <andrew.branson@cern.ch> | 2014-06-12 19:49:01 +0200 |
| commit | 6aa1f44575a48bdc633fdf6a3274fd6a1a4065b9 (patch) | |
| tree | 8119c78f4bc8fbd71a8ee76d6d65fc78617653a7 | |
Initial migration out of cristal-kernel
| -rw-r--r-- | .gitignore | 4 | ||||
| -rw-r--r-- | pom.xml | 105 | ||||
| -rw-r--r-- | src/main/java/com/c2kernel/lookup/ldap/LDAPAuthManager.java | 95 | ||||
| -rw-r--r-- | src/main/java/com/c2kernel/lookup/ldap/LDAPLookup.java | 763 | ||||
| -rw-r--r-- | src/main/java/com/c2kernel/lookup/ldap/LDAPLookupUtils.java | 365 | ||||
| -rw-r--r-- | src/main/java/com/c2kernel/lookup/ldap/LDAPNextKeyManager.java | 97 | ||||
| -rw-r--r-- | src/main/java/com/c2kernel/lookup/ldap/LDAPPathSet.java | 81 | ||||
| -rw-r--r-- | src/main/java/com/c2kernel/lookup/ldap/LDAPProperties.java | 38 | ||||
| -rw-r--r-- | src/main/java/com/c2kernel/lookup/ldap/LDAPPropertyManager.java | 141 | ||||
| -rw-r--r-- | src/main/java/com/c2kernel/persistency/LDAPClientReader.java | 43 | ||||
| -rw-r--r-- | src/main/java/com/c2kernel/persistency/LDAPClusterStorage.java | 176 | ||||
| -rw-r--r-- | src/main/resources/LDAPboot.txt | 4 | ||||
| -rw-r--r-- | src/main/resources/module.xml | 11 |
13 files changed, 1923 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1898b99 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +/.classpath +/.project +/.settings +/target @@ -0,0 +1,105 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <groupId>cristal</groupId>
+ <artifactId>cristal-ldap</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ <name>cristal-ldap</name>
+ <description>CRISTAL Module</description>
+ <properties>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ </properties>
+ <build>
+ <resources>
+ <resource>
+ <directory>src/main/resources</directory>
+ <targetPath>META-INF/cristal</targetPath>
+ <filtering>true</filtering>
+ <includes>
+ <include>module.xml</include>
+ </includes>
+ </resource>
+ <resource>
+ <directory>src/main/resources</directory>
+ <targetPath>com/c2kernel/lookup/ldap/resources</targetPath>
+ <excludes>
+ <exclude>module.xml</exclude>
+ </excludes>
+ </resource>
+ </resources>
+ <plugins>
+ <plugin>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>2.3.2</version>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ <distributionManagement>
+ <repository>
+ <id>cccs.releases</id>
+ <url>http://dev.cccs.uwe.ac.uk:8081/nexus/content/repositories/releases</url>
+ </repository>
+ <snapshotRepository>
+ <id>cccs.snapshots</id>
+ <url>http://dev.cccs.uwe.ac.uk:8081/nexus/content/repositories/snapshots</url>
+ </snapshotRepository>
+ </distributionManagement>
+
+ <repositories>
+ <repository>
+ <id>cccs.releases</id>
+ <name>CCCS Nexus Release Repository</name>
+ <url>http://dev.cccs.uwe.ac.uk:8081/nexus/content/repositories/releases</url>
+ <releases>
+ <enabled>true</enabled>
+ </releases>
+ <snapshots>
+ <enabled>false</enabled>
+ </snapshots>
+ </repository>
+ <repository>
+ <id>cccs.snapshots</id>
+ <name>CCCS Nexus Snapshot Repository</name>
+ <url>http://dev.cccs.uwe.ac.uk:8081/nexus/content/repositories/snapshots</url>
+ <releases>
+ <enabled>false</enabled>
+ </releases>
+ <snapshots>
+ <enabled>true</enabled>
+ </snapshots>
+ </repository>
+ <repository>
+ <id>cccs.public</id>
+ <name>CCCS Nexus Public Repository</name>
+ <url>http://dev.cccs.uwe.ac.uk:8081/nexus/content/repositories/public</url>
+ </repository>
+ </repositories>
+ <dependencyManagement>
+ <dependencies>
+ <dependency>
+ <groupId>cristal</groupId>
+ <artifactId>cristal-kernel</artifactId>
+ <version>3.0-SNAPSHOT</version>
+ </dependency>
+ <dependency>
+ <groupId>com.novell.ldap</groupId>
+ <artifactId>jldap</artifactId>
+ <version>4.3</version>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+ <dependencies>
+ <dependency>
+ <groupId>cristal</groupId>
+ <artifactId>cristal-kernel</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>com.novell.ldap</groupId>
+ <artifactId>jldap</artifactId>
+ </dependency>
+ </dependencies>
+</project>
\ No newline at end of file diff --git a/src/main/java/com/c2kernel/lookup/ldap/LDAPAuthManager.java b/src/main/java/com/c2kernel/lookup/ldap/LDAPAuthManager.java new file mode 100644 index 0000000..4c26de6 --- /dev/null +++ b/src/main/java/com/c2kernel/lookup/ldap/LDAPAuthManager.java @@ -0,0 +1,95 @@ +package com.c2kernel.lookup.ldap;
+
+import com.c2kernel.common.InvalidDataException;
+import com.c2kernel.common.ObjectNotFoundException;
+import com.c2kernel.process.Gateway;
+import com.c2kernel.process.auth.Authenticator;
+import com.c2kernel.utils.Logger;
+import com.novell.ldap.LDAPConnection;
+import com.novell.ldap.LDAPException;
+
+public class LDAPAuthManager implements Authenticator {
+
+ private LDAPConnection mLDAPConn;
+ private LDAPProperties ldapProps;
+
+
+ @Override
+ public boolean authenticate(String agentName,
+ String password, String resource) throws InvalidDataException, ObjectNotFoundException {
+
+ ldapProps = new LDAPProperties(Gateway.getProperties());
+
+ if (ldapProps.mHost!=null && ldapProps.mPort!= null && ldapProps.mLocalPath!=null )
+ {
+ try { // anonymously bind to LDAP and find the agent entry for the username
+ ldapProps.mUser = "";
+ ldapProps.mPassword = "";
+ mLDAPConn = LDAPLookupUtils.createConnection(ldapProps);
+ LDAPLookup anonLookup = new LDAPLookup(ldapProps);
+ anonLookup.open(this);
+ String agentDN = anonLookup.getFullDN(anonLookup.getAgentPath(agentName));
+
+ //found agentDN, try to log in with it
+ ldapProps.mUser = agentDN;
+ ldapProps.mPassword = password;
+ mLDAPConn = LDAPLookupUtils.createConnection(ldapProps);
+ return true;
+ } catch (LDAPException e) {
+ return false;
+ }
+ }
+ else
+ {
+ throw new InvalidDataException("Cannot log in. Some connection properties are not set.", "");
+ }
+
+ }
+
+ @Override
+ public boolean authenticate(String resource) throws InvalidDataException, ObjectNotFoundException {
+ ldapProps = new LDAPProperties(Gateway.getProperties());
+
+ if (ldapProps.mUser == null || ldapProps.mUser.length()==0 ||
+ ldapProps.mPassword == null || ldapProps.mPassword.length()==0)
+ throw new InvalidDataException("LDAP root user properties not found in config.");
+ try {
+ mLDAPConn = LDAPLookupUtils.createConnection(ldapProps);
+ return true;
+ } catch (LDAPException e) {
+ return false;
+ }
+ }
+
+ @Override
+ public LDAPConnection getAuthObject() {
+
+ if (!mLDAPConn.isConnected()) {
+ Logger.warning("LDAPAuthManager - lost connection to LDAP server. Attempting to reconnect.");
+ try {
+ mLDAPConn = LDAPLookupUtils.createConnection(ldapProps);
+ } catch (LDAPException ex) { }
+ }
+ return mLDAPConn;
+ }
+
+ @Override
+ public void disconnect() {
+ Logger.msg(1, "LDAP Lookup: Shutting down LDAP connection.");
+ if (mLDAPConn != null) {
+ try {
+ mLDAPConn.disconnect();
+ } catch (LDAPException e) {
+ Logger.error(e);
+ }
+ mLDAPConn = null;
+ }
+
+ }
+
+ public LDAPAuthManager() {
+ // TODO Auto-generated constructor stub
+ }
+
+
+}
diff --git a/src/main/java/com/c2kernel/lookup/ldap/LDAPLookup.java b/src/main/java/com/c2kernel/lookup/ldap/LDAPLookup.java new file mode 100644 index 0000000..ac36a10 --- /dev/null +++ b/src/main/java/com/c2kernel/lookup/ldap/LDAPLookup.java @@ -0,0 +1,763 @@ +/*
+ * Directory Lookup Service *
+ * author: Florida Estrella
+*/
+
+package com.c2kernel.lookup.ldap;
+
+import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.StringTokenizer;
+
+import org.omg.CORBA.Object;
+
+import com.c2kernel.common.ObjectAlreadyExistsException;
+import com.c2kernel.common.ObjectCannotBeUpdated;
+import com.c2kernel.common.ObjectNotFoundException;
+import com.c2kernel.entity.TraceableEntity;
+import com.c2kernel.entity.agent.ActiveEntity;
+import com.c2kernel.entity.proxy.ProxyMessage;
+import com.c2kernel.lookup.AgentPath;
+import com.c2kernel.lookup.DomainPath;
+import com.c2kernel.lookup.InvalidItemPathException;
+import com.c2kernel.lookup.ItemPath;
+import com.c2kernel.lookup.Lookup;
+import com.c2kernel.lookup.Path;
+import com.c2kernel.lookup.RolePath;
+import com.c2kernel.process.Gateway;
+import com.c2kernel.process.auth.Authenticator;
+import com.c2kernel.property.PropertyDescription;
+import com.c2kernel.property.PropertyDescriptionList;
+import com.c2kernel.utils.Logger;
+import com.novell.ldap.LDAPAttribute;
+import com.novell.ldap.LDAPAttributeSet;
+import com.novell.ldap.LDAPConnection;
+import com.novell.ldap.LDAPDN;
+import com.novell.ldap.LDAPEntry;
+import com.novell.ldap.LDAPException;
+import com.novell.ldap.LDAPSearchConstraints;
+import com.novell.ldap.LDAPSearchResults;
+
+/**
+ * The LDAPLookup object, statically accessible through the Gateway, manages
+ * the LDAP connection for the cristal process. It provides:
+ * <ul>
+ * <li>Authentication - returning an AgentProxy object if a user has logged in
+ * <li>System key generation - through the NextKeyManager
+ * <li>Agent and Role lookup/modification - through the RoleManager
+ * <li>
+ * @version $Revision: 1.113 $ $Date: 2006/03/03 13:52:21 $
+ * @author $Author: abranson $
+ */
+
+public class LDAPLookup implements Lookup
+
+{
+ private LDAPAuthManager mLDAPAuth;
+ private LDAPPropertyManager mPropManager;
+
+ final String mItemTypeRoot, mDomainTypeRoot, mGlobalPath, mRootPath, mLocalPath, mRolePath;
+
+ /**
+ * Creates a new LDAPLookup manager with the properties supplied.
+ * This should be only done by the Gateway during initialisation.
+ *
+ * @param props The LDAP properties object that extracts LDAP connection properties from the global c2kprops
+ */
+ public LDAPLookup(LDAPProperties props)
+ {
+ Logger.msg(8,"LDAPLookup - initialising.");
+
+ mGlobalPath=props.mGlobalPath;
+ mRootPath=props.mRootPath;
+ mLocalPath=props.mLocalPath;
+
+ mItemTypeRoot = "cn=entity,"+props.mLocalPath;
+ mDomainTypeRoot = "cn=domain,"+props.mLocalPath;
+ mRolePath = "cn=agent,"+mDomainTypeRoot;
+
+ }
+
+ public LDAPLookup() {
+ this(new LDAPProperties(Gateway.getProperties()));
+ }
+
+ @Override
+ public void open(Authenticator auth) {
+ mLDAPAuth = (LDAPAuthManager)auth;
+ Logger.msg(7, "LDAP.useOldProps="+Gateway.getProperties().getBoolean("LDAP.useOldProps", false));
+ mPropManager = new LDAPPropertyManager(this, mLDAPAuth);
+ }
+
+ /**
+ * Gets the property manager, that is used to read and write cristal properties to the LDAP store.
+ * @return Returns the global LDAPPropertyManager.
+ */
+ public LDAPPropertyManager getPropManager() {
+ return mPropManager;
+ }
+
+ /**
+ * Disconnects the connection with the LDAP server during shutdown
+ */
+ @Override
+ public void close() {
+ Logger.msg(1, "LDAP Lookup: Shutting down LDAP connection.");
+ if (mLDAPAuth != null) {
+ mLDAPAuth.disconnect();
+ mLDAPAuth = null;
+ }
+ }
+
+ /**
+ * Attempts to resolve the CORBA object for a Path, either directly or through an alias.
+ * @param path the path to resolve
+ * @return the CORBA object
+ * @throws ObjectNotFoundException When the path does not exist
+ */
+ public org.omg.CORBA.Object getIOR(Path path)
+ throws ObjectNotFoundException
+ {
+ return resolveObject(getFullDN(path));
+ }
+
+ /**
+ * Attempts to resolve the CORBA object from the IOR attribute of a DN, either directly or through an alias
+ * @param dn The String dn
+ * @throws ObjectNotFoundException when the dn or aliased dn does not exist
+ */
+ private org.omg.CORBA.Object resolveObject(String dn)
+ throws ObjectNotFoundException
+ {
+ Logger.msg(8,"LDAPLookup.resolveObject("+dn+")");
+ LDAPEntry anEntry = LDAPLookupUtils.getEntry(mLDAPAuth.getAuthObject(),dn,LDAPSearchConstraints.DEREF_NEVER);
+ if (anEntry != null)
+ {
+ String iorString;
+ try {
+ iorString = LDAPLookupUtils.getFirstAttributeValue(anEntry, "ior");
+ org.omg.CORBA.Object ior=Gateway.getORB().string_to_object(iorString);
+ if (ior!=null)
+ return ior;
+ else
+ throw new ObjectNotFoundException("LDAPLookup.resolveObject() - " + dn + " has no IOR", "");
+ } catch (ObjectNotFoundException ex) {
+ return resolveObject(LDAPLookupUtils.getFirstAttributeValue(anEntry,"aliasedObjectName"));
+ }
+ }
+ else
+ throw new ObjectNotFoundException("LDAPLookup.resolveObject() LDAP node " + dn + " is not in LDAP or has no IOR.", "");
+ }
+
+ /**
+ *
+ * @param domPath
+ * @return
+ * @throws InvalidItemPathException
+ * @throws ObjectNotFoundException
+ */
+ @Override
+ public ItemPath resolvePath(DomainPath domPath)
+ throws InvalidItemPathException, ObjectNotFoundException {
+ ItemPath referencedPath = null;
+ LDAPEntry domEntry = LDAPLookupUtils.getEntry(mLDAPAuth.getAuthObject(),
+ getFullDN(domPath), LDAPSearchConstraints.DEREF_ALWAYS);
+ String entityKey = LDAPLookupUtils.getFirstAttributeValue(domEntry,
+ "intsyskey");
+ Logger.msg(7, "DomainPath " + domPath + " is a reference to "
+ + entityKey);
+ String objClass = LDAPLookupUtils.getFirstAttributeValue(domEntry,
+ "objectClass");
+ if (objClass.equals("cristalagent"))
+ referencedPath = new AgentPath(Integer.parseInt(entityKey));
+ else
+ referencedPath = new ItemPath(Integer.parseInt(entityKey));
+
+ return referencedPath;
+ }
+
+
+ @Override
+ public void add(Path path)
+ throws ObjectCannotBeUpdated, ObjectAlreadyExistsException
+ {
+ try {
+ checkLDAPContext(path);
+ LDAPAttributeSet attrSet = createAttributeSet(path);
+ LDAPEntry newEntry = new LDAPEntry(getFullDN(path),attrSet);
+ LDAPLookupUtils.addEntry(mLDAPAuth.getAuthObject(),newEntry);
+ if (path instanceof DomainPath)
+ Gateway.getProxyServer().sendProxyEvent(new ProxyMessage(ProxyMessage.NA, path.toString(), ProxyMessage.ADDED));
+ } catch (LDAPException ex) {
+ if (ex.getResultCode() == LDAPException.ENTRY_ALREADY_EXISTS)
+ throw new ObjectAlreadyExistsException(ex.getLDAPErrorMessage(), "");
+ else
+ throw new ObjectCannotBeUpdated(ex.getLDAPErrorMessage(), "");
+ }
+ }
+
+ //deletes a node
+ //throws LDAPexception if node cannot be deleted (eg node is not a leaf)
+ @Override
+ public void delete(Path path) throws ObjectCannotBeUpdated
+ {
+ try {
+ LDAPLookupUtils.delete(mLDAPAuth.getAuthObject(),getDN(path)+mLocalPath);
+ } catch (LDAPException ex) {
+ throw new ObjectCannotBeUpdated(ex.getLDAPErrorMessage(), "");
+ }
+ if (path instanceof DomainPath) {
+ Gateway.getProxyServer().sendProxyEvent(new ProxyMessage(ProxyMessage.NA, path.toString(), ProxyMessage.DELETED));
+ }
+ }
+
+ //change specs, add boolean alias leaf context
+ protected void checkLDAPContext(Path path)
+ {
+ String dn = getFullDN(path);
+ if (!LDAPLookupUtils.exists(mLDAPAuth.getAuthObject(),dn))
+ {
+ String listDN[] = path.getPath();
+ String name = "cn="+ path.getRoot() + "," + mLocalPath;
+ int i=0;
+ while (i<listDN.length-1)
+ {
+ name= "cn="+LDAPLookupUtils.escapeDN(listDN[i])+","+name;
+ if (!LDAPLookupUtils.exists(mLDAPAuth.getAuthObject(),name))
+ {
+ try
+ {
+ //create cristalcontext
+ Logger.msg(8,"LDAPLookup::addLDAPContext() context added " + name);
+ LDAPLookupUtils.createCristalContext(mLDAPAuth.getAuthObject(), name);
+ }
+ catch (Exception ex)
+ {
+ Logger.error("LDAPLookup::addContext() " + ex);
+ }
+ }
+ i++;
+ }
+ }
+ }
+ public void createBootTree()
+ {
+ Logger.msg(8,"Initializing LDAP Boot tree");
+
+ //create org
+ LDAPLookupUtils.createOrganizationContext(mLDAPAuth.getAuthObject(), mGlobalPath);
+ //create root
+ LDAPLookupUtils.createCristalContext(mLDAPAuth.getAuthObject(), mRootPath);
+ //create local
+ LDAPLookupUtils.createCristalContext(mLDAPAuth.getAuthObject(), mLocalPath);
+ }
+
+ @Override
+ public void initializeDirectory() throws ObjectNotFoundException
+ {
+ createBootTree();
+ initTree( Gateway.getResource().getTextResource("ldap", "LDAPboot.txt"));
+ }
+
+ public void initTree(String bootFile)
+ {
+ Logger.msg(8,"Verifying Cristal LDAP roots");
+ StringTokenizer strTokenizer = new StringTokenizer(bootFile, "\n\r");
+ while (strTokenizer.hasMoreTokens())
+ {
+ String line = strTokenizer.nextToken();
+ Logger.msg(8,"Checking " + line+mLocalPath);
+ LDAPLookupUtils.createCristalContext(mLDAPAuth.getAuthObject(), line+mLocalPath);
+ }
+
+ }
+
+ //typically search for cn=barcode
+ @Override
+ public LDAPPathSet search(Path start, String filter)
+ {
+ Logger.msg(8,"LDAPLookup::search() From " + getDN(start) + " for cn=" + filter );
+ return search(getFullDN(start),"cn="+LDAPLookupUtils.escapeSearchFilter(filter));
+ }
+
+ @Override
+ public LDAPPathSet search(Path start, String propname, String propvalue)
+ {
+ String val = propname+":"+propvalue;
+ Logger.msg(8,"LDAPLookup::search() From " + getDN(start) + " for cristalprop=" + val );
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_SEARCHING);
+ return search(getFullDN(start),LDAPConnection.SCOPE_SUB,"cristalprop="+LDAPLookupUtils.escapeSearchFilter(val),searchCons);
+ }
+
+ @Override
+ public LDAPPathSet search(Path start, PropertyDescriptionList props) {
+ StringBuffer query = new StringBuffer();
+ int propCount = 0;
+ for (PropertyDescription propDesc: props.list) {
+ if (propDesc.getIsClassIdentifier()) {
+ String thisProp = LDAPLookupUtils.escapeSearchFilter(propDesc.getName()+(":")+propDesc.getDefaultValue());
+ query.append("(cristalprop=").append(thisProp).append(")");
+ propCount++;
+ }
+ }
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_SEARCHING);
+ if (propCount == 0)
+ return search(getFullDN(start),LDAPConnection.SCOPE_SUB,"objectClass=cristalentity",searchCons);
+ else if (propCount == 1)
+ return search(getFullDN(start),LDAPConnection.SCOPE_SUB,query.toString(),searchCons);
+ else
+ return search(getFullDN(start),LDAPConnection.SCOPE_SUB,"(&"+query.toString()+")",searchCons);
+ }
+
+ protected LDAPPathSet search(String startDN, int scope, String filter, LDAPSearchConstraints searchCons)
+ {
+ Logger.msg(8,"Searching for "+filter+" in "+startDN);
+ searchCons.setMaxResults(0);
+ String[] attr = { LDAPConnection.ALL_USER_ATTRS };
+ try
+ {
+ LDAPSearchResults res = mLDAPAuth.getAuthObject().search(startDN, scope,
+ filter,attr,false,searchCons);
+ return new LDAPPathSet(res, this);
+ }
+ catch (LDAPException ex)
+ {
+ Logger.error("LDAPException::LDAPLookup::search() " + ex.toString());
+ return new LDAPPathSet(this);
+ }
+ }
+ //typically search for (any filter combination)
+ public LDAPPathSet search(String startDN,String filter)
+ {
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER);
+ return search(startDN,LDAPConnection.SCOPE_SUB,filter,searchCons);
+ }
+
+ @Override
+ public LDAPPathSet searchEntities(Path start) {
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_SEARCHING);
+ return search(getFullDN(start), LDAPConnection.SCOPE_SUB, "objectClass=cristalentity", searchCons);
+ }
+
+ @Override
+ public LDAPPathSet searchAliases(DomainPath start) {
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER);
+ return search(getFullDN(start), LDAPConnection.SCOPE_SUB, "objectClass=aliasObject", searchCons);
+ }
+
+ @Override
+ public LDAPPathSet searchAliases(ItemPath entity) {
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER);
+ return search(getFullDN(new DomainPath()), LDAPConnection.SCOPE_SUB, "(&(objectClass=aliasObject)(aliasedObjectName="+
+ LDAPLookupUtils.escapeDN(getFullDN(entity))+"))", searchCons);
+ }
+
+ @Override
+ public boolean exists(Path path) {
+ return LDAPLookupUtils.exists(mLDAPAuth.getAuthObject(), getFullDN(path));
+ }
+
+ @Override
+ public Class<?> getItemClass(Path path) throws ObjectNotFoundException {
+ String[] attr = { LDAPConnection.ALL_USER_ATTRS };
+ try {
+ LDAPEntry anEntry=mLDAPAuth.getAuthObject().read(getDN(path)+mLocalPath,attr);
+ String type = LDAPLookupUtils.getFirstAttributeValue(anEntry, "objectClass");
+ if (type.equals("cristalentity"))
+ return TraceableEntity.class;
+ else if (type.equals("cristalagent"))
+ return ActiveEntity.class;
+ else
+ throw new ObjectNotFoundException("Not an entity", "");
+
+ } catch (LDAPException ex) {
+ if (ex.getResultCode() == LDAPException.NO_SUCH_OBJECT)
+ throw new ObjectNotFoundException("Entity does not exist", "");
+ Logger.error(ex);
+ throw new ObjectNotFoundException("Error getting entity class", "");
+ }
+ }
+
+ /** converts an LDAPentry to a Path object
+ * Note that the search producing the entry should have retrieved the attrs
+ * 'ior' and 'uniquemember'
+ * @throws ObjectNotFoundException
+ * @throws ObjectNotFoundException
+ */
+ protected Path nodeToPath(LDAPEntry entry) throws InvalidItemPathException, ObjectNotFoundException
+ {
+ String dn = entry.getDN();
+
+ // extract syskey
+ int entityKey = -1;
+ try {
+ String entityKeyStr = LDAPLookupUtils.getFirstAttributeValue(entry,"intsyskey");
+ entityKey = Integer.parseInt(entityKeyStr);
+ } catch (Exception e) { }
+
+ // extract IOR
+ org.omg.CORBA.Object ior = null;
+ try {
+ String stringIOR = LDAPLookupUtils.getFirstAttributeValue(entry,"ior");
+ ior = Gateway.getORB().string_to_object(stringIOR);
+ } catch (ObjectNotFoundException e2) { }
+
+ /* Find the right path class */
+ Path thisPath;
+ if (LDAPLookupUtils.existsAttributeValue(entry,"objectclass","cristalagent"))
+ { //cristalagent
+ String agentID = LDAPLookupUtils.getFirstAttributeValue(entry,"uid");
+ thisPath = new AgentPath(entityKey, agentID);
+ }
+
+ else if (LDAPLookupUtils.existsAttributeValue(entry,"objectclass","cristalrole"))
+ { //cristalrole
+ thisPath = new RolePath(LDAPDN.explodeDN(dn,true)[0],
+ LDAPLookupUtils.getFirstAttributeValue(entry, "jobList").equals("TRUE"));
+ }
+ else if (LDAPLookupUtils.existsAttributeValue(entry,"objectclass","aliasObject") ||
+ (LDAPLookupUtils.existsAttributeValue(entry,"objectclass","cristalcontext") && dn.endsWith(mDomainTypeRoot)))
+ {
+ DomainPath domainPath = new DomainPath();
+ domainPath.setPath(getPathComponents(dn.substring(0, dn.lastIndexOf(mDomainTypeRoot))));
+ thisPath = domainPath;
+ }
+ else if (LDAPLookupUtils.existsAttributeValue(entry,"objectclass","cristalentity") ||
+ (LDAPLookupUtils.existsAttributeValue(entry,"objectclass","cristalcontext") && dn.endsWith(mItemTypeRoot)))
+ {
+ if(dn.endsWith(mItemTypeRoot)) {
+ ItemPath entityPath;
+ if (entityKey != -1)
+ entityPath = new ItemPath(entityKey);
+ else {
+ entityPath = new ItemPath();
+ entityPath.setPath(getPathComponents(dn.substring(0, dn.lastIndexOf(mItemTypeRoot))));
+ }
+ thisPath = entityPath;
+ }
+ else
+ throw new ObjectNotFoundException("Entity found outside entity tree");
+ }
+ else
+ {
+ throw new ObjectNotFoundException("Unrecognised LDAP entry. Not a cristal entry");
+ }
+
+ //set IOR if we have one
+ if (ior!=null) thisPath.setIOR(ior);
+ return thisPath;
+ }
+
+ public String getDN(Path path) {
+ StringBuffer dnBuffer = new StringBuffer();
+ String[] pathComp = path.getPath();
+ for (int i=pathComp.length-1; i>=0; i--)
+ dnBuffer.append("cn=").append(LDAPLookupUtils.escapeDN(pathComp[i])).append(",");
+ dnBuffer.append("cn="+path.getRoot()+",");
+ return dnBuffer.toString();
+ }
+
+ public String getFullDN(Path path) {
+ return getDN(path)+mLocalPath;
+ }
+
+ public String[] getPathComponents(String dnFragment) {
+ ArrayList<String> newPath = new ArrayList<String>();
+ StringTokenizer tok = new StringTokenizer(dnFragment, ",");
+ String[] path = new String[tok.countTokens()];
+ while (tok.hasMoreTokens()) {
+ String nextPath = tok.nextToken();
+ if (nextPath.indexOf("cn=") == 0)
+ newPath.add(0, LDAPLookupUtils.unescapeDN(nextPath.substring(3)));
+ else
+ break;
+ }
+ return newPath.toArray(path);
+ }
+
+ @Override
+ public Object resolve(Path path) throws ObjectNotFoundException {
+ return resolveObject(getFullDN(path));
+ }
+
+ @Override
+ public Iterator<Path> getChildren(Path path) {
+ if (path instanceof RolePath) return ((RolePath)path).getChildren();
+ String filter = "objectclass=*";
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(10);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_FINDING );
+ return search(getFullDN(path), LDAPConnection.SCOPE_ONE,filter,searchCons);
+ }
+
+ protected LDAPAttributeSet createAttributeSet(Path path) throws ObjectCannotBeUpdated {
+ LDAPAttributeSet attrs = new LDAPAttributeSet();
+
+ if (path instanceof RolePath) {
+ RolePath rolePath = (RolePath)path;
+ attrs.add(new LDAPAttribute("objectclass","cristalrole"));
+ String jobListString = rolePath.hasJobList()?"TRUE":"FALSE";
+ attrs.add(new LDAPAttribute("jobList",jobListString));
+ attrs.add(new LDAPAttribute("cn", rolePath.getName()));
+ }
+ else if (path instanceof DomainPath) {
+ DomainPath domPath = (DomainPath)path;
+ attrs.add(new LDAPAttribute("cn",domPath.getName()));
+ try {
+ attrs.add(new LDAPAttribute("aliasedObjectName",getFullDN(domPath.getEntity())));
+ String objectclass_values[] = { "alias", "aliasObject" };
+ attrs.add(new LDAPAttribute("objectclass",objectclass_values));
+ } catch (ObjectNotFoundException e) { // no entity - is a context
+ attrs.add(new LDAPAttribute("objectclass","cristalcontext"));
+ }
+ }
+
+ else if (path instanceof ItemPath) {
+ ItemPath itemPath = (ItemPath)path;
+ attrs.add(new LDAPAttribute("intsyskey",Integer.toString(itemPath.getSysKey())));
+ attrs.add(new LDAPAttribute("cn", itemPath.getPath()[itemPath.getPath().length-1]));
+ if (itemPath.getIOR() != null)
+ attrs.add(new LDAPAttribute("ior", Gateway.getORB().object_to_string(itemPath.getIOR())));
+
+ if (path instanceof AgentPath) {
+ AgentPath agentPath = (AgentPath)path;
+ attrs.add(new LDAPAttribute("objectclass","cristalagent"));
+
+ String agentName = agentPath.getAgentName();
+ if (agentName != null && agentName.length() > 0)
+ attrs.add(new LDAPAttribute("uid", agentName));
+ else
+ throw new ObjectCannotBeUpdated("Cannot create agent. No userId specified", "");
+
+ String agentPass = agentPath.getPassword();
+ if (agentPass != null && agentPass.length() > 0)
+ try {
+ attrs.add(new LDAPAttribute("userPassword", AgentPath.generateUserPassword(agentPass, "SHA")));
+ } catch (NoSuchAlgorithmException ex) {
+ throw new ObjectCannotBeUpdated("Cryptographic libraries for password hashing not found.", "");
+ }
+ else
+ throw new ObjectCannotBeUpdated("Cannot create agent. No password given", "");
+ }
+ else {
+ attrs.add(new LDAPAttribute("objectclass","cristalentity"));
+ }
+ }
+
+ return attrs;
+
+ }
+
+ //NOTE: A role must have at LEAST 1 userDN, cannot be empty...
