Index: lams_build/conf/windows/jboss/login-config.xml =================================================================== RCS file: /usr/local/cvsroot/lams_build/conf/windows/jboss/login-config.xml,v diff -u -r1.4 -r1.5 --- lams_build/conf/windows/jboss/login-config.xml 17 Oct 2006 08:19:21 -0000 1.4 +++ lams_build/conf/windows/jboss/login-config.xml 20 Aug 2007 04:32:57 -0000 1.5 @@ -150,10 +150,10 @@ - + - - java:/MySqlDS + + java:/jdbc/lams-ds select password from lams_user where login=? SELECT DISTINCT r.name,'Roles' FROM @@ -166,13 +166,5 @@ - - - - @confdir@/lamsauthentication.xml - - - - Index: lams_central/src/java/org/lamsfoundation/lams/security/DatabaseAuthenticator.java =================================================================== RCS file: /usr/local/cvsroot/lams_central/src/java/org/lamsfoundation/lams/security/DatabaseAuthenticator.java,v diff -u -r1.4 -r1.5 --- lams_central/src/java/org/lamsfoundation/lams/security/DatabaseAuthenticator.java 17 Sep 2006 06:12:05 -0000 1.4 +++ lams_central/src/java/org/lamsfoundation/lams/security/DatabaseAuthenticator.java 20 Aug 2007 04:28:21 -0000 1.5 @@ -37,16 +37,19 @@ public class DatabaseAuthenticator { - private AuthenticationMethod method; private String dsJndiName; private String principalsQuery; - public DatabaseAuthenticator( AuthenticationMethod method) + public DatabaseAuthenticator(AuthenticationMethod method) { - this.method = method; this.dsJndiName = method.getParameterByName("dsJndiName").getValue(); this.principalsQuery = method.getParameterByName("principalsQuery").getValue(); } + + public DatabaseAuthenticator(String dsJndiName, String principalsQuery) { + this.dsJndiName = dsJndiName; + this.principalsQuery = principalsQuery; + } public boolean authenticate( String username, String inputPassword ) { Index: lams_central/src/java/org/lamsfoundation/lams/security/LDAPAuthenticator.java =================================================================== RCS file: /usr/local/cvsroot/lams_central/src/java/org/lamsfoundation/lams/security/LDAPAuthenticator.java,v diff -u -r1.6 -r1.7 --- lams_central/src/java/org/lamsfoundation/lams/security/LDAPAuthenticator.java 7 May 2007 06:53:07 -0000 1.6 +++ lams_central/src/java/org/lamsfoundation/lams/security/LDAPAuthenticator.java 20 Aug 2007 04:28:21 -0000 1.7 @@ -23,43 +23,60 @@ /* $$Id$$ */ package org.lamsfoundation.lams.security; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; import java.util.Properties; + +import javax.naming.AuthenticationException; +import javax.naming.AuthenticationNotSupportedException; import javax.naming.Context; +import javax.naming.NamingEnumeration; +import javax.naming.NamingException; +import javax.naming.directory.Attribute; +import javax.naming.directory.Attributes; import javax.naming.ldap.InitialLdapContext; +import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; - import org.lamsfoundation.lams.usermanagement.AuthenticationMethod; +import org.lamsfoundation.lams.usermanagement.Organisation; +import org.lamsfoundation.lams.usermanagement.Role; +import org.lamsfoundation.lams.usermanagement.User; +import org.lamsfoundation.lams.usermanagement.service.UserManagementService; +import org.lamsfoundation.lams.util.Configuration; +import org.lamsfoundation.lams.util.ConfigurationKeys; +import org.lamsfoundation.lams.web.util.HttpSessionManager; +import org.springframework.web.context.WebApplicationContext; +import org.springframework.web.context.support.WebApplicationContextUtils; public class LDAPAuthenticator { + private static Logger log = Logger.getLogger(LDAPAuthenticator.class); - - private static final String USE_OBJECT_CREDENTIAL_OPT = "useObjectCredential"; - - private static final String PRINCIPAL_DN_PREFIX_OPT = "principalDNPrefix"; - - private static final String PRINCIPAL_DN_SUFFIX_OPT = "principalDNSuffix"; - - private static final String ROLES_CTX_DN_OPT = "rolesCtxDN"; - - private static final String USER_ROLES_CTX_DN_ATTRIBUTE_ID_OPT = "userRolesCtxDNAttributeName"; - - private static final String UID_ATTRIBUTE_ID_OPT = "uidAttributeID"; - - private static final String ROLE_ATTRIBUTE_ID_OPT = "roleAttributeID"; - - private static final String MATCH_ON_USER_DN_OPT = "matchOnUserDN"; - - private static final String ROLE_ATTRIBUTE_IS_DN_OPT = "roleAttributeIsDN"; - - private static final String ROLE_NAME_ATTRIBUTE_ID_OPT = "roleNameAttributeID"; - - private AuthenticationMethod method; - - public LDAPAuthenticator(AuthenticationMethod method) { - this.method = method; + private static UserManagementService service; + private static final String INITIAL_CONTEXT_FACTORY_VALUE = "com.sun.jndi.ldap.LdapCtxFactory"; + private