Index: lams_admin/conf/language/lams/ApplicationResources.properties =================================================================== RCS file: /usr/local/cvsroot/lams_admin/conf/language/lams/ApplicationResources.properties,v diff -u -r1.44 -r1.45 --- lams_admin/conf/language/lams/ApplicationResources.properties 4 Oct 2008 03:37:34 -0000 1.44 +++ lams_admin/conf/language/lams/ApplicationResources.properties 18 Nov 2008 05:21:07 -0000 1.45 @@ -369,6 +369,8 @@ label.tool =Tool label.tool.version =Tool Version label.database.version =Database Version +config.ldap.search.filter = Search Filter +config.ldap.base.dn = Base Distinguished Name #======= End labels: Exported 361 labels for en AU ===== Index: lams_admin/conf/language/lams/ApplicationResources_en_AU.properties =================================================================== RCS file: /usr/local/cvsroot/lams_admin/conf/language/lams/ApplicationResources_en_AU.properties,v diff -u -r1.42 -r1.43 --- lams_admin/conf/language/lams/ApplicationResources_en_AU.properties 4 Oct 2008 03:37:34 -0000 1.42 +++ lams_admin/conf/language/lams/ApplicationResources_en_AU.properties 18 Nov 2008 05:21:07 -0000 1.43 @@ -369,6 +369,8 @@ label.tool =Tool label.tool.version =Tool Version label.database.version =Database Version +config.ldap.search.filter = Search Filter +config.ldap.base.dn = Base Distinguished Name #======= End labels: Exported 361 labels for en AU ===== Index: lams_admin/conf/language/rams/ApplicationResources.properties =================================================================== RCS file: /usr/local/cvsroot/lams_admin/conf/language/rams/Attic/ApplicationResources.properties,v diff -u -r1.10 -r1.11 --- lams_admin/conf/language/rams/ApplicationResources.properties 26 Sep 2008 04:28:26 -0000 1.10 +++ lams_admin/conf/language/rams/ApplicationResources.properties 18 Nov 2008 05:21:07 -0000 1.11 @@ -387,6 +387,8 @@ label.tool = Tool label.tool.version = Tool Version label.database.version = Database Version +config.ldap.search.filter = Search Filter +config.ldap.base.dn = Base Distinguished Name #======= End labels: Exported 378 labels for en AU ===== Index: lams_admin/conf/language/rams/ApplicationResources_en_AU.properties =================================================================== RCS file: /usr/local/cvsroot/lams_admin/conf/language/rams/Attic/ApplicationResources_en_AU.properties,v diff -u -r1.9 -r1.10 --- lams_admin/conf/language/rams/ApplicationResources_en_AU.properties 26 Sep 2008 04:28:26 -0000 1.9 +++ lams_admin/conf/language/rams/ApplicationResources_en_AU.properties 18 Nov 2008 05:21:07 -0000 1.10 @@ -387,6 +387,8 @@ label.tool = Tool label.tool.version = Tool Version label.database.version = Database Version +config.ldap.search.filter = Search Filter +config.ldap.base.dn = Base Distinguished Name #======= End labels: Exported 378 labels for en AU ===== Index: lams_central/src/java/org/lamsfoundation/lams/security/LDAPAuthenticator.java =================================================================== RCS file: /usr/local/cvsroot/lams_central/src/java/org/lamsfoundation/lams/security/LDAPAuthenticator.java,v diff -u -r1.14 -r1.15 --- lams_central/src/java/org/lamsfoundation/lams/security/LDAPAuthenticator.java 10 Nov 2008 02:02:59 -0000 1.14 +++ lams_central/src/java/org/lamsfoundation/lams/security/LDAPAuthenticator.java 18 Nov 2008 05:21:07 -0000 1.15 @@ -29,7 +29,10 @@ import javax.naming.AuthenticationNotSupportedException; import javax.naming.Context; import javax.naming.NamingEnumeration; +import javax.naming.directory.Attribute; import javax.naming.directory.Attributes; +import javax.naming.directory.SearchControls; +import javax.naming.directory.SearchResult; import javax.naming.ldap.InitialLdapContext; import org.apache.commons.lang.StringUtils; @@ -91,93 +94,116 @@ private boolean authentication(String username, Object credential) { Properties env = new Properties(); - // Load all authentication method parameters into env + // setup initial connection to search for user's dn