summaryrefslogtreecommitdiffstats
path: root/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java')
-rw-r--r--src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java87
1 files changed, 54 insertions, 33 deletions
diff --git a/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java b/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java
index 63ce60a..f5e5f7a 100644
--- a/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java
+++ b/src/main/java/org/openslx/taskmanager/tasks/LdapSearch.java
@@ -9,6 +9,8 @@ import java.util.Random;
import org.apache.commons.io.FileUtils;
import org.apache.log4j.Logger;
+import org.openslx.satserver.util.LdapMapping;
+import org.openslx.satserver.util.Util;
import org.openslx.taskmanager.api.SystemCommandTask;
import com.google.gson.annotations.Expose;
@@ -30,12 +32,16 @@ public class LdapSearch extends SystemCommandTask
private boolean plainldap = false;
@Expose
private String filter = null;
+ @Expose
+ private LdapMapping mapping = null;
private String fifo = null;
private boolean getDn = false;
private volatile int userCount = 0;
+
+ private volatile int userIdCount = 0;
private Output status = new Output();
@@ -58,6 +64,31 @@ public class LdapSearch extends SystemCommandTask
@Override
protected String[] initCommandLine()
{
+ if ( this.mapping == null )
+ this.mapping = new LdapMapping();
+ if ( this.plainldap ) {
+ if ( Util.isEmpty( mapping.posixAccount ) ) {
+ mapping.posixAccount = "posixAccount";
+ }
+ if ( Util.isEmpty( mapping.uid ) ) {
+ mapping.uid = "uid";
+ }
+ if ( Util.isEmpty( mapping.uidnumber ) ) {
+ mapping.uidnumber = "uidnumber";
+ }
+ } else {
+ if ( Util.isEmpty( mapping.posixAccount ) ) {
+ mapping.posixAccount = "user";
+ }
+ if ( Util.isEmpty( mapping.uid ) ) {
+ mapping.uid = "sAMAccountName";
+ }
+ if ( Util.isEmpty( mapping.uidnumber ) ) {
+ mapping.uidnumber = "objectSid";
+ }
+ }
+ mapping.uid = mapping.uid.toLowerCase();
+ mapping.uidnumber = mapping.uidnumber.toLowerCase();
if ( !this.bindpw.isEmpty() ) {
this.fifo = String.format( "/tmp/bwlp-%s-%s.ldap", System.currentTimeMillis(), new Random().nextInt() );
File pwFile = new File( this.fifo );
@@ -76,19 +107,15 @@ public class LdapSearch extends SystemCommandTask
}
String filter;
if ( this.filter == null || this.filter.isEmpty() ) {
- status.addMessage( "Trying to find 4 random AD users to verify everything is all right..." );
- if ( this.plainldap ) {
- filter = "(&(objectClass=posixAccount)(uid=*))";
- } else {
- filter = "(&(objectClass=user)(objectClass=person)(sAMAccountName=*))";
- }
+ status.addMessage( "Trying to find 4 random users to verify everything is all right..." );
+ filter = "(&(objectClass=" + mapping.posixAccount + ")(" + mapping.uid + "=*)(" + mapping.uidnumber + "=*))";
} else {
this.getDn = true;
filter = this.filter;
}
- // As we don't care about the certificate here, you might want to put TLS_REQCERT never
status.addMessage( "Using filter: " + filter );
+ // As we don't care about the certificate here, you might want to put TLS_REQCERT never
// in /etc/ldap/ldap.conf
if ( this.bindpw.isEmpty() ) {
return new String[] {
@@ -130,38 +157,32 @@ public class LdapSearch extends SystemCommandTask
if ( exitCode == 4 ) // Means size limit exceeded, ignore
exitCode = 0;
status.addMessage( "Exit code is " + exitCode );
- if ( exitCode == 0 && this.userCount < 4 && !this.getDn )
- status.addMessage( "Found less than 4 users. Are you sure you got the right credentials?" );
- return this.userCount >= 4 || ( this.getDn && status.dn != null );
+ if ( exitCode == 0 && !this.getDn ) {
+ if ( this.userCount < 4 ) {
+ status.addMessage( "Found less than 4 users. Are you sure you got the right credentials?" );
+ }
+ if ( this.userIdCount < 4 ) {
+ status.addMessage( "Found less than 4 user ids. Are you sure you got the right credentials?" );
+ }
+ }
+ return ( this.userCount >= 4 && this.userIdCount >= 4 ) || ( this.getDn && status.dn != null );
}
@Override
protected void processStdOut( String line )
{
- if ( this.plainldap ) {
- if ( line.startsWith( "uid: " ) ) {
- status.addMessage( "Found LDAP user " + line.substring( 5 ) + " :-)" );
- this.userCount++;
- return;
- }
- if ( line.startsWith( "uid:: " ) ) {
- status.addMessage( "Found LDAP user " + line.substring( 6 ) + " :-)" );
- this.userCount++;
- return;
- }
- } else {
- if ( line.startsWith( "sAMAccountName: " ) ) {
- status.addMessage( "Found AD user " + line.substring( 16 ) + " :-)" );
- this.userCount++;
- return;
- }
- if ( line.startsWith( "sAMAccountName:: " ) ) {
- status.addMessage( "Found AD user " + line.substring( 17 ) + " :-)" );
- this.userCount++;
- return;
- }
+ String lower = line.toLowerCase();
+ if ( lower.startsWith( mapping.uid + ":" ) ) {
+ status.addMessage( "Found " + line + " :-)" );
+ this.userCount++;
+ return;
+ }
+ if ( lower.startsWith( mapping.uidnumber + ":" ) ) {
+ status.addMessage( "Found " + line + " :-)" );
+ this.userIdCount++;
+ return;
}
- if ( line.startsWith( "dn: " ) ) {
+ if ( lower.startsWith( "dn: " ) ) {
status.dn = line.substring( 4 );
return;
}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-04 16:01:20 +0200