Class LDAPClaimsSource
- java.lang.Object
-
- org.oa4mp.server.loader.oauth2.claims.BasicClaimsSourceImpl
-
- org.oa4mp.server.loader.oauth2.claims.LDAPClaimsSource
-
- All Implemented Interfaces:
ClaimSource
,edu.uiuc.ncsa.security.core.Logable
,Serializable
- Direct Known Subclasses:
NCSALDAPClaimSource
public class LDAPClaimsSource extends BasicClaimsSourceImpl implements edu.uiuc.ncsa.security.core.Logable
Created by Jeff Gaynor
on 4/26/16 at 3:32 PM- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description protected LdapContext
context
protected boolean
loggingEnabled
-
Fields inherited from class edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.BasicClaimsSourceImpl
groupHandler
-
-
Constructor Summary
Constructors Constructor Description LDAPClaimsSource()
LDAPClaimsSource(OA2SE oa2SE)
LDAPClaimsSource(LDAPConfiguration ldapConfiguration, edu.uiuc.ncsa.security.core.util.MyLoggingFacade myLogger)
LDAPClaimsSource(edu.uiuc.ncsa.qdl.variables.QDLStem stem)
LDAPClaimsSource(edu.uiuc.ncsa.qdl.variables.QDLStem stem, OA2SE oa2SE)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
closeConnection()
protected static GroupElement
convertToEntry(Attributes a)
LdapContext
createConnection(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
Hashtable<String,String>
createEnv(String host, LDAPConfiguration cfg)
void
debug(String x)
void
error(String x)
void
error(String x, Throwable e)
void
fromQDL(edu.uiuc.ncsa.qdl.variables.QDLStem arg)
static Groups
get_NEW_Gid(LDAPConfiguration cfg2, String username)
Collection<String>
getClaims()
returns a (unique) collection of claims.ClaimSourceConfiguration
getConfiguration()
Lazy initialization since it is assumed that this is needed to populate this from JSON or QDL.LDAPConfiguration
getLDAPCfg()
Convenience to cast the configuration to the right class.protected edu.uiuc.ncsa.security.core.util.MyLoggingFacade
getMyLogger()
protected String
getSearchFilterAttribute(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
String
getSearchName(net.sf.json.JSONObject claims, javax.servlet.http.HttpServletRequest request, ServiceTransaction transaction)
Returns the name of the user for whom the search is to be run.void
handleException(Throwable throwable, edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
void
info(String x)
boolean
isDebugOn()
boolean
isEnabled()
protected boolean
isLoggedOn()
protected boolean
isNCSA()
void
logon(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugUtil)
protected Groups
processNCSAGroups()
protected net.sf.json.JSONObject
realProcessing(net.sf.json.JSONObject claims, javax.servlet.http.HttpServletRequest request, ServiceTransaction transaction)
This is the actual place to put your code that only processes the claim source.protected void
sayit(String x)
void
setDebugOn(boolean setOn)
net.sf.json.JSONObject
simpleSearch(LdapContext ctx, String userID, Map<String,LDAPConfigurationUtil.AttributeEntry> attributes, edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
protected net.sf.json.JSONObject
toJSON(Map<String,LDAPConfigurationUtil.AttributeEntry> attributes, NamingEnumeration e, String userName)
This takes the result of the search as aNamingEnumeration
and set of attributes (from the configuration file) and returns a JSON object.edu.uiuc.ncsa.qdl.variables.QDLStem
toQDL()
String
toString()
void
warn(String x)
-
Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.BasicClaimsSourceImpl
getGroupHandler, getOa2SE, getOmitList, getPostProcessor, getPreProcessor, getScopes, hasConfiguration, hasJSONPostProcessor, hasJSONPreProcessor, isRunAtAuthorization, process, process, setConfiguration, setGroupHandler, setOa2SE, setOmitList, setScopes
-
-
-
-
Field Detail
-
loggingEnabled
protected boolean loggingEnabled
-
context
protected transient LdapContext context
-
-
Constructor Detail
-
LDAPClaimsSource
public LDAPClaimsSource()
-
LDAPClaimsSource
public LDAPClaimsSource(edu.uiuc.ncsa.qdl.variables.QDLStem stem)
-
LDAPClaimsSource
public LDAPClaimsSource(edu.uiuc.ncsa.qdl.variables.QDLStem stem, OA2SE oa2SE)
-
LDAPClaimsSource
public LDAPClaimsSource(LDAPConfiguration ldapConfiguration, edu.uiuc.ncsa.security.core.util.MyLoggingFacade myLogger)
-
LDAPClaimsSource
public LDAPClaimsSource(OA2SE oa2SE)
-
-
Method Detail
-
getSearchName
public String getSearchName(net.sf.json.JSONObject claims, javax.servlet.http.HttpServletRequest request, ServiceTransaction transaction)
Returns the name of the user for whom the search is to be run. The default is to return the name the user used to log in to MyProxy. Otherwise, this takes a key for the user information and returns the value it finds there. Note that if you specify an email, the whole email will be returned. Otherwise, the name will be truncated at the "@" sign (e.g. like an eppn).- Parameters:
claims
-request
-transaction
-- Returns:
-
isNCSA
protected boolean isNCSA()
-
getMyLogger
protected edu.uiuc.ncsa.security.core.util.MyLoggingFacade getMyLogger()
-
handleException
public void handleException(Throwable throwable, edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
-
processNCSAGroups
protected Groups processNCSAGroups()
-
isEnabled
public boolean isEnabled()
- Specified by:
isEnabled
in interfaceClaimSource
- Overrides:
isEnabled
in classBasicClaimsSourceImpl
-
realProcessing
protected net.sf.json.JSONObject realProcessing(net.sf.json.JSONObject claims, javax.servlet.http.HttpServletRequest request, ServiceTransaction transaction) throws UnsupportedScopeException
Description copied from class:BasicClaimsSourceImpl
This is the actual place to put your code that only processes the claim source. TheBasicClaimsSourceImpl.process(JSONObject, HttpServletRequest, ServiceTransaction)
calls wrap this and invoke the pre/post processor for you. Your code should take whatever metadata is for the user and add it to the claims object.- Overrides:
realProcessing
in classBasicClaimsSourceImpl
- Returns:
- Throws:
UnsupportedScopeException
-
isLoggedOn
protected boolean isLoggedOn()
-
getLDAPCfg
public LDAPConfiguration getLDAPCfg()
Convenience to cast the configuration to the right class.- Returns:
-
logon
public void logon(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugUtil)
-
createEnv
public Hashtable<String,String> createEnv(String host, LDAPConfiguration cfg)
-
createConnection
public LdapContext createConnection(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
-
getClaims
public Collection<String> getClaims()
Description copied from class:BasicClaimsSourceImpl
returns a (unique) collection of claims.- Specified by:
getClaims
in interfaceClaimSource
- Overrides:
getClaims
in classBasicClaimsSourceImpl
- Returns:
-
getSearchFilterAttribute
protected String getSearchFilterAttribute(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
-
simpleSearch
public net.sf.json.JSONObject simpleSearch(LdapContext ctx, String userID, Map<String,LDAPConfigurationUtil.AttributeEntry> attributes, edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger) throws NamingException
- Throws:
NamingException
-
toJSON
protected net.sf.json.JSONObject toJSON(Map<String,LDAPConfigurationUtil.AttributeEntry> attributes, NamingEnumeration e, String userName) throws NamingException
This takes the result of the search as aNamingEnumeration
and set of attributes (from the configuration file) and returns a JSON object. The default is that singletons are returned as simple values while lists are recorded as arrays.- Parameters:
attributes
-e
-- Returns:
- Throws:
NamingException
-
closeConnection
protected void closeConnection()
-
sayit
protected void sayit(String x)
-
debug
public void debug(String x)
- Specified by:
debug
in interfaceedu.uiuc.ncsa.security.core.Logable
-
isDebugOn
public boolean isDebugOn()
- Specified by:
isDebugOn
in interfaceedu.uiuc.ncsa.security.core.Logable
-
setDebugOn
public void setDebugOn(boolean setOn)
- Specified by:
setDebugOn
in interfaceedu.uiuc.ncsa.security.core.Logable
-
info
public void info(String x)
- Specified by:
info
in interfaceedu.uiuc.ncsa.security.core.Logable
-
warn
public void warn(String x)
- Specified by:
warn
in interfaceedu.uiuc.ncsa.security.core.Logable
-
error
public void error(String x)
- Specified by:
error
in interfaceedu.uiuc.ncsa.security.core.Logable
-
get_NEW_Gid
public static Groups get_NEW_Gid(LDAPConfiguration cfg2, String username) throws Throwable
- Throws:
Throwable
-
convertToEntry
protected static GroupElement convertToEntry(Attributes a) throws NamingException
- Throws:
NamingException
-
fromQDL
public void fromQDL(edu.uiuc.ncsa.qdl.variables.QDLStem arg)
- Specified by:
fromQDL
in interfaceClaimSource
- Overrides:
fromQDL
in classBasicClaimsSourceImpl
-
toQDL
public edu.uiuc.ncsa.qdl.variables.QDLStem toQDL()
- Specified by:
toQDL
in interfaceClaimSource
- Overrides:
toQDL
in classBasicClaimsSourceImpl
-
getConfiguration
public ClaimSourceConfiguration getConfiguration()
Lazy initialization since it is assumed that this is needed to populate this from JSON or QDL.- Specified by:
getConfiguration
in interfaceClaimSource
- Overrides:
getConfiguration
in classBasicClaimsSourceImpl
- Returns:
-
-