@Override public void init() { // Check if LDAP is enabled if (!isLDAPEnabled()) { log.info("LDAP login is disabled"); return; } // Create LDAP Security Group if not existing. Used to identify users that // have to be synced with LDAP SecurityGroup ldapGroup = securityManager.findSecurityGroupByName(LDAPConstants.SECURITY_GROUP_LDAP); if (ldapGroup == null) { ldapGroup = securityManager.createAndPersistNamedSecurityGroup(LDAPConstants.SECURITY_GROUP_LDAP); } // check for valid configuration if (!checkConfigParameterIsNotEmpty(ldapUrl)) { return; } if (!checkConfigParameterIsNotEmpty(systemDN)) { return; } if (!checkConfigParameterIsNotEmpty(systemPW)) { return; } if (ldapBases == null || ldapBases.size() == 0) { log.error( "Missing configuration 'ldapBases'. Add at least one LDAP Base to the this configuration in olatextconfig.xml first. Disabling LDAP"); setEnableLDAPLogins(false); return; } if (!checkConfigParameterIsNotEmpty(ldapUserObjectClass)) { return; } if (!checkConfigParameterIsNotEmpty(ldapUserCreatedTimestampAttribute)) { return; } if (!checkConfigParameterIsNotEmpty(ldapUserLastModifiedTimestampAttribute)) { return; } if (userAttrMap == null || userAttrMap.size() == 0) { log.error( "Missing configuration 'userAttrMap'. Add at least the email propery to the this configuration in olatextconfig.xml first. Disabling LDAP"); setEnableLDAPLogins(false); return; } if (reqAttr == null || reqAttr.size() == 0) { log.error( "Missing configuration 'reqAttr'. Add at least the email propery to the this configuration in olatextconfig.xml first. Disabling LDAP"); setEnableLDAPLogins(false); return; } // check if OLAT user properties is defined in olat_userconfig.xml, if not disable the LDAP // module if (!checkIfOlatPropertiesExists(userAttrMap)) { log.error("Invalid LDAP OLAT properties mapping configuration (userAttrMap). Disabling LDAP"); setEnableLDAPLogins(false); return; } if (!checkIfOlatPropertiesExists(reqAttr)) { log.error("Invalid LDAP OLAT properties mapping configuration (reqAttr). Disabling LDAP"); setEnableLDAPLogins(false); return; } if (syncOnlyOnCreateProperties != null && !checkIfStaticOlatPropertiesExists(syncOnlyOnCreateProperties)) { log.error("Invalid LDAP OLAT syncOnlyOnCreateProperties configuration. Disabling LDAP"); setEnableLDAPLogins(false); return; } if (staticUserProperties != null && !checkIfStaticOlatPropertiesExists(staticUserProperties.keySet())) { log.error( "Invalid static OLAT properties configuration (staticUