@Override
public LdapEntry[] groupSearch(DirContext dirContext, LdapEntry entry)
throws IOException, NamingException {
SearchControls searchControls =
createSearchControl(recursive, attributeArray); // TODO - Can we create this in
// advance?
Set<LdapEntry> foundEntries = new HashSet<LdapEntry>();
Object[] searchParameter = getSearchParameter(entry);
boolean trace = SECURITY_LOGGER.isTraceEnabled();
if (trace) {
SECURITY_LOGGER.tracef(
"Performing search baseDn=%s, filterString=%s, searchParameter=%s",
baseDn, filterString, Arrays.toString(searchParameter));
}
NamingEnumeration<SearchResult> searchResults =
dirContext.search(baseDn, filterString, searchParameter, searchControls);
if (trace && searchResults.hasMore() == false) {
SECURITY_LOGGER.trace("No search results found.");
}
while (searchResults.hasMore()) {
SearchResult current = searchResults.next();
Attributes attributes = current.getAttributes();
if (attributes != null) {
LdapEntry newEntry = convertToLdapEntry(current, attributes);
SECURITY_LOGGER.tracef("Adding %s", newEntry);
foundEntries.add(newEntry);
} else {
SECURITY_LOGGER.tracef("No attributes found for %s", current);
}
}
return foundEntries.toArray(new LdapEntry[foundEntries.size()]);
}
private GroupToPrincipalSearcher(
final String baseDn,
final String groupDnAttribute,
final String groupNameAttribute,
final String principalAttribute,
final boolean recursive,
final GroupName searchBy) {
this.baseDn = baseDn;
this.groupDnAttribute = groupDnAttribute;
this.groupNameAttribute = groupNameAttribute;
this.attributeArray = createArray(groupDnAttribute, groupNameAttribute);
this.filterString = String.format("(%s={0})", principalAttribute);
this.recursive = recursive;
this.searchBy = searchBy;
if (SECURITY_LOGGER.isTraceEnabled()) {
SECURITY_LOGGER.tracef("GroupToPrincipalSearcher baseDn=%s", baseDn);
SECURITY_LOGGER.tracef("GroupToPrincipalSearcher groupDnAttribute=%s", groupDnAttribute);
SECURITY_LOGGER.tracef(
"GroupToPrincipalSearcher groupNameAttribute=%s", groupNameAttribute);
SECURITY_LOGGER.tracef(
"GroupToPrincipalSearcher attributeArray=%s", Arrays.toString(attributeArray));
SECURITY_LOGGER.tracef("GroupToPrincipalSearcher filterString=%s", filterString);
SECURITY_LOGGER.tracef("GroupToPrincipalSearcher recursive=%b", recursive);
SECURITY_LOGGER.tracef("GroupToPrincipalSearcher searchBy=%s", searchBy);
}
}
private PrincipalToGroupSearcher(final String groupAttribute, final String groupNameAttribute) {
this.groupAttribute = groupAttribute;
this.groupNameAttribute = groupNameAttribute;
if (SECURITY_LOGGER.isTraceEnabled()) {
SECURITY_LOGGER.tracef("PrincipalToGroupSearcher groupAttribute=%s", groupAttribute);
SECURITY_LOGGER.tracef(
"PrincipalToGroupSearcher groupNameAttribute=%s", groupNameAttribute);
}
}
private static SearchControls createSearchControl(
final boolean recursive, final String[] attributes) {
if (SECURITY_LOGGER.isTraceEnabled()) {
SECURITY_LOGGER.tracef(
"createSearchControl recursive=%b, attributes=%s",
recursive, Arrays.toString(attributes));
}
// 2 - Search to identify the DN of the user connecting
SearchControls searchControls = new SearchControls();
if (recursive) {
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
} else {
searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
}
searchControls.setReturningAttributes(attributes);
searchControls.setTimeLimit(searchTimeLimit);
return searchControls;
}
