Author: baedke Date: Thu Sep 3 16:37:40 2015 New Revision: 1701065 URL: http://svn.apache.org/r1701065 Log: OAK-3144: Support multivalue user properties for Ldap users
Thanks to Konrad Windszus (konra...@gmx.de) for providing the patch. Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java Modified: jackrabbit/oak/trunk/oak-auth-ldap/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/pom.xml?rev=1701065&r1=1701064&r2=1701065&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-auth-ldap/pom.xml (original) +++ jackrabbit/oak/trunk/oak-auth-ldap/pom.xml Thu Sep 3 16:37:40 2015 @@ -221,6 +221,18 @@ <groupId>junit</groupId> <artifactId>junit</artifactId> <scope>test</scope> + <exclusions> + <exclusion> + <groupId>org.hamcrest</groupId> + <artifactId>hamcrest-core</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.hamcrest</groupId> + <artifactId>hamcrest-library</artifactId> + <version>1.3</version> + <scope>test</scope> </dependency> <dependency> <groupId>org.easymock</groupId> Modified: jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java?rev=1701065&r1=1701064&r2=1701065&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java (original) +++ jackrabbit/oak/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java Thu Sep 3 16:37:40 2015 @@ -17,6 +17,7 @@ package org.apache.jackrabbit.oak.security.authentication.ldap.impl; import java.security.NoSuchAlgorithmException; +import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; import java.util.Iterator; @@ -708,11 +709,7 @@ public class LdapIdentityProvider implem : null; LdapUser user = new LdapUser(this, ref, id, path); Map<String, Object> props = user.getProperties(); - for (Attribute attr: entry.getAttributes()) { - if (attr.isHumanReadable()) { - props.put(attr.getId(), attr.getString()); - } - } + applyAttributes(props, entry); return user; } @@ -728,13 +725,29 @@ public class LdapIdentityProvider implem : null; LdapGroup group = new LdapGroup(this, ref, name, path); Map<String, Object> props = group.getProperties(); + applyAttributes(props, entry); + return group; + + } + + private void applyAttributes(Map<String, Object> props, Entry entry) + throws LdapInvalidAttributeValueException { for (Attribute attr: entry.getAttributes()) { if (attr.isHumanReadable()) { - props.put(attr.getId(), attr.getString()); + final Object propValue; + // for multivalue properties, store as collection + if (attr.size() > 1) { + List<String> values = new ArrayList<String>(); + for (Value<?> value : attr) { + values.add(value.getString()); + } + propValue = values; + } else { + propValue = attr.getString(); + } + props.put(attr.getId(), propValue); } } - return group; - } @Nonnull Modified: jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java?rev=1701065&r1=1701064&r2=1701065&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java (original) +++ jackrabbit/oak/trunk/oak-auth-ldap/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapProviderTest.java Thu Sep 3 16:37:40 2015 @@ -22,10 +22,12 @@ import java.util.Arrays; import java.util.Collections; import java.util.LinkedList; import java.util.List; +import java.util.Map; import javax.jcr.SimpleCredentials; import javax.security.auth.login.LoginException; +import com.google.common.collect.ImmutableMap; import org.apache.directory.server.constants.ServerDNConstants; import org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider; import org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapProviderConfig; @@ -34,6 +36,7 @@ import org.apache.jackrabbit.oak.spi.sec import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef; import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser; import org.apache.jackrabbit.util.Text; +import org.hamcrest.Matchers; import org.junit.After; import org.junit.AfterClass; import org.junit.Before; @@ -46,6 +49,8 @@ import static junit.framework.Assert.ass import static junit.framework.Assert.assertTrue; import static junit.framework.Assert.fail; +import static org.junit.Assert.assertThat; + public class LdapProviderTest { protected static final InternalLdapServer LDAP_SERVER = new InternalLdapServer(); @@ -166,6 +171,23 @@ public class LdapProviderTest { } @Test + public void testGetUserProperties() throws Exception { + ExternalUser user = idp.getUser(TEST_USER1_UID); + assertNotNull("User 1 must exist", user); + List<String> multiValuePropValue = Arrays.asList(new String[] { "top", "person", "organizationalPerson", "inetOrgPerson"}); + Map<String, Object> properties = new ImmutableMap.Builder<String, Object>() + .put("uid", "hhornblo") + .put("mail", "hhorn...@royalnavy.mod.uk") + .put("givenname", "Horatio") + .put("description", "Capt. Horatio Hornblower, R.N") + .put("sn", "Hornblower") + .put("cn", "Horatio Hornblower") + .put("objectclass", multiValuePropValue) + .build(); + assertThat((Map<String, Object>) user.getProperties(), Matchers.<Map<String, Object>>equalTo(properties)); + } + + @Test public void testAuthenticate() throws Exception { SimpleCredentials creds = new SimpleCredentials(TEST_USER1_UID, "pass".toCharArray()); ExternalUser user = idp.authenticate(creds);