+ //Creates a cristalRole
+ //CristalRole is-a specialized CristalContext which contains multi-valued uniqueMember attribute pointing to cristalagents
+ @Override
+ public RolePath createRole(String roleName, boolean jobList)
+ throws ObjectAlreadyExistsException, ObjectCannotBeUpdated
+ {
+
+ // create the role
+ RolePath rolePath = new RolePath(roleName, jobList);
+ String roleDN = getFullDN(rolePath);
+ LDAPEntry roleNode;
+ try
+ {
+ roleNode = LDAPLookupUtils.getEntry(mLDAPAuth.getAuthObject(), getFullDN(rolePath));
+ throw new ObjectAlreadyExistsException();
+ } catch (ObjectNotFoundException ex) { }
+
+ //create CristalRole if it does not exist
+ roleNode = new LDAPEntry(roleDN, createAttributeSet(rolePath));
+ try {
+ LDAPLookupUtils.addEntry(mLDAPAuth.getAuthObject(),roleNode);
+ } catch (LDAPException e) {
+ throw new ObjectCannotBeUpdated(e.getLDAPErrorMessage(), "");
+ }
+ return rolePath;
+
+
+ }
+ public void deleteRole(RolePath role) throws ObjectNotFoundException, ObjectCannotBeUpdated {
+ try {
+ LDAPLookupUtils.delete(mLDAPAuth.getAuthObject(), getFullDN(role));
+ } catch (LDAPException ex) {
+ throw new ObjectCannotBeUpdated("Could not remove role");
+ }
+ }
+
+ @Override
+ public void addRole(AgentPath agent, RolePath role)
+ throws ObjectCannotBeUpdated, ObjectNotFoundException
+ {
+ LDAPEntry roleEntry = LDAPLookupUtils.getEntry(mLDAPAuth.getAuthObject(), getFullDN(role));
+ //add memberDN to uniqueMember if it is not yet a member
+ if (!LDAPLookupUtils.existsAttributeValue(roleEntry, "uniqueMember", getFullDN(agent)))
+ LDAPLookupUtils.addAttributeValue(mLDAPAuth.getAuthObject(), roleEntry, "uniqueMember", getFullDN(agent));
+ else
+ throw new ObjectCannotBeUpdated("Agent " + agent.getAgentName() + " already has role " + role.getName());
+ }
+
+ @Override
+ public void removeRole(AgentPath agent, RolePath role)
+ throws ObjectCannotBeUpdated, ObjectNotFoundException
+ {
+ LDAPEntry roleEntry = LDAPLookupUtils.getEntry(mLDAPAuth.getAuthObject(), getFullDN(role));
+ if (LDAPLookupUtils.existsAttributeValue(roleEntry, "uniqueMember", getFullDN(agent)))
+ LDAPLookupUtils.removeAttributeValue(mLDAPAuth.getAuthObject(), roleEntry, "uniqueMember", getFullDN(agent));
+ else
+ throw new ObjectCannotBeUpdated("Agent did not have that role");
+ }
+
+ @Override
+ public boolean hasRole(AgentPath agent, RolePath role) {
+ String filter = "(&(objectclass=cristalrole)(uniqueMember="+getFullDN(agent)+")(cn="+role.getName()+"))";
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER );
+ return search(mRolePath,LDAPConnection.SCOPE_SUB,filter,searchCons).hasNext();
+ }
+
+ @Override
+ public AgentPath[] getAgents(RolePath role)
+ throws ObjectNotFoundException
+ {
+ //get the roleDN entry, and its uniqueMember entry pointing to
+ LDAPEntry roleEntry;
+ try {
+ roleEntry = LDAPLookupUtils.getEntry(mLDAPAuth.getAuthObject(), getFullDN(role));
+ } catch (ObjectNotFoundException e) {
+ throw new ObjectNotFoundException("Role does not exist", "");
+ }
+
+ String[] res = LDAPLookupUtils.getAllAttributeValues(roleEntry,"uniqueMember");
+ ArrayList<AgentPath> agents = new ArrayList<AgentPath>();
+ for (String userDN : res) {
+ try {
+ LDAPEntry userEntry = LDAPLookupUtils.getEntry(mLDAPAuth.getAuthObject(), userDN);
+ AgentPath path = (AgentPath)nodeToPath(userEntry);
+ agents.add(path);
+ } catch (ObjectNotFoundException ex) {
+ Logger.error("Agent "+userDN+" does not exist");
+ } catch (InvalidItemPathException ex) {
+ Logger.error("Agent "+userDN+" is not a valid entity");
+ }
+ }
+ AgentPath[] usersList = new AgentPath[0];
+ usersList = agents.toArray(usersList);
+ return usersList;
+ }
+
+ //returns the role/s of a user
+ @Override
+ public RolePath[] getRoles(AgentPath agentPath)
+ {
+ //search the mDomainPath tree uniqueMember=userDN
+ //filter = objectclass=cristalrole AND uniqueMember=userDN
+ String filter = "(&(objectclass=cristalrole)(uniqueMember="+getFullDN(agentPath)+"))";
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER );
+ Iterator<?> roles = search(mRolePath,LDAPConnection.SCOPE_SUB,filter,searchCons);
+ ArrayList<RolePath> roleList = new ArrayList<RolePath>();
+
+ while(roles.hasNext())
+ {
+ RolePath path = (RolePath) roles.next();
+ roleList.add(path);
+ }
+ RolePath[] roleArr = new RolePath[roleList.size()];
+ roleArr = roleList.toArray(roleArr);
+ return roleArr;
+ }
+
+ /**
+ * Utility for looking up a login name
+ *
+ * @param ld
+ * @param agentName
+ * @param baseDN
+ * @return
+ * @throws ObjectNotFoundException
+ */
+ @Override
+ public AgentPath getAgentPath(String agentName) throws ObjectNotFoundException
+ {
+ //search to get the userDN equivalent of the userID
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER );
+ String filter = "(&(objectclass=cristalagent)(uid="+agentName+"))";
+ Iterator<Path> res = search(mItemTypeRoot,LDAPConnection.SCOPE_SUB,filter,searchCons);
+ if (!res.hasNext())
+ throw new ObjectNotFoundException("Agent not found: "+agentName, "");
+ Path result = res.next();
+ if (result instanceof AgentPath)
+ return (AgentPath)result;
+ else
+ throw new ObjectNotFoundException("Entry was not an Agent");
+ }
+
+ @Override
+ public RolePath getRolePath(String roleName) throws ObjectNotFoundException
+ {
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER );
+ String filter = "(&(objectclass=cristalrole)(cn="+roleName+"))";
+ Iterator<Path> res = search(mRolePath,LDAPConnection.SCOPE_SUB,filter,searchCons);
+ if (!res.hasNext())
+ throw new ObjectNotFoundException("Role not found");
+ Path result = res.next();
+ if (result instanceof RolePath)
+ return (RolePath)result;
+ else
+ throw new ObjectNotFoundException("Entry was not a Role");
+ }
+
+ @Override
+ public void setHasJobList(RolePath role, boolean hasJobList) throws ObjectNotFoundException, ObjectCannotBeUpdated {
+ // get entry
+ LDAPEntry roleEntry;
+ try {
+ roleEntry = LDAPLookupUtils.getEntry(mLDAPAuth.getAuthObject(), getFullDN(role));
+ } catch (ObjectNotFoundException e) {
+ throw new ObjectNotFoundException("Role does not exist", "");
+ }
+ // set attribute
+ LDAPLookupUtils.setAttributeValue(mLDAPAuth.getAuthObject(), roleEntry, "jobList", hasJobList?"TRUE":"FALSE");
+ }
+
+ @Override
+ public void setAgentPassword(AgentPath agent, String newPassword) throws ObjectNotFoundException, ObjectCannotBeUpdated, NoSuchAlgorithmException {
+ String encPasswd = AgentPath.generateUserPassword(newPassword, "SHA");
+ LDAPEntry agentEntry;
+ try {
+ agentEntry = LDAPLookupUtils.getEntry(mLDAPAuth.getAuthObject(), getFullDN(agent));
+ } catch (ObjectNotFoundException e) {
+ throw new ObjectNotFoundException("Agent "+agent.getAgentName()+" does not exist", "");
+ }
+ LDAPLookupUtils.setAttributeValue(mLDAPAuth.getAuthObject(), agentEntry, "userPassword", encPasswd);
+
+ }
+
+ @Override
+ public String getAgentName(AgentPath agentPath)
+ throws ObjectNotFoundException {
+ LDAPEntry agentEntry = LDAPLookupUtils.getEntry(mLDAPAuth.getAuthObject(), getFullDN(agentPath));
+ return LDAPLookupUtils.getFirstAttributeValue(agentEntry,"uid");
+ }
+
+}
diff --git a/src/main/java/com/c2kernel/lookup/ldap/LDAPLookupUtils.java b/src/main/java/com/c2kernel/lookup/ldap/LDAPLookupUtils.java new file mode 100644 index 0000000..e1c8ac4 --- /dev/null +++ b/src/main/java/com/c2kernel/lookup/ldap/LDAPLookupUtils.java @@ -0,0 +1,365 @@ +/*
+ * Lookup helper class.
+ */
+
+package com.c2kernel.lookup.ldap;
+
+//import netscape.ldap.*;
+//import netscape.ldap.util.*;
+import com.c2kernel.common.ObjectAlreadyExistsException;
+import com.c2kernel.common.ObjectCannotBeUpdated;
+import com.c2kernel.common.ObjectNotFoundException;
+import com.c2kernel.utils.Logger;
+import com.novell.ldap.LDAPAttribute;
+import com.novell.ldap.LDAPAttributeSet;
+import com.novell.ldap.LDAPConnection;
+import com.novell.ldap.LDAPDN;
+import com.novell.ldap.LDAPEntry;
+import com.novell.ldap.LDAPException;
+import com.novell.ldap.LDAPModification;
+import com.novell.ldap.LDAPSearchConstraints;
+import com.novell.ldap.LDAPSearchResults;
+
+/**
+ * @version $Revision: 1.74 $ $Date: 2006/03/03 13:52:21 $
+ * @author $Author: abranson $
+ */
+
+final public class LDAPLookupUtils
+{
+ static final char[] META_CHARS = {'+', '=', '"', ',', '<', '>', ';', '/'};
+ static final String[] META_ESCAPED = {"2B", "3D", "22", "2C", "3C", "3E", "3B", "2F"};
+ static public LDAPEntry getEntry(LDAPConnection ld, String dn,int dereference)
+ throws ObjectNotFoundException
+ {
+ try {
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(dereference);
+ LDAPEntry thisEntry = ld.read(dn,searchCons);
+ if (thisEntry != null) return thisEntry;
+ } catch (LDAPException ex) {
+ throw new ObjectNotFoundException("LDAP Exception for dn:"+dn+": \n"+ex.getMessage(), "");
+ }
+ throw new ObjectNotFoundException(dn+" does not exist", "");
+
+ }
+
+
+ /**
+ * Utility method to connect to an LDAP server
+ * @param lp LDAP properties to connect with
+ * @return a novell LDAPConnection object
+ * @throws LDAPException when the connection was unsuccessful
+ */
+ public static LDAPConnection createConnection(LDAPProperties lp) throws LDAPException {
+ LDAPConnection ld = new LDAPConnection();
+
+ Logger.msg(3, "LDAPLookup - connecting to " + lp.mHost);
+ ld.connect(lp.mHost, Integer.valueOf(lp.mPort).intValue());
+
+ Logger.msg(3, "LDAPLookup - authenticating user:" + lp.mUser);
+ ld.bind( LDAPConnection.LDAP_V3, lp.mUser,
+ String.valueOf(lp.mPassword).getBytes());
+
+ Logger.msg(3, "LDAPLookup - authentication successful");
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setMaxResults(0);
+ ld.setConstraints(searchCons);
+
+ return ld;
+ }
+
+ //Given a DN, return an LDAP Entry
+ static public LDAPEntry getEntry(LDAPConnection ld, String dn)
+ throws ObjectNotFoundException
+ {
+ return getEntry(ld, dn, LDAPSearchConstraints.DEREF_NEVER);
+ }
+
+ static public String getFirstAttributeValue(LDAPEntry anEntry, String attribute) throws ObjectNotFoundException
+ {
+ LDAPAttribute attr = anEntry.getAttribute(attribute);
+ if (attr==null)
+ throw new ObjectNotFoundException("No attributes named '"+attribute+"'", "");
+ return (String)attr.getStringValues().nextElement();
+ }
+
+ static public String[] getAllAttributeValues(LDAPEntry anEntry, String attribute) throws ObjectNotFoundException
+ {
+ LDAPAttribute attr = anEntry.getAttribute(attribute);
+ if (attr!=null)
+ return attr.getStringValueArray();
+
+ throw new ObjectNotFoundException("No attributes named '"+attribute+"'", "");
+
+ }
+
+ static public boolean existsAttributeValue(LDAPEntry anEntry, String attribute, String value)
+ {
+ LDAPAttribute attr = anEntry.getAttribute(attribute);
+ if (attr!=null)
+ {
+ String[] attrValues = new String[attr.size()];
+ attrValues = attr.getStringValueArray();
+ for (int i=0;i<attr.size();i++)
+ if (attrValues[i].equalsIgnoreCase(value))
+ return true;
+ }
+ return false;
+ }
+ static public boolean hasOneAttributeValue(LDAPEntry anEntry, String attribute) throws ObjectNotFoundException
+ {
+ int j =0;
+ LDAPAttribute attr = anEntry.getAttribute(attribute);
+ if (attr==null)
+ throw new ObjectNotFoundException("No attributes named '"+attribute+"'", "");
+ j=attr.size();
+ return j==1;
+ }
+
+ //this is for a single-valued attribute
+ static public void setAttributeValue(LDAPConnection ld, LDAPEntry anEntry, String attribute, String newValue)
+ throws ObjectNotFoundException, ObjectCannotBeUpdated
+ {
+ try {
+ if (!hasOneAttributeValue(anEntry, attribute))
+ throw new ObjectCannotBeUpdated("Attribute "+attribute + " of entry " + anEntry.getDN()+" has more than one value", "");
+ } catch (ObjectNotFoundException ex) {
+ addAttributeValue(ld, anEntry, attribute, newValue);
+ }
+ try
+ {
+ ld.modify(anEntry.getDN(),new LDAPModification(LDAPModification.REPLACE,new LDAPAttribute(attribute,newValue)));
+ }
+ catch (LDAPException ex)
+ {
+ Logger.error(ex);
+ throw new ObjectCannotBeUpdated("Attribute " + attribute + " of entry " + anEntry.getDN() + " could not be modified", "");
+ }
+ }
+
+
+ //this is for a multi-valued attribute eg uniqueMember
+ static public void addAttributeValue(LDAPConnection ld, LDAPEntry anEntry, String attribute, String value)
+ throws ObjectCannotBeUpdated
+ {
+ try
+ {
+ ld.modify(anEntry.getDN(),new LDAPModification(LDAPModification.ADD, new LDAPAttribute(attribute,value)));
+ }
+ catch (LDAPException ex)
+ {
+ Logger.error(ex);
+ throw new ObjectCannotBeUpdated("Attribute " + attribute + " of entry " + anEntry.getDN() + " could not be added.", "");
+ }
+ }
+
+ //this is for a multi-valued attribute eg uniqueMember
+ static public void removeAttributeValue(LDAPConnection ld, LDAPEntry anEntry, String attribute, String value)
+ throws ObjectCannotBeUpdated
+ {
+ try
+ {
+ ld.modify(anEntry.getDN(),new LDAPModification(LDAPModification.DELETE,new LDAPAttribute(attribute,value)));
+ }
+ catch (LDAPException ex)
+ {
+ Logger.error(ex);
+ throw new ObjectCannotBeUpdated("Attribute " + attribute + " of entry " + anEntry.getDN() + " could not be deleted", "");
+ }
+ }
+
+ static public boolean exists(LDAPConnection ld, String name)
+ {
+ try {
+ String[] attr = { LDAPConnection.NO_ATTRS };
+ LDAPEntry anEntry=ld.read(name,attr);
+ if (anEntry!=null)
+ return true;
+ } catch (LDAPException ex)
+ {
+ Logger.debug(9, "LDAPLookupUtils.exists("+name+": "+ex.getMessage());
+ return false;
+ }
+ return false;
+ }
+
+ static public void addEntry(LDAPConnection ld,LDAPEntry myEntry)
+ throws ObjectAlreadyExistsException, LDAPException
+ {
+ try
+ {
+ ld.add( myEntry );
+ }
+ catch( LDAPException ex ) {
+ if (ex.getResultCode() == LDAPException.ENTRY_ALREADY_EXISTS)
+ throw new ObjectAlreadyExistsException("Entry already present." + myEntry.getDN(), "");
+ throw ex;
+ }
+ }
+
+ static public boolean hasChildren(LDAPConnection ld, String dn, String filter)
+ {
+ String[] attr = { LDAPConnection.NO_ATTRS };
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER);
+
+ try
+ {
+ LDAPSearchResults res = ld.search(dn,LDAPConnection.SCOPE_ONE,filter,attr,false,searchCons);
+ if (res.hasMore())
+ return true;
+ }
+ catch (LDAPException ex)
+ {
+ Logger.error(ex);
+ }
+ return false;
+ }
+
+ //returns list of dns
+ static public String[] getChildrenDNs(LDAPConnection ld, String dn, String filter)
+ {
+ String[] result = null;
+ String[] attr = { LDAPConnection.NO_ATTRS };
+ LDAPSearchConstraints searchCons = new LDAPSearchConstraints();
+ searchCons.setBatchSize(0);
+ searchCons.setDereference(LDAPSearchConstraints.DEREF_NEVER);
+
+ try
+ {
+ LDAPSearchResults res = ld.search(dn,LDAPConnection.SCOPE_ONE,filter,attr,false,searchCons);
+ result = new String[res.getCount()];
+ int i=0;
+ while (res.hasMore())
+ {
+ LDAPEntry findEntry=res.next();
+ if (findEntry!=null)
+ {
+ result[i++] = new String(findEntry.getDN());
+ }
+ }
+ }
+ catch (Exception ex)
+ {
+ Logger.error(ex);
+ }
+ return result;
+ }
+
+ static public void delete(LDAPConnection ld, String dn)
+ throws LDAPException
+ {
+ try
+ {
+ Logger.msg(7, "LDAPLookupUtils.delete() - "+dn);
+ ld.delete(dn);
+ }
+ catch (LDAPException ex)
+ {
+ Logger.error("LDAPLookupUtils.remove() - Cannot remove "+dn+": " + ex.getMessage());
+ throw ex;
+ }
+ }
+
+ //param dn is the DN of the name
+ //param name is the name of the node (also the RDN)