env.setProperty(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY_VALUE); env.setProperty(Context.SECURITY_AUTHENTICATION, Configuration .get(ConfigurationKeys.LDAP_SECURITY_AUTHENTICATION)); - - String principalDNPrefix = Configuration.get(ConfigurationKeys.LDAP_PRINCIPAL_DN_PREFIX); - String[] principalDNSuffixes = Configuration.get(ConfigurationKeys.LDAP_PRINCIPAL_DN_SUFFIX).split(";"); - env.setProperty(Context.PROVIDER_URL, Configuration.get(ConfigurationKeys.LDAP_PROVIDER_URL)); - env.put(Context.SECURITY_CREDENTIALS, credential); - Object originalTrustStore = System.getProperty("javax.net.ssl.trustStore"); - Object originalTrustPass = System.getProperty("javax.net.ssl.trustStorePassword"); - String securityProtocol = Configuration.get(ConfigurationKeys.LDAP_SECURITY_PROTOCOL); if (StringUtils.equals("ssl", securityProtocol)) { env.setProperty(Context.SECURITY_PROTOCOL, securityProtocol); } + String login = ""; + String dn = ""; boolean isValid = false; InitialLdapContext ctx = null; - for (String principalDNSuffix : principalDNSuffixes) { - if (!principalDNSuffix.startsWith(",")) { - principalDNSuffix = "," + principalDNSuffix; - } - String userDN = principalDNPrefix + username + principalDNSuffix; - env.setProperty(Context.SECURITY_PRINCIPAL, userDN); - try { - ctx = new InitialLdapContext(env, null); - log.debug("===> LDAP context created using DN: " + userDN); - isValid = true; - Attributes attrs = ctx.getAttributes(userDN); - setAttrs(attrs); + try { + ctx = new InitialLdapContext(env, null); + // set search to subtree of base dn + SearchControls ctrl = new SearchControls(); + ctrl.setSearchScope(SearchControls.SUBTREE_SCOPE); + + // search for the user's cn + String filter = Configuration.get(ConfigurationKeys.LDAP_SEARCH_FILTER); + String baseDN = Configuration.get(ConfigurationKeys.LDAP_BASE_DN); + Object[] filterArgs = { username }; + NamingEnumeration results = ctx.search(baseDN, filter, filterArgs, ctrl); + while (results.hasMore()) { + SearchResult result = results.next(); if (log.isDebugEnabled()) { - NamingEnumeration enumAttrs = attrs.getAll(); - while (enumAttrs.hasMoreElements()) { - log.debug(enumAttrs.next()); - } + log.debug("===> found matching object..."); + log.debug("name: " + result.getName()); + log.debug("namespace name: " + result.getNameInNamespace()); } - - // check user is disabled in ldap - if (getLdapService().getDisabledBoolean(attrs)) { - log.debug("===> User is disabled in LDAP."); - User user = getService().getUserByLogin(username); - if (user != null) { - getService().disableUser(user.getUserId()); + Attributes attrs = result.getAttributes(); + Attribute attr = attrs.get(Configuration.get(ConfigurationKeys.LDAP_LOGIN_ATTR)); + login = getLdapService().getSingleAttributeString(attr); + if (attr != null) { + Object attrValue = attr.get(); + if (attrValue != null) { + login = attrValue.toString(); } - return false; } - - if (Configuration.getAsBoolean(ConfigurationKeys.LDAP_UPDATE_ON_LOGIN)) { - User user = getService().getUserByLogin(username); - if (user != null) { - // update user's attributes and org membership - getLdapService().updateLDAPUser(user, attrs); - getLdapService().addLDAPUser(attrs, user.getUserId()); - } + if (StringUtils.equals(login, username)) { + // now we can try to authenticate + dn = result.getNameInNamespace(); + ctx.close(); + break; } + } + if (StringUtils.isBlank(login)) { + log.error("===> No LDAP user found with username: " + username); + } + // authenticate + env.setProperty(Context.SECURITY_PRINCIPAL, dn); + env.put(Context.SECURITY_CREDENTIALS, credential); + ctx = new InitialLdapContext(env, null); - return true; - } catch (AuthenticationNotSupportedException e) { - log.error("===> Authentication mechanism not supported. Check your " - + ConfigurationKeys.LDAP_SECURITY_AUTHENTICATION + " parameter: " - + Configuration.get(ConfigurationKeys.LDAP_SECURITY_AUTHENTICATION)); - } catch (AuthenticationException e) { - log.info("===> Incorrect username (" + userDN + ") or password. " + e.getMessage()); - } catch (Exception e) { - log.error("===> LDAP exception: " + e, e); - } finally { + // if no exception, success + log.debug("===> LDAP