Package org.apache.jackrabbit.oak.spi.security.authentication.external

Examples of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef

336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
                Authorizable auth = userManager.getAuthorizable(id);
                if (auth == null) {
                    return new SyncResultImpl(new SyncedIdentityImpl(id, null, false, -1), SyncResult.Status.NO_SUCH_AUTHORIZABLE);
                }
                // check if we need to deal with this authorizable
                ExternalIdentityRef ref = getIdentityRef(auth);
                if (ref == null || !idp.getName().equals(ref.getProviderName())) {
                    return new SyncResultImpl(new SyncedIdentityImpl(id, null, false, -1), SyncResult.Status.FOREIGN);
                }

                if (auth instanceof Group) {
                    Group group = (Group) auth;
                    ExternalGroup external = idp.getGroup(id);
                    timer.mark("retrieve");
                    if (external == null) {
                        SyncedIdentityImpl syncId = createSyncedIdentity(auth);
                        if (group.getDeclaredMembers().hasNext()) {
                            log.info("won't remove local group with members: {}", id);
                            ret = new SyncResultImpl(syncId, SyncResult.Status.NOP);
                        } else if (!keepMissing) {
                            auth.remove();
                            log.debug("removing authorizable '{}' that no longer exists on IDP {}", id, idp.getName());
                            timer.mark("remove");
                            ret = new SyncResultImpl(syncId, SyncResult.Status.DELETE);
                        } else {
                            ret = new SyncResultImpl(syncId, SyncResult.Status.MISSING);
                            log.info("external identity missing for {}, but purge == false.", id);
                        }
                    } else {
                        ret = syncGroup(external, group);
                        timer.mark("sync");
                    }
                } else {
                    ExternalUser external = idp.getUser(id);
                    timer.mark("retrieve");
                    if (external == null) {
                        SyncedIdentityImpl syncId = createSyncedIdentity(auth);
                        if (!keepMissing) {
                            auth.remove();
                            log.debug("removing authorizable '{}' that no longer exists on IDP {}", id, idp.getName());
                            timer.mark("remove");
                            ret = new SyncResultImpl(syncId, SyncResult.Status.DELETE);
                        } else {
                            ret = new SyncResultImpl(syncId, SyncResult.Status.MISSING);
                            log.info("external identity missing for {}, but purge == false.", id);
                        }
                    } else {
                        ret = syncUser(external, (User) auth);
                        timer.mark("sync");
                    }
                }
                if (log.isDebugEnabled()) {
                    log.debug("sync({}) -> {} {}", id, ref.getString(), timer.getString());
                }
                return ret;
            } catch (RepositoryException e) {
                throw new SyncException(e);
            } catch (ExternalIdentityException e) {
View Full Code Here
748
749
750
751
752
753
754
755
         *
         * @param auth the authorizable.
         * @return {@code true} if same IDP.
         */
        private boolean isSameIDP(@Nullable Authorizable auth) throws RepositoryException {
            ExternalIdentityRef ref = getIdentityRef(auth);
            return ref != null && idp.getName().equals(ref.getProviderName());
        }
View Full Code Here
209
210
211
212
213
214
215
216
217
218
219
        @Nonnull
        public String[] syncExternalUsers(@Nonnull String[] externalIds) {
            List<String> list = new ArrayList<String>();
            context.setForceGroupSync(true).setForceUserSync(true);
            for (String externalId: externalIds) {
                ExternalIdentityRef ref = ExternalIdentityRef.fromString(externalId);
                try {
                    ExternalIdentity id = idp.getIdentity(ref);
                    if (id != null) {
                        SyncResult r = context.sync(id);
                        systemSession.save();
View Full Code Here
484
485
486
487
488
489
490
491
492
493
494
        return result;
    }

    private ExternalUser createUser(Entry e, String id)
            throws LdapInvalidAttributeValueException {
        ExternalIdentityRef ref = new ExternalIdentityRef(e.getDn().getName(), this.getName());
        if (id == null) {
            id = e.get(config.getUserConfig().getIdAttribute()).getString();
        }
        String path = config.getUserConfig().makeDnPath()
                ? createDNPath(e.getDn())
View Full Code Here
503
504
505
506
507
508
509
510
511
512
513
        return user;
    }

