1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package fr.paris.lutece.plugins.adminauthenticationwsso.util;
35
36 import fr.paris.lutece.plugins.adminauthenticationwsso.AdminWssoAuthentication;
37 import fr.paris.lutece.plugins.adminauthenticationwsso.AdminWssoUser;
38 import fr.paris.lutece.portal.service.util.AppLogService;
39 import fr.paris.lutece.portal.service.util.AppPropertiesService;
40 import fr.paris.lutece.util.ldap.LdapUtil;
41 import java.text.MessageFormat;
42 import java.util.ArrayList;
43 import java.util.List;
44 import javax.naming.CommunicationException;
45 import javax.naming.NamingEnumeration;
46 import javax.naming.NamingException;
47 import javax.naming.directory.Attribute;
48 import javax.naming.directory.Attributes;
49 import javax.naming.directory.DirContext;
50 import javax.naming.directory.SearchControls;
51 import javax.naming.directory.SearchResult;
52
53
54 public class WssoLdapUtil
55 {
56 private static final String CONSTANT_WILDCARD = "*";
57
58 private static final String PROPERTY_USER_DN_SEARCH_FILTER_BY_CRITERIA = "adminauthenticationwsso.ldap.userSearch.criteria";
59 private static final String PROPERTY_INITIAL_CONTEXT_PROVIDER = "adminauthenticationwsso.ldap.initialContextProvider";
60 private static final String PROPERTY_PROVIDER_URL = "adminauthenticationwsso.ldap.connectionUrl";
61 private static final String PROPERTY_BIND_DN = "adminauthenticationwsso.ldap.connectionName";
62 private static final String PROPERTY_BIND_PASSWORD = "adminauthenticationwsso.ldap.connectionPassword";
63 private static final String PROPERTY_USER_DN_SEARCH_BASE = "adminauthenticationwsso.ldap.userBase";
64 private static final String PROPERTY_USER_DN_SEARCH_FILTER_BY_GUID = "adminauthenticationwsso.ldap.userSearch.guid";
65 private static final String PROPERTY_USER_SUBTREE = "adminauthenticationwsso.ldap.userSubtree";
66 private static final String PROPERTY_DN_ATTRIBUTE_GUID = "adminauthenticationwsso.ldap.dn.attributeName.wssoGuid";
67 private static final String PROPERTY_DN_ATTRIBUTE_FAMILY_NAME = "adminauthenticationwsso.ldap.dn.attributeName.familyName";
68 private static final String PROPERTY_DN_ATTRIBUTE_GIVEN_NAME = "adminauthenticationwsso.ldap.dn.attributeName.givenName";
69 private static final String PROPERTY_DN_ATTRIBUTE_EMAIL = "adminauthenticationwsso.ldap.dn.attributeName.email";
70 private static final String ATTRIBUTE_GUID = AppPropertiesService.getProperty( PROPERTY_DN_ATTRIBUTE_GUID );
71 private static final String ATTRIBUTE_FAMILY_NAME = AppPropertiesService.getProperty( PROPERTY_DN_ATTRIBUTE_FAMILY_NAME );
72 private static final String ATTRIBUTE_GIVEN_NAME = AppPropertiesService.getProperty( PROPERTY_DN_ATTRIBUTE_GIVEN_NAME );
73 private static final String ATTRIBUTE_EMAIL = AppPropertiesService.getProperty( PROPERTY_DN_ATTRIBUTE_EMAIL );
74
75 public static DirContext getNewContext( )
76 {
77 try
78 {
79 return LdapUtil.getContext( getInitialContextProvider( ), getProviderUrl( ), getBindDn( ),
80 getBindPassword( ) );
81 }
82 catch( Exception e)
83 {
84 AppLogService.error( "Unable to open a new connection to LDAP to "+ getProviderUrl( ), e );
85 return null;
86 }
87 }
88
89 public static List<AdminWssoUser> getWssoUserListFromEmail( DirContext context, String strEmailSearch )
90 {
91 ArrayList<AdminWssoUser> userList = new ArrayList<AdminWssoUser>( );
92 SearchResult sr = null;
93
94 Object[] messageFormatParam = new Object[3];
95
96 messageFormatParam[0] = checkSyntax( "" + CONSTANT_WILDCARD );
97 messageFormatParam[1] = checkSyntax( "" + CONSTANT_WILDCARD );
98 messageFormatParam[2] = checkSyntax( strEmailSearch + CONSTANT_WILDCARD );
99
100 String strUserSearchFilter = MessageFormat.format( getUserDnSearchFilterByCriteria( ), messageFormatParam );
101
102 try
103 {
104 SearchControls scUserSearchControls = new SearchControls( );
105 scUserSearchControls.setSearchScope( getUserDnSearchScope( ) );
106 scUserSearchControls.setReturningObjFlag( true );
107 scUserSearchControls.setCountLimit( 0 );
108
109 NamingEnumeration userResults = LdapUtil.searchUsers( context, strUserSearchFilter, getUserDnSearchBase( ), "", scUserSearchControls );
110
111 AppLogService.debug( AdminWssoUser.class.toString( ) + " : Search users - Email : " + strUserSearchFilter );
112
113 while ( ( userResults != null ) && userResults.hasMore( ) )
114 {
115 sr = (SearchResult) userResults.next( );
116
117 Attributes attributes = sr.getAttributes( );
118
119
120 Attribute attributeLastName = attributes.get( ATTRIBUTE_FAMILY_NAME );
121 String strLastName = "";
122
123 if ( attributeLastName != null )
124 {
125 strLastName = attributes.get( ATTRIBUTE_FAMILY_NAME ).get( ).toString( );
126 }
127 else
128 {
129 AppLogService.error( "Error while searching for users '" + attributes.toString( ) +
130 "' with search filter : " + strUserSearchFilter + " - last name is null" );
131 }
132
133
134 Attribute attributeFirstName = attributes.get( ATTRIBUTE_GIVEN_NAME );
135 String strFirstName = "";
136
137 if ( attributeLastName != null )
138 {
139 strFirstName = attributeFirstName.get( ).toString( );
140 }
141 else
142 {
143 AppLogService.error( "Error while searching for users '" + attributes.toString( ) +
144 "' with search filter : " + strUserSearchFilter + " - first name is null" );
145 }
146
147
148 Attribute attributeEmail = attributes.get( ATTRIBUTE_EMAIL );
149 String strEmail = "";
150
151 if ( attributeLastName != null )
152 {
153 strEmail = attributeEmail.get( ).toString( );
154 }
155 else
156 {
157 AppLogService.error( "Error while searching for users '" + attributes.toString( ) +
158 "' with search filter : " + strUserSearchFilter + " - e-mail is null" );
159 }
160
161
162 Attribute attributeGuId = attributes.get( ATTRIBUTE_GUID );
163 String strWssoId = "";
164
165 if ( attributeGuId != null )
166 {
167 strWssoId = attributeGuId.get( ).toString( );
168
169 AdminWssoUser user = null;
170 user = new AdminWssoUser( strWssoId, new AdminWssoAuthentication( ) );
171 user.setLastName( strLastName );
172 user.setFirstName( strFirstName );
173 user.setEmail( strEmail );
174 userList.add( user );
175 AppLogService.debug( WssoLdapUtil.class.toString( ) + " : Result " +
176 "- LastName : " + user.getLastName( ) +
177 "- FirstName : " + user.getFirstName( ) +
178 "- Email : " + user.getEmail( ) );
179 }
180 else
181 {
182 AppLogService.error( "Error while searching for users '" + attributes.toString( ) +
183 "' with search filter : " + strUserSearchFilter + " - guid is null" );
184 }
185 }
186 return userList;
187 }
188 catch ( CommunicationException e )
189 {
190 AppLogService.error( "Error while searching for users '" + "' with search filter : " + strUserSearchFilter , e );
191 return userList;
192 }
193 catch ( NamingException e )
194 {
195 AppLogService.error( "Error while searching for users", e );
196 return userList;
197 }
198 }
199
200
201 public static String checkSyntax( String in )
202 {
203 return ( ( ( in == null ) || ( in.equals( "" ) ) ) ? "*" : in );
204 }
205
206 public static String getUserDnSearchFilterByCriteria( )
207 {
208 return AppPropertiesService.getProperty( PROPERTY_USER_DN_SEARCH_FILTER_BY_CRITERIA );
209 }
210
211 public static String getInitialContextProvider( )
212 {
213 return AppPropertiesService.getProperty( PROPERTY_INITIAL_CONTEXT_PROVIDER );
214 }
215
216 public static String getProviderUrl( )
217 {
218 return AppPropertiesService.getProperty( PROPERTY_PROVIDER_URL );
219 }
220
221 public static String getUserDnSearchBase( )
222 {
223 return AppPropertiesService.getProperty( PROPERTY_USER_DN_SEARCH_BASE );
224 }
225
226 public static String getUserDnSearchFilterByGUID( )
227 {
228 return AppPropertiesService.getProperty( PROPERTY_USER_DN_SEARCH_FILTER_BY_GUID );
229 }
230
231 public static int getUserDnSearchScope( )
232 {
233 String strSearchScope = AppPropertiesService.getProperty( PROPERTY_USER_SUBTREE );
234
235 if ( strSearchScope.equalsIgnoreCase( "true" ) )
236 {
237 return SearchControls.SUBTREE_SCOPE;
238 }
239
240 return SearchControls.ONELEVEL_SCOPE;
241 }
242
243 public static String getBindDn( )
244 {
245 return AppPropertiesService.getProperty( PROPERTY_BIND_DN );
246 }
247
248 public static String getBindPassword( )
249 {
250 return AppPropertiesService.getProperty( PROPERTY_BIND_PASSWORD );
251 }
252
253 }