%line | %branch | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
org.apache.jetspeed.security.spi.impl.LdapGroupSecurityHandler |
|
|
1 | /* |
|
2 | * Licensed to the Apache Software Foundation (ASF) under one or more |
|
3 | * contributor license agreements. See the NOTICE file distributed with |
|
4 | * this work for additional information regarding copyright ownership. |
|
5 | * The ASF licenses this file to You under the Apache License, Version 2.0 |
|
6 | * (the "License"); you may not use this file except in compliance with |
|
7 | * the License. You may obtain a copy of the License at |
|
8 | * |
|
9 | * http://www.apache.org/licenses/LICENSE-2.0 |
|
10 | * |
|
11 | * Unless required by applicable law or agreed to in writing, software |
|
12 | * distributed under the License is distributed on an "AS IS" BASIS, |
|
13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
|
14 | * See the License for the specific language governing permissions and |
|
15 | * limitations under the License. |
|
16 | */ |
|
17 | package org.apache.jetspeed.security.spi.impl; |
|
18 | ||
19 | import java.util.ArrayList; |
|
20 | import java.util.Arrays; |
|
21 | import java.util.List; |
|
22 | ||
23 | import javax.naming.NamingException; |
|
24 | ||
25 | import org.apache.commons.lang.StringUtils; |
|
26 | import org.apache.commons.logging.Log; |
|
27 | import org.apache.commons.logging.LogFactory; |
|
28 | import org.apache.jetspeed.security.GroupPrincipal; |
|
29 | import org.apache.jetspeed.security.SecurityException; |
|
30 | import org.apache.jetspeed.security.impl.GroupPrincipalImpl; |
|
31 | import org.apache.jetspeed.security.spi.GroupSecurityHandler; |
|
32 | import org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao; |
|
33 | import org.apache.jetspeed.security.spi.impl.ldap.LdapGroupDaoImpl; |
|
34 | ||
35 | /** |
|
36 | * @see org.apache.jetspeed.security.spi.GroupSecurityHandler |
|
37 | * @author <a href="mailto:mike.long@dataline.com">Mike Long </a><br/> <a |
|
38 | * href="mailto:dlestrat@apache.org">David Le Strat </a> |
|
39 | */ |
|
40 | public class LdapGroupSecurityHandler implements GroupSecurityHandler |
|
41 | { |
|
42 | /** The logger. */ |
|
43 | 0 | private static final Log logger = LogFactory.getLog(LdapGroupSecurityHandler.class); |
44 | ||
45 | /** The {@link LdapPrincipalDao}. */ |
|
46 | private LdapPrincipalDao ldap; |
|
47 | ||
48 | /** |
|
49 | * @param ldap The {@link LdapPrincipalDao}. |
|
50 | */ |
|
51 | public LdapGroupSecurityHandler(LdapPrincipalDao ldap) |
|
52 | 0 | { |
53 | 0 | this.ldap = ldap; |
54 | 0 | } |
55 | ||
56 | /** |
|
57 | * <p> |
|
58 | * Default constructor. |
|
59 | * </p> |
|
60 | * |
|
61 | * @throws NamingException A {@link NamingException}. |
|
62 | * @throws SecurityException A {@link SecurityException}. |
|
63 | */ |
|
64 | public LdapGroupSecurityHandler() throws NamingException, SecurityException |
|
65 | { |
|
66 | 0 | this(new LdapGroupDaoImpl()); |
67 | 0 | } |
68 | ||
69 | /** |
|
70 | * @see org.apache.jetspeed.security.spi.GroupSecurityHandler#getGroupPrincipal(java.lang.String) |
|
71 | */ |
|
72 | public GroupPrincipal getGroupPrincipal(String groupPrincipalUid) |
|
73 | { |
|
74 | 0 | String groupUidWithoutSlashes = ldap.convertUidToLdapAcceptableName(groupPrincipalUid); |
75 | 0 | verifyGroupId(groupUidWithoutSlashes); |
76 | try |
|
77 | { |
|
78 | 0 | String dn = ldap.lookupByUid(groupUidWithoutSlashes); |
79 | ||
80 | 0 | if (!StringUtils.isEmpty(dn)) |
81 | { |
|
82 | 0 | return new GroupPrincipalImpl(groupPrincipalUid); |
83 | } |
|
84 | } |
|
85 | 0 | catch (SecurityException e) |
86 | { |
|
87 | 0 | logSecurityException(e, groupPrincipalUid); |
88 | 0 | } |
89 | 0 | return null; |
90 | } |
|
91 | ||
92 | /** |
|
93 | * <p> |
|
94 | * Verify that the group uid is valid. |
|
95 | * </p> |
|
96 | * |
|
97 | * @param groupPrincipalUid The group uid. |
|
98 | */ |
|
99 | private void verifyGroupId(String groupPrincipalUid) |
|
100 | { |
|
101 | 0 | if (StringUtils.isEmpty(groupPrincipalUid)) |
102 | { |
|
103 | 0 | throw new IllegalArgumentException("The groupId cannot be null or empty."); |
104 | } |
|
105 | 0 | } |
106 | ||
107 | /** |
|
108 | * <p> |
|
109 | * Log the security exception. |
|
110 | * </p> |
|
111 | * |
|
112 | * @param e The {@link SecurityException}. |
|
113 | * @param groupPrincipalUid The group principal uid. |
|
114 | */ |
|
115 | private void logSecurityException(SecurityException e, String groupPrincipalUid) |
|
116 | { |
|
117 | 0 | if (logger.isErrorEnabled()) |
118 | { |
|
119 | 0 | logger.error("An LDAP error has occurred for groupId:" + groupPrincipalUid, e); |
120 | } |
|
121 | 0 | } |
122 | ||
123 | /** |
|
124 | * @see org.apache.jetspeed.security.spi.GroupSecurityHandler#setGroupPrincipal(org.apache.jetspeed.security.GroupPrincipal) |
|
125 | */ |
|
126 | public void setGroupPrincipal(GroupPrincipal groupPrincipal) throws SecurityException |
|
127 | { |
|
128 | 0 | verifyGroupPrincipal(groupPrincipal); |
129 | ||
130 | 0 | String fullPath = groupPrincipal.getFullPath(); |
131 | 0 | String groupUidWithoutSlashes = ldap.convertUidToLdapAcceptableName(fullPath); |
132 | 0 | if (getGroupPrincipal(groupUidWithoutSlashes) == null) |
133 | { |
|
134 | 0 | ldap.create(groupUidWithoutSlashes); |
135 | } |
|
136 | ||
137 | 0 | } |
138 | ||
139 | /** |
|
140 | * <p> |
|
141 | * Verify that the group principal is valid. |
|
142 | * </p> |
|
143 | * |
|
144 | * @param groupPrincipal The group principal. |
|
145 | */ |
|
146 | private void verifyGroupPrincipal(GroupPrincipal groupPrincipal) |
|
147 | { |
|
148 | 0 | if (groupPrincipal == null) |
149 | { |
|
150 | 0 | throw new IllegalArgumentException("The GroupPrincipal cannot be null or empty."); |
151 | } |
|
152 | 0 | } |
153 | ||
154 | /** |
|
155 | * @see org.apache.jetspeed.security.spi.GroupSecurityHandler#removeGroupPrincipal(org.apache.jetspeed.security.GroupPrincipal) |
|
156 | */ |
|
157 | public void removeGroupPrincipal(GroupPrincipal groupPrincipal) throws SecurityException |
|
158 | { |
|
159 | 0 | verifyGroupPrincipal(groupPrincipal); |
160 | ||
161 | 0 | String fullPath = groupPrincipal.getFullPath(); |
162 | 0 | String groupUidWithoutSlashes = ldap.convertUidToLdapAcceptableName(fullPath); |
163 | ||
164 | 0 | ldap.delete(groupUidWithoutSlashes); |
165 | 0 | } |
166 | ||
167 | /** |
|
168 | * @see org.apache.jetspeed.security.spi.GroupSecurityHandler#getGroupPrincipals(java.lang.String) |
|
169 | */ |
|
170 | public List getGroupPrincipals(String filter) |
|
171 | { |
|
172 | try |
|
173 | { |
|
174 | 0 | return Arrays.asList(ldap.find(filter, GroupPrincipal.PREFS_GROUP_ROOT)); |
175 | } |
|
176 | 0 | catch (SecurityException e) |
177 | { |
|
178 | 0 | logSecurityException(e, filter); |
179 | } |
|
180 | 0 | return new ArrayList(); |
181 | } |
|
182 | } |
This report is generated by jcoverage, Maven and Maven JCoverage Plugin. |