githubFork/gitblit.git - Solinfo Gitblit

File was renamed from src/main/java/com/gitblit/LdapUserService.java
			@@ -14,9 +14,8 @@
			* See the License for the specific language governing permissions and
			* limitations under the License.
			*/
			package com.gitblit;
			package com.gitblit.auth;

			import java.io.File;
			import java.net.URI;
			import java.net.URISyntaxException;
			import java.security.GeneralSecurityException;
			@@ -27,11 +26,10 @@
			import java.util.concurrent.TimeUnit;
			import java.util.concurrent.atomic.AtomicLong;

			import org.slf4j.Logger;
			import org.slf4j.LoggerFactory;

			import com.gitblit.Constants;
			import com.gitblit.Constants.AccountType;
			import com.gitblit.manager.IRuntimeManager;
			import com.gitblit.Keys;
			import com.gitblit.auth.AuthenticationProvider.UsernamePasswordAuthenticationProvider;
			import com.gitblit.models.TeamModel;
			import com.gitblit.models.UserModel;
			import com.gitblit.utils.ArrayUtils;
			@@ -57,15 +55,12 @@
			*
			* @author John Crygier
			*/
			public class LdapUserService extends GitblitUserService {
			public class LdapAuthProvider extends UsernamePasswordAuthenticationProvider {

			public static final Logger logger = LoggerFactory.getLogger(LdapUserService.class);

			private IStoredSettings settings;
			private AtomicLong lastLdapUserSync = new AtomicLong(0L);

			public LdapUserService() {
			super();
			public LdapAuthProvider() {
			super("ldap");
			}

			private long getSynchronizationPeriod() {
			@@ -81,14 +76,7 @@
			}

			@Override
			public void setup(IRuntimeManager runtimeManager) {
			this.settings = runtimeManager.getSettings();
			String file = settings.getString(Keys.realm.ldap.backingUserService, "${baseFolder}/users.conf");
			File realmFile = runtimeManager.getFileOrFolder(file);

			serviceImpl = createUserService(realmFile);
			logger.info("LDAP User Service backed by " + serviceImpl.toString());

			public void setup() {
			synchronizeLdapUsers();
			}

			@@ -115,13 +103,14 @@
			final String username = loggingInUser.getAttribute(uidAttribute).getValue();
			logger.debug("LDAP synchronizing: " + username);

			UserModel user = getUserModel(username);
			UserModel user = userManager.getUserModel(username);
			if (user == null) {
			user = new UserModel(username);
			}

			if (!supportsTeamMembershipChanges())
			if (!supportsTeamMembershipChanges()) {
			getTeamsFromLdap(ldapConnection, username, loggingInUser, user);
			}

			// Get User Attributes
			setUserAttributes(user, loggingInUser);
			@@ -133,17 +122,17 @@
			if (deleteRemovedLdapUsers) {
			logger.debug("detecting removed LDAP users...");

			for (UserModel userModel : super.getAllUsers()) {
			for (UserModel userModel : userManager.getAllUsers()) {
			if (Constants.EXTERNAL_ACCOUNT.equals(userModel.password)) {
			if (! ldapUsers.containsKey(userModel.username)) {
			logger.info("deleting removed LDAP user " + userModel.username + " from backing user service");
			super.deleteUser(userModel.username);
			logger.info("deleting removed LDAP user " + userModel.username + " from user service");
			userManager.deleteUser(userModel.username);
			}
			}
			}
			}

			super.updateUserModels(ldapUsers.values());
			userManager.updateUserModels(ldapUsers.values());

			if (!supportsTeamMembershipChanges()) {
			final Map<String, TeamModel> userTeams = new HashMap<String, TeamModel>();
			@@ -152,7 +141,7 @@
			userTeams.put(userTeam.name, userTeam);
			}
			}
			updateTeamModels(userTeams.values());
			userManager.updateTeamModels(userTeams.values());
			}
			}
			lastLdapUserSync.set(System.currentTimeMillis());
			@@ -175,10 +164,12 @@


			LDAPConnection conn;
			if (ldapUrl.getScheme().equalsIgnoreCase("ldaps")) { // SSL
			if (ldapUrl.getScheme().equalsIgnoreCase("ldaps")) {
			// SSL
			SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
			conn = new LDAPConnection(sslUtil.createSSLSocketFactory());
			} else if (ldapUrl.getScheme().equalsIgnoreCase("ldap") \|\| ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) { // no encryption or StartTLS
			} else if (ldapUrl.getScheme().equalsIgnoreCase("ldap") \|\| ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
			// no encryption or StartTLS
			conn = new LDAPConnection();
			} else {
			logger.error("Unsupported LDAP URL scheme: " + ldapUrl.getScheme());
			@@ -268,11 +259,6 @@

			@Override
			public UserModel authenticate(String username, char[] password) {
			if (isLocalAccount(username)) {
			// local account, bypass LDAP authentication
			return super.authenticate(username, password);
			}

			String simpleUsername = getSimpleUsername(username);

			LDAPConnection ldapConnection = getLdapConnection();
			@@ -293,7 +279,7 @@

			UserModel user = null;
			synchronized (this) {
			user = getUserModel(simpleUsername);
			user = userManager.getUserModel(simpleUsername);
			if (user == null) // create user object for new authenticated user
			user = new UserModel(simpleUsername);

			@@ -309,10 +295,11 @@
			setUserAttributes(user, loggingInUser);

			// Push the ldap looked up values to backing file
			super.updateUserModel(user);
			updateUser(user);

			if (!supportsTeamMembershipChanges()) {
			for (TeamModel userTeam : user.teams)
			updateTeamModel(userTeam);
			updateTeam(userTeam);
			}
			}

			@@ -405,8 +392,9 @@
			groupMemberPattern = StringUtils.replace(groupMemberPattern, "${username}", escapeLDAPSearchFilter(simpleUsername));

			// Fill in attributes into groupMemberPattern
			for (Attribute userAttribute : loggingInUser.getAttributes())
			for (Attribute userAttribute : loggingInUser.getAttributes()) {
			groupMemberPattern = StringUtils.replace(groupMemberPattern, "${" + userAttribute.getName() + "}", escapeLDAPSearchFilter(userAttribute.getValue()));
			}

			SearchResult teamMembershipResult = doSearch(ldapConnection, groupBase, true, groupMemberPattern, Arrays.asList("cn"));
			if (teamMembershipResult != null && teamMembershipResult.getEntryCount() > 0) {
			@@ -414,9 +402,10 @@
			SearchResultEntry teamEntry = teamMembershipResult.getSearchEntries().get(i);
			String teamName = teamEntry.getAttribute("cn").getValue();

			TeamModel teamModel = getTeamModel(teamName);
			if (teamModel == null)
			TeamModel teamModel = userManager.getTeamModel(teamName);
			if (teamModel == null) {
			teamModel = createTeamFromLdap(teamEntry);
			}

			user.teams.add(teamModel);
			teamModel.addUser(user.getName());
			@@ -426,6 +415,7 @@

			private TeamModel createTeamFromLdap(SearchResultEntry teamEntry) {
			TeamModel answer = new TeamModel(teamEntry.getAttributeValue("cn"));
			answer.accountType = getAccountType();
			// potentially retrieve other attributes here in the future

			return answer;
			@@ -471,18 +461,6 @@
			logger.error("Error authenticating user", e);
			return false;
			}
			}

			@Override
			public List<String> getAllUsernames() {
			synchronizeLdapUsers();
			return super.getAllUsernames();
			}

			@Override
			public List<UserModel> getAllUsers() {
			synchronizeLdapUsers();
			return super.getAllUsers();
			}

			/**