Attributes attrs = null; + + public LDAPAuthenticator() { } + + private UserManagementService getService() { + if (service==null) { + WebApplicationContext ctx = WebApplicationContextUtils + .getWebApplicationContext(HttpSessionManager.getInstance().getServletContext()); + service = (UserManagementService) ctx.getBean("userManagementServiceTarget"); + } + return service; + } + public Attributes getAttrs() { + return attrs; + } + + public void setAttrs(Attributes attrs) { + this.attrs = attrs; + } + public boolean authenticate(String username, String inputPassword) { return authentication(username, inputPassword); } @@ -68,40 +85,58 @@ Properties env = new Properties(); // Load all authentication method parameters into env - env.setProperty(Context.INITIAL_CONTEXT_FACTORY, method.getParameterByName(Context.INITIAL_CONTEXT_FACTORY).getValue()); - env.setProperty(Context.SECURITY_AUTHENTICATION, method.getParameterByName(Context.SECURITY_AUTHENTICATION).getValue()); + env.setProperty(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY_VALUE); + env.setProperty(Context.SECURITY_AUTHENTICATION, Configuration.get(ConfigurationKeys.LDAP_SECURITY_AUTHENTICATION)); - String principalDNPrefix = method.getParameterByName(PRINCIPAL_DN_PREFIX_OPT).getValue(); - String principalDNSuffix = method.getParameterByName(PRINCIPAL_DN_SUFFIX_OPT).getValue(); + String principalDNPrefix = Configuration.get(ConfigurationKeys.LDAP_PRINCIPAL_DN_PREFIX); + String principalDNSuffix = Configuration.get(ConfigurationKeys.LDAP_PRINCIPAL_DN_SUFFIX); String userDN = principalDNPrefix + username + principalDNSuffix; env.setProperty(Context.SECURITY_PRINCIPAL, userDN); - env.setProperty(Context.PROVIDER_URL, method.getParameterByName(Context.PROVIDER_URL).getValue()); + env.setProperty(Context.PROVIDER_URL, Configuration.get(ConfigurationKeys.LDAP_PROVIDER_URL)); env.put(Context.SECURITY_CREDENTIALS, credential); Object originalTrustStore = System.getProperty("javax.net.ssl.trustStore"); Object originalTrustPass = System.getProperty("javax.net.ssl.trustStorePassword"); - // optional parameters - try { - env.setProperty(Context.SECURITY_PROTOCOL, method.getParameterByName(Context.SECURITY_PROTOCOL).getValue()); + String securityProtocol = Configuration.get(ConfigurationKeys.LDAP_SECURITY_PROTOCOL); + if (StringUtils.equals("ssl", securityProtocol)) { + env.setProperty(Context.SECURITY_PROTOCOL, securityProtocol); // FIXME: synchronization issue: dynamically load certificate into // system instead of overwritting it. - System.setProperty("javax.net.ssl.trustStore", method.getParameterByName("truststore.path").getValue()); - System.setProperty("javax.net.ssl.trustStorePassword", method.getParameterByName("truststore.password").getValue()); - } catch(NullPointerException e) { + System.setProperty("javax.net.ssl.trustStore", Configuration.get(ConfigurationKeys.LDAP_TRUSTSTORE_PATH)); + System.setProperty("javax.net.ssl.trustStorePassword", Configuration.get(ConfigurationKeys.LDAP_TRUSTSTORE_PASSWORD)); } log.debug("===> LDAP authenticator: " + env); InitialLdapContext ctx = null; try { - ctx = new InitialLdapContext(env, null);System.out.println(ctx); - log.debug("===> ldap context created: "+ctx); + ctx = new InitialLdapContext(env, null); + log.debug("===> LDAP context created: "+ctx); + Attributes attrs = ctx.getAttributes(userDN); + setAttrs(attrs); + + UserManagementService service = getService(); + if (service.getUserByLogin(username)!=null) { + // update user's attributes and org membership + } + + // debug attrs + NamingEnumeration enumAttrs = attrs.getAll(); + while (enumAttrs.hasMoreElements()) { + System.out.println(enumAttrs.next()); + } + return true; + } catch (AuthenticationNotSupportedException e) { + log.error("===> Authentication mechanism not supported. Check your " + +ConfigurationKeys.LDAP_SECURITY_AUTHENTICATION+" parameter: " + +Configuration.get(ConfigurationKeys.LDAP_SECURITY_AUTHENTICATION)); + } catch (AuthenticationException e) { + log.info("===> Incorrect username ("+userDN+") or password ("+credential+"): "+e.getMessage()); } catch (Exception e) { - log.error("===> Ldap exception: " + e); - return false; + log.error("===> LDAP exception: " + e); } finally { try { @@ -118,7 +153,142 @@ log.error("===> gettting problem when closing context. Excetion: "+e); } } - + + return false; } + + protected boolean createLDAPUser(Attributes attrs) { + UserManagementService service = getService(); + User user = new User(); + try { + String login = getSingleAttributeString(attrs.get(Configuration.get(ConfigurationKeys.LDAP_LOGIN_ATTR))); + String fname = getSingleAttributeString(attrs.get(Configuration.get(ConfigurationKeys.LDAP_FIRST_NAME_ATTR))); + String lname = getSingleAttributeString(attrs.get(Configuration.get(ConfigurationKeys.LDAP_LAST_NAME_ATTR))); + String email = getSingleAttributeString(attrs.get(Configuration.get(ConfigurationKeys.LDAP_EMAIL_ATTR))); + String phone = getSingleAttributeString(attrs.get(Configuration.get(ConfigurationKeys.LDAP_PHONE_ATTR))); + String fax = getSingleAttributeString(attrs.get(Configuration.get(ConfigurationKeys.LDAP_FAX_ATTR))); + String mobile = getSingleAttributeString(attrs.get(Configuration.get(ConfigurationKeys.LDAP_MOBILE_ATTR))); + if (login!=null && login.trim().length()>0) { + log.debug("===> using LDAP attributes: "+login+","+fname+","+lname+","+email+","+phone+","+fax+","+mobile); + user.setLogin(login); + user.setPassword("dummy"); // password column is not-null + user.setFirstName(fname); + user.setLastName(lname); + user.setEmail(email); + user.setDayPhone(phone); + user.setFax(fax); + user.setMobilePhone(mobile); + user.setAuthenticationMethod((AuthenticationMethod)service + .findById(AuthenticationMethod.class, AuthenticationMethod.LDAP)); + user.setFlashTheme(service.getDefaultFlashTheme()); + user.setHtmlTheme(service.getDefaultHtmlTheme()); + user.setDisabledFlag(false); + user.setCreateDate(new Date()); + user.setLocale(service.getDefaultLocale()); + service.save(user); + // TODO write audit log + return true; + } else { + log.error("===> Login name from LDAP is empty - user not created."); + } + } catch (Exception e) { + log.error("===> Exception occurred while creating LDAP user: ", e); + } + return false; + } + + protected boolean addLDAPUser(Attributes attrs, Integer userId) { + UserManagementService service = getService(); + String orgCode = getSingleAttributeString(attrs.get(Configuration.get(ConfigurationKeys.LDAP_ORG_CODE_ATTR))); + List ldapRoles = getAttributeStrings(attrs.get(Configuration.get(ConfigurationKeys.LDAP_ROLES_ATTR))); + log.debug("orgCode: "+orgCode); + log.debug("ldapRoles: "+ldapRoles); + List orgList = (List)service.findByProperty(Organisation.class, "code", orgCode); + if (orgList!=null && !orgList.isEmpty()) { + if (orgList.size()==1) { + Organisation org = (Organisation)orgList.get(0); + List roleIds = getRoleIds(ldapRoles); + if (roleIds!=null && !roleIds.isEmpty()) { + User user = (User)service.findById(User.class, userId); + log.debug("userId: "+userId); + log.debug("orgId: "+org.getOrganisationId()); + log.debug("roleIds: "+roleIds); + service.setRolesForUserOrganisation(user, org.getOrganisationId(), roleIds); + return true; + } + } else { + log.warn("More than one LAMS organisation found with the code: "+orgCode); + } + } else { + log.warn("LDAP organisation code: "+orgCode+" doesn't correspond to any LAMS organisation code."); + } + return false; + } + + // get list of LAMS role ids from list of ldap roles + private List getRoleIds(List ldapRoles) { + if (ldapRoles!=null) { + ArrayList roleIds = new ArrayList(); + for (String role : ldapRoles) { + if (Configuration.get(ConfigurationKeys.LDAP_LEARNER_MAP).indexOf(role) > 0 + && !roleIds.contains(Role.ROLE_LEARNER.toString())) { + roleIds.add(Role.ROLE_LEARNER.toString()); + } + if (Configuration.get(ConfigurationKeys.LDAP_MONITOR_MAP).indexOf(role) > 0 + && !roleIds.contains(Role.ROLE_MONITOR.toString())) { + roleIds.add(Role.ROLE_MONITOR.toString()); + } + if (Configuration.get(ConfigurationKeys.LDAP_AUTHOR_MAP).indexOf(role) > 0 + && !roleIds.contains(Role.ROLE_AUTHOR.toString())) { + roleIds.add(Role.ROLE_AUTHOR.toString()); + } + if (Configuration.get(ConfigurationKeys.LDAP_GROUP_ADMIN_MAP).indexOf(role) > 0 + && !roleIds.contains(Role.ROLE_GROUP_ADMIN.toString())) { + roleIds.add(Role.ROLE_GROUP_ADMIN.toString()); + } + if (Configuration.get(ConfigurationKeys.LDAP_GROUP_MANAGER_MAP).indexOf(role) > 0 + && !roleIds.contains(Role.ROLE_GROUP_MANAGER.toString())) { + roleIds.add(Role.ROLE_GROUP_MANAGER.toString()); + } + } + return roleIds; + } + return null; + } + + // get the multiple values of an ldap attribute + private List getAttributeStrings(Attribute attr) { + try { + ArrayList attrValues = new ArrayList(); + if (attr!=null) { + NamingEnumeration attrEnum = attr.getAll(); + while (attrEnum.hasMore()) { + Object attrValue = attrEnum.next(); + if (attrValue!=null) { + attrValues.add(attrValue.toString()); + } + } + return attrValues; + } + } catch (NamingException e) { + log.error("===> Naming exception occurred: "+e.getMessage()); + } + return null; + } + + // get the single (string) value of an ldap attribute + private String getSingleAttributeString(Attribute attr) { + try { + if (attr!=null) { + Object attrValue = attr.get(); + if (attrValue!=null) { + return attrValue.toString(); + } + } + } catch (NamingException e) { + log.error("===> Naming exception occurred: "+e.getMessage()); + } + return null; + } } \ No newline at end of file Index: lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java =================================================================== RCS file: /usr/local/cvsroot/lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java,v diff -u -r1.14 -r1.15 --- lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java 30 May 2007 04:14:01 -0000 1.14 +++ lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java 20 Aug 2007 04:28:21 -0000 1.15 @@ -55,58 +55,42 @@ import org.apache.log4j.Logger; import org.lamsfoundation.lams.usermanagement.AuthenticationMethod; import org.lamsfoundation.lams.usermanagement.AuthenticationMethodParameter; +import org.lamsfoundation.lams.usermanagement.AuthenticationMethodType; import org.lamsfoundation.lams.usermanagement.Role; import org.lamsfoundation.lams.usermanagement.User; import org.lamsfoundation.lams.usermanagement.service.UserManagementService; +import org.lamsfoundation.lams.util.Configuration; +import org.lamsfoundation.lams.util.ConfigurationKeys; import org.lamsfoundation.lams.web.session.SessionManager; import org.lamsfoundation.lams.web.util.AttributeNames; import org.lamsfoundation.lams.web.util.HttpSessionManager; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.support.WebApplicationContextUtils; public class UniversalLoginModule extends UsernamePasswordLoginModule { + private static Logger log = Logger.getLogger(UniversalLoginModule.class); - private static final String USE_OBJECT_CREDENTIAL_OPT = "useObjectCredential"; - - private static final String PRINCIPAL_DN_PREFIX_OPT = "principalDNPrefix"; - - private static final String PRINCIPAL_DN_SUFFIX_OPT = "principalDNSuffix"; - - private static final String ROLES_CTX_DN_OPT = "rolesCtxDN"; - - private static final String USER_ROLES_CTX_DN_ATTRIBUTE_ID_OPT = "userRolesCtxDNAttributeName"; - - private static final String UID_ATTRIBUTE_ID_OPT = "uidAttributeID"; - - private static final String ROLE_ATTRIBUTE_ID_OPT = "roleAttributeID"; - - private static final String MATCH_ON_USER_DN_OPT = "matchOnUserDN"; - - private static final String ROLE_ATTRIBUTE_IS_DN_OPT = "roleAttributeIsDN"; - - private static final String ROLE_NAME_ATTRIBUTE_ID_OPT = "roleNameAttributeID"; - public UniversalLoginModule() { } - private transient SimpleGroup userRoles = new SimpleGroup("Roles"); - protected String dsJndiName; - protected String rolesQuery; + protected String principalsQuery; + //protected String propertyFilePath; - protected String propertyFilePath; - public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { super.initialize(subject, callbackHandler, sharedState, options); //from options to get path to property file -> authentication.xml - propertyFilePath = (String) options.get("authenticationPropertyFile"); + //propertyFilePath = (String) options.get("authenticationPropertyFile"); //load authentication property file - AuthenticationMethodConfigurer.setConfigFilePath(propertyFilePath); + //AuthenticationMethodConfigurer.setConfigFilePath(propertyFilePath); + dsJndiName = (String)options.get("dsJndiName"); + principalsQuery = (String)options.get("principalsQuery"); + rolesQuery = (String)options.get("rolesQuery"); } protected boolean validatePassword(String inputPassword, @@ -127,57 +111,83 @@ User user = service.getUserByLogin(username); log.debug("===> authenticating user: " + username); - if (user == null) - return false; + if (user == null) { + // provision a new user by checking ldap server + if (Configuration.getAsBoolean(ConfigurationKeys.LDAP_PROVISIONING_ENABLED)) { + log.debug("===> LDAP provisioning is enabled, checking username against LDAP server..."); + LDAPAuthenticator ldap = new LDAPAuthenticator(); + isValid = ldap.authenticate(username, inputPassword); + if (isValid) { // create a new user + log.info("===> Creating new user for LDAP username: " + username); + if (ldap.createLDAPUser(ldap.getAttrs())) { + user = service.getUserByLogin(username); + if (!ldap.addLDAPUser(ldap.getAttrs(), user.getUserId())) { + log.error("===> Couldn't add LDAP user: "+username+" to organisation."); + } + } else { + log.error("===> Couldn't create new user for LDAP username: "+username); + return false; + } + } else { // didn't authenticate successfully with ldap + return false; + } + } else { + return false; + } + } if (user.getDisabledFlag()) { log.debug("===> user is disabled."); return false; } - AuthenticationMethod method = null; - try { - method = user.getAuthenticationMethod(); + AuthenticationMethod method = user.getAuthenticationMethod(); + /*try { AuthenticationMethodConfigurer.configure(method); - this.dsJndiName = method.getParameterByName("dsJndiName").getValue(); - this.rolesQuery = method.getParameterByName("rolesQuery").getValue(); + // use User's AuthMethod's dsJndiName and rolesQuery if set, otherwise use LAMS-Database's + AuthenticationMethodParameter dsParam = method.getParameterByName("dsJndiName"); + AuthenticationMethodParameter rolesQueryParam = method.getParameterByName("rolesQuery"); + if (dsParam!=null && rolesQueryParam!=null) { + this.dsJndiName = dsParam.getValue(); + this.rolesQuery = rolesQueryParam.getValue(); + } else { + AuthenticationMethod defaultAuthMethod = (AuthenticationMethod)service + .findById(AuthenticationMethod.class, AuthenticationMethod.DB); + this.dsJndiName = defaultAuthMethod.getParameterByName("dsJndiName").getValue(); + this.rolesQuery = defaultAuthMethod.getParameterByName("rolesQuery").getValue(); + } } catch (Exception e) { - log.debug("===>Exception : " + e); + log.error("===> Error retrieving authentication method parameters : " + e, e); return false; } - List parameters = method.getAuthenticationMethodParameters(); - //for debug purpose only - for (int i = 0; i < parameters.size(); i++) { - AuthenticationMethodParameter mp = (AuthenticationMethodParameter) parameters.get(i); - log.debug("===>" + mp.getName() + " = " + mp.getValue()); - } + if (log.isDebugEnabled()) { + List parameters = method.getAuthenticationMethodParameters(); + for (int i = 0; i < parameters.size(); i++) { + AuthenticationMethodParameter mp = (AuthenticationMethodParameter) parameters.get(i); + log.debug("===>" + mp.getName() + " = " + mp.getValue()); + } + }*/ - String type = method.getAuthenticationMethodType().getDescription(); - log.debug("===> authentication type :" + type); - if ("LDAP".equals(type)) { - LDAPAuthenticator authenticator = new LDAPAuthenticator(method); - isValid = authenticator.authenticate(username,inputPassword); - log.debug("===> LDAP :: user:" + username + ":" - + inputPassword + " authenticated! "); - } else if ("LAMS".equals(type)) { - DatabaseAuthenticator authenticator = new DatabaseAuthenticator(method); - isValid = authenticator.authenticate(username,inputPassword); - log.debug("===> LAMS:: user:" + username + ":" - + inputPassword + " authenticated! "); - } else if ("WEB_AUTH".equals(type)) { - log.debug("===> WEBAUTH: " + username + " type: " + type); - WebAuthAuthenticator authenticator = new WebAuthAuthenticator(); - log.debug("===> webauth authenticator is:" + authenticator); - isValid = authenticator.authenticate(username,inputPassword); - log.debug("===> WEBAUTH :: user:" + username + ":" - + inputPassword + " authenticated! "); - - } else { - log.debug("Unexpected authentication type!"); - return false; + if (!isValid) { + String type = method.getAuthenticationMethodType().getDescription(); + log.debug("===> authentication type: " + type); + if (AuthenticationMethodType.LDAP.equals(type)) { + LDAPAuthenticator authenticator = new LDAPAuthenticator(); + isValid = authenticator.authenticate(username,inputPassword); + } else if (AuthenticationMethodType.LAMS.equals(type)) { + // DatabaseAuthenticator authenticator = new DatabaseAuthenticator(method); + DatabaseAuthenticator authenticator = new DatabaseAuthenticator(dsJndiName, principalsQuery); + isValid = authenticator.authenticate(username,inputPassword); + } else if (AuthenticationMethodType.WEB_AUTH.equals(type)) { + WebAuthAuthenticator authenticator = new WebAuthAuthenticator(); + isValid = authenticator.authenticate(username,inputPassword); + } else { + log.error("===> Unexpected authentication type: "+type); + return false; + } } //if login is valid, register userDTO into session. if(isValid){ @@ -186,7 +196,7 @@ } } catch (Exception e) { e.printStackTrace(); - log.debug("===> exception: " + e,e); + log.error("===> exception: " + e,e); } } return isValid; @@ -211,7 +221,7 @@ InitialContext ctx = new InitialContext(); DataSource ds = (DataSource) ctx.lookup(this.dsJndiName); - log.debug("===> getRoleSets() called: " + dsJndiName + ":" + rolesQuery); + //log.debug("===> getRoleSets() called: " + dsJndiName + ": " + rolesQuery); conn = ds.getConnection(); // Get the user role names ps = conn.prepareStatement(this.rolesQuery); @@ -248,25 +258,25 @@ // Assign minimal role if user has none if (name==null) { name = Role.LEARNER; - log.info("Found no roles"); + log.info("===> Found no roles"); } p = super.createIdentity(name); if (!groupMembers.contains(name)) { - log.info("Assign