List of usage examples for javax.naming.ldap LdapName size
public int size()
From source file:org.nuxeo.ecm.directory.ldap.LDAPReference.java
/** * Optimized method to spare a LDAP request when the caller is a LDAPSession object that has already fetched the * LDAP Attribute instances.//from w w w. j a v a2s. c om * <p> * This method should return the same results as the sister method: org.nuxeo * .ecm.directory.Reference#getTargetIdsForSource(java.lang.String) * * @return target reference ids * @throws DirectoryException */ public List<String> getLdapTargetIds(Attributes attributes) throws DirectoryException { Set<String> targetIds = new TreeSet<>(); LDAPDirectory ldapTargetDirectory = (LDAPDirectory) getTargetDirectory(); LDAPDirectoryDescriptor targetDirconfig = getTargetDirectoryDescriptor(); String emptyRefMarker = ldapTargetDirectory.getDescriptor().getEmptyRefMarker(); try (LDAPSession targetSession = (LDAPSession) ldapTargetDirectory.getSession()) { String baseDn = pseudoNormalizeDn(targetDirconfig.getSearchBaseDn()); // step #1: fetch ids referenced by static attributes String staticAttributeId = getStaticAttributeId(); Attribute staticAttribute = null; if (staticAttributeId != null) { staticAttribute = attributes.get(staticAttributeId); } if (staticAttribute != null && !staticAttributeIdIsDn) { NamingEnumeration<?> staticContent = staticAttribute.getAll(); try { while (staticContent.hasMore()) { String value = staticContent.next().toString(); if (!emptyRefMarker.equals(value)) { targetIds.add(value); } } } finally { staticContent.close(); } } if (staticAttribute != null && staticAttributeIdIsDn) { NamingEnumeration<?> targetDns = staticAttribute.getAll(); try { while (targetDns.hasMore()) { String targetDn = targetDns.next().toString(); if (!pseudoNormalizeDn(targetDn).endsWith(baseDn)) { // optim: avoid network connections when obvious if (log.isTraceEnabled()) { log.trace(String.format("ignoring: dn='%s' (does not match '%s') for '%s'", targetDn, baseDn, this)); } continue; } // find the id of the referenced entry String id = null; if (targetSession.rdnMatchesIdField()) { // optim: do not fetch the entry to get its true id // but // guess it by reading the targetDn LdapName name = new LdapName(targetDn); String rdn = name.get(name.size() - 1); int pos = rdn.indexOf("="); id = rdn.substring(pos + 1); } else { id = getIdForDn(targetSession, targetDn); if (id == null) { log.warn(String.format( "ignoring target '%s' (missing attribute '%s') while resolving reference '%s'", targetDn, targetSession.idAttribute, this)); continue; } } if (forceDnConsistencyCheck) { // check that the referenced entry is actually part // of // the target directory (takes care of the filters // and // the scope) // this check can be very expensive on large groups // and thus not enabled by default if (!targetSession.hasEntry(id)) { if (log.isTraceEnabled()) { log.trace(String.format( "ignoring target '%s' when resolving '%s' (not part of target" + " directory by forced DN consistency check)", targetDn, this)); } continue; } } // NXP-2461: check that id field is filled if (id != null) { targetIds.add(id); } } } finally { targetDns.close(); } } // step #2: fetched dynamically referenced ids String dynamicAttributeId = this.dynamicAttributeId; Attribute dynamicAttribute = null; if (dynamicAttributeId != null) { dynamicAttribute = attributes.get(dynamicAttributeId); } if (dynamicAttribute != null) { NamingEnumeration<?> rawldapUrls = dynamicAttribute.getAll(); try { while (rawldapUrls.hasMore()) { LdapURL ldapUrl = new LdapURL(rawldapUrls.next().toString()); String linkDn = pseudoNormalizeDn(ldapUrl.getDN()); String directoryDn = pseudoNormalizeDn(targetDirconfig.getSearchBaseDn()); int scope = SearchControls.ONELEVEL_SCOPE; String scopePart = ldapUrl.getScope(); if (scopePart != null && scopePart.toLowerCase().startsWith("sub")) { scope = SearchControls.SUBTREE_SCOPE; } if (!linkDn.endsWith(directoryDn) && !directoryDn.endsWith(linkDn)) { // optim #1: if the dns do not match, abort continue; } else if (directoryDn.endsWith(linkDn) && linkDn.length() < directoryDn.length() && scope == SearchControls.ONELEVEL_SCOPE) { // optim #2: the link dn is pointing to elements // that at // upperlevel than directory elements continue; } else { // Search for references elements targetIds.addAll(getReferencedElements(attributes, directoryDn, linkDn, ldapUrl.getFilter(), scope)); } } } finally { rawldapUrls.close(); } } if (dynamicReferences != null && dynamicReferences.length > 0) { // Only the first Dynamic Reference is used LDAPDynamicReferenceDescriptor dynAtt = dynamicReferences[0]; Attribute baseDnsAttribute = attributes.get(dynAtt.baseDN); Attribute filterAttribute = attributes.get(dynAtt.filter); if (baseDnsAttribute != null && filterAttribute != null) { NamingEnumeration<?> baseDns = null; NamingEnumeration<?> filters = null; try { // Get the BaseDN value from the descriptor baseDns = baseDnsAttribute.getAll(); String linkDnValue = baseDns.next().toString(); baseDns.close(); linkDnValue = pseudoNormalizeDn(linkDnValue); // Get the filter value from the descriptor filters = filterAttribute.getAll(); String filterValue = filters.next().toString(); filters.close(); // Get the scope value from the descriptor int scope = "subtree".equalsIgnoreCase(dynAtt.type) ? SearchControls.SUBTREE_SCOPE : SearchControls.ONELEVEL_SCOPE; String directoryDn = pseudoNormalizeDn(targetDirconfig.getSearchBaseDn()); // if the dns match, and if the link dn is pointing to // elements that at upperlevel than directory elements if ((linkDnValue.endsWith(directoryDn) || directoryDn.endsWith(linkDnValue)) && !(directoryDn.endsWith(linkDnValue) && linkDnValue.length() < directoryDn.length() && scope == SearchControls.ONELEVEL_SCOPE)) { // Correct the filter expression filterValue = FilterExpressionCorrector.correctFilter(filterValue, FilterJobs.CORRECT_NOT); // Search for references elements targetIds.addAll(getReferencedElements(attributes, directoryDn, linkDnValue, filterValue, scope)); } } finally { if (baseDns != null) { baseDns.close(); } if (filters != null) { filters.close(); } } } } // return merged attributes return new ArrayList<String>(targetIds); } catch (NamingException e) { throw new DirectoryException("error computing LDAP references", e); } }
From source file:org.nuxeo.ecm.directory.ldap.LDAPTreeReference.java
protected String getParentDn(String dn) { LdapName ldapName; String parentDn;/*from w w w . j a v a2 s . c om*/ if (dn != null) { try { ldapName = new LdapName(dn); ldapName.remove(ldapName.size() - 1); parentDn = ldapName.toString(); return parentDn; } catch (InvalidNameException ex) { return null; } } return null; }
From source file:org.wso2.carbon.identity.agent.onprem.userstore.manager.ldap.LDAPUserStoreManager.java
/** * This method escapes the special characters in a LdapName * according to the ldap filter escaping standards. * @param ldn LDAP name which the special characters should be escaped. * @return - LDAP name with special characters removed. *///w w w . j a va 2s. c o m private String escapeLdapNameForFilter(LdapName ldn) { if (ldn == null) { if (log.isDebugEnabled()) { log.debug("Received null value to escape special characters. Returning null"); } return null; } boolean replaceEscapeCharacters = true; String replaceEscapeCharactersAtUserLoginString = userStoreProperties .get(CommonConstants.PROPERTY_REPLACE_ESCAPE_CHARACTERS_AT_USER_LOGIN); if (replaceEscapeCharactersAtUserLoginString != null) { replaceEscapeCharacters = Boolean.parseBoolean(replaceEscapeCharactersAtUserLoginString); if (log.isDebugEnabled()) { log.debug("Replace escape characters configured to: " + replaceEscapeCharactersAtUserLoginString); } } if (replaceEscapeCharacters) { StringBuilder escapedDN = new StringBuilder(); for (int i = ldn.size() - 1; i > -1; i--) { //escaping the rdns separately and re-constructing the DN escapedDN = escapedDN.append(escapeSpecialCharactersForFilterWithStarAsRegex(ldn.get(i))); if (i != 0) { escapedDN.append(","); } } if (log.isDebugEnabled()) { log.debug("Escaped DN value for filter : " + escapedDN); } return escapedDN.toString(); } else { return ldn.toString(); } }
From source file:org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager.java
/** * This method escapes the special characters in a LdapName * according to the ldap filter escaping standards * @param ldn/*from ww w .j a v a 2 s.c o m*/ * @return */ private String escapeLdapNameForFilter(LdapName ldn) { if (ldn == null) { if (log.isDebugEnabled()) { log.debug("Received null value to escape special characters. Returning null"); } return null; } boolean replaceEscapeCharacters = true; String replaceEscapeCharactersAtUserLoginString = realmConfig.getUserStoreProperty( UserCoreConstants.RealmConfig.PROPERTY_REPLACE_ESCAPE_CHARACTERS_AT_USER_LOGIN); if (replaceEscapeCharactersAtUserLoginString != null) { replaceEscapeCharacters = Boolean.parseBoolean(replaceEscapeCharactersAtUserLoginString); if (log.isDebugEnabled()) { log.debug("Replace escape characters configured to: " + replaceEscapeCharactersAtUserLoginString); } } if (replaceEscapeCharacters) { String escapedDN = ""; for (int i = ldn.size() - 1; i > -1; i--) { //escaping the rdns separately and re-constructing the DN escapedDN = escapedDN + escapeSpecialCharactersForFilterWithStarAsRegex(ldn.get(i)); if (i != 0) { escapedDN += ","; } } if (log.isDebugEnabled()) { log.debug("Escaped DN value for filter : " + escapedDN); } return escapedDN; } else { return ldn.toString(); } }