svn commit: r1701065 - in /jackrabbit/oak/trunk/oak-auth-ldap: ./ src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/ src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/

baedke Thu, 03 Sep 2015 09:38:30 -0700

Author: baedke
Date: Thu Sep  3 16:37:40 2015
New Revision: 1701065

URL: http://svn.apache.org/r1701065
Log:
OAK-3144: Support multivalue user properties for Ldap users


Thanks to Konrad Windszus (konra...@gmx.de) for providing the patch.

Modified:
    jackrabbit/oak/trunk/oak-auth-ldap/pom.xml
    
jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java
    
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java

Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/pom.xml?rev=1701065&r1=1701064&r2=1701065&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-auth-ldap/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-auth-ldap/pom.xml Thu Sep  3 16:37:40 2015
@@ -221,6 +221,18 @@
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
             <scope>test</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.hamcrest</groupId>
+                    <artifactId>hamcrest-core</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.hamcrest</groupId>
+            <artifactId>hamcrest-library</artifactId>
+            <version>1.3</version>
+            <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.easymock</groupId>

Modified: 
jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java?rev=1701065&r1=1701064&r2=1701065&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java
 Thu Sep  3 16:37:40 2015
@@ -17,6 +17,7 @@
 package org.apache.jackrabbit.oak.security.authentication.ldap.impl;
 
 import java.security.NoSuchAlgorithmException;
+import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.Iterator;
@@ -708,11 +709,7 @@ public class LdapIdentityProvider implem
                 : null;
         LdapUser user = new LdapUser(this, ref, id, path);
         Map<String, Object> props = user.getProperties();
-        for (Attribute attr: entry.getAttributes()) {
-            if (attr.isHumanReadable()) {
-                props.put(attr.getId(), attr.getString());
-            }
-        }
+        applyAttributes(props, entry);
         return user;
     }
 
@@ -728,13 +725,29 @@ public class LdapIdentityProvider implem
                 : null;
         LdapGroup group = new LdapGroup(this, ref, name, path);
         Map<String, Object> props = group.getProperties();
+        applyAttributes(props, entry);
+        return group;
+
+    }
+
+    private void applyAttributes(Map<String, Object> props, Entry entry)
+            throws LdapInvalidAttributeValueException {
         for (Attribute attr: entry.getAttributes()) {
             if (attr.isHumanReadable()) {
-                props.put(attr.getId(), attr.getString());
+                final Object propValue;
+                // for multivalue properties, store as collection
+                if (attr.size() > 1) {
+                    List<String> values = new ArrayList<String>();
+                    for (Value<?> value : attr) {
+                        values.add(value.getString());
+                    }
+                    propValue = values;
+                } else {
+                    propValue = attr.getString();
+                }
+                props.put(attr.getId(), propValue);
             }
         }
-        return group;
-
     }
 
     @Nonnull

Modified: 
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java?rev=1701065&r1=1701064&r2=1701065&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java
 Thu Sep  3 16:37:40 2015
@@ -22,10 +22,12 @@ import java.util.Arrays;
 import java.util.Collections;
 import java.util.LinkedList;
 import java.util.List;
+import java.util.Map;
 
 import javax.jcr.SimpleCredentials;
 import javax.security.auth.login.LoginException;
 
+import com.google.common.collect.ImmutableMap;
 import org.apache.directory.server.constants.ServerDNConstants;
 import 
org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider;
 import 
org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig;
@@ -34,6 +36,7 @@ import org.apache.jackrabbit.oak.spi.sec
 import 
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
 import 
org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser;
 import org.apache.jackrabbit.util.Text;
+import org.hamcrest.Matchers;
 import org.junit.After;
 import org.junit.AfterClass;
 import org.junit.Before;
@@ -46,6 +49,8 @@ import static junit.framework.Assert.ass
 import static junit.framework.Assert.assertTrue;
 import static junit.framework.Assert.fail;
 
+import static org.junit.Assert.assertThat;
+
 public class LdapProviderTest {
 
     protected static final InternalLdapServer LDAP_SERVER = new 
InternalLdapServer();
@@ -166,6 +171,23 @@ public class LdapProviderTest {
     }
 
     @Test
+    public void testGetUserProperties() throws Exception {
+        ExternalUser user = idp.getUser(TEST_USER1_UID);
+        assertNotNull("User 1 must exist", user);
+        List<String> multiValuePropValue = Arrays.asList(new String[] { "top", 
"person", "organizationalPerson", "inetOrgPerson"});
+        Map<String, Object> properties = new ImmutableMap.Builder<String, 
Object>()
+                .put("uid", "hhornblo")
+                .put("mail", "hhorn...@royalnavy.mod.uk")
+                .put("givenname", "Horatio")
+                .put("description", "Capt. Horatio Hornblower, R.N")
+                .put("sn", "Hornblower")
+                .put("cn", "Horatio Hornblower")
+                .put("objectclass", multiValuePropValue)
+                .build();
+        assertThat((Map<String, Object>) user.getProperties(), 
Matchers.<Map<String, Object>>equalTo(properties));
+    }
+
+    @Test
     public void testAuthenticate() throws Exception {
         SimpleCredentials creds = new SimpleCredentials(TEST_USER1_UID, 
"pass".toCharArray());
         ExternalUser user = idp.authenticate(creds);

svn commit: r1701065 - in /jackrabbit/oak/trunk/oak-auth-ldap: ./ src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/ src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/

Reply via email to