Updated documentation

James Moger

2013-01-05 9e186eedf1a09ca7ac4fbdea32b00e7e5331f7eb

 src/com/gitblit/LdapUserService.java

@@ -25,6 +25,7 @@
import org.slf4j.Logger;

import org.slf4j.LoggerFactory;



import com.gitblit.Constants.AccountType;

import com.gitblit.models.TeamModel;

import com.gitblit.models.UserModel;

import com.gitblit.utils.ArrayUtils;

@@ -50,9 +51,9 @@
public class LdapUserService extends GitblitUserService {



   public static final Logger logger = LoggerFactory.getLogger(LdapUserService.class);

	
   private IStoredSettings settings;



   private IStoredSettings settings;

	
   public LdapUserService() {

      super();

   }

@@ -155,53 +156,66 @@
   public boolean supportsTeamMembershipChanges() {

      return !settings.getBoolean(Keys.realm.ldap.maintainTeams, false);

   }

	
   @Override

   protected AccountType getAccountType() {

       return AccountType.LDAP;

   }



   @Override

   public UserModel authenticate(String username, char[] password) {

      String simpleUsername = getSimpleUsername(username);

		
      LDAPConnection ldapConnection = getLdapConnection();		
      if (ldapConnection != null) {

         // Find the logging in user's DN

         String accountBase = settings.getString(Keys.realm.ldap.accountBase, "");

         String accountPattern = settings.getString(Keys.realm.ldap.accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))");

         accountPattern = StringUtils.replace(accountPattern, "${username}", escapeLDAPSearchFilter(simpleUsername));



         SearchResult result = doSearch(ldapConnection, accountBase, accountPattern);

         if (result != null && result.getEntryCount() == 1) {

            SearchResultEntry loggingInUser = result.getSearchEntries().get(0);

            String loggingInUserDN = loggingInUser.getDN();

				
            if (isAuthenticated(ldapConnection, loggingInUserDN, new String(password))) {

               logger.debug("LDAP authenticated: " + username);

					
               UserModel user = getUserModel(simpleUsername);

               if (user == null)   // create user object for new authenticated user

                  user = new UserModel(simpleUsername);



               // create a user cookie

               if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {

                  user.cookie = StringUtils.getSHA1(user.username + new String(password));

               }

					
               if (!supportsTeamMembershipChanges())

                  getTeamsFromLdap(ldapConnection, simpleUsername, loggingInUser, user);

					
               // Get User Attributes

               setUserAttributes(user, loggingInUser);



               // Push the ldap looked up values to backing file

               super.updateUserModel(user);

               if (!supportsTeamMembershipChanges()) {

                  for (TeamModel userTeam : user.teams)

                     updateTeamModel(userTeam);

               }

							
               return user;

            }

         }

      if (isLocalAccount(username)) {

         // local account, bypass LDAP authentication

         return super.authenticate(username, password);

      }

      

      String simpleUsername = getSimpleUsername(username);

		
      LDAPConnection ldapConnection = getLdapConnection();

      if (ldapConnection != null) {

         try {

            // Find the logging in user's DN

            String accountBase = settings.getString(Keys.realm.ldap.accountBase, "");

            String accountPattern = settings.getString(Keys.realm.ldap.accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))");

            accountPattern = StringUtils.replace(accountPattern, "${username}", escapeLDAPSearchFilter(simpleUsername));



            SearchResult result = doSearch(ldapConnection, accountBase, accountPattern);

            if (result != null && result.getEntryCount() == 1) {

               SearchResultEntry loggingInUser = result.getSearchEntries().get(0);

               String loggingInUserDN = loggingInUser.getDN();



               if (isAuthenticated(ldapConnection, loggingInUserDN, new String(password))) {

                  logger.debug("LDAP authenticated: " + username);



                  UserModel user = getUserModel(simpleUsername);

                  if (user == null)   // create user object for new authenticated user

                     user = new UserModel(simpleUsername);



                  // create a user cookie

                  if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {

                     user.cookie = StringUtils.getSHA1(user.username + new String(password));

                  }



                  if (!supportsTeamMembershipChanges())

                     getTeamsFromLdap(ldapConnection, simpleUsername, loggingInUser, user);



                  // Get User Attributes

                  setUserAttributes(user, loggingInUser);



                  // Push the ldap looked up values to backing file

                  super.updateUserModel(user);

                  if (!supportsTeamMembershipChanges()) {

                     for (TeamModel userTeam : user.teams)

                        updateTeamModel(userTeam);

                  }



                  return user;

               }

            }

         } finally {

            ldapConnection.close();

         }

      }

      return null;      

   }



@@ -236,7 +250,8 @@
      setAdminAttribute(user);

      

      // Don't want visibility into the real password, make up a dummy

      user.password = "StoredInLDAP";

      user.password = ExternalAccount;

      user.accountType = getAccountType();

      

      // Get full name Attribute

      String displayName = settings.getString(Keys.realm.ldap.displayName, "");