Add LDAP support to previously AD-only tasks

1 files changed, 70 insertions, 26 deletions

diff --git a/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java b/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java
index 37443d5..37d09d8 100644
--- a/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java
+++ b/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java
@@ -23,6 +23,8 @@ public class LdapSearch extends SystemCommandTask
 	private String bindpw = null;
 	@Expose
 	private String username = null;
+	@Expose
+	private boolean plainldap = false;
 
 	private String fifo = null;
 
@@ -36,10 +38,14 @@ public class LdapSearch extends SystemCommandTask
 	protected boolean initTask()
 	{
 		this.setStatusObject( this.status );
-		if ( this.server == null || this.searchbase == null || this.binddn == null ) {
+		if ( this.server == null || this.searchbase == null ) {
 			status.messages = "Missing parameter";
 			return false;
 		}
+		if ( this.binddn == null )
+			this.binddn = "";
+		if ( this.bindpw == null )
+			this.bindpw = "";
 		this.timeoutSeconds = 5;
 		return true;
 	}
@@ -47,20 +53,20 @@ public class LdapSearch extends SystemCommandTask
 	@Override
 	protected String[] initCommandLine()
 	{
-		if ( this.bindpw == null )
-			this.bindpw = "";
-		this.fifo = String.format( "/tmp/bwlp-%s-%s.ldap", System.currentTimeMillis(), new Random().nextInt() );
-		File pwFile = new File( this.fifo );
-		FileUtils.deleteQuietly( pwFile );
-		try {
-			pwFile.createNewFile();
-			pwFile.setReadable( false, false );
-			pwFile.setReadable( true, true );
-			FileUtils.writeStringToFile( pwFile, this.bindpw, StandardCharsets.UTF_8 );
-		} catch ( IOException e ) {
+		if ( !this.bindpw.isEmpty() ) {
+			this.fifo = String.format( "/tmp/bwlp-%s-%s.ldap", System.currentTimeMillis(), new Random().nextInt() );
+			File pwFile = new File( this.fifo );
 			FileUtils.deleteQuietly( pwFile );
-			status.messages = e.toString();
-			return null;
+			try {
+				pwFile.createNewFile();
+				pwFile.setReadable( false, false );
+				pwFile.setReadable( true, true );
+				FileUtils.writeStringToFile( pwFile, this.bindpw, StandardCharsets.UTF_8 );
+			} catch ( IOException e ) {
+				FileUtils.deleteQuietly( pwFile );
+				status.messages = e.toString();
+				return null;
+			}
 		}
 		if ( this.username == null ) {
 			status.addMessage( "Trying to find 4 random AD users to verify everything is all right..." );
@@ -68,9 +74,34 @@ public class LdapSearch extends SystemCommandTask
 		} else {
 			this.getDn = true;
 		}
+		String filter;
+		String wantedAttr;
+		if ( this.plainldap ) {
+			filter = "(&(objectClass=posixAccount)(uid=" + this.username + "))";
+			wantedAttr = "uid";
+		} else {
+			filter = "(&(objectClass=user)(objectClass=person)(sAMAccountName=" + this.username + "))";
+			wantedAttr = "sAMAccountName";
+		}
 
 		// As we don't care about the certificate here, you might want to put TLS_REQCERT never
 		// in /etc/ldap/ldap.conf
+		if ( this.binddn.isEmpty() ) {
+			return new String[] {
+					"ldapsearch",
+					"-x", // Simple auth
+					"-LLL", // No additional stuff
+					"-H", this.server, // Host
+					"-b", this.searchbase, // SB
+					"-l", "4", // Time limit in seconds
+					"-o", "nettimeout=4",
+					"-z", "4", // Max number of results
+					"-o", "ldif-wrap=no", // Turn off retarded line wrapping done by ldapsearch
+					filter,
+					wantedAttr, // Find account name
+					"dn" // And dn
+			};
+		}
 		return new String[] {
 				"ldapsearch",
 				"-x", // Simple auth
@@ -83,8 +114,8 @@ public class LdapSearch extends SystemCommandTask
 				"-o", "nettimeout=4",
 				"-z", "4", // Max number of results
 				"-o", "ldif-wrap=no", // Turn off retarded line wrapping done by ldapsearch
-				"(&(objectClass=user)(objectClass=person)(sAMAccountName=" + this.username + "))",
-				"sAMAccountName", // Find account name
+				filter,
+				wantedAttr, // Find account name
 				"dn" // And dn
 		};
 	}
@@ -92,26 +123,39 @@ public class LdapSearch extends SystemCommandTask
 	@Override
 	protected boolean processEnded( int exitCode )
 	{
-		FileUtils.deleteQuietly( new File( this.fifo ) );
+		if ( this.fifo != null ) {
+			FileUtils.deleteQuietly( new File( this.fifo ) );
+		}
 		if ( exitCode == 4 ) // Means size limit exceeded, ignore
 			exitCode = 0;
 		if ( exitCode != 0 )
 			status.addMessage( "Exit code is " + exitCode );
 		if ( exitCode == 0 && this.userCount < 4 && !this.getDn )
-			status.addMessage( "Found less than 4 users. Are you sure you got the right credentials." );
+			status.addMessage( "Found less than 4 users. Are you sure you got the right credentials?" );
 		return this.userCount >= 4 || ( this.getDn && status.dn != null );
 	}
 
 	@Override
 	protected void processStdOut( String line )
 	{
-		if ( line.startsWith( "sAMAccountName: " ) ) {
-			status.addMessage( "Found AD user " + line.substring( 16 ) + " :-)" );
-			this.userCount++;
-		}
-		if ( line.startsWith( "sAMAccountName:: " ) ) {
-			status.addMessage( "Found AD user " + line.substring( 17 ) + " :-)" );
-			this.userCount++;
+		if ( this.plainldap ) {
+			if ( line.startsWith( "uid: " ) ) {
+				status.addMessage( "Found LDAP user " + line.substring( 5 ) + " :-)" );
+				this.userCount++;
+			}
+			if ( line.startsWith( "uid:: " ) ) {
+				status.addMessage( "Found LDAP user " + line.substring( 6 ) + " :-)" );
+				this.userCount++;
+			}
+		} else {
+			if ( line.startsWith( "sAMAccountName: " ) ) {
+				status.addMessage( "Found AD user " + line.substring( 16 ) + " :-)" );
+				this.userCount++;
+			}
+			if ( line.startsWith( "sAMAccountName:: " ) ) {
+				status.addMessage( "Found AD user " + line.substring( 17 ) + " :-)" );
+				this.userCount++;
+			}
 		}
 		if ( this.getDn && line.startsWith( "dn: " ) ) {
 			status.dn = line.substring( 4 );
@@ -131,7 +175,7 @@ public class LdapSearch extends SystemCommandTask
 		private String messages = null;
 		public String dn = null;
 
-		private void addMessage( String str )
+		private synchronized void addMessage( String str )
 		{
 			if ( messages == null ) {
 				messages = str;