+ //example: cn=lab27,o=cern.ch lab27
+ //example: cn=product, cn=domain, cn=lab27, cn= cristal2, o=cern.ch product
+ static public void createCristalContext(LDAPConnection ld, String dn)
+ {
+ if (LDAPLookupUtils.exists(ld,dn))
+ return;
+ try
+ {
+ String name = LDAPDN.explodeDN(dn,true)[0];
+ LDAPAttributeSet attrs = new LDAPAttributeSet();
+ attrs.add(new LDAPAttribute("cn",name));
+ String objectclass_values[] = new String[1];
+ objectclass_values[0] = "cristalcontext";
+ if (name.equals("last"))
+ attrs.add(new LDAPAttribute("intsyskey", "0"));
+
+ attrs.add(new LDAPAttribute("objectclass",objectclass_values));
+
+ LDAPLookupUtils.addEntry(ld,new LDAPEntry(dn,attrs));
+ }
+ catch (Exception ex)
+ {
+ Logger.error("LDAPLookupUtils.createCristalContext() " + ex.toString());
+ }
+ }
+
+ static public void createOrganizationContext(LDAPConnection ld, String dn)
+ {
+ if (LDAPLookupUtils.exists(ld,dn))
+ return;
+
+ try
+ {
+ String name = LDAPDN.explodeDN(dn,true)[0];
+ LDAPAttributeSet attrs = new LDAPAttributeSet();
+ //No idea why this worked, or why it suddenly stopped working when we moved to maven
+ //attrs.add(new LDAPAttribute("objectclass","top"));
+ attrs.add(new LDAPAttribute("objectclass","organization"));
+ attrs.add(new LDAPAttribute("o",name));
+ LDAPLookupUtils.addEntry(ld,new LDAPEntry(dn,attrs));
+ }
+ catch (Exception ex)
+ {
+ Logger.msg(ex.toString());
+ }
+ }
+
+ public static String escapeDN (String name) {
+ //From RFC 2253 and the / character for JNDI
+ if (name == null) return null;
+ String escapedStr = new String(name);
+
+ //Backslash is both a Java and an LDAP escape character, so escape it first
+ escapedStr = escapedStr.replaceAll("\\\\","\\\\");
+
+ //Positional characters - see RFC 2253
+ escapedStr = escapedStr.replaceAll("^#","\\\\23"); // TODO: active directory requires hash to be escaped everywhere
+ escapedStr = escapedStr.replaceAll("^ | $","\\\\20");
+
+ for (int i=0; i<META_CHARS.length; i++) {
+ escapedStr = escapedStr.replaceAll("\\"+META_CHARS[i],"\\\\"+ META_ESCAPED[i]);
+ }
+ if (!name.equals(escapedStr)) Logger.msg(3, "LDAP DN "+name+" escaped to "+escapedStr);
+ return escapedStr;
+ }
+
+ public static String unescapeDN (String dn) {
+ //From RFC 2253 and the / character for JNDI
+ String unescapedStr = new String(dn);
+
+ //Positional characters - see RFC 2253
+ unescapedStr = unescapedStr.replaceAll("^\\\\23", "#"); // TODO: active directory requires hash to be escaped everywhere
+ unescapedStr = unescapedStr.replaceAll("^\\\\20|\\\\20$", " ");
+
+ for (int i=0; i<META_CHARS.length; i++) {
+ unescapedStr = unescapedStr.replaceAll("\\\\" + META_ESCAPED[i], ""+META_CHARS[i]);
+ }
+
+ //Any remaining escaped backslashes
+ unescapedStr = unescapedStr.replaceAll("\\\\","\\");
+
+ if (!dn.equals(unescapedStr)) Logger.msg(3, "LDAP DN "+dn+" unescaped to "+unescapedStr);
+ return unescapedStr;
+ }
+
+ public static String escapeSearchFilter (String filter) {
+ //From RFC 2254
+ String escapedStr = new String(filter);
+
+ escapedStr = escapedStr.replaceAll("\\\\","\\\\5c");
+ //escapedStr = escapedStr.replaceAll("\\*","\\\\2a"); // we need stars for searching
+ escapedStr = escapedStr.replaceAll("\\(","\\\\28");
+ escapedStr = escapedStr.replaceAll("\\)","\\\\29");
+ if (!filter.equals(escapedStr)) Logger.msg(3, "LDAP Search Filter "+filter+" escaped to "+escapedStr);
+ return escapedStr;
+ }
+}
diff --git a/src/main/java/com/c2kernel/lookup/ldap/LDAPNextKeyManager.java b/src/main/java/com/c2kernel/lookup/ldap/LDAPNextKeyManager.java new file mode 100644 index 0000000..48f938e --- /dev/null +++ b/src/main/java/com/c2kernel/lookup/ldap/LDAPNextKeyManager.java @@ -0,0 +1,97 @@ +package com.c2kernel.lookup.ldap;
+
+import com.c2kernel.common.ObjectCannotBeUpdated;
+import com.c2kernel.common.ObjectNotFoundException;
+import com.c2kernel.lookup.AgentPath;
+import com.c2kernel.lookup.InvalidItemPathException;
+import com.c2kernel.lookup.ItemPath;
+import com.c2kernel.persistency.ClusterStorageException;
+import com.c2kernel.persistency.NextKeyManager;
+import com.c2kernel.process.Gateway;
+import com.c2kernel.process.auth.Authenticator;
+import com.c2kernel.utils.Logger;
+import com.novell.ldap.LDAPEntry;
+
+/**************************************************************************
+ *
+ * $Revision: 1.2 $
+ * $Date: 2005/04/27 13:47:24 $
+ *
+ * Copyright (C) 2003 CERN - European Organization for Nuclear Research
+ * All rights reserved.
+ **************************************************************************/
+
+// public static final String codeRevision = "$Revision: 1.2 $ $Date: 2005/04/27 13:47:24 $ $Author: abranson $";
+public class LDAPNextKeyManager implements NextKeyManager {
+
+ LDAPAuthManager ldap;
+ String lastKeyPath;
+
+ public LDAPNextKeyManager() {
+ super();
+ LDAPProperties props = new LDAPProperties(Gateway.getProperties());
+ this.lastKeyPath = "cn=last,cn=entity,"+props.mLocalPath;
+ }
+
+ public void open(Authenticator auth) {
+ this.ldap = (LDAPAuthManager)auth;
+ }
+
+ @Override
+ public synchronized ItemPath generateNextEntityKey()
+ throws ObjectCannotBeUpdated, ObjectNotFoundException
+ {
+ ItemPath lastKey = getLastEntityPath();
+
+ try {
+ lastKey.setSysKey(lastKey.getSysKey()+1);
+ } catch (InvalidItemPathException ex) {
+ throw new ObjectCannotBeUpdated("Invalid syskey "+(lastKey.getSysKey()+1)+". Maybe centre is full.");
+ }
+ //test that storage is empty for that key
+ try {
+ if (Gateway.getStorage().getClusterContents(lastKey.getSysKey(), "").length > 0)
+ throw new ObjectCannotBeUpdated("NextKeyManager: Storage already contains data for syskey "+lastKey.getSysKey()+
+ ". Storage is out of sync with nextkey. Please contact an administrator", "");
+ } catch (ClusterStorageException e) {
+ Logger.error(e);
+ throw new ObjectCannotBeUpdated("Could not check storage for prior data for the next generated systemKey: "+e.getMessage());
+ }
+
+ //set the last key
+ writeLastEntityKey(lastKey.getSysKey());
+
+ return lastKey;
+ }
+
+ @Override
+ public synchronized AgentPath generateNextAgentKey()
+ throws ObjectCannotBeUpdated, ObjectNotFoundException {
+ ItemPath newEntity = generateNextEntityKey();
+ return new AgentPath(newEntity);
+ }
+
+ @Override
+ public void writeLastEntityKey(int sysKey) throws ObjectCannotBeUpdated, ObjectNotFoundException {
+ LDAPEntry lastKeyEntry = LDAPLookupUtils.getEntry(ldap.getAuthObject(),lastKeyPath);
+ LDAPLookupUtils.setAttributeValue(ldap.getAuthObject(), lastKeyEntry,"intsyskey",Integer.toString(sysKey));
+ }
+
+ @Override
+ public ItemPath getLastEntityPath() throws ObjectNotFoundException
+ {
+ LDAPEntry lastKeyEntry = LDAPLookupUtils.getEntry(ldap.getAuthObject(),lastKeyPath);
+ String lastKey = LDAPLookupUtils.getFirstAttributeValue(lastKeyEntry,"intsyskey");
+ try {
+ int sysKey = Integer.parseInt(lastKey);
+ ItemPath sysPath = new ItemPath(sysKey);
+ return sysPath;
+ } catch (InvalidItemPathException ex) {
+ throw new ObjectNotFoundException("Invalid syskey. Maybe centre is full.");
+ } catch (NumberFormatException ex) {
+ throw new ObjectNotFoundException("Invalid syskey in lastkey.");
+ }
+
+ }
+
+}
diff --git a/src/main/java/com/c2kernel/lookup/ldap/LDAPPathSet.java b/src/main/java/com/c2kernel/lookup/ldap/LDAPPathSet.java new file mode 100644 index 0000000..806976d --- /dev/null +++ b/src/main/java/com/c2kernel/lookup/ldap/LDAPPathSet.java @@ -0,0 +1,81 @@ +package com.c2kernel.lookup.ldap;
+
+import java.util.Iterator;
+
+import com.c2kernel.lookup.Path;
+import com.c2kernel.utils.Logger;
+import com.novell.ldap.LDAPEntry;
+import com.novell.ldap.LDAPException;
+import com.novell.ldap.LDAPSearchResults;
+
+/**************************************************************************
+ *
+ * $Revision: 1.6 $
+ * $Date: 2005/12/01 14:23:14 $
+ *
+ * Copyright (C) 2003 CERN - European Organization for Nuclear Research
+ * All rights reserved.
+ **************************************************************************/
+
+
+
+public class LDAPPathSet implements Iterator<Path> {
+ LDAPSearchResults results;
+ LDAPEntry nextEntry;
+ LDAPLookup ldap;
+
+ public LDAPPathSet(LDAPLookup ldap) { // empty
+ this.ldap = ldap;
+ results = null;
+ }
+
+ public LDAPPathSet(LDAPSearchResults results, LDAPLookup ldap) {
+ this.ldap = ldap;
+ this.results = results;
+ }
+
+ @Override
+ public boolean hasNext() {
+ if (results == null) return false;
+ if (nextEntry != null) return true;
+ if (results.hasMore())
+ try {
+ nextEntry = results.next();
+ return true;
+ } catch (LDAPException ex) {
+ if (ex.getResultCode()!=32) {// no results
+ Logger.error(ex);
+ Logger.error("Error loading LDAP result set: "+ex.getMessage());
+ }
+ }
+ return false;
+ }
+
+ @Override
+ public Path next() {
+ if (results == null) return null;
+ try {
+ if (nextEntry == null)
+ nextEntry = results.next();
+ Path nextPath = ldap.nodeToPath(nextEntry);
+ nextEntry = null;
+ return nextPath;
+ } catch (Exception ex) {
+ Logger.error("Error loading next path");
+ Logger.error(ex);
+ nextEntry = null;
+ if (hasNext()) {
+ Logger.error("Skipping to next entry");
+ return next();
+ }
+ else
+ return null;
+ }
+ }
+
+ @Override
+ public void remove() {
+ // do nothing
+
+ }
+}
diff --git a/src/main/java/com/c2kernel/lookup/ldap/LDAPProperties.java b/src/main/java/com/c2kernel/lookup/ldap/LDAPProperties.java new file mode 100644 index 0000000..1e9f971 --- /dev/null +++ b/src/main/java/com/c2kernel/lookup/ldap/LDAPProperties.java @@ -0,0 +1,38 @@ +/*
+ * Directory Lookup Service
+*/
+
+package com.c2kernel.lookup.ldap;
+
+import com.c2kernel.utils.ObjectProperties;
+
+/**
+ * @version $Revision: 1.16 $ $Date: 2005/10/12 12:51:54 $
+ * @author $Author: abranson $
+ */
+public class LDAPProperties
+{
+ public String mGlobalPath = null; //o=cern.ch
+ public String mRootPath = null; //cn=cristal2
+ public String mLocalPath = null; //cn=lab27
+ public Integer mPort = null;
+ public String mHost = null;
+ public String mUser = null;
+ public String mPassword = null;
+
+ public LDAPProperties(ObjectProperties obj)
+ {
+ mGlobalPath = obj.getProperty( "LDAP.GlobalPath" );
+ mRootPath = obj.getProperty( "LDAP.RootPath" );
+ mLocalPath = obj.getProperty( "LDAP.LocalPath" );
+ mPort = obj.getInt( "LDAP.port", 389 );
+ mHost = obj.getProperty( "LDAP.host" );
+ mUser = obj.getProperty( "LDAP.user" );
+ mPassword = obj.getProperty( "LDAP.password" );
+
+ mRootPath += "," + mGlobalPath;
+ mLocalPath += "," + mRootPath;
+
+ }
+}
+
diff --git a/src/main/java/com/c2kernel/lookup/ldap/LDAPPropertyManager.java b/src/main/java/com/c2kernel/lookup/ldap/LDAPPropertyManager.java new file mode 100644 index 0000000..1b6e906 --- /dev/null +++ b/src/main/java/com/c2kernel/lookup/ldap/LDAPPropertyManager.java @@ -0,0 +1,141 @@ +package com.c2kernel.lookup.ldap;
+
+import java.util.ArrayList;
+import java.util.Enumeration;
+
+import com.c2kernel.common.ObjectCannotBeUpdated;
+import com.c2kernel.common.ObjectNotFoundException;
+import com.c2kernel.lookup.ItemPath;
+import com.c2kernel.property.Property;
+import com.c2kernel.utils.Logger;
+import com.novell.ldap.LDAPAttribute;
+import com.novell.ldap.LDAPEntry;
+
+/**************************************************************************
+ *
+ * $Revision: 1.3 $
+ * $Date: 2006/03/03 13:52:21 $
+ *
+ * Copyright (C) 2003 CERN - European Organization for Nuclear Research
+ * All rights reserved.
+ **************************************************************************/
+
+public class LDAPPropertyManager {
+ /**
+ *
+ */
+ protected LDAPLookup ldap;
+ private final LDAPAuthManager auth;
+
+ public LDAPPropertyManager(LDAPLookup ldap, LDAPAuthManager auth) {
+ super();
+ this.ldap = ldap;
+ this.auth = auth;
+ }
+
+ /**
+ * @param thisItem - EntityPath of the subject entity
+ * @return
+ * @throws ObjectNotFoundException
+ */
+ public boolean hasProperties(ItemPath thisItem) throws ObjectNotFoundException {
+ LDAPEntry entityEntry = LDAPLookupUtils.getEntry(auth.getAuthObject(), ldap.getFullDN(thisItem));
+ return entityEntry.getAttribute("cristalprop") != null;
+ }
+
+ /**
+ * @param thisItem - EntityPath of the subject entity
+ * @return array of Property
+ * @throws ObjectNotFoundException
+ */
+ public String[] getPropertyNames(ItemPath thisItem) throws ObjectNotFoundException {
+ LDAPEntry entityEntry = LDAPLookupUtils.getEntry(auth.getAuthObject(), ldap.getFullDN(thisItem));
+ ArrayList<String> propbag = new ArrayList<String>();
+ LDAPAttribute props = entityEntry.getAttribute("cristalprop");
+ for (Enumeration<?> e = props.getStringValues(); e.hasMoreElements();) {
+ String thisProp = (String)e.nextElement();
+ String thisName = thisProp.substring(0, thisProp.indexOf(':'));
+ if (thisName.startsWith("!") && thisName.length()>1) thisName = thisName.substring(1);
+ propbag.add(thisName);
+ }
+
+ String[] retArr = new String[props.size()];
+ return propbag.toArray(retArr);
+ }
+
+ /**
+ * @param thisItem - EntityPath of the subject entity
+ * @param propName - the name of the property to retrieve
+ * @return The Property object
+ * @throws ObjectNotFoundException
+ */
+ public Property getProperty(ItemPath thisItem, String name) throws ObjectNotFoundException {
+ LDAPEntry entityEntry = LDAPLookupUtils.getEntry(auth.getAuthObject(), ldap.getFullDN(thisItem));
+ return getProperty(entityEntry, name);
+ }
+
+ /**
+ * @param thisItem - EntityPath of the subject entity
+ * @param name - the property name to delete
+ * @throws ObjectNotFoundException
+ * @throws ObjectCannotBeUpdated
+ */
+ public void deleteProperty(ItemPath thisItem, String name) throws ObjectNotFoundException, ObjectCannotBeUpdated {
+ LDAPEntry entityEntry = LDAPLookupUtils.getEntry(auth.getAuthObject(), ldap.getFullDN(thisItem));
+ Property prop = getProperty(entityEntry, name);
+ Logger.msg(6, "LDAPLookupUtils.deleteProperty("+name+") - Deleting property");
+ LDAPLookupUtils.removeAttributeValue(auth.getAuthObject(), entityEntry, "cristalprop", getPropertyAttrValue(prop));
+ }
+
+ private static String getPropertyAttrValue(Property prop) {
+ return (prop.isMutable()?"":"!")+prop.getName()+":"+prop.getValue();
+ }
+
+ /**
+ * @param thisItem - EntityPath of the subject entity
+ * @param prop - the property to store
+ * @throws ObjectNotFoundException
+ * @throws ObjectCannotBeUpdated
+ */
+ public void setProperty(ItemPath thisItem, Property prop) throws ObjectNotFoundException, ObjectCannotBeUpdated {
+ LDAPEntry entityEntry = LDAPLookupUtils.getEntry(auth.getAuthObject(), ldap.getFullDN(thisItem));
+ try {
+ Property oldProp = getProperty(entityEntry, prop.getName());
+ Logger.msg(6, "LDAPLookupUtils.setProperty("+prop.getName()+") - Removing old value '"+oldProp.getValue()+"'");
+ LDAPLookupUtils.removeAttributeValue(auth.getAuthObject(), entityEntry, "cristalprop", getPropertyAttrValue(oldProp));
+ } catch (ObjectNotFoundException ex) {
+ Logger.msg(6, "LDAPLookupUtils.setProperty("+prop.getName()+") - creating new property.");
+ }
+ Logger.msg(6, "LDAPLookupUtils.setProperty("+prop.getName()+") - setting to '"+prop.getValue()+"'");
+ LDAPLookupUtils.addAttributeValue(auth.getAuthObject(), entityEntry, "cristalprop", getPropertyAttrValue(prop));
+ }
+
+ public static Property getProperty(LDAPEntry myEntry, String propName) throws ObjectNotFoundException {
+ // delete existing props
+ LDAPAttribute props = myEntry.getAttribute("cristalprop");
+ if (props == null)
+ throw new ObjectNotFoundException("Property "+propName+" does not exist", "");
+ String propPrefix = propName+":";
+ String roPropPrefix = "!"+propPrefix;
+ String val = null, name = null; boolean mutable = false;
+ for (Enumeration<?> e = props.getStringValues(); name==null && e.hasMoreElements();) {
+ String attrVal = (String)e.nextElement();
+ if (attrVal.toLowerCase().startsWith(propPrefix.toLowerCase())) {
+ name = attrVal.substring(0, propPrefix.length()-1);
+ val = attrVal.substring(propPrefix.length());
+ mutable = true; break;
+ }
+
+ if (attrVal.toLowerCase().startsWith(roPropPrefix.toLowerCase())) {
+ name = attrVal.substring(1, roPropPrefix.length()-1);
+ val = attrVal.substring(roPropPrefix.length());
+ mutable = false; break;
+ }
+ }
+ if (name == null)
+ throw new ObjectNotFoundException("Property "+propName+" does not exist", "");
+ Logger.msg(6, "Loaded "+(mutable?"":"Non-")+"Mutable Property: "+name+"="+val);
+ return new Property(name, val, mutable);
+ }
+
+}
diff --git a/src/main/java/com/c2kernel/persistency/LDAPClientReader.java b/src/main/java/com/c2kernel/persistency/LDAPClientReader.java new file mode 100644 index 0000000..ac9215c --- /dev/null +++ b/src/main/java/com/c2kernel/persistency/LDAPClientReader.java @@ -0,0 +1,43 @@ +package com.c2kernel.persistency;
+
+import com.c2kernel.entity.C2KLocalObject;
+
+/** Allows clients to directly load properties and collections from the LDAP
+* so no CORBA calls need to be made during normal browsing
+*/
+
+public class LDAPClientReader extends LDAPClusterStorage {
+ // return all readwrite support as readonly
+ @Override
+ public short queryClusterSupport(String clusterType) {
+ return (short)(super.queryClusterSupport(clusterType) & READ);
+ }
+
+
+ /**
+ * @see com.c2kernel.persistency.ClusterStorage#delete(Integer, String)
+ */
+ @Override
+ public void delete(Integer sysKey, String path)
+ throws ClusterStorageException {
+ throw new ClusterStorageException("Writing not supported in ClientReader");
+ }
+
+ /**
+ * @see com.c2kernel.persistency.ClusterStorage#getName()
+ */
+ @Override
+ public String getName() {
+ return "LDAP Client Cluster Reader";
+ }
+
+ /**
+ * @see com.c2kernel.persistency.ClusterStorage#put(Integer, String, C2KLocalObject)
+ */
+
+ public void put(Integer sysKey, String path, C2KLocalObject obj)
+ throws ClusterStorageException {
+ throw new ClusterStorageException("Writing not supported in ClientReader");
+ }
+
+}
diff --git a/src/main/java/com/c2kernel/persistency/LDAPClusterStorage.java b/src/main/java/com/c2kernel/persistency/LDAPClusterStorage.java new file mode 100644 index 0000000..4762a33 --- /dev/null +++ b/src/main/java/com/c2kernel/persistency/LDAPClusterStorage.java @@ -0,0 +1,176 @@ +package com.c2kernel.persistency;
+import java.util.ArrayList;
+import java.util.StringTokenizer;
+
+import com.c2kernel.common.ObjectNotFoundException;
+import com.c2kernel.entity.C2KLocalObject;
+import com.c2kernel.lookup.InvalidItemPathException;
+import com.c2kernel.lookup.ItemPath;
+import com.c2kernel.lookup.Lookup;
+import com.c2kernel.lookup.ldap.LDAPLookup;
+import com.c2kernel.lookup.ldap.LDAPPropertyManager;
+import com.c2kernel.process.Gateway;
+import com.c2kernel.process.auth.Authenticator;
+import com.c2kernel.property.Property;
+import com.c2kernel.utils.Logger;
+
+public class LDAPClusterStorage extends ClusterStorage {
+ LDAPPropertyManager ldapStore;
+
+ @Override
+ public void open(Authenticator auth) throws ClusterStorageException {
+ Lookup lookup = Gateway.getLookup();
+ if (lookup instanceof LDAPLookup)
+ ldapStore = ((LDAPLookup)lookup).getPropManager();
+ else
+ throw new ClusterStorageException("Cannot use LDAP cluster storage without LDAP Lookup");
+
+ }
+
+ @Override
+ public void close() throws ClusterStorageException {
+ }
+
+ // introspection
+ @Override
+ public short queryClusterSupport(String clusterType) {
+ if (clusterType.equals(PROPERTY))
+ return READWRITE;
+ else
+ return NONE;
+ }
+
+ @Override
+ public String getName() {
+ return "LDAP Cluster Storage";
+ }
+
+ @Override
+ public String getId() {
+ return "LDAP";
+ }
+
+ // retrieve object by path
+ @Override
+ public C2KLocalObject get(Integer sysKey, String path) throws ClusterStorageException {
+ Logger.msg(6, "LDAPClusterStorage.get() - "+sysKey+"/"+path);
+ StringTokenizer tok = new StringTokenizer(path, "/");
+ int pathLength = tok.countTokens();
+ if (pathLength != 2)
+ throw new ClusterStorageException("Path length was invalid: "+path);
+ String type = tok.nextToken();
+
+ ItemPath thisEntity;
+ try {
+ thisEntity = new ItemPath(sysKey.intValue());
+ } catch (InvalidItemPathException e) {
+ throw new ClusterStorageException("Invalid Syskey:"+sysKey);
+ }
+
+ String objName = tok.nextToken();
+ C2KLocalObject newObj;
+
+ if (type.equals(PROPERTY)) {
+ try {
+ Property newProperty = ldapStore.getProperty(thisEntity, objName);
+ newObj = newProperty;
+ } catch (ObjectNotFoundException ex) {
+ throw new ClusterStorageException("Property "+objName+" not found in "+sysKey);
+ }
+
+ }
+ else
+ throw new ClusterStorageException("Cluster type "+type+" not supported.");
+
+ return newObj;
+ }
+ // store object by path
+ @Override
+ public void put(Integer sysKey, C2KLocalObject obj) throws ClusterStorageException {
+ Logger.msg(6, "LDAPClusterStorage.put() - "+sysKey+"/"+ClusterStorage.getPath(obj));
+
+ String type = obj.getClusterType();
+
+ ItemPath thisEntity;
+ try {
+ thisEntity = new ItemPath(sysKey.intValue());
+ } catch (InvalidItemPathException e) {
+ throw new ClusterStorageException("Invalid Syskey:"+sysKey);
+ }
+
+ if (type.equals(PROPERTY)) {
+ try {
+ ldapStore.setProperty(thisEntity, (Property)obj);
+ } catch (Exception e1) {
+ Logger.error(e1);
+ throw new ClusterStorageException("LDAPClusterStorage - could not write property");
+ }
+ }
+ else
+ throw new ClusterStorageException("Cluster type "+type+" not supported.");
+
+ }
+ // delete cluster
+ @Override
+ public void delete(Integer sysKey, String path) throws ClusterStorageException {
+ StringTokenizer tok = new StringTokenizer(path, "/");
+ int pathLength = tok.countTokens();
+ if (pathLength != 2)
+ throw new ClusterStorageException("Path length was invalid: "+path);
+ String type = tok.nextToken();
+
+ ItemPath thisEntity;
+ try {
+ thisEntity = new ItemPath(sysKey.intValue());
+ } catch (InvalidItemPathException e) {
+ throw new ClusterStorageException("Invalid Syskey:"+sysKey);
+ }
+
+ if (type.equals(PROPERTY)) {
+ try {
+ ldapStore.deleteProperty(thisEntity, tok.nextToken());
+ } catch (Exception e1) {
+ Logger.error(e1);
+ throw new ClusterStorageException("LDAPClusterStorage - could not delete property");
+ }
+ }
+ else
+ throw new ClusterStorageException("Cluster type "+type+" not supported.");
+
+ }
+
+ /* navigation */
+
+ // directory listing
+ @Override
+ public String[] getClusterContents(Integer sysKey, String path) throws ClusterStorageException {
+ Logger.msg(6, "LDAPClusterStorage.getClusterContents() - "+sysKey+"/"+path);
+ StringTokenizer tok = new StringTokenizer(path, "/");
+ int pathLength = tok.countTokens();
+ if (pathLength > 1)
+ return new String[0];
+
+ String type = getClusterType(path);
+ try
+ {
+ ItemPath thisEntity = new ItemPath(sysKey.intValue());
+ if (type.equals(PROPERTY))
+ return ldapStore.getPropertyNames(thisEntity);
+ else
+ if (type.equals("")) { // root query
+ String[] allClusters = new String[0];
+ ArrayList<String> clusterList = new ArrayList<String>();
+ if (ldapStore.hasProperties(thisEntity))
+ clusterList.add(PROPERTY);
+ allClusters = clusterList.toArray(allClusters);
+ return allClusters;
+ }
+ else
+ throw new ClusterStorageException("Cluster type "+type+" not supported.");
+ } catch (InvalidItemPathException e) {
+ throw new ClusterStorageException("Invalid Syskey:"+sysKey);
+ } catch (ObjectNotFoundException e) {
+ throw new ClusterStorageException("Entity "+sysKey+" does not exist");
+ }
+ }
+}
diff --git a/src/main/resources/LDAPboot.txt b/src/main/resources/LDAPboot.txt new file mode 100644 index 0000000..995d47d --- /dev/null +++ b/src/main/resources/LDAPboot.txt @@ -0,0 +1,4 @@ +cn=entity,
+cn=last,cn=entity,
+cn=domain,
+cn=agent,cn=domain,
\ No newline at end of file diff --git a/src/main/resources/module.xml b/src/main/resources/module.xml new file mode 100644 index 0000000..521b145 --- /dev/null +++ b/src/main/resources/module.xml @@ -0,0 +1,11 @@ +<CristalModule ns="ldap" name="CristalLDAP">
+ <Info>
+ <Description>LDAP Lookup, Authenticator and NextKeyManager implementations.</Description>
+ <Version>${version}</Version>
+ </Info>
+ <ResourceURL>com/c2kernel/lookup/ldap/resources/</ResourceURL>
+ <Config name="Authenticator">com.c2kernel.lookup.ldap.LDAPAuthManager</Config>
+ <Config name="Lookup">com.c2kernel.lookup.ldap.LDAPLookup</Config>
+ <Config name="NextKeyManager">com.c2kernel.lookup.ldap.LDAPNextKeyManager</Config>
+ <Imports/>
+</CristalModule>
\ No newline at end of file |