user to role " + p.getName()); + log.info("===> Assign user to role " + p.getName()); group.addMember(p); groupMembers.add(name); } if (name.equals(Role.SYSADMIN) || name.equals(Role.AUTHOR_ADMIN)) { p = super.createIdentity(Role.AUTHOR); - log.info("Found "+name); + log.info("===> Found "+name); if (!groupMembers.contains(Role.AUTHOR)) { - log.info("Assign user to role "+Role.AUTHOR); + log.info("===> Assign user to role "+Role.AUTHOR); group.addMember(p); groupMembers.add(Role.AUTHOR); } } } catch (Exception e) { - log.debug("Failed to create principal: " + name, e); + log.debug("===> Failed to create principal: " + name, e); } } while (rs.next()); } catch (NamingException ex) { Index: lams_common/db/sql/insert_lams_unix_config_data.sql =================================================================== RCS file: /usr/local/cvsroot/lams_common/db/sql/insert_lams_unix_config_data.sql,v diff -u -r1.7 -r1.8 --- lams_common/db/sql/insert_lams_unix_config_data.sql 28 Jun 2007 03:22:22 -0000 1.7 +++ lams_common/db/sql/insert_lams_unix_config_data.sql 20 Aug 2007 04:28:22 -0000 1.8 @@ -31,4 +31,26 @@ insert into lams_configuration (config_key, config_value) values ('DefaultHTMLTheme','defaultHTML'); insert into lams_configuration (config_key, config_value) values ('AllowDirectLessonLaunch','false'); insert into lams_configuration (config_key, config_value) values ('LAMS_Community_enable','false'); -insert into lams_configuration (config_key, config_value) values ('AllowLiveEdit','true'); \ No newline at end of file +insert into lams_configuration (config_key, config_value) values ('AllowLiveEdit','true'); +insert into lams_configuration (config_key, config_value) values ('LDAPProvisioningEnabled','true'); +insert into lams_configuration (config_key, config_value) values ('LDAPProviderURL','ldap://192.168.111.15'); +insert into lams_configuration (config_key, config_value) values ('LDAPSecurityAuthentication','simple'); +insert into lams_configuration (config_key, config_value) values ('LDAPPrincipalDNPrefix','cn='); +insert into lams_configuration (config_key, config_value) values ('LDAPPrincipalDNSuffix',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au'); +insert into lams_configuration (config_key, config_value) values ('LDAPSecurityProtocol',''); +insert into lams_configuration (config_key, config_value) values ('LDAPTruststorePath',''); +insert into lams_configuration (config_key, config_value) values ('LDAPTruststorePassword',''); +insert into lams_configuration (config_key, config_value) values ('LDAPLoginAttr','uid'); +insert into lams_configuration (config_key, config_value) values ('LDAPFNameAttr','givenName'); +insert into lams_configuration (config_key, config_value) values ('LDAPLNameAttr','sn'); +insert into lams_configuration (config_key, config_value) values ('LDAPEmailAttr','mail'); +insert into lams_configuration (config_key, config_value) values ('LDAPPhoneAttr','telephoneNumber'); +insert into lams_configuration (config_key, config_value) values ('LDAPFaxAttr','facsimileTelephoneNumber'); +insert into lams_configuration (config_key, config_value) values ('LDAPMobileAttr','mobile'); +insert into lams_configuration (config_key, config_value) values ('LDAPOrgCodeAttr','deetITSchoolCode'); +insert into lams_configuration (config_key, config_value) values ('LDAPRolesAttr','memberOf'); +insert into lams_configuration (config_key, config_value) values ('LDAPLearnerMap','Student;SchoolSupportStaff;Teacher;SeniorStaff;Principal'); +insert into lams_configuration (config_key, config_value) values ('LDAPMonitorMap','SchoolSupportStaff;Teacher;SeniorStaff;Principal'); +insert into lams_configuration (config_key, config_value) values ('LDAPAuthorMap','Teacher;SeniorStaff;Principal'); +insert into lams_configuration (config_key, config_value) values ('LDAPGroupAdminMap','Teacher;SeniorStaff'); +insert into lams_configuration (config_key, config_value) values ('LDAPGroupManagerMap','Principal'); \ No newline at end of file Index: lams_common/db/sql/insert_lams_windows_config_data.sql =================================================================== RCS file: /usr/local/cvsroot/lams_common/db/sql/insert_lams_windows_config_data.sql,v diff -u -r1.3 -r1.4 --- lams_common/db/sql/insert_lams_windows_config_data.sql 24 May 2007 01:28:26 -0000 1.3 +++ lams_common/db/sql/insert_lams_windows_config_data.sql 20 Aug 2007 04:28:23 -0000 1.4 @@ -31,4 +31,26 @@ insert into lams_configuration (config_key, config_value) values ('DefaultHTMLTheme','defaultHTML'); insert into lams_configuration (config_key, config_value) values ('AllowDirectLessonLaunch','false'); insert into lams_configuration (config_key, config_value) values ('LAMS_Community_enable','false'); -insert into lams_configuration (config_key, config_value) values ('AllowLiveEdit','true'); \ No newline at end of file +insert into lams_configuration (config_key, config_value) values ('AllowLiveEdit','true'); +insert into lams_configuration (config_key, config_value) values ('LDAPProvisioningEnabled','true'); +insert into lams_configuration (config_key, config_value) values ('LDAPProviderURL','ldap://192.168.111.15'); +insert into lams_configuration (config_key, config_value) values ('LDAPSecurityAuthentication','simple'); +insert into lams_configuration (config_key, config_value) values ('LDAPPrincipalDNPrefix','cn='); +insert into lams_configuration (config_key, config_value) values ('LDAPPrincipalDNSuffix',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au'); +insert into lams_configuration (config_key, config_value) values ('LDAPSecurityProtocol',''); +insert into lams_configuration (config_key, config_value) values ('LDAPTruststorePath',''); +insert into lams_configuration (config_key, config_value) values ('LDAPTruststorePassword',''); +insert into lams_configuration (config_key, config_value) values ('LDAPLoginAttr','uid'); +insert into lams_configuration (config_key, config_value) values ('LDAPFNameAttr','givenName'); +insert into lams_configuration (config_key, config_value) values ('LDAPLNameAttr','sn'); +insert into lams_configuration (config_key, config_value) values ('LDAPEmailAttr','mail'); +insert into lams_configuration (config_key, config_value) values ('LDAPPhoneAttr','telephoneNumber'); +insert into lams_configuration (config_key, config_value) values ('LDAPFaxAttr','facsimileTelephoneNumber'); +insert into lams_configuration (config_key, config_value) values ('LDAPMobileAttr','mobile'); +insert into lams_configuration (config_key, config_value) values ('LDAPOrgCodeAttr','deetITSchoolCode'); +insert into lams_configuration (config_key, config_value) values ('LDAPRolesAttr','memberOf'); +insert into lams_configuration (config_key, config_value) values ('LDAPLearnerMap','Student;SchoolSupportStaff;Teacher;SeniorStaff;Principal'); +insert into lams_configuration (config_key, config_value) values ('LDAPMonitorMap','SchoolSupportStaff;Teacher;SeniorStaff;Principal'); +insert into lams_configuration (config_key, config_value) values ('LDAPAuthorMap','Teacher;SeniorStaff;Principal'); +insert into lams_configuration (config_key, config_value) values ('LDAPGroupAdminMap','Teacher;SeniorStaff'); +insert into lams_configuration (config_key, config_value) values ('LDAPGroupManagerMap','Principal'); \ No newline at end of file Index: lams_common/src/java/org/lamsfoundation/lams/usermanagement/AuthenticationMethodType.java =================================================================== RCS file: /usr/local/cvsroot/lams_common/src/java/org/lamsfoundation/lams/usermanagement/AuthenticationMethodType.java,v diff -u -r1.6 -r1.7 --- lams_common/src/java/org/lamsfoundation/lams/usermanagement/AuthenticationMethodType.java 17 Sep 2006 06:14:17 -0000 1.6 +++ lams_common/src/java/org/lamsfoundation/lams/usermanagement/AuthenticationMethodType.java 20 Aug 2007 04:28:22 -0000 1.7 @@ -35,6 +35,10 @@ * */ public class AuthenticationMethodType implements Serializable { + + public static final String LAMS = "LAMS"; + public static final String WEB_AUTH = "WEB_AUTH"; + public static final String LDAP = "LDAP"; /** identifier field */ private Integer authenticationMethodTypeId; Index: lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/IUserManagementService.java =================================================================== RCS file: /usr/local/cvsroot/lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/IUserManagementService.java,v diff -u -r1.45 -r1.46 --- lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/IUserManagementService.java 5 Jul 2007 06:29:38 -0000 1.45 +++ lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/IUserManagementService.java 20 Aug 2007 04:28:22 -0000 1.46 @@ -29,6 +29,7 @@ import java.util.Map; import java.util.Vector; +import org.lamsfoundation.lams.themes.CSSThemeVisualElement; import org.lamsfoundation.lams.usermanagement.Organisation; import org.lamsfoundation.lams.usermanagement.OrganisationType; import org.lamsfoundation.lams.usermanagement.Role; @@ -377,4 +378,22 @@ * @return */ public Integer getCountRoleForSystem(Integer roleId); + + /** + * Get default flash theme of server. + * @return default flash theme object + */ + public CSSThemeVisualElement getDefaultFlashTheme(); + + /** + * Get default html theme of server. + * @return default html theme object + */ + public CSSThemeVisualElement getDefaultHtmlTheme(); + + /** + * Get default server locale. + * @return server default supported locale object + */ + public SupportedLocale getDefaultLocale(); } \ No newline at end of file Index: lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/UserManagementService.java =================================================================== RCS file: /usr/local/cvsroot/lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/UserManagementService.java,v diff -u -r1.77 -r1.78 --- lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/UserManagementService.java 5 Jul 2007 06:29:38 -0000 1.77 +++ lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/UserManagementService.java 20 Aug 2007 04:28:22 -0000 1.78 @@ -38,6 +38,7 @@ import org.apache.log4j.Logger; import org.lamsfoundation.lams.dao.IBaseDAO; import org.lamsfoundation.lams.learningdesign.dao.IGroupDAO; +import org.lamsfoundation.lams.themes.CSSThemeVisualElement; import org.lamsfoundation.lams.usermanagement.Organisation; import org.lamsfoundation.lams.usermanagement.OrganisationType; import org.lamsfoundation.lams.usermanagement.Role; @@ -54,6 +55,8 @@ import org.lamsfoundation.lams.usermanagement.dto.UserDTO; import org.lamsfoundation.lams.usermanagement.dto.UserFlashDTO; import org.lamsfoundation.lams.usermanagement.dto.UserManageBean; +import org.lamsfoundation.lams.util.Configuration; +import org.lamsfoundation.lams.util.ConfigurationKeys; import org.lamsfoundation.lams.util.HashUtil; import org.lamsfoundation.lams.util.MessageService; import org.lamsfoundation.lams.web.session.SessionManager; @@ -877,4 +880,21 @@ else return new Integer(0); } + + public CSSThemeVisualElement getDefaultFlashTheme() { + String flashName = Configuration.get(ConfigurationKeys.DEFAULT_FLASH_THEME); + List list = findByProperty(CSSThemeVisualElement.class, "name", flashName); + return (list!=null ? (CSSThemeVisualElement)list.get(0) : null); + } + + public CSSThemeVisualElement getDefaultHtmlTheme() { + String htmlName = Configuration.get(ConfigurationKeys.DEFAULT_HTML_THEME); + List list = findByProperty(CSSThemeVisualElement.class, "name", htmlName); + return (list!=null ? (CSSThemeVisualElement)list.get(0) : null); + } + + public SupportedLocale getDefaultLocale() { + String localeName = Configuration.get(ConfigurationKeys.SERVER_LANGUAGE); + return getSupportedLocale(localeName.substring(0,2),localeName.substring(3)); + } } \ No newline at end of file Index: lams_common/src/java/org/lamsfoundation/lams/util/ConfigurationKeys.java =================================================================== RCS file: /usr/local/cvsroot/lams_common/src/java/org/lamsfoundation/lams/util/ConfigurationKeys.java,v diff -u -r1.24 -r1.25 --- lams_common/src/java/org/lamsfoundation/lams/util/ConfigurationKeys.java 9 May 2007 01:07:22 -0000 1.24 +++ lams_common/src/java/org/lamsfoundation/lams/util/ConfigurationKeys.java 20 Aug 2007 04:28:22 -0000 1.25 @@ -134,4 +134,48 @@ public static String LAMS_COMMUNITY_ENABLE = "LAMS_Community_enable"; public static String ALLOW_EDIT_ON_FLY = "AllowLiveEdit"; + + public static String LDAP_PROVISIONING_ENABLED = "LDAPProvisioningEnabled"; + + public static String LDAP_PROVIDER_URL = "LDAPProviderURL"; + + public static String LDAP_SECURITY_AUTHENTICATION = "LDAPSecurityAuthentication"; + + public static String LDAP_PRINCIPAL_DN_PREFIX = "LDAPPrincipalDNPrefix"; + + public static String LDAP_PRINCIPAL_DN_SUFFIX = "LDAPPrincipalDNSuffix"; + + public static String LDAP_SECURITY_PROTOCOL = "LDAPSecurityProtocol"; + + public static String LDAP_TRUSTSTORE_PATH = "LDAPTruststorePath"; + + public static String LDAP_TRUSTSTORE_PASSWORD = "LDAPTruststorePassword"; + + public static String LDAP_LOGIN_ATTR = "LDAPLoginAttr"; + + public static String LDAP_FIRST_NAME_ATTR = "LDAPFNameAttr"; + + public static String LDAP_LAST_NAME_ATTR = "LDAPLNameAttr"; + + public static String LDAP_EMAIL_ATTR = "LDAPEmailAttr"; + + public static String LDAP_PHONE_ATTR = "LDAPPhoneAttr"; + + public static String LDAP_FAX_ATTR = "LDAPFaxAttr"; + + public static String LDAP_MOBILE_ATTR = "LDAPMobileAttr"; + + public static String LDAP_ORG_CODE_ATTR = "LDAPOrgCodeAttr"; + + public static String LDAP_ROLES_ATTR = "LDAPRolesAttr"; + + public static String LDAP_LEARNER_MAP = "LDAPLearnerMap"; + + public static String LDAP_MONITOR_MAP = "LDAPMonitorMap"; + + public static String LDAP_AUTHOR_MAP = "LDAPAuthorMap"; + + public static String LDAP_GROUP_ADMIN_MAP = "LDAPGroupAdminMap"; + + public static String LDAP_GROUP_MANAGER_MAP = "LDAPGroupManagerMap"; } \ No newline at end of file