    private ExternalGroup createGroup(Entry e, String name)
            throws LdapInvalidAttributeValueException {
        ExternalIdentityRef ref = new ExternalIdentityRef(e.getDn().getName(), this.getName());
        if (name == null) {
            name = e.get(config.getGroupConfig().getIdAttribute()).getString();
        }
        String path = config.getGroupConfig().makeDnPath()
                ? createDNPath(e.getDn())
View Full Code Here
638
639
640
641
642
643
644
645
646
647
648
649
            timer.mark("search");
            while (searchCursor.next()) {
                Response response = searchCursor.get();
                if (response instanceof SearchResultEntry) {
                    Entry resultEntry = ((SearchResultEntry) response).getEntry();
                    ExternalIdentityRef groupRef = new ExternalIdentityRef(resultEntry.getDn().toString(), this.getName());
                    groups.put(groupRef.getId(), groupRef);
                }
            }
            timer.mark("iterate");
            if (log.isDebugEnabled()) {
                log.debug("search below {} with {} found {} entries. {}",
View Full Code Here
679
680
681
682
683
684
685
686
687
688
689
690
            timer.mark("connect");
            Entry entry = connection.lookup(ref.getId());
            timer.mark("lookup");
            Attribute attr = entry.get(config.getGroupMemberAttribute());
            for (Value value: attr) {
                ExternalIdentityRef memberRef = new ExternalIdentityRef(value.getString(), this.getName());
                members.put(memberRef.getId(), memberRef);
            }
            timer.mark("iterate");
            if (log.isDebugEnabled()) {
                log.debug("members lookup of {} found {} members. {}", ref.getId(), members.size(), timer.getString());
            }
View Full Code Here
178
179
180
181
182
183
184
185
186
187
188
     * @return the id
     * @throws RepositoryException if an error occurrs
     */
    @CheckForNull
    private static SyncedIdentityImpl createSyncedIdentity(@Nullable Authorizable auth) throws RepositoryException {
        ExternalIdentityRef ref = auth == null ? null : getIdentityRef(auth);
        if (ref == null) {
            return null;
        } else {
            Value[] lmValues = auth.getProperty(REP_LAST_SYNCED);
            long lastModified = -1;
View Full Code Here
149
150
151
152
153
154
155
156
157
158
    public static final String[] TEST_USER0_GROUPS = {TEST_GROUP1_DN, TEST_GROUP2_DN, TEST_GROUP3_DN};
    public static final String[] TEST_USER1_GROUPS = {TEST_GROUP1_DN};

    @Test
    public void testGetUserByRef() throws Exception {
        ExternalIdentityRef ref = new ExternalIdentityRef(TEST_USER1_DN, IDP_NAME);
        ExternalIdentity id = idp.getIdentity(ref);
        assertTrue("User instance", id instanceof ExternalUser);
        assertEquals("User ID", TEST_USER1_UID, id.getId());
    }
View Full Code Here
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
                Authorizable auth = userManager.getAuthorizable(id);
                if (auth == null) {
                    return new SyncResultImpl(new SyncedIdentityImpl(id, null, false, -1), SyncResult.Status.NO_SUCH_AUTHORIZABLE);
                }
                // check if we need to deal with this authorizable
                ExternalIdentityRef ref = getIdentityRef(auth);
                if (ref == null || !idp.getName().equals(ref.getProviderName())) {
                    return new SyncResultImpl(new SyncedIdentityImpl(id, null, false, -1), SyncResult.Status.FOREIGN);
                }

                if (auth instanceof Group) {
                    Group group = (Group) auth;
                    ExternalGroup external = idp.getGroup(id);
                    timer.mark("retrieve");
                    if (external == null) {
                        SyncedIdentityImpl syncId = createSyncedIdentity(auth);
                        if (group.getDeclaredMembers().hasNext()) {
                            log.info("won't remove local group with members: {}", id);
                            ret = new SyncResultImpl(syncId, SyncResult.Status.NOP);
                        } else if (!keepMissing) {
                            auth.remove();
                            log.debug("removing authorizable '{}' that no longer exists on IDP {}", id, idp.getName());
                            timer.mark("remove");
                            ret = new SyncResultImpl(syncId, SyncResult.Status.DELETE);
                        } else {
                            ret = new SyncResultImpl(syncId, SyncResult.Status.MISSING);
                            log.info("external identity missing for {}, but purge == false.", id);
                        }
                    } else {
                        ret = syncGroup(external, group);
                        timer.mark("sync");
                    }
                } else {
                    ExternalUser external = idp.getUser(id);
                    timer.mark("retrieve");
                    if (external == null) {
                        SyncedIdentityImpl syncId = createSyncedIdentity(auth);
                        if (!keepMissing) {
                            auth.remove();
                            log.debug("removing authorizable '{}' that no longer exists on IDP {}", id, idp.getName());
                            timer.mark("remove");
                            ret = new SyncResultImpl(syncId, SyncResult.Status.DELETE);
                        } else {
                            ret = new SyncResultImpl(syncId, SyncResult.Status.MISSING);
                            log.info("external identity missing for {}, but purge == false.", id);
                        }
                    } else {
                        ret = syncUser(external, (User) auth);
                        timer.mark("sync");
                    }
                }
                if (log.isDebugEnabled()) {
                    log.debug("sync({}) -> {} {}", id, ref.getString(), timer.getString());
                }
                return ret;
            } catch (RepositoryException e) {
                throw new SyncException(e);
            } catch (ExternalIdentityException e) {
View Full Code Here
TOP

Related Classes of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef

  • org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider
  • org.apache.jackrabbit.oak.security.authentication.ldap.LdapProviderTest
  • org.apache.jackrabbit.oak.spi.security.authentication.external.impl.DefaultSyncHandler
  • org.apache.jackrabbit.oak.spi.security.authentication.external.impl.DefaultSyncHandler$ContextImpl
  • org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.SyncMBeanImpl$Delegatee
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.