Package edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims

Class LDAPClaimsSource

java.lang.Object

edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.BasicClaimsSourceImpl

edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.LDAPClaimsSource

All Implemented Interfaces:

ClaimSource, edu.uiuc.ncsa.security.core.Logable, Serializable

Direct Known Subclasses:

NCSALDAPClaimSource

public class LDAPClaimsSource
extends BasicClaimsSourceImpl
implements edu.uiuc.ncsa.security.core.Logable

Created by Jeff Gaynor
on 4/26/16 at 3:32 PM

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
protected LdapContext	context
protected boolean	loggingEnabled

Fields inherited from class edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.BasicClaimsSourceImpl

groupHandler

Constructor Summary

Constructors

Constructor	Description
LDAPClaimsSource()
LDAPClaimsSource(OA2SE oa2SE)
LDAPClaimsSource(LDAPConfiguration ldapConfiguration, edu.uiuc.ncsa.security.core.util.MyLoggingFacade myLogger)
LDAPClaimsSource(edu.uiuc.ncsa.qdl.variables.QDLStem stem)
LDAPClaimsSource(edu.uiuc.ncsa.qdl.variables.QDLStem stem, OA2SE oa2SE)

Method Summary

Modifier and Type	Method	Description
protected void	closeConnection()
protected static GroupElement	convertToEntry(Attributes a)
LdapContext	createConnection(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
Hashtable<String,String>	createEnv(String host, LDAPConfiguration cfg)
void	debug(String x)
void	error(String x)
void	error(String x, Throwable e)
void	fromQDL(edu.uiuc.ncsa.qdl.variables.QDLStem arg)
static Groups	get_NEW_Gid(LDAPConfiguration cfg2, String username)
Collection<String>	getClaims()	returns a (unique) collection of claims.
ClaimSourceConfiguration	getConfiguration()	Lazy initialization since it is assumed that this is needed to populate this from JSON or QDL.
LDAPConfiguration	getLDAPCfg()	Convenience to cast the configuration to the right class.
protected edu.uiuc.ncsa.security.core.util.MyLoggingFacade	getMyLogger()
protected String	getSearchFilterAttribute(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
String	getSearchName(net.sf.json.JSONObject claims, javax.servlet.http.HttpServletRequest request, ServiceTransaction transaction)	Returns the name of the user for whom the search is to be run.
void	handleException(Throwable throwable, edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
void	info(String x)
boolean	isDebugOn()
boolean	isEnabled()
protected boolean	isLoggedOn()
protected boolean	isNCSA()
void	logon(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugUtil)
protected Groups	processNCSAGroups()
protected net.sf.json.JSONObject	realProcessing(net.sf.json.JSONObject claims, javax.servlet.http.HttpServletRequest request, ServiceTransaction transaction)	This is the actual place to put your code that only processes the claim source.
protected void	sayit(String x)
void	setDebugOn(boolean setOn)
net.sf.json.JSONObject	simpleSearch(LdapContext ctx, String userID, Map<String,LDAPConfigurationUtil.AttributeEntry> attributes, edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
protected net.sf.json.JSONObject	toJSON(Map<String,LDAPConfigurationUtil.AttributeEntry> attributes, NamingEnumeration e, String userName)	This takes the result of the search as a NamingEnumeration and set of attributes (from the configuration file) and returns a JSON object.
edu.uiuc.ncsa.qdl.variables.QDLStem	toQDL()
String	toString()
void	warn(String x)

Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.BasicClaimsSourceImpl

getGroupHandler, getOa2SE, getOmitList, getPostProcessor, getPreProcessor, getScopes, hasConfiguration, hasJSONPostProcessor, hasJSONPreProcessor, isRunAtAuthorization, process, process, setConfiguration, setGroupHandler, setOa2SE, setOmitList, setScopes

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

loggingEnabled

protected boolean loggingEnabled

context

protected transient LdapContext context

Constructor Detail

LDAPClaimsSource

public LDAPClaimsSource()

LDAPClaimsSource

public LDAPClaimsSource(edu.uiuc.ncsa.qdl.variables.QDLStem stem)

LDAPClaimsSource

public LDAPClaimsSource(edu.uiuc.ncsa.qdl.variables.QDLStem stem,
                        OA2SE oa2SE)

LDAPClaimsSource

public LDAPClaimsSource(LDAPConfiguration ldapConfiguration,
                        edu.uiuc.ncsa.security.core.util.MyLoggingFacade myLogger)

LDAPClaimsSource

public LDAPClaimsSource(OA2SE oa2SE)

Method Detail

getSearchName

public String getSearchName(net.sf.json.JSONObject claims,
                            javax.servlet.http.HttpServletRequest request,
                            ServiceTransaction transaction)

Returns the name of the user for whom the search is to be run. The default is to return the name the user used to log in to MyProxy. Otherwise, this takes a key for the user information and returns the value it finds there. Note that if you specify an email, the whole email will be returned. Otherwise, the name will be truncated at the "@" sign (e.g. like an eppn).

Parameters:

claims -

request -

transaction -

Returns:

isNCSA

protected boolean isNCSA()

getMyLogger

protected edu.uiuc.ncsa.security.core.util.MyLoggingFacade getMyLogger()

handleException

public void handleException(Throwable throwable,
                            edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)

processNCSAGroups

protected Groups processNCSAGroups()

isEnabled

public boolean isEnabled()

Specified by:

isEnabled in interface ClaimSource

Overrides:

isEnabled in class BasicClaimsSourceImpl

realProcessing

protected net.sf.json.JSONObject realProcessing(net.sf.json.JSONObject claims,
                                                javax.servlet.http.HttpServletRequest request,
                                                ServiceTransaction transaction)
                                         throws UnsupportedScopeException

Description copied from class: BasicClaimsSourceImpl

This is the actual place to put your code that only processes the claim source. The BasicClaimsSourceImpl.process(JSONObject, HttpServletRequest, ServiceTransaction) calls wrap this and invoke the pre/post processor for you. Your code should take whatever metadata is for the user and add it to the claims object.

Overrides:

realProcessing in class BasicClaimsSourceImpl

Returns:

Throws:

UnsupportedScopeException

isLoggedOn

protected boolean isLoggedOn()

getLDAPCfg

public LDAPConfiguration getLDAPCfg()

Convenience to cast the configuration to the right class.

Returns:

logon

public void logon(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugUtil)

createEnv

public Hashtable<String,String> createEnv(String host,
                                                LDAPConfiguration cfg)

createConnection

public LdapContext createConnection(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)

getClaims

public Collection<String> getClaims()

Description copied from class: BasicClaimsSourceImpl

returns a (unique) collection of claims.

Specified by:

getClaims in interface ClaimSource

Overrides:

getClaims in class BasicClaimsSourceImpl

Returns:

getSearchFilterAttribute

protected String getSearchFilterAttribute(edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)

simpleSearch

public net.sf.json.JSONObject simpleSearch(LdapContext ctx,
                                           String userID,
                                           Map<String,LDAPConfigurationUtil.AttributeEntry> attributes,
                                           edu.uiuc.ncsa.security.core.util.MetaDebugUtil debugger)
                                    throws NamingException

Throws:

NamingException

toJSON

protected net.sf.json.JSONObject toJSON(Map<String,LDAPConfigurationUtil.AttributeEntry> attributes,
                                        NamingEnumeration e,
                                        String userName)
                                 throws NamingException

This takes the result of the search as a NamingEnumeration and set of attributes (from the configuration file) and returns a JSON object. The default is that singletons are returned as simple values while lists are recorded as arrays.

Parameters:

attributes -

e -

Returns:

Throws:

NamingException

closeConnection

protected void closeConnection()

sayit

protected void sayit(String x)

debug

public void debug(String x)

Specified by:

debug in interface edu.uiuc.ncsa.security.core.Logable

isDebugOn

public boolean isDebugOn()

Specified by:

isDebugOn in interface edu.uiuc.ncsa.security.core.Logable

setDebugOn

public void setDebugOn(boolean setOn)

Specified by:

setDebugOn in interface edu.uiuc.ncsa.security.core.Logable

info

public void info(String x)

Specified by:

info in interface edu.uiuc.ncsa.security.core.Logable

warn

public void warn(String x)

Specified by:

warn in interface edu.uiuc.ncsa.security.core.Logable

error

public void error(String x,
                  Throwable e)

error

public void error(String x)

Specified by:

error in interface edu.uiuc.ncsa.security.core.Logable

toString

public String toString()

Overrides:

toString in class Object

get_NEW_Gid

public static Groups get_NEW_Gid(LDAPConfiguration cfg2,
                                 String username)
                          throws Throwable

Throws:

Throwable

convertToEntry

protected static GroupElement convertToEntry(Attributes a)
                                      throws NamingException

Throws:

NamingException

fromQDL

public void fromQDL(edu.uiuc.ncsa.qdl.variables.QDLStem arg)

Specified by:

fromQDL in interface ClaimSource

Overrides:

fromQDL in class BasicClaimsSourceImpl

toQDL

public edu.uiuc.ncsa.qdl.variables.QDLStem toQDL()

Specified by:

toQDL in interface ClaimSource

Overrides:

toQDL in class BasicClaimsSourceImpl

getConfiguration

public ClaimSourceConfiguration getConfiguration()

Lazy initialization since it is assumed that this is needed to populate this from JSON or QDL.

Specified by:

getConfiguration in interface ClaimSource

Overrides:

getConfiguration in class BasicClaimsSourceImpl

Returns: