Loading cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +8 −7 Original line number Original line Diff line number Diff line Loading @@ -86,7 +86,6 @@ import javax.security.auth.x500.X500Principal; import org.apache.log4j.Logger; import org.apache.log4j.Logger; import ca.nrc.cadc.ac.AC; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.InternalID; import ca.nrc.cadc.ac.InternalID; import ca.nrc.cadc.ac.PersonalDetails; import ca.nrc.cadc.ac.PersonalDetails; Loading @@ -101,6 +100,7 @@ import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.NumericPrincipal; import ca.nrc.cadc.auth.NumericPrincipal; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.profiler.Profiler; import ca.nrc.cadc.profiler.Profiler; import ca.nrc.cadc.reg.client.LocalAuthority; import ca.nrc.cadc.util.ObjectUtil; import ca.nrc.cadc.util.ObjectUtil; import ca.nrc.cadc.util.StringUtil; import ca.nrc.cadc.util.StringUtil; Loading Loading @@ -140,8 +140,6 @@ public class LdapUserDAO extends LdapDAO private static final Logger logger = Logger.getLogger(LdapUserDAO.class); private static final Logger logger = Logger.getLogger(LdapUserDAO.class); private String internalIdUriPrefix = AC.USER_URI; // Map of identity type to LDAP attribute // Map of identity type to LDAP attribute private final Map<Class<?>, String> userLdapAttrib = new HashMap<Class<?>, String>(); private final Map<Class<?>, String> userLdapAttrib = new HashMap<Class<?>, String>(); Loading Loading @@ -740,7 +738,10 @@ public class LdapUserDAO extends LdapDAO user.getIdentities().add(new DNPrincipal(searchResult.getAttributeValue(LDAP_ENTRYDN))); user.getIdentities().add(new DNPrincipal(searchResult.getAttributeValue(LDAP_ENTRYDN))); // cache memberOf values in the user // cache memberOf values in the user GroupMemberships gms = new GroupMemberships(userID); LocalAuthority localAuthority = new LocalAuthority(); URI gmsServiceURI = localAuthority.getServiceURI("gms"); GroupMemberships gms = new GroupMemberships(gmsServiceURI.toString(), userID); user.appData = gms; // add even if empty user.appData = gms; // add even if empty String[] mems = searchResult.getAttributeValues(LDAP_MEMBEROF); String[] mems = searchResult.getAttributeValues(LDAP_MEMBEROF); if (mems != null && mems.length > 0) if (mems != null && mems.length > 0) Loading Loading @@ -926,8 +927,6 @@ public class LdapUserDAO extends LdapDAO public User modifyUser(final User user) public User modifyUser(final User user) throws UserNotFoundException, TransientException, AccessControlException throws UserNotFoundException, TransientException, AccessControlException { { // Will we always have a HttpPrincipal? User existingUser = getUser(user.getHttpPrincipal()); List<Modification> mods = new ArrayList<Modification>(); List<Modification> mods = new ArrayList<Modification>(); Loading Loading @@ -1282,7 +1281,9 @@ public class LdapUserDAO extends LdapDAO protected InternalID getInternalID(String numericID) protected InternalID getInternalID(String numericID) { { UUID uuid = new UUID(0L, Long.parseLong(numericID)); UUID uuid = new UUID(0L, Long.parseLong(numericID)); String uriString = internalIdUriPrefix + "?" + uuid.toString(); LocalAuthority localAuthority = new LocalAuthority(); URI umsServiceURI = localAuthority.getServiceURI("ums"); String uriString = umsServiceURI.toString() + "?" + uuid.toString(); URI uri; URI uri; try try { { Loading cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java +17 −45 Original line number Original line Diff line number Diff line Loading @@ -121,7 +121,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); userDAO.addUser(user); userDAO.addUser(user); } } finally finally Loading @@ -146,7 +146,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); userDAO.addUserRequest(userRequest); userDAO.addUserRequest(userRequest); } } finally finally Loading Loading @@ -177,7 +177,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.getUser(userID); return userDAO.getUser(userID); } } finally finally Loading Loading @@ -205,7 +205,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { LdapUserDAO userDAO = getLdapUserDao(conns); LdapUserDAO userDAO = new LdapUserDAO(conns); return userDAO.getUserByEmailAddress(emailAddress); return userDAO.getUserByEmailAddress(emailAddress); } } finally finally Loading Loading @@ -234,7 +234,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.getUserRequest(userID); return userDAO.getUserRequest(userID); } } finally finally Loading @@ -243,8 +243,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste } } } } /**<<<<<<< HEAD /** * Get the user specified by userID with all of the users identities. * Get the user specified by userID with all of the users identities. * * * @param userID The userID. * @param userID The userID. Loading @@ -264,7 +263,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste try try { { Profiler profiler = new Profiler(LdapUserPersistence.class); Profiler profiler = new Profiler(LdapUserPersistence.class); userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); profiler.checkpoint("Create LdapUserDAO"); profiler.checkpoint("Create LdapUserDAO"); User user = userDAO.getAugmentedUser(userID); User user = userDAO.getAugmentedUser(userID); profiler.checkpoint("getAugmentedUser"); profiler.checkpoint("getAugmentedUser"); Loading Loading @@ -299,7 +298,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.getUsers(); return userDAO.getUsers(); } } finally finally Loading @@ -323,7 +322,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.getUserRequests(); return userDAO.getUserRequests(); } } finally finally Loading Loading @@ -353,7 +352,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.approveUserRequest(userID); return userDAO.approveUserRequest(userID); } } finally finally Loading Loading @@ -385,7 +384,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.modifyUser(user); return userDAO.modifyUser(user); } } finally finally Loading Loading @@ -415,7 +414,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); userDAO.deleteUser(userID, true); userDAO.deleteUser(userID, true); } } finally finally Loading Loading @@ -444,7 +443,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); userDAO.deleteUser(userID, false); userDAO.deleteUser(userID, false); } } finally finally Loading @@ -471,7 +470,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); userDAO.deleteUserRequest(userID); userDAO.deleteUserRequest(userID); } } finally finally Loading @@ -498,7 +497,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.doLogin(userID, password); return userDAO.doLogin(userID, password); } } finally finally Loading @@ -510,11 +509,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste /** /** * Update a user's password. The given user and authenticating user must match. * Update a user's password. The given user and authenticating user must match. * * <<<<<<< HEAD * @param userID the user. * @param userID the user. ======= * @param userID >>>>>>> efc84b5d25584bd3014fc6cbc820c5acf0d90a2a * @param oldPassword current password. * @param oldPassword current password. * @param newPassword new password. * @param newPassword new password. * @throws UserNotFoundException If the given user does not exist. * @throws UserNotFoundException If the given user does not exist. Loading @@ -532,7 +527,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); if (userDAO.doLogin(userID.getName(), oldPassword)) if (userDAO.doLogin(userID.getName(), oldPassword)) { { // oldPassword is correct // oldPassword is correct Loading @@ -548,11 +543,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste /** /** * Reset a user's password. The given user and authenticating user must match. * Reset a user's password. The given user and authenticating user must match. * * <<<<<<< HEAD * @param userID The user. * @param userID The user. ======= * @param userID >>>>>>> efc84b5d25584bd3014fc6cbc820c5acf0d90a2a * @param newPassword new password. * @param newPassword new password. * @throws UserNotFoundException If the given user does not exist. * @throws UserNotFoundException If the given user does not exist. * @throws TransientException If an temporary, unexpected problem occurred. * @throws TransientException If an temporary, unexpected problem occurred. Loading @@ -569,7 +560,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); User user = getUser(userID); User user = getUser(userID); if (user != null) if (user != null) Loading Loading @@ -613,23 +604,4 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste return false; return false; } } private LdapUserDAO getLdapUserDao(LdapConnections conn) { LdapUserDAO dao = new LdapUserDAO(conn); if (getInternalIdUriPrefix() != null) dao.setInternalIdUriPrefix(getInternalIdUriPrefix()); return dao; } /** * Web services can override this method to change * the user prefix used in the internal ID. * * By default the LdapUserDAO will use AC.USER_URI; */ protected String getInternalIdUriPrefix() { return null; } } } cadcAccessControl/src/ca/nrc/cadc/ac/AC.java +2 −5 Original line number Original line Diff line number Diff line Loading @@ -85,13 +85,10 @@ public class AC // Denotes a group readable by public // Denotes a group readable by public public static final String PROPERTY_PUBLIC = "ivo://ivoa.net/gms#public"; public static final String PROPERTY_PUBLIC = "ivo://ivoa.net/gms#public"; public static final String UMS_SERVICE_URI = "ivo://canfar.net/ums"; public static final String UMS_SERVICE_URI = "ivo://cadc.nrc.ca/ums"; public static final String GMS_SERVICE_URI = "ivo://canfar.net/gms"; public static final String GMS_SERVICE_URI = "ivo://cadc.nrc.ca/gms"; // Group URI attribute once the group name is appended // Group URI attribute once the group name is appended public static final String GROUP_URI = "ivo://cadc.nrc.ca/gms#"; public static final String GROUP_URI = "ivo://cadc.nrc.ca/gms#"; // User URI with appended UUID represents a unique user public static final String USER_URI = "ivo://cadc.nrc.ca/user"; } } cadcAccessControl/src/ca/nrc/cadc/ac/client/GMSClient.java +12 −1 Original line number Original line Diff line number Diff line Loading @@ -133,6 +133,7 @@ public class GMSClient implements TransferListener private RegistryClient registryClient; private RegistryClient registryClient; private URI gmsServiceURI; private URI groupsURI; private URI groupsURI; private URI searchURI; private URI searchURI; Loading @@ -159,6 +160,7 @@ public class GMSClient implements TransferListener try try { { this.gmsServiceURI = serviceURI; this.groupsURI = new URI(serviceURI.toASCIIString() + "#" + GROUPS); this.groupsURI = new URI(serviceURI.toASCIIString() + "#" + GROUPS); this.searchURI = new URI(serviceURI.toASCIIString() + "#" + SEARCH); this.searchURI = new URI(serviceURI.toASCIIString() + "#" + SEARCH); } } Loading Loading @@ -1100,11 +1102,20 @@ public class GMSClient implements TransferListener Set<GroupMemberships> gset = subject.getPrivateCredentials(GroupMemberships.class); Set<GroupMemberships> gset = subject.getPrivateCredentials(GroupMemberships.class); if (gset == null || gset.isEmpty()) if (gset == null || gset.isEmpty()) { { GroupMemberships mems = new GroupMemberships(userID); GroupMemberships mems = new GroupMemberships(gmsServiceURI.toString(), userID); subject.getPrivateCredentials().add(mems); subject.getPrivateCredentials().add(mems); return mems; return mems; } } GroupMemberships mems = gset.iterator().next(); GroupMemberships mems = gset.iterator().next(); // check to ensure they have the same service URI if (!gmsServiceURI.toString().equals(mems.getServiceURI())) { log.debug("Not using cache because of differing service URIs: " + "[" + gmsServiceURI.toString() + "][" + mems.getServiceURI() + "]"); return null; } return mems; return mems; } } return null; // no cache return null; // no cache Loading cadcAccessControl/src/ca/nrc/cadc/ac/client/GroupMemberships.java +21 −13 Original line number Original line Diff line number Diff line Loading @@ -69,16 +69,17 @@ package ca.nrc.cadc.ac.client; package ca.nrc.cadc.ac.client; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.Role; import org.apache.log4j.Logger; import java.security.Principal; import java.security.Principal; import java.util.ArrayList; import java.util.ArrayList; import java.util.HashMap; import java.util.HashMap; import java.util.List; import java.util.List; import java.util.Map; import java.util.Map; import org.apache.log4j.Logger; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.Role; /** /** * Class used to hold list of groups in which a user is known to be a member. * Class used to hold list of groups in which a user is known to be a member. * * Loading @@ -88,14 +89,16 @@ public class GroupMemberships implements Comparable { { private static final Logger log = Logger.getLogger(GroupMemberships.class); private static final Logger log = Logger.getLogger(GroupMemberships.class); private String serviceURI; private Principal userID; private Principal userID; private Map<Role, List<Group>> memberships = new HashMap<Role, List<Group>>(); private Map<Role, List<Group>> memberships = new HashMap<Role, List<Group>>(); private Map<Role, Boolean> complete = new HashMap<Role, Boolean>(); private Map<Role, Boolean> complete = new HashMap<Role, Boolean>(); public GroupMemberships() { init(); } public GroupMemberships() { init(); } public GroupMemberships(Principal userID) public GroupMemberships(String serviceURI, Principal userID) { { this.serviceURI = serviceURI; this.userID = userID; this.userID = userID; init(); init(); } } Loading @@ -105,6 +108,11 @@ public class GroupMemberships implements Comparable return complete.get(role); return complete.get(role); } } public String getServiceURI() { return serviceURI; } public List<Group> getMemberships(Role role) public List<Group> getMemberships(Role role) { { return memberships.get(role); return memberships.get(role); Loading Loading
cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java +8 −7 Original line number Original line Diff line number Diff line Loading @@ -86,7 +86,6 @@ import javax.security.auth.x500.X500Principal; import org.apache.log4j.Logger; import org.apache.log4j.Logger; import ca.nrc.cadc.ac.AC; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.InternalID; import ca.nrc.cadc.ac.InternalID; import ca.nrc.cadc.ac.PersonalDetails; import ca.nrc.cadc.ac.PersonalDetails; Loading @@ -101,6 +100,7 @@ import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.NumericPrincipal; import ca.nrc.cadc.auth.NumericPrincipal; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.profiler.Profiler; import ca.nrc.cadc.profiler.Profiler; import ca.nrc.cadc.reg.client.LocalAuthority; import ca.nrc.cadc.util.ObjectUtil; import ca.nrc.cadc.util.ObjectUtil; import ca.nrc.cadc.util.StringUtil; import ca.nrc.cadc.util.StringUtil; Loading Loading @@ -140,8 +140,6 @@ public class LdapUserDAO extends LdapDAO private static final Logger logger = Logger.getLogger(LdapUserDAO.class); private static final Logger logger = Logger.getLogger(LdapUserDAO.class); private String internalIdUriPrefix = AC.USER_URI; // Map of identity type to LDAP attribute // Map of identity type to LDAP attribute private final Map<Class<?>, String> userLdapAttrib = new HashMap<Class<?>, String>(); private final Map<Class<?>, String> userLdapAttrib = new HashMap<Class<?>, String>(); Loading Loading @@ -740,7 +738,10 @@ public class LdapUserDAO extends LdapDAO user.getIdentities().add(new DNPrincipal(searchResult.getAttributeValue(LDAP_ENTRYDN))); user.getIdentities().add(new DNPrincipal(searchResult.getAttributeValue(LDAP_ENTRYDN))); // cache memberOf values in the user // cache memberOf values in the user GroupMemberships gms = new GroupMemberships(userID); LocalAuthority localAuthority = new LocalAuthority(); URI gmsServiceURI = localAuthority.getServiceURI("gms"); GroupMemberships gms = new GroupMemberships(gmsServiceURI.toString(), userID); user.appData = gms; // add even if empty user.appData = gms; // add even if empty String[] mems = searchResult.getAttributeValues(LDAP_MEMBEROF); String[] mems = searchResult.getAttributeValues(LDAP_MEMBEROF); if (mems != null && mems.length > 0) if (mems != null && mems.length > 0) Loading Loading @@ -926,8 +927,6 @@ public class LdapUserDAO extends LdapDAO public User modifyUser(final User user) public User modifyUser(final User user) throws UserNotFoundException, TransientException, AccessControlException throws UserNotFoundException, TransientException, AccessControlException { { // Will we always have a HttpPrincipal? User existingUser = getUser(user.getHttpPrincipal()); List<Modification> mods = new ArrayList<Modification>(); List<Modification> mods = new ArrayList<Modification>(); Loading Loading @@ -1282,7 +1281,9 @@ public class LdapUserDAO extends LdapDAO protected InternalID getInternalID(String numericID) protected InternalID getInternalID(String numericID) { { UUID uuid = new UUID(0L, Long.parseLong(numericID)); UUID uuid = new UUID(0L, Long.parseLong(numericID)); String uriString = internalIdUriPrefix + "?" + uuid.toString(); LocalAuthority localAuthority = new LocalAuthority(); URI umsServiceURI = localAuthority.getServiceURI("ums"); String uriString = umsServiceURI.toString() + "?" + uuid.toString(); URI uri; URI uri; try try { { Loading
cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java +17 −45 Original line number Original line Diff line number Diff line Loading @@ -121,7 +121,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); userDAO.addUser(user); userDAO.addUser(user); } } finally finally Loading @@ -146,7 +146,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); userDAO.addUserRequest(userRequest); userDAO.addUserRequest(userRequest); } } finally finally Loading Loading @@ -177,7 +177,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.getUser(userID); return userDAO.getUser(userID); } } finally finally Loading Loading @@ -205,7 +205,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { LdapUserDAO userDAO = getLdapUserDao(conns); LdapUserDAO userDAO = new LdapUserDAO(conns); return userDAO.getUserByEmailAddress(emailAddress); return userDAO.getUserByEmailAddress(emailAddress); } } finally finally Loading Loading @@ -234,7 +234,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.getUserRequest(userID); return userDAO.getUserRequest(userID); } } finally finally Loading @@ -243,8 +243,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste } } } } /**<<<<<<< HEAD /** * Get the user specified by userID with all of the users identities. * Get the user specified by userID with all of the users identities. * * * @param userID The userID. * @param userID The userID. Loading @@ -264,7 +263,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste try try { { Profiler profiler = new Profiler(LdapUserPersistence.class); Profiler profiler = new Profiler(LdapUserPersistence.class); userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); profiler.checkpoint("Create LdapUserDAO"); profiler.checkpoint("Create LdapUserDAO"); User user = userDAO.getAugmentedUser(userID); User user = userDAO.getAugmentedUser(userID); profiler.checkpoint("getAugmentedUser"); profiler.checkpoint("getAugmentedUser"); Loading Loading @@ -299,7 +298,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.getUsers(); return userDAO.getUsers(); } } finally finally Loading @@ -323,7 +322,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.getUserRequests(); return userDAO.getUserRequests(); } } finally finally Loading Loading @@ -353,7 +352,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.approveUserRequest(userID); return userDAO.approveUserRequest(userID); } } finally finally Loading Loading @@ -385,7 +384,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.modifyUser(user); return userDAO.modifyUser(user); } } finally finally Loading Loading @@ -415,7 +414,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); userDAO.deleteUser(userID, true); userDAO.deleteUser(userID, true); } } finally finally Loading Loading @@ -444,7 +443,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); userDAO.deleteUser(userID, false); userDAO.deleteUser(userID, false); } } finally finally Loading @@ -471,7 +470,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); userDAO.deleteUserRequest(userID); userDAO.deleteUserRequest(userID); } } finally finally Loading @@ -498,7 +497,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); return userDAO.doLogin(userID, password); return userDAO.doLogin(userID, password); } } finally finally Loading @@ -510,11 +509,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste /** /** * Update a user's password. The given user and authenticating user must match. * Update a user's password. The given user and authenticating user must match. * * <<<<<<< HEAD * @param userID the user. * @param userID the user. ======= * @param userID >>>>>>> efc84b5d25584bd3014fc6cbc820c5acf0d90a2a * @param oldPassword current password. * @param oldPassword current password. * @param newPassword new password. * @param newPassword new password. * @throws UserNotFoundException If the given user does not exist. * @throws UserNotFoundException If the given user does not exist. Loading @@ -532,7 +527,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); if (userDAO.doLogin(userID.getName(), oldPassword)) if (userDAO.doLogin(userID.getName(), oldPassword)) { { // oldPassword is correct // oldPassword is correct Loading @@ -548,11 +543,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste /** /** * Reset a user's password. The given user and authenticating user must match. * Reset a user's password. The given user and authenticating user must match. * * <<<<<<< HEAD * @param userID The user. * @param userID The user. ======= * @param userID >>>>>>> efc84b5d25584bd3014fc6cbc820c5acf0d90a2a * @param newPassword new password. * @param newPassword new password. * @throws UserNotFoundException If the given user does not exist. * @throws UserNotFoundException If the given user does not exist. * @throws TransientException If an temporary, unexpected problem occurred. * @throws TransientException If an temporary, unexpected problem occurred. Loading @@ -569,7 +560,7 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste LdapConnections conns = new LdapConnections(this); LdapConnections conns = new LdapConnections(this); try try { { userDAO = getLdapUserDao(conns); userDAO = new LdapUserDAO(conns); User user = getUser(userID); User user = getUser(userID); if (user != null) if (user != null) Loading Loading @@ -613,23 +604,4 @@ public class LdapUserPersistence extends LdapPersistence implements UserPersiste return false; return false; } } private LdapUserDAO getLdapUserDao(LdapConnections conn) { LdapUserDAO dao = new LdapUserDAO(conn); if (getInternalIdUriPrefix() != null) dao.setInternalIdUriPrefix(getInternalIdUriPrefix()); return dao; } /** * Web services can override this method to change * the user prefix used in the internal ID. * * By default the LdapUserDAO will use AC.USER_URI; */ protected String getInternalIdUriPrefix() { return null; } } }
cadcAccessControl/src/ca/nrc/cadc/ac/AC.java +2 −5 Original line number Original line Diff line number Diff line Loading @@ -85,13 +85,10 @@ public class AC // Denotes a group readable by public // Denotes a group readable by public public static final String PROPERTY_PUBLIC = "ivo://ivoa.net/gms#public"; public static final String PROPERTY_PUBLIC = "ivo://ivoa.net/gms#public"; public static final String UMS_SERVICE_URI = "ivo://canfar.net/ums"; public static final String UMS_SERVICE_URI = "ivo://cadc.nrc.ca/ums"; public static final String GMS_SERVICE_URI = "ivo://canfar.net/gms"; public static final String GMS_SERVICE_URI = "ivo://cadc.nrc.ca/gms"; // Group URI attribute once the group name is appended // Group URI attribute once the group name is appended public static final String GROUP_URI = "ivo://cadc.nrc.ca/gms#"; public static final String GROUP_URI = "ivo://cadc.nrc.ca/gms#"; // User URI with appended UUID represents a unique user public static final String USER_URI = "ivo://cadc.nrc.ca/user"; } }
cadcAccessControl/src/ca/nrc/cadc/ac/client/GMSClient.java +12 −1 Original line number Original line Diff line number Diff line Loading @@ -133,6 +133,7 @@ public class GMSClient implements TransferListener private RegistryClient registryClient; private RegistryClient registryClient; private URI gmsServiceURI; private URI groupsURI; private URI groupsURI; private URI searchURI; private URI searchURI; Loading @@ -159,6 +160,7 @@ public class GMSClient implements TransferListener try try { { this.gmsServiceURI = serviceURI; this.groupsURI = new URI(serviceURI.toASCIIString() + "#" + GROUPS); this.groupsURI = new URI(serviceURI.toASCIIString() + "#" + GROUPS); this.searchURI = new URI(serviceURI.toASCIIString() + "#" + SEARCH); this.searchURI = new URI(serviceURI.toASCIIString() + "#" + SEARCH); } } Loading Loading @@ -1100,11 +1102,20 @@ public class GMSClient implements TransferListener Set<GroupMemberships> gset = subject.getPrivateCredentials(GroupMemberships.class); Set<GroupMemberships> gset = subject.getPrivateCredentials(GroupMemberships.class); if (gset == null || gset.isEmpty()) if (gset == null || gset.isEmpty()) { { GroupMemberships mems = new GroupMemberships(userID); GroupMemberships mems = new GroupMemberships(gmsServiceURI.toString(), userID); subject.getPrivateCredentials().add(mems); subject.getPrivateCredentials().add(mems); return mems; return mems; } } GroupMemberships mems = gset.iterator().next(); GroupMemberships mems = gset.iterator().next(); // check to ensure they have the same service URI if (!gmsServiceURI.toString().equals(mems.getServiceURI())) { log.debug("Not using cache because of differing service URIs: " + "[" + gmsServiceURI.toString() + "][" + mems.getServiceURI() + "]"); return null; } return mems; return mems; } } return null; // no cache return null; // no cache Loading
cadcAccessControl/src/ca/nrc/cadc/ac/client/GroupMemberships.java +21 −13 Original line number Original line Diff line number Diff line Loading @@ -69,16 +69,17 @@ package ca.nrc.cadc.ac.client; package ca.nrc.cadc.ac.client; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.Role; import org.apache.log4j.Logger; import java.security.Principal; import java.security.Principal; import java.util.ArrayList; import java.util.ArrayList; import java.util.HashMap; import java.util.HashMap; import java.util.List; import java.util.List; import java.util.Map; import java.util.Map; import org.apache.log4j.Logger; import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.Role; /** /** * Class used to hold list of groups in which a user is known to be a member. * Class used to hold list of groups in which a user is known to be a member. * * Loading @@ -88,14 +89,16 @@ public class GroupMemberships implements Comparable { { private static final Logger log = Logger.getLogger(GroupMemberships.class); private static final Logger log = Logger.getLogger(GroupMemberships.class); private String serviceURI; private Principal userID; private Principal userID; private Map<Role, List<Group>> memberships = new HashMap<Role, List<Group>>(); private Map<Role, List<Group>> memberships = new HashMap<Role, List<Group>>(); private Map<Role, Boolean> complete = new HashMap<Role, Boolean>(); private Map<Role, Boolean> complete = new HashMap<Role, Boolean>(); public GroupMemberships() { init(); } public GroupMemberships() { init(); } public GroupMemberships(Principal userID) public GroupMemberships(String serviceURI, Principal userID) { { this.serviceURI = serviceURI; this.userID = userID; this.userID = userID; init(); init(); } } Loading @@ -105,6 +108,11 @@ public class GroupMemberships implements Comparable return complete.get(role); return complete.get(role); } } public String getServiceURI() { return serviceURI; } public List<Group> getMemberships(Role role) public List<Group> getMemberships(Role role) { { return memberships.get(role); return memberships.get(role); Loading
