Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
benjamin.ertl
aai-identity-harmonization
Commits
a479a9a5
Commit
a479a9a5
authored
Feb 10, 2016
by
benjamin.ertl
Browse files
include local user mapping
parent
60662521
Changes
5
Hide whitespace changes
Inline
Side-by-side
src/main/java/edu/kit/scc/ldap/LdapClient.java
View file @
a479a9a5
...
...
@@ -186,6 +186,22 @@ public class LdapClient {
return
userList
;
}
/**
* Gets all POSIX users from the LDAP server with the specified uidNumber.
*
* @param udiNumber
* the users' uidNumber
*
* @return a {@link List<PosixUser>} with the LDAP user information
*/
public
List
<
PosixUser
>
getPosixUsers
(
int
uidNumber
)
{
List
<
PosixUser
>
userList
=
ldapPosixUser
.
getAllUsers
(
uidNumber
);
for
(
int
i
=
0
;
i
<
userList
.
size
();
i
++)
log
.
debug
(
"User {}"
,
((
PosixUser
)
userList
.
get
(
i
)).
toString
());
return
userList
;
}
/**
* Gets all POSIX groups from the LDAP server.
*
...
...
src/main/java/edu/kit/scc/ldap/LdapPosixUserDAO.java
View file @
a479a9a5
...
...
@@ -46,6 +46,14 @@ public class LdapPosixUserDAO implements PosixUserDAO {
return
ldapTemplate
.
search
(
userBase
,
"(objectclass=posixAccount)"
,
new
LdapPosixUserAttributeMapper
());
}
public
List
<
PosixUser
>
getAllUsers
(
int
uidNumber
)
{
AndFilter
andFilter
=
new
AndFilter
();
andFilter
.
and
(
new
EqualsFilter
(
"objectclass"
,
"posixAccount"
)).
and
(
new
EqualsFilter
(
"uidNumber"
,
uidNumber
));
log
.
debug
(
"LDAP query {}"
,
andFilter
.
encode
());
return
ldapTemplate
.
search
(
""
,
andFilter
.
encode
(),
new
LdapPosixUserAttributeMapper
());
}
@Override
public
List
<
PosixUser
>
getUserDetails
(
String
uid
)
{
AndFilter
andFilter
=
new
AndFilter
();
...
...
src/main/java/edu/kit/scc/scim/ScimService.java
View file @
a479a9a5
...
...
@@ -19,6 +19,7 @@ import org.springframework.stereotype.Component;
import
edu.kit.scc.dto.IndigoUser
;
import
edu.kit.scc.dto.PosixGroup
;
import
edu.kit.scc.dto.PosixUser
;
import
edu.kit.scc.ldap.LdapClient
;
/**
...
...
@@ -63,8 +64,26 @@ public class ScimService {
// user claims to have local user id
log
.
debug
(
"User claimed local uidNumber {}"
,
clamiedPrimaryUidNumber
);
createdUser
=
createOrGetDefaultUser
(
indigoUser
);
log
.
debug
(
"Created user {}"
,
createdUser
.
toString
());
// - verify local user
// - modify created user's uidNumber
IndigoUser
localUser
=
userMapper
.
mapToIndigoUser
(
createdUser
);
log
.
debug
(
"Map from {} to {}"
,
createdUser
.
toString
(),
localUser
.
toString
());
PosixUser
verifiedLocalUser
=
getVerifiedLocalUser
(
clamiedPrimaryUidNumber
);
log
.
debug
(
"Found verified local user {}"
,
verifiedLocalUser
.
toString
());
int
verifiedLocalUidNumber
=
verifiedLocalUser
.
getUidNumber
();
String
verifiedLocalHomeDirectory
=
verifiedLocalUser
.
getHomeDirectory
();
IndigoUser
updatedUser
=
ldapClient
.
updateIndigoUser
(
localUser
.
getUid
(),
localUser
.
getCommonName
(),
localUser
.
getSurName
(),
localUser
.
getIndigoId
(),
verifiedLocalUidNumber
,
localUser
.
getGidNumber
(),
verifiedLocalHomeDirectory
,
localUser
.
getDescription
(),
localUser
.
getGecos
(),
localUser
.
getLoginShell
(),
(
localUser
.
getUserPassword
()
!=
null
?
new
String
(
localUser
.
getUserPassword
())
:
null
));
log
.
debug
(
"Updated user {}"
,
updatedUser
.
toString
());
createdUser
=
userMapper
.
mapFromIndigoUser
(
updatedUser
);
}
else
{
// user has no local user id, use default
log
.
debug
(
"User has no local uidNumber"
);
...