context created using DN: " + dn); + isValid = true; - try { - // FIXME: synchronization issue -- dynamically load - // certificate - // instead of overwritting system properties - // System.setProperty("javax.net.ssl.trustStore",(String)originalTrustStore - // ); - // System.setProperty("javax.net.ssl.trustStorePassword",(String)originalTrustPass - // ); + // start checking whether we need to update user depending on its + // attributes + Attributes attrs = ctx.getAttributes(dn); + setAttrs(attrs); - if (ctx != null) - ctx.close(); - } catch (Exception e) { - log.error("===> gettting problem when closing context. Exception: " + e); + if (log.isDebugEnabled()) { + NamingEnumeration enumAttrs = attrs.getAll(); + while (enumAttrs.hasMoreElements()) { + log.debug(enumAttrs.next()); } } + + // check user is disabled in ldap + if (getLdapService().getDisabledBoolean(attrs)) { + log.debug("===> User is disabled in LDAP."); + User user = getService().getUserByLogin(username); + if (user != null) { + getService().disableUser(user.getUserId()); + } + return false; + } + + if (Configuration.getAsBoolean(ConfigurationKeys.LDAP_UPDATE_ON_LOGIN)) { + User user = getService().getUserByLogin(username); + if (user != null) { + // update user's attributes and org membership + getLdapService().updateLDAPUser(user, attrs); + getLdapService().addLDAPUser(attrs, user.getUserId()); + } + } + + return true; + } catch (AuthenticationNotSupportedException e) { + log.error("===> Authentication mechanism not supported. Check your " + + ConfigurationKeys.LDAP_SECURITY_AUTHENTICATION + " parameter: " + + Configuration.get(ConfigurationKeys.LDAP_SECURITY_AUTHENTICATION)); + } catch (AuthenticationException e) { + log.info("===> Incorrect username (" + dn + ") or password. " + e.getMessage()); + } catch (Exception e) { + log.error("===> LDAP exception: " + e, e); + } finally { + try { + if (ctx != null) + ctx.close(); + } catch (Exception e) { + log.error("===> gettting problem when closing context. Exception: " + e); + } } return isValid; Index: lams_common/db/sql/insert_lams_unix_config_data.sql =================================================================== RCS file: /usr/local/cvsroot/lams_common/db/sql/insert_lams_unix_config_data.sql,v diff -u -r1.31 -r1.32 --- lams_common/db/sql/insert_lams_unix_config_data.sql 14 Nov 2008 11:50:02 -0000 1.31 +++ lams_common/db/sql/insert_lams_unix_config_data.sql 18 Nov 2008 05:21:07 -0000 1.32 @@ -110,10 +110,10 @@ values ('LDAPSecurityAuthentication','simple', 'config.ldap.security.authentication', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) -values ('LDAPPrincipalDNPrefix','cn=', 'config.ldap.principal.dn.prefix', 'config.header.ldap', 'STRING', 0); +values ('LDAPSearchFilter','(cn={0})', 'config.ldap.search.filter', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) -values ('LDAPPrincipalDNSuffix',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.principal.dn.suffix', 'config.header.ldap', 'STRING', 0); +values ('LDAPBaseDN',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.base.dn', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) values ('LDAPSecurityProtocol','', 'config.ldap.security.protocol', 'config.header.ldap', 'STRING', 0); Index: lams_common/db/sql/insert_lams_windows_config_data.sql =================================================================== RCS file: /usr/local/cvsroot/lams_common/db/sql/insert_lams_windows_config_data.sql,v diff -u -r1.26 -r1.27 --- lams_common/db/sql/insert_lams_windows_config_data.sql 14 Nov 2008 11:50:02 -0000 1.26 +++ lams_common/db/sql/insert_lams_windows_config_data.sql 18 Nov 2008 05:21:07 -0000 1.27 @@ -110,10 +110,10 @@ values ('LDAPSecurityAuthentication','simple', 'config.ldap.security.authentication', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) -values ('LDAPPrincipalDNPrefix','cn=', 'config.ldap.principal.dn.prefix', 'config.header.ldap', 'STRING', 0); +values ('LDAPSearchFilter','(cn={0})', 'config.ldap.search.filter', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) -values ('LDAPPrincipalDNSuffix',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.principal.dn.suffix', 'config.header.ldap', 'STRING', 0); +values ('LDAPBaseDN',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.base.dn', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) values ('LDAPSecurityProtocol','', 'config.ldap.security.protocol', 'config.header.ldap', 'STRING', 0); Index: lams_common/db/sql/insert_rams_unix_config_data.sql =================================================================== RCS file: /usr/local/cvsroot/lams_common/db/sql/Attic/insert_rams_unix_config_data.sql,v diff -u -r1.18 -r1.19 --- lams_common/db/sql/insert_rams_unix_config_data.sql 10 Nov 2008 02:01:25 -0000 1.18 +++ lams_common/db/sql/insert_rams_unix_config_data.sql 18 Nov 2008 05:21:07 -0000 1.19 @@ -110,10 +110,10 @@ values ('LDAPSecurityAuthentication','simple', 'config.ldap.security.authentication', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) -values ('LDAPPrincipalDNPrefix','cn=', 'config.ldap.principal.dn.prefix', 'config.header.ldap', 'STRING', 0); +values ('LDAPSearchFilter','(cn={0})', 'config.ldap.search.filter', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) -values ('LDAPPrincipalDNSuffix',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.principal.dn.suffix', 'config.header.ldap', 'STRING', 0); +values ('LDAPBaseDN',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.base.dn', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) values ('LDAPSecurityProtocol','', 'config.ldap.security.protocol', 'config.header.ldap', 'STRING', 0); Index: lams_common/db/sql/insert_rams_windows_config_data.sql =================================================================== RCS file: /usr/local/cvsroot/lams_common/db/sql/Attic/insert_rams_windows_config_data.sql,v diff -u -r1.15 -r1.16 --- lams_common/db/sql/insert_rams_windows_config_data.sql 10 Nov 2008 02:01:25 -0000 1.15 +++ lams_common/db/sql/insert_rams_windows_config_data.sql 18 Nov 2008 05:21:07 -0000 1.16 @@ -110,10 +110,10 @@ values ('LDAPSecurityAuthentication','simple', 'config.ldap.security.authentication', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) -values ('LDAPPrincipalDNPrefix','cn=', 'config.ldap.principal.dn.prefix', 'config.header.ldap', 'STRING', 0); +values ('LDAPSearchFilter','(cn={0})', 'config.ldap.search.filter', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) -values ('LDAPPrincipalDNSuffix',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.principal.dn.suffix', 'config.header.ldap', 'STRING', 0); +values ('LDAPBaseDN',',ou=Users,dc=melcoe,dc=mq,dc=edu,dc=au', 'config.ldap.base.dn', 'config.header.ldap', 'STRING', 0); insert into lams_configuration (config_key, config_value, description_key, header_name, format, required) values ('LDAPSecurityProtocol','', 'config.ldap.security.protocol', 'config.header.ldap', 'STRING', 0); Index: lams_common/src/java/org/lamsfoundation/lams/dbupdates/patch0013_updateFrom21.sql =================================================================== RCS file: /usr/local/cvsroot/lams_common/src/java/org/lamsfoundation/lams/dbupdates/patch0013_updateFrom21.sql,v diff -u -r1.14 -r1.15 --- lams_common/src/java/org/lamsfoundation/lams/dbupdates/patch0013_updateFrom21.sql 14 Nov 2008 04:25:54 -0000 1.14 +++ lams_common/src/java/org/lamsfoundation/lams/dbupdates/patch0013_updateFrom21.sql 18 Nov 2008 05:21:07 -0000 1.15 @@ -60,7 +60,7 @@ -- LDEV-1871 Creating extra column in lams_tool table for tool adapters ALTER TABLE lams_tool ADD COLUMN ext_lms_id VARCHAR(255); --- LDEV-1581 Add a collumn to the lams_grouping table for learner's choice grouping +-- LDEV-1581 Add a column to the lams_grouping table for learner's choice grouping ALTER TABLE lams_grouping ADD COLUMN equal_number_of_learners_per_group TINYINT DEFAULT 0; -- LDEV-2006 - make configuration keys truststorePath and truststorePassword system wide @@ -70,6 +70,10 @@ -- LDEV-1260 - local live edit field added ALTER TABLE lams_lesson ADD COLUMN live_edit_enabled TINYINT(1) DEFAULT 0; +-- LDEV-2028 - ldap now uses a general search filter +UPDATE lams_configuration SET config_value='LDAPSearchFilter', description_key='config.ldap.search.filter' WHERE config_key='LDAPPrincipalDNPrefix'; +UPDATE lams_configuration SET config_value='LDAPBaseDN', description_key='config.ldap.base.dn' WHERE config_key='LDAPPrincipalDNSuffix'; + ----------------------Put all sql statements above here------------------------- -- If there were no errors, commit and restore autocommit to on Index: lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java =================================================================== RCS file: /usr/local/cvsroot/lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java,v diff -u -r1.14 -r1.15 --- lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java 11 Nov 2008 08:43:04 -0000 1.14 +++ lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java 18 Nov 2008 05:21:07 -0000 1.15 @@ -48,11 +48,9 @@ import org.lamsfoundation.lams.usermanagement.AuthenticationMethod; import org.lamsfoundation.lams.usermanagement.Organisation; import org.lamsfoundation.lams.usermanagement.OrganisationState; -import org.lamsfoundation.lams.usermanagement.OrganisationType; import org.lamsfoundation.lams.usermanagement.Role; import org.lamsfoundation.lams.usermanagement.SupportedLocale; import org.lamsfoundation.lams.usermanagement.User; -import org.lamsfoundation.lams.usermanagement.UserOrganisation; import org.lamsfoundation.lams.usermanagement.dto.BulkUpdateResultDTO; import org.lamsfoundation.lams.util.Configuration; import org.lamsfoundation.lams.util.ConfigurationKeys; @@ -408,7 +406,7 @@ } // get the single (string) value of an ldap attribute - private String getSingleAttributeString(Attribute attr) { + public String getSingleAttributeString(Attribute attr) { try { if (attr != null) { Object attrValue = attr.get(); @@ -437,13 +435,16 @@ env.setProperty(Context.SECURITY_PROTOCOL, securityProtocol); } - // get base DN/s to search on - String[] baseDNs = Configuration.get(ConfigurationKeys.LDAP_PRINCIPAL_DN_SUFFIX).split(";"); + // get base DN to search on + String baseDN = Configuration.get(ConfigurationKeys.LDAP_BASE_DN); // get search filter - String filter = Configuration.get(ConfigurationKeys.LDAP_PRINCIPAL_DN_PREFIX); - filter = "(" + filter + (filter.endsWith("=") ? "" : "=") + "*)"; + String filter = Configuration.get(ConfigurationKeys.LDAP_SEARCH_FILTER); + // we can assume the filter will only have one variable since we only + // have one input: the username + filter = filter.replaceAll("\\{0\\}", "*"); + // get page size int pageSize = 100; try { @@ -459,81 +460,76 @@ int disabledUsers = 0; List messages = new ArrayList(); - for (String baseDN : baseDNs) { - int contextResults = 0; - if (baseDN.startsWith(",")) { - baseDN = baseDN.substring(1); - } + int contextResults = 0; + try { + // open LDAP connection + LdapContext ctx = null; try { - // open LDAP connection - LdapContext ctx = null; - try { - ctx = new InitialLdapContext(env, null); - // ask ldap server to return results in pages of PAGE_SIZE, - // if supported - ctx.setRequestControls(new Control[] { new PagedResultsControl(pageSize, Control.NONCRITICAL) }); - } catch (Exception e) { - messages.add("Error creating control."); - log.error(e, e); - } + ctx = new InitialLdapContext(env, null); + // ask ldap server to return results in pages of PAGE_SIZE, + // if supported + ctx.setRequestControls(new Control[] { new PagedResultsControl(pageSize, Control.NONCRITICAL) }); + } catch (Exception e) { + messages.add("Error creating control."); + log.error(e, e); + } - // perform ldap search, in batches - byte[] cookie = null; - do { - // set search to subtree of base dn - SearchControls ctrl = new SearchControls(); - ctrl.setSearchScope(SearchControls.SUBTREE_SCOPE); + // perform ldap search, in batches + log.info("Searching " + baseDN + " using filter " + filter); + byte[] cookie = null; + do { + // set search to subtree of base dn + SearchControls ctrl = new SearchControls(); + ctrl.setSearchScope(SearchControls.SUBTREE_SCOPE); - // do the search for all ldap users - NamingEnumeration results = ctx.search(baseDN, filter, ctrl); - while (results.hasMore()) { - SearchResult result = results.next(); - Attributes attrs = result.getAttributes(); + // do the search for all ldap users + NamingEnumeration results = ctx.search(baseDN, filter, ctrl); + while (results.hasMore()) { + SearchResult result = results.next(); + Attributes attrs = result.getAttributes(); - // add or update this user to LAMS - boolean disabled = getDisabledBoolean(attrs); - String login = getSingleAttributeString(attrs.get(Configuration - .get(ConfigurationKeys.LDAP_LOGIN_ATTR))); - if (login != null && login.trim().length() > 0) { - int code = bulkUpdateLDAPUser(login, attrs, disabled); - switch (code) { - case BULK_UPDATE_CREATED: - createdUsers++; - break; - case BULK_UPDATE_UPDATED: - updatedUsers++; - break; - case BULK_UPDATE_DISABLED: - disabledUsers++; - break; - } - } else { - log.error("Couldn't find login attribute for user using attribute name: " - + Configuration.get(ConfigurationKeys.LDAP_LOGIN_ATTR) - + ". Dumping attributes..."); - NamingEnumeration enumAttrs = attrs.getAll(); - while (enumAttrs.hasMoreElements()) { - log.error(enumAttrs.next()); - } + // add or update this user to LAMS + boolean disabled = getDisabledBoolean(attrs); + String login = getSingleAttributeString(attrs.get(Configuration + .get(ConfigurationKeys.LDAP_LOGIN_ATTR))); + if (login != null && login.trim().length() > 0) { + int code = bulkUpdateLDAPUser(login, attrs, disabled); + switch (code) { + case BULK_UPDATE_CREATED: + createdUsers++; + break; + case BULK_UPDATE_UPDATED: + updatedUsers++; + break; + case BULK_UPDATE_DISABLED: + disabledUsers++; + break; } - - contextResults++; + } else { + log.error("Couldn't find login attribute for user using attribute name: " + + Configuration.get(ConfigurationKeys.LDAP_LOGIN_ATTR) + ". Dumping attributes..."); + NamingEnumeration enumAttrs = attrs.getAll(); + while (enumAttrs.hasMoreElements()) { + log.error(enumAttrs.next()); + } } - cookie = getPagedResponseCookie(ctx.getResponseControls()); + contextResults++; + } - // set response cookie to continue paged result - ctx.setRequestControls(new Control[] { new PagedResultsControl(pageSize, cookie, - Control.NONCRITICAL) }); - } while (cookie != null); - log.info("Ldap context " + baseDN + " returned " + contextResults + " users."); - ctx.close(); - } catch (Exception e) { - messages.add("Error while processing " + baseDN + ": " + e.getMessage()); - log.error(e, e); - } - totalResults += contextResults; + cookie = getPagedResponseCookie(ctx.getResponseControls()); + + // set response cookie to continue paged result + ctx.setRequestControls(new Control[] { new PagedResultsControl(pageSize, cookie, + Control.NONCRITICAL) }); + } while (cookie != null); + log.info("Ldap context " + baseDN + " returned " + contextResults + " users."); + ctx.close(); + } catch (Exception e) { + messages.add("Error while processing " + baseDN + ": " + e.getMessage()); + log.error(e, e); } + totalResults += contextResults; BulkUpdateResultDTO dto = new BulkUpdateResultDTO(totalResults, createdUsers, updatedUsers, disabledUsers, messages); Index: lams_common/src/java/org/lamsfoundation/lams/util/ConfigurationKeys.java =================================================================== RCS file: /usr/local/cvsroot/lams_common/src/java/org/lamsfoundation/lams/util/ConfigurationKeys.java,v diff -u -r1.37 -r1.38 --- lams_common/src/java/org/lamsfoundation/lams/util/ConfigurationKeys.java 10 Nov 2008 02:02:59 -0000 1.37 +++ lams_common/src/java/org/lamsfoundation/lams/util/ConfigurationKeys.java 18 Nov 2008 05:21:07 -0000 1.38 @@ -145,9 +145,13 @@ public static String LDAP_SECURITY_AUTHENTICATION = "LDAPSecurityAuthentication"; - public static String LDAP_PRINCIPAL_DN_PREFIX = "LDAPPrincipalDNPrefix"; + public static String LDAP_SEARCH_FILTER = "LDAPSearchFilter"; - public static String LDAP_PRINCIPAL_DN_SUFFIX = "LDAPPrincipalDNSuffix"; + public static String LDAP_BASE_DN = "LDAPBaseDN"; + + public static String LDAP_BIND_USER_DN = "LDAPBindUserDN"; + + public static String LDAP_BIND_USER_PASSWORD = "LDAPBindUserPassword"; public static String LDAP_SECURITY_PROTOCOL = "LDAPSecurityProtocol";