Package org.nuxeo.ecm.directory.ldap

Class LDAPSession

java.lang.Object

org.nuxeo.ecm.directory.BaseSession

org.nuxeo.ecm.directory.ldap.LDAPSession

All Implemented Interfaces:

AutoCloseable, EntrySource, Session

public class LDAPSession
extends BaseSession

This class represents a session against an LDAPDirectory.

Author:

Olivier Grisel

Nested Class Summary

Nested classes/interfaces inherited from class org.nuxeo.ecm.directory.BaseSession

BaseSession.FieldDetector

Field Summary

Fields

Modifier and Type	Field	Description
protected DirContext	dirContext
protected final Set<String>	emptySet
protected final String	idAttribute
protected final String	idCase
protected static final String	MISSING_ID_LOWER_CASE
protected static final String	MISSING_ID_UPPER_CASE
protected final String	passwordHashAlgorithm
protected final String	rdnAttribute
protected final String	rdnField
protected final String	searchBaseDn

Fields inherited from class org.nuxeo.ecm.directory.BaseSession

autoincrementId, computeMultiTenantId, directory, directoryName, MULTI_TENANT_ID_FORMAT, permissions, POWER_USERS_GROUP, readAllColumns, READONLY_ENTRY_FLAG, referenceClass, schemaName, substringMatchType, TENANT_ID_FIELD

Constructor Summary

Constructors

Constructor	Description
LDAPSession(LDAPDirectory directory)

Method Summary

Modifier and Type	Method	Description
boolean	authenticate(String username, String password)	Checks that the credentials provided by the UserManager match those registered in the directory.
protected String	changeEntryIdCase(String id, String idFieldCase)
void	close()	Closes the session and all open result sets obtained from this session.
DocumentModel	createEntry(DocumentModel entry)	Creates an entry in a directory.
protected DocumentModel	createEntryWithoutReferences(Map<String,Object> fieldMap)	Creates an entry to the directory without creating its references.
protected DocumentModel	doCreateEntryWithoutReferences(Map<String,Object> fieldMap)	To be implemented for specific creation.
void	doDeleteEntryWithoutReferences(String entryId)	To be implemented for specific deletion.
protected DocumentModelList	doQuery(DirectoryQueryBuilder queryBuilder)	To be implemented for specific querying.
protected List<String>	doQueryIds(DirectoryQueryBuilder queryBuilder)	To be implemented for specific querying.
protected List<String>	doUpdateEntryWithoutReferences(DocumentModel docModel)	To be implemented for specific update.
protected DocumentModel	fieldMapToDocumentModel(Map<String,Object> fieldMap)
protected Attribute	getAttributeValue(String fieldName, Object value)
DirContext	getContext()
LDAPDirectory	getDirectory()	To be implemented with a more specific return type.
DocumentModel	getEntryFromSource(String idOrSysId, boolean fetchReferences)
protected Object	getFieldValue(Attribute attribute, String fieldName, String entryId, boolean fetchReferences)
protected SearchResult	getLdapEntry(String id)
protected SearchResult	getLdapEntry(String id, boolean fetchAllAttributes)
protected List<String>	getMandatoryAttributes()
protected List<String>	getMandatoryAttributes(Attribute objectClassesAttribute)
protected void	handleException(Exception e, String message)
boolean	hasEntry(String idOrSysId)	Returns true if session has an entry with given id.
boolean	isAuthenticating()	Tells whether the directory implementation can be used as an authenticating backend for the UserManager (based on login / password check).
protected DocumentModelList	ldapResultsToDocumentModels(NamingEnumeration<SearchResult> results, boolean fetchReferences)
protected DocumentModel	ldapResultToDocumentModel(SearchResult result, String entryId, boolean fetchReferences)
DocumentModelList	query(Map<String,Serializable> filter, Set<String> fulltext, Map<String,String> orderBy, boolean fetchReferences, int limit, int offset)	Executes a query with the possibility to fetch a subset of the results. org.nuxeo.ecm.directory.BaseSession provides a default implementation fetching all results to return the subset.
boolean	rdnMatchesIdField()
String	toString()

Methods inherited from class org.nuxeo.ecm.directory.BaseSession

addTenantId, applyQueryLimits, applyQueryLimits, canDeleteMultiTenantEntry, canDeleteMultiTenantEntry, checkDeleteConstraints, checkPermission, computeMultiTenantDirectoryId, createEntry, createEntryModel, createEntryModel, createEntryModel, createEntryModel, createEntryModel, createEntryModel, createQueryBuilderForIds, createQueryBuilderWithConfiguredFiltering, createQueryBuilderWithConfiguredFiltering, deleteEntry, deleteEntry, deleteEntryWithoutReferences, getCurrentTenantId, getEntry, getIdField, getPasswordField, getPrefixedFieldName, getPrefixedIdField, getProjection, getProjection, hasPermission, hasPermission, isMultiTenant, isReadOnly, isReadOnlyEntry, query, query, query, query, query, query, queryIds, setReadAllColumns, setReadOnlyEntry, setReadWriteEntry, toStringList, updateEntry, updateEntryWithoutReferences

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface org.nuxeo.ecm.directory.Session

createEntryModel, getEntry

Field Details

MISSING_ID_LOWER_CASE

protected static final String MISSING_ID_LOWER_CASE

See Also:

• Constant Field Values

MISSING_ID_UPPER_CASE

protected static final String MISSING_ID_UPPER_CASE

See Also:

• Constant Field Values

dirContext

protected DirContext dirContext

idAttribute

protected final String idAttribute

idCase

protected final String idCase

searchBaseDn

protected final String searchBaseDn

emptySet

protected final Set<String> emptySet

rdnAttribute

protected final String rdnAttribute

rdnField

protected final String rdnField

passwordHashAlgorithm

protected final String passwordHashAlgorithm

Constructor Details

LDAPSession

public LDAPSession(LDAPDirectory directory)

Method Details

getDirectory

public LDAPDirectory getDirectory()

Description copied from class: BaseSession

To be implemented with a more specific return type.

Specified by:

getDirectory in class BaseSession

getContext

public DirContext getContext()

createEntryWithoutReferences

protected DocumentModel createEntryWithoutReferences(Map<String,Object> fieldMap)

Description copied from class: BaseSession

Creates an entry to the directory without creating its references.

Overrides:

createEntryWithoutReferences in class BaseSession

Implementation Note:

Do not execute generic code because LDAP directory does not handle in the same way the id, and it does not seem to support multi tenancy

doCreateEntryWithoutReferences

protected DocumentModel doCreateEntryWithoutReferences(Map<String,Object> fieldMap)

Description copied from class: BaseSession

To be implemented for specific creation.

Overrides:

doCreateEntryWithoutReferences in class BaseSession

doUpdateEntryWithoutReferences

protected List<String> doUpdateEntryWithoutReferences(DocumentModel docModel)

Description copied from class: BaseSession

To be implemented for specific update.

Overrides:

doUpdateEntryWithoutReferences in class BaseSession

doDeleteEntryWithoutReferences

public void doDeleteEntryWithoutReferences(String entryId)

Description copied from class: BaseSession

To be implemented for specific deletion.

Overrides:

doDeleteEntryWithoutReferences in class BaseSession

hasEntry

public boolean hasEntry(String idOrSysId)

Description copied from interface: Session

Returns true if session has an entry with given id.

Specified by:

hasEntry in interface Session

Overrides:

hasEntry in class BaseSession

getLdapEntry

protected SearchResult getLdapEntry(String id)
                             throws NamingException

Throws:

NamingException

getLdapEntry

protected SearchResult getLdapEntry(String id,
 boolean fetchAllAttributes)
                             throws NamingException

Throws:

NamingException

handleException

protected void handleException(Exception e,
 String message)

getEntryFromSource

public DocumentModel getEntryFromSource(String idOrSysId,
 boolean fetchReferences)

Specified by:

getEntryFromSource in interface EntrySource

Overrides:

getEntryFromSource in class BaseSession

query

public DocumentModelList query(Map<String,Serializable> filter,
 Set<String> fulltext,
 Map<String,String> orderBy,
 boolean fetchReferences,
 int limit,
 int offset)

Description copied from interface: Session

Executes a query with the possibility to fetch a subset of the results. org.nuxeo.ecm.directory.BaseSession provides a default implementation fetching all results to return the subset. Not recommended.

Parameters:

limit - maximum number of results ignored if less than 1

offset - number of rows skipped before starting, will be 0 if less than 0.

See Also:

• Session.query(Map, Set, Map, boolean)

doQuery

protected DocumentModelList doQuery(DirectoryQueryBuilder queryBuilder)

Description copied from class: BaseSession

To be implemented for specific querying.

Overrides:

doQuery in class BaseSession

See Also:

• BaseSession.query(QueryBuilder)

doQueryIds

protected List<String> doQueryIds(DirectoryQueryBuilder queryBuilder)

Description copied from class: BaseSession

To be implemented for specific querying.

Overrides:

doQueryIds in class BaseSession

See Also:

• BaseSession.queryIds(QueryBuilder)

close

public void close()

Description copied from interface: Session

Closes the session and all open result sets obtained from this session.

Releases this Connection object's resources immediately instead of waiting for them to be automatically released.

TODO: should this operation auto-commit pending changes?

fieldMapToDocumentModel

protected DocumentModel fieldMapToDocumentModel(Map<String,Object> fieldMap)

getFieldValue

protected Object getFieldValue(Attribute attribute,
 String fieldName,
 String entryId,
 boolean fetchReferences)

getAttributeValue

protected Attribute getAttributeValue(String fieldName,
 Object value)

ldapResultsToDocumentModels

protected DocumentModelList ldapResultsToDocumentModels(NamingEnumeration<SearchResult> results,
 boolean fetchReferences)
                                                 throws NamingException

Throws:

NamingException

ldapResultToDocumentModel

protected DocumentModel ldapResultToDocumentModel(SearchResult result,
 String entryId,
 boolean fetchReferences)
                                           throws NamingException

Throws:

NamingException

changeEntryIdCase

protected String changeEntryIdCase(String id,
 String idFieldCase)

authenticate

public boolean authenticate(String username,
 String password)

Description copied from interface: Session

Checks that the credentials provided by the UserManager match those registered in the directory. If username is not in the directory, this should return false instead of throrwing an exception.

Returns:

true is the credentials match those stored in the directory

isAuthenticating

public boolean isAuthenticating()

Description copied from interface: Session

Tells whether the directory implementation can be used as an authenticating backend for the UserManager (based on login / password check).

Specified by:

isAuthenticating in interface Session

Overrides:

isAuthenticating in class BaseSession

Returns:

true is the directory is authentication aware

rdnMatchesIdField

public boolean rdnMatchesIdField()

getMandatoryAttributes

protected List<String> getMandatoryAttributes(Attribute objectClassesAttribute)

getMandatoryAttributes

protected List<String> getMandatoryAttributes()

toString

public String toString()

Overrides:

toString in class Object

createEntry

public DocumentModel createEntry(DocumentModel entry)

Description copied from interface: Session

Creates an entry in a directory.

Specified by:

createEntry in interface Session

Overrides:

createEntry in class BaseSession

Parameters:

entry - the document model representing the entry to create

Returns:

The new entry created in the directory