Commit 18665865 authored by Patrick Dowler's avatar Patrick Dowler
Browse files

changed internal getGroup to use search instead of searchEntry

parent ad4fc1e6

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java

+7 −4
Original line number Diff line number Diff line
@@ -1022,8 +1022,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO 
                    new ProxiedAuthorizationV2RequestControl("dn:" + 

                            getSubjectDN().toNormalizedString()));

            

        SearchResultEntry result = 

                getConnection().searchForEntry(searchRequest);

        SearchResult result = getConnection().search(searchRequest);



        if (result == null)

        {
@@ -1031,14 +1030,18 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO 
            logger.debug(msg);

            throw new GroupNotFoundException(groupDN.toNormalizedString());

        }

        if (result.getEntryCount() == 0)

            throw new GroupNotFoundException(groupDN.toString());

        

        if (result.getAttribute("nsaccountlock") != null)

        SearchResultEntry sre = result.getSearchEntries().get(0);

        

        if (sre.getAttribute("nsaccountlock") != null)

        {

            // TODO: logger.error() + throw GroupNotFoundException instead?

            throw new RuntimeException("BUG: found group with nsaccountlock set: " + groupDN.toString());  

        }



        Group g = createGroup(result);

        Group g = createGroup(sre);

        logger.debug("found: " + g.getID());

        return g;

    }