...
@@ -97,6 +116,20 @@ public class ScimService {
return
createdUser
;
}
private
PosixUser
getVerifiedLocalUser
(
int
claimedPrimaryUidNumber
)
{
PosixUser
user
=
null
;
List
<
PosixUser
>
users
=
ldapClient
.
getPosixUsers
(
claimedPrimaryUidNumber
);
if
(
users
!=
null
&&
!
users
.
isEmpty
())
{
if
(
users
.
size
()
==
1
)
{
user
=
users
.
get
(
0
);
}
else
{
// multiple users with the same uidNumber
user
=
users
.
get
(
0
);
}
}
return
user
;
}
private
HashMap
<
String
,
Integer
>
getVerifiedLocalGroups
(
List
<
ScimGroup
>
groups
)
{
HashMap
<
String
,
Integer
>
localGroups
=
new
HashMap
<
String
,
Integer
>();
...
...
@@ -140,13 +173,14 @@ public class ScimService {
ldapClient
.
addGroupMember
(
indigoGroup
.
getDisplay
(),
ldapUser
.
getUid
());
log
.
debug
(
"Created LDAP INDIGO user {}"
,
ldapUser
.
toString
());
log
.
debug
(
"Created
/got
LDAP INDIGO user {}"
,
ldapUser
.
toString
());
user
=
mapper
.
mapFromIndigoUser
(
ldapUser
);
}
catch
(
Exception
e
)
{
log
.
error
(
"ERROR {}"
,
e
.
getMessage
());
// e.printStackTrace();
}
log
.
debug
(
"Created/got user {}"
,
user
.
toString
());
return
user
;
}
...
...
@@ -161,7 +195,7 @@ public class ScimService {
PosixGroup
ldapGroup
=
ldapClient
.
createPosixGroup
(
DEFAULT_INDIGO_GROUP
,
gidNumber
,
DEFAULT_DESCRIPTION
,
null
);
log
.
debug
(
"Created LDAP group {}"
,
ldapGroup
.
toString
());
log
.
debug
(
"Created
/got
LDAP group {}"
,
ldapGroup
.
toString
());
createdGroup
=
mapper
.
mapFromPosixGroup
(
ldapGroup
);
}
catch
(
Exception
e
)
{
...
...
src/main/java/edu/kit/scc/scim/ScimUserAttributeMapper.java
View file @
a479a9a5
...
...
@@ -60,7 +60,7 @@ public class ScimUserAttributeMapper {
user
.
setGidNumber
(
Integer
.
valueOf
(
scimUser
.
getMeta
().
get
(
"gidNumber"
)));
}
if
(
scimUser
.
getMeta
().
get
(
"uidNumber"
)
!=
null
)
{
user
.
setUidNumber
(
Integer
.
valueOf
(
scimUser
.
getMeta
().
get
(
"
g
idNumber"
)));
user
.
setUidNumber
(
Integer
.
valueOf
(
scimUser
.
getMeta
().
get
(
"
u
idNumber"
)));
}
}
...
...
@@ -95,11 +95,15 @@ public class ScimUserAttributeMapper {
Meta
meta
=
new
Meta
();
meta
.
put
(
"homeDirectory"
,
user
.
getHomeDirectory
());
meta
.
put
(
"gecos"
,
user
.
getGecos
());
meta
.
put
(
"loginShell"
,
user
.
getLoginShell
());
meta
.
put
(
"description"
,
user
.
getDescription
());
if
(
user
.
getGecos
()
!=
null
)
meta
.
put
(
"gecos"
,
user
.
getGecos
());
if
(
user
.
getLoginShell
()
!=
null
)
meta
.
put
(
"loginShell"
,
user
.
getLoginShell
());
if
(
user
.
getDescription
()
!=
null
)
meta
.
put
(
"description"
,
user
.
getDescription
());
meta
.
put
(
"gidNumber"
,
String
.
valueOf
(
user
.
getGidNumber
()));
meta
.
put
(
"uidNumber"
,
String
.
valueOf
(
user
.
getUidNumber
()));
scimUser
.
setMeta
(
meta
);
if
(
user
.
getUserPassword
()
!=
null
)
scimUser
.
setPassword
(
new
String
(
user
.
getUserPassword
()));
...
...
user.scim
View file @
a479a9a5
...
...
@@ -8,6 +8,7 @@
"givenName":"Barbara"
},
"meta":{
"gidNumber":"9999"
"gidNumber":"9999",
"uidNumber":"5555"
}
}
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment