Class LdapIdentityProviderSession
- java.lang.Object
-
- org.camunda.bpm.identity.impl.ldap.LdapIdentityProviderSession
-
- All Implemented Interfaces:
ReadOnlyIdentityProvider
,Session
public class LdapIdentityProviderSession extends java.lang.Object implements ReadOnlyIdentityProvider
LDAP
ReadOnlyIdentityProvider
.- Author:
- Daniel Meyer
-
-
Field Summary
Fields Modifier and Type Field Description protected javax.naming.ldap.LdapContext
initialContext
protected LdapConfiguration
ldapConfiguration
-
Constructor Summary
Constructors Constructor Description LdapIdentityProviderSession(LdapConfiguration ldapConfiguration)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
addFilter(java.lang.String attributeName, java.lang.String attributeValue, java.io.StringWriter writer)
boolean
checkPassword(java.lang.String userId, java.lang.String password)
void
close()
protected void
closeLdapCtx(javax.naming.ldap.LdapContext context)
protected java.lang.String
composeDn(java.lang.String... parts)
GroupQuery
createGroupQuery()
GroupQuery
createGroupQuery(CommandContext commandContext)
NativeUserQuery
createNativeUserQuery()
Creates aNativeUserQuery
that allows to select users with native queries.TenantQuery
createTenantQuery()
TenantQuery
createTenantQuery(CommandContext commandContext)
UserQuery
createUserQuery()
UserQueryImpl
createUserQuery(CommandContext commandContext)
protected void
ensureContextInitialized()
protected java.lang.String
escapeLDAPSearchFilter(java.lang.String filter)
Group
findGroupById(java.lang.String groupId)
java.util.List<Group>
findGroupByQueryCriteria(LdapGroupQuery query)
long
findGroupCountByQueryCriteria(LdapGroupQuery ldapGroupQuery)
Tenant
findTenantById(java.lang.String id)
User
findUserById(java.lang.String userId)
java.util.List<User>
findUserByQueryCriteria(LdapUserQueryImpl query)
long
findUserCountByQueryCriteria(LdapUserQueryImpl query)
protected java.util.List<User>
findUsersByGroupId(LdapUserQueryImpl query)
java.util.List<User>
findUsersWithoutGroupId(LdapUserQueryImpl query, java.lang.String userBaseDn, boolean ignorePagination)
void
flush()
protected java.lang.String
getDnForGroup(java.lang.String groupId)
protected java.lang.String
getDnForUser(java.lang.String userId)
protected java.lang.String
getGroupSearchFilter(LdapGroupQuery query)
protected java.lang.Integer
getPageSize()
Return the pageSize.protected java.util.List<javax.naming.ldap.Control>
getSortingControls(AbstractQuery<?,?> query, java.lang.StringBuilder resultLogger)
Return the list of Controls requested in the query.protected java.lang.String
getStringAttributeValue(java.lang.String attrName, javax.naming.directory.Attributes attributes)
protected java.lang.String
getUserSearchFilter(LdapUserQueryImpl query)
protected void
initializeControls(AbstractQuery<?,?> query, java.lang.StringBuilder resultLogger)
Initializes paged results and sort controls.protected boolean
isAuthenticatedUser(UserEntity user)
protected boolean
isAuthorized(Permission permission, Resource resource, java.lang.String resourceId)
protected boolean
isNextPageDetected(java.lang.StringBuilder resultLogger)
Check in the context if we reach the last page on the queryprotected boolean
isPaginationSupported()
protected javax.naming.ldap.InitialLdapContext
openContext(java.lang.String userDn, java.lang.String password)
protected GroupEntity
transformGroup(javax.naming.directory.SearchResult result)
protected LdapUserEntity
transformUser(javax.naming.directory.SearchResult result)
-
-
-
Field Detail
-
ldapConfiguration
protected LdapConfiguration ldapConfiguration
-
initialContext
protected javax.naming.ldap.LdapContext initialContext
-
-
Constructor Detail
-
LdapIdentityProviderSession
public LdapIdentityProviderSession(LdapConfiguration ldapConfiguration)
-
-
Method Detail
-
closeLdapCtx
protected void closeLdapCtx(javax.naming.ldap.LdapContext context)
-
openContext
protected javax.naming.ldap.InitialLdapContext openContext(java.lang.String userDn, java.lang.String password)
-
ensureContextInitialized
protected void ensureContextInitialized()
-
findUserById
public User findUserById(java.lang.String userId)
- Specified by:
findUserById
in interfaceReadOnlyIdentityProvider
- Returns:
- a
User
object for the given user id or null if no such user exists.
-
createUserQuery
public UserQuery createUserQuery()
- Specified by:
createUserQuery
in interfaceReadOnlyIdentityProvider
- Returns:
- a
UserQuery
object which can be used for querying for users.
