Index: lams_admin/conf/language/lams/ApplicationResources.properties
===================================================================
diff -u -r4d27a95c718b7ea01ebc408bab02f147e240a58b -r18df5a739d3e9dff1734cf64ee63595acff7a71e
--- lams_admin/conf/language/lams/ApplicationResources.properties (.../ApplicationResources.properties) (revision 4d27a95c718b7ea01ebc408bab02f147e240a58b)
+++ lams_admin/conf/language/lams/ApplicationResources.properties (.../ApplicationResources.properties) (revision 18df5a739d3e9dff1734cf64ee63595acff7a71e)
@@ -251,6 +251,13 @@
import.groups.instructions =When creating a group, make sure the row above it is empty. When creating a subgroup, place it directly under it's parent group.
import.groups.download =Download the groups template to create groups and subgroups.
msg.please.wait =Please wait...
+sysadmin.ldap.configuration = LDAP Configuration
+label.synchronise = Synchronise
+msg.num.ldap.users = There are {0} LDAP users in LAMS.
+msg.ldap.synchronise.intro = This feature allows you to synchronise LAMS' database with your LDAP server. This includes updating existing users' profile and adding them to the LAMS group which matches their attributes.
+msg.ldap.synchronise.warning = Note that this process may take some time depending on the number of users contained in your LDAP tree; it's best to perform this operation when the LAMS server will not be under load.
+heading.ldap.synchronise = Synchronise with LDAP
+msg.done = ...done!
#======= End labels: Exported 245 labels for en AU =====
Index: lams_admin/conf/language/lams/ApplicationResources_en_AU.properties
===================================================================
diff -u -r4d27a95c718b7ea01ebc408bab02f147e240a58b -r18df5a739d3e9dff1734cf64ee63595acff7a71e
--- lams_admin/conf/language/lams/ApplicationResources_en_AU.properties (.../ApplicationResources_en_AU.properties) (revision 4d27a95c718b7ea01ebc408bab02f147e240a58b)
+++ lams_admin/conf/language/lams/ApplicationResources_en_AU.properties (.../ApplicationResources_en_AU.properties) (revision 18df5a739d3e9dff1734cf64ee63595acff7a71e)
@@ -251,6 +251,13 @@
import.groups.instructions =When creating a group, make sure the row above it is empty. When creating a subgroup, place it directly under it's parent group.
import.groups.download =Download the groups template to create groups and subgroups.
msg.please.wait =Please wait...
+sysadmin.ldap.configuration = LDAP Configuration
+label.synchronise = Synchronise
+msg.num.ldap.users = There are {0} LDAP users in LAMS.
+msg.ldap.synchronise.intro = This feature allows you to synchronise LAMS' database with your LDAP server. This includes updating existing users' profile and adding them to the LAMS group which matches their attributes.
+msg.ldap.synchronise.warning = Note that this process may take some time depending on the number of users contained in your LDAP tree; it's best to perform this operation when the LAMS server will not be under load.
+heading.ldap.synchronise = Synchronise with LDAP
+msg.done = ...done!
#======= End labels: Exported 245 labels for en AU =====
Index: lams_admin/conf/xdoclet/web-settings.xml
===================================================================
diff -u -r0892350e28ca67031ad97e624f167dccd6272871 -r18df5a739d3e9dff1734cf64ee63595acff7a71e
--- lams_admin/conf/xdoclet/web-settings.xml (.../web-settings.xml) (revision 0892350e28ca67031ad97e624f167dccd6272871)
+++ lams_admin/conf/xdoclet/web-settings.xml (.../web-settings.xml) (revision 18df5a739d3e9dff1734cf64ee63595acff7a71e)
@@ -14,6 +14,7 @@
classpath:/org/lamsfoundation/lams/toolApplicationContext.xml
classpath:/org/lamsfoundation/lams/integrationContext.xml
classpath:/org/lamsfoundation/lams/admin/adminApplicationContext.xml
+ classpath:/org/lamsfoundation/lams/usermanagement/ldapContext.xml
Index: lams_admin/src/java/org/lamsfoundation/lams/admin/service/AdminServiceProxy.java
===================================================================
diff -u -r54f5e17d1a5e8baae23bb9332f83ad8d8e5ac405 -r18df5a739d3e9dff1734cf64ee63595acff7a71e
--- lams_admin/src/java/org/lamsfoundation/lams/admin/service/AdminServiceProxy.java (.../AdminServiceProxy.java) (revision 54f5e17d1a5e8baae23bb9332f83ad8d8e5ac405)
+++ lams_admin/src/java/org/lamsfoundation/lams/admin/service/AdminServiceProxy.java (.../AdminServiceProxy.java) (revision 18df5a739d3e9dff1734cf64ee63595acff7a71e)
@@ -27,6 +27,7 @@
import org.lamsfoundation.lams.integration.service.IIntegrationService;
import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
+import org.lamsfoundation.lams.usermanagement.service.LdapService;
import org.lamsfoundation.lams.util.MessageService;
import org.lamsfoundation.lams.util.audit.IAuditService;
import org.springframework.web.context.WebApplicationContext;
@@ -44,46 +45,54 @@
private static IIntegrationService integrationService;
private static IAuditService auditService;
private static IImportService importService;
+ private static LdapService ldapService;
- public static final IUserManagementService getService(ServletContext servletContext){
+ public static final IUserManagementService getService(ServletContext servletContext) {
if (manageService == null) {
- WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
- return (IUserManagementService) ctx.getBean("userManagementService");
+ return (IUserManagementService)getDomainService(servletContext, "userManagementService");
} else {
return manageService;
}
}
- public static final MessageService getMessageService(ServletContext servletContext){
+ public static final MessageService getMessageService(ServletContext servletContext) {
if (messageService == null) {
- WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
- return (MessageService)ctx.getBean("adminMessageService");
+ return (MessageService)getDomainService(servletContext, "adminMessageService");
} else {
return messageService;
}
}
- public static final IIntegrationService getIntegrationService(ServletContext servletContext){
- if(integrationService == null){
- WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
- integrationService = (IIntegrationService)ctx.getBean("integrationService");
+ public static final IIntegrationService getIntegrationService(ServletContext servletContext) {
+ if (integrationService == null){
+ integrationService = (IIntegrationService)getDomainService(servletContext, "integrationService");
}
return integrationService;
}
- public static final IAuditService getAuditService(ServletContext servletContext){
- if(auditService==null){
- WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
- auditService = (IAuditService)ctx.getBean("auditService");
+ public static final IAuditService getAuditService(ServletContext servletContext) {
+ if (auditService == null){
+ auditService = (IAuditService)getDomainService(servletContext, "auditService");
}
return auditService;
}
- public static final IImportService getImportService(ServletContext servletContext){
- if(importService==null){
- WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
- importService = (IImportService)ctx.getBean("importService");
+ public static final IImportService getImportService(ServletContext servletContext) {
+ if (importService == null){
+ importService = (IImportService)getDomainService(servletContext, "importService");
}
return importService;
}
+
+ public static final LdapService getLdapService(ServletContext servletContext) {
+ if (ldapService == null) {
+ ldapService = (LdapService)getDomainService(servletContext, "ldapService");
+ }
+ return ldapService;
+ }
+
+ private static Object getDomainService(ServletContext servletContext,String serviceName) {
+ WebApplicationContext wac = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
+ return wac.getBean(serviceName);
+ }
}
Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/action/LdapConfigAction.java
===================================================================
diff -u
--- lams_admin/src/java/org/lamsfoundation/lams/admin/web/action/LdapConfigAction.java (revision 0)
+++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/action/LdapConfigAction.java (revision 18df5a739d3e9dff1734cf64ee63595acff7a71e)
@@ -0,0 +1,139 @@
+/****************************************************************
+ * Copyright (C) 2005 LAMS Foundation (http://lamsfoundation.org)
+ * =============================================================
+ * License Information: http://lamsfoundation.org/licensing/lams/2.0/
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2.0
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 * USA
+ *
+ * http://www.gnu.org/licenses/gpl.txt
+ * ****************************************************************
+ */
+
+/* $Id$ */
+package org.lamsfoundation.lams.admin.web.action;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.log4j.Logger;
+import org.apache.struts.action.Action;
+import org.apache.struts.action.ActionForm;
+import org.apache.struts.action.ActionForward;
+import org.apache.struts.action.ActionMapping;
+import org.lamsfoundation.lams.admin.service.AdminServiceProxy;
+import org.lamsfoundation.lams.usermanagement.AuthenticationMethod;
+import org.lamsfoundation.lams.usermanagement.User;
+import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
+import org.lamsfoundation.lams.usermanagement.service.LdapService;
+import org.lamsfoundation.lams.util.MessageService;
+import org.lamsfoundation.lams.util.WebUtil;
+
+/**
+ * @author jliew
+ *
+ * @struts:action path="/ldap"
+ * scope="request"
+ * validate="false"
+ *
+ * @struts:action-forward name="ldap" path=".ldap"
+ * @struts:action-forward name="sysadmin" path="/sysadminstart.do"
+ */
+public class LdapConfigAction extends Action {
+
+ private static Logger log = Logger.getLogger(LdapConfigAction.class);
+ private static IUserManagementService service;
+ private static LdapService ldapService;
+ private static MessageService messageService;
+
+ private IUserManagementService getService() {
+ if (service == null) {
+ service = AdminServiceProxy.getService(getServlet().getServletContext());
+ }
+ return service;
+ }
+
+ private LdapService getLdapService() {
+ if (ldapService == null) {
+ ldapService = AdminServiceProxy.getLdapService(getServlet().getServletContext());
+ }
+ return ldapService;
+ }
+
+ private MessageService getMessageService() {
+ if (messageService == null) {
+ messageService = AdminServiceProxy.getMessageService(getServlet().getServletContext());
+ }
+ return messageService;
+ }
+
+ public ActionForward execute(ActionMapping mapping,
+ ActionForm form,
+ HttpServletRequest request,
+ HttpServletResponse response) throws Exception {
+
+ // check if url contains request for refresh folder sizes only
+ String action = WebUtil.readStrParam(request, "action", true);
+ if (action != null && StringUtils.equals(action, "sync")) {
+ return sync(mapping, form, request, response);
+ }
+
+ // get number of ldap users
+ List ldapUsers = getService().findByProperty(
+ User.class,
+ "authenticationMethod.authenticationMethodId",
+ AuthenticationMethod.LDAP
+ );
+ if (ldapUsers != null) {
+ int numLdapUsers = ldapUsers.size();
+ request.setAttribute(
+ "numLdapUsersMsg",
+ getMessageService().getMessage(
+ "msg.num.ldap.users",
+ getNumLdapUsersMessage(numLdapUsers)
+ )
+ );
+ }
+
+ return mapping.findForward("ldap");
+ }
+
+ public ActionForward sync(ActionMapping mapping,
+ ActionForm form,
+ HttpServletRequest request,
+ HttpServletResponse response) throws Exception {
+
+ log.info("=== Beginning LDAP user sync ===");
+ int numLdapUsers = getLdapService().updateLAMSFromLdap();
+ log.info("=== Finished LDAP user sync ===");
+ request.setAttribute(
+ "numLdapUsersMsg",
+ getMessageService().getMessage(
+ "msg.num.ldap.users",
+ getNumLdapUsersMessage(numLdapUsers)
+ )
+ );
+ request.setAttribute("done", getMessageService().getMessage("msg.done"));
+
+ return mapping.findForward("ldap");
+ }
+
+ private String[] getNumLdapUsersMessage(int numLdapUsers) {
+ String[] args = new String[1];
+ args[0] = String.valueOf(numLdapUsers);
+ return args;
+ }
+}
Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/action/SysAdminStartAction.java
===================================================================
diff -u -r574fbfa733ae5d03c9a9b73a0182a81145de2c10 -r18df5a739d3e9dff1734cf64ee63595acff7a71e
--- lams_admin/src/java/org/lamsfoundation/lams/admin/web/action/SysAdminStartAction.java (.../SysAdminStartAction.java) (revision 574fbfa733ae5d03c9a9b73a0182a81145de2c10)
+++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/action/SysAdminStartAction.java (.../SysAdminStartAction.java) (revision 18df5a739d3e9dff1734cf64ee63595acff7a71e)
@@ -65,6 +65,7 @@
links.add(new LinkBean("importgroups.do", "sysadmin.import.groups.title"));
links.add(new LinkBean("importexcel.do", "admin.user.import"));
links.add(new LinkBean("importv1.do", "admin.importv1.title"));
+ links.add(new LinkBean("ldap.do", "sysadmin.ldap.configuration"));
links.add(new LinkBean("disabledmanage.do", "admin.list.disabled.users"));
links.add(new LinkBean("loginmaintain.do", "sysadmin.maintain.loginpage"));
links.add(new LinkBean("serverlist.do", "sysadmin.maintain.external.servers"));
Index: lams_admin/web/ldap.jsp
===================================================================
diff -u
--- lams_admin/web/ldap.jsp (revision 0)
+++ lams_admin/web/ldap.jsp (revision 18df5a739d3e9dff1734cf64ee63595acff7a71e)
@@ -0,0 +1,31 @@
+<%@ include file="/taglibs.jsp"%>
+
+
+
+ :
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Index: lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/ILdapService.java
===================================================================
diff -u -r43dfd9f833c87c58f4dc4a61f386b6c2cf961720 -r18df5a739d3e9dff1734cf64ee63595acff7a71e
--- lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/ILdapService.java (.../ILdapService.java) (revision 43dfd9f833c87c58f4dc4a61f386b6c2cf961720)
+++ lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/ILdapService.java (.../ILdapService.java) (revision 18df5a739d3e9dff1734cf64ee63595acff7a71e)
@@ -38,4 +38,6 @@
public boolean createLDAPUser(Attributes attrs);
public boolean addLDAPUser(Attributes attrs, Integer userId);
+
+ public int updateLAMSFromLdap();
}
Index: lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java
===================================================================
diff -u -r43dfd9f833c87c58f4dc4a61f386b6c2cf961720 -r18df5a739d3e9dff1734cf64ee63595acff7a71e
--- lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java (.../LdapService.java) (revision 43dfd9f833c87c58f4dc4a61f386b6c2cf961720)
+++ lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java (.../LdapService.java) (revision 18df5a739d3e9dff1734cf64ee63595acff7a71e)
@@ -28,13 +28,20 @@
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
+import java.util.Properties;
import java.util.Set;
+import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.lamsfoundation.lams.usermanagement.AuthenticationMethod;
import org.lamsfoundation.lams.usermanagement.Organisation;
@@ -258,4 +265,79 @@
}
return null;
}
+
+ public int updateLAMSFromLdap() {
+ // setup ldap context
+ Properties env = new Properties();
+ env.setProperty(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
+ env.setProperty(Context.SECURITY_AUTHENTICATION, Configuration.get(ConfigurationKeys.LDAP_SECURITY_AUTHENTICATION));
+ env.setProperty(Context.PROVIDER_URL, Configuration.get(ConfigurationKeys.LDAP_PROVIDER_URL));
+ String securityProtocol = Configuration.get(ConfigurationKeys.LDAP_SECURITY_PROTOCOL);
+ if (StringUtils.equals("ssl", securityProtocol)) {
+ env.setProperty(Context.SECURITY_PROTOCOL, securityProtocol);
+ // FIXME: synchronization issue: dynamically load certificate into
+ // system instead of overwritting it.
+ System.setProperty("javax.net.ssl.trustStore", Configuration.get(ConfigurationKeys.LDAP_TRUSTSTORE_PATH));
+ System.setProperty("javax.net.ssl.trustStorePassword", Configuration.get(ConfigurationKeys.LDAP_TRUSTSTORE_PASSWORD));
+ }
+
+ // get base dn
+ String baseDN = Configuration.get(ConfigurationKeys.LDAP_PRINCIPAL_DN_SUFFIX);
+ if (baseDN.startsWith(",")) {
+ baseDN = baseDN.substring(1);
+ }
+
+ // get search filter
+ String filter = Configuration.get(ConfigurationKeys.LDAP_PRINCIPAL_DN_PREFIX);
+ filter = "(" + filter + (filter.endsWith("=") ? "" : "=") + "*)";
+
+ int numResults = 0;
+ try {
+ DirContext ctx = new InitialDirContext(env);
+
+ // set search to subtree of base dn
+ SearchControls ctrl = new SearchControls();
+ ctrl.setSearchScope(SearchControls.SUBTREE_SCOPE);
+
+ // do the search for all ldap users
+ NamingEnumeration results = ctx.search(baseDN, filter, ctrl);
+ while (results.hasMore()) {
+ SearchResult result = results.next();
+ Attributes attrs = result.getAttributes();
+
+ // add or update this user to LAMS
+ String login = getSingleAttributeString(attrs.get(Configuration.get(ConfigurationKeys.LDAP_LOGIN_ATTR)));
+ if (login != null && login.trim().length() > 0) {
+ User user = getService().getUserByLogin(login);
+ if (user == null) {
+ log.info("Creating new user for LDAP username: " + login);
+ if (createLDAPUser(attrs)) {
+ user = getService().getUserByLogin(login);
+ } else {
+ log.error("Couldn't create new user for LDAP username: "+login);
+ }
+ } else {
+ updateLDAPUser(user, attrs);
+ }
+ if (!addLDAPUser(attrs, user.getUserId())) {
+ log.error("Couldn't add LDAP user: "+login+" to organisation.");
+ }
+ } else {
+ log.error("Couldn't find login attribute for user using attribute name: "
+ + Configuration.get(ConfigurationKeys.LDAP_LOGIN_ATTR) + ". Dumping attributes...");
+ NamingEnumeration enumAttrs = attrs.getAll();
+ while (enumAttrs.hasMoreElements()) {
+ log.error(enumAttrs.next());
+ }
+ }
+
+ numResults++;
+ }
+ log.info("Ldap returned " + numResults + " users.");
+ } catch (Exception e) {
+ log.error(e, e);
+ }
+
+ return numResults;
+ }
}