ac2 - Added code to differentiate between an AccessControlException and... (80bdb479) · Commits · OATS-CADC / ac

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java

+22 −4

Original line number	Diff line number	Diff line
		@@ -475,9 +475,10 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
		}

		SearchResultEntry searchResult = null;
		Filter filter = null;
		try
		{
		Filter filter = Filter.createEqualityFilter(searchField, userID.getName());
		filter = Filter.createEqualityFilter(searchField, userID.getName());
		logger.debug("search filter: " + filter);

		SearchRequest searchRequest =
		@@ -497,12 +498,29 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
		LdapDAO.checkLdapResult(e.getResultCode());
		}

		if (searchResult == null)
		{
		// determine if the user is not there of if the calling user
		// doesn't have permission to see it
		SearchRequest searchRequest =
		new SearchRequest(usersDN, SearchScope.ONE, filter, userAttribs);
		try
		{
		searchResult = getReadOnlyConnection().searchForEntry(searchRequest);
		}
		catch (LDAPException e)
		{
		LdapDAO.checkLdapResult(e.getResultCode());
		}

		if (searchResult == null)
		{
		String msg = "User not found " + userID.toString();
		logger.debug(msg);
		throw new UserNotFoundException(msg);
		}
		throw new AccessControlException("Permission denied");
		}

		User<T> user = new User<T>(userID);
		String username = searchResult.getAttributeValue(userLdapAttrib.get(HttpPrincipal.class));