-
createUserQuery
public UserQueryImpl createUserQuery(CommandContext commandContext)
- Specified by:
createUserQuery
in interfaceReadOnlyIdentityProvider
- Returns:
- a
UserQuery
object which can be used in the current command context
-
createNativeUserQuery
public NativeUserQuery createNativeUserQuery()
Description copied from interface:ReadOnlyIdentityProvider
Creates aNativeUserQuery
that allows to select users with native queries.- Specified by:
createNativeUserQuery
in interfaceReadOnlyIdentityProvider
- Returns:
- NativeUserQuery
-
findUserCountByQueryCriteria
public long findUserCountByQueryCriteria(LdapUserQueryImpl query)
-
findUserByQueryCriteria
public java.util.List<User> findUserByQueryCriteria(LdapUserQueryImpl query)
-
findUsersByGroupId
protected java.util.List<User> findUsersByGroupId(LdapUserQueryImpl query)
-
findUsersWithoutGroupId
public java.util.List<User> findUsersWithoutGroupId(LdapUserQueryImpl query, java.lang.String userBaseDn, boolean ignorePagination)
-
checkPassword
public boolean checkPassword(java.lang.String userId, java.lang.String password)
- Specified by:
checkPassword
in interfaceReadOnlyIdentityProvider
- Returns:
- 'true' if the password matches the
-
getUserSearchFilter
protected java.lang.String getUserSearchFilter(LdapUserQueryImpl query)
-
findGroupById
public Group findGroupById(java.lang.String groupId)
- Specified by:
findGroupById
in interfaceReadOnlyIdentityProvider
- Returns:
- a
Group
object for the given group id or null if no such group exists.
-
createGroupQuery
public GroupQuery createGroupQuery()
- Specified by:
createGroupQuery
in interfaceReadOnlyIdentityProvider
- Returns:
- a
GroupQuery
object which can be used for querying for groups.
-
createGroupQuery
public GroupQuery createGroupQuery(CommandContext commandContext)
- Specified by:
createGroupQuery
in interfaceReadOnlyIdentityProvider
- Returns:
- a
GroupQuery
object which can be used for querying for groups and can be reused in the current command context.
-
findGroupCountByQueryCriteria
public long findGroupCountByQueryCriteria(LdapGroupQuery ldapGroupQuery)
-
findGroupByQueryCriteria
public java.util.List<Group> findGroupByQueryCriteria(LdapGroupQuery query)
-
getGroupSearchFilter
protected java.lang.String getGroupSearchFilter(LdapGroupQuery query)
-
getDnForUser
protected java.lang.String getDnForUser(java.lang.String userId)
-
getDnForGroup
protected java.lang.String getDnForGroup(java.lang.String groupId)
-
getStringAttributeValue
protected java.lang.String getStringAttributeValue(java.lang.String attrName, javax.naming.directory.Attributes attributes) throws javax.naming.NamingException
- Throws:
javax.naming.NamingException
-
addFilter
protected void addFilter(java.lang.String attributeName, java.lang.String attributeValue, java.io.StringWriter writer)
-
transformUser
protected LdapUserEntity transformUser(javax.naming.directory.SearchResult result) throws javax.naming.NamingException
- Throws:
javax.naming.NamingException
-
transformGroup
protected GroupEntity transformGroup(javax.naming.directory.SearchResult result) throws javax.naming.NamingException
- Throws:
javax.naming.NamingException
-
getSortingControls
protected java.util.List<javax.naming.ldap.Control> getSortingControls(AbstractQuery<?,?> query, java.lang.StringBuilder resultLogger)
Return the list of Controls requested in the query. Query may be run on USERS or on GROUP- Parameters:
query
- query asks, contains the order by requested- Returns:
- list of control to send to LDAP
-
composeDn
protected java.lang.String composeDn(java.lang.String... parts)
-
isAuthenticatedUser
protected boolean isAuthenticatedUser(UserEntity user)
- Returns:
- true if the passed-in user is currently authenticated
-
isAuthorized
protected boolean isAuthorized(Permission permission, Resource resource, java.lang.String resourceId)
-
escapeLDAPSearchFilter
protected final java.lang.String escapeLDAPSearchFilter(java.lang.String filter)
-
initializeControls
protected void initializeControls(AbstractQuery<?,?> query, java.lang.StringBuilder resultLogger) throws javax.naming.NamingException
Initializes paged results and sort controls. Might not be supported by all LDAP implementations.- Throws:
javax.naming.NamingException
-
isNextPageDetected
protected boolean isNextPageDetected(java.lang.StringBuilder resultLogger)
Check in the context if we reach the last page on the query- Parameters:
resultLogger
- Logger to send information- Returns:
- new page detected
-
isPaginationSupported
protected boolean isPaginationSupported()
-
getPageSize
protected java.lang.Integer getPageSize()
Return the pageSize. Returns null if pagination is disabled.- Returns:
- the pageSize
-
createTenantQuery
public TenantQuery createTenantQuery()
- Specified by:
createTenantQuery
in interfaceReadOnlyIdentityProvider
- Returns:
- a
TenantQuery
object which can be used for querying for tenants.
-
createTenantQuery
public TenantQuery createTenantQuery(CommandContext commandContext)
- Specified by:
createTenantQuery
in interfaceReadOnlyIdentityProvider
- Returns:
- a
TenantQuery
object which can be used for querying for tenants and can be reused in the current command context.
-
findTenantById
public Tenant findTenantById(java.lang.String id)
- Specified by:
findTenantById
in interfaceReadOnlyIdentityProvider
- Returns:
- a
Tenant
object for the given id or null if no such tenant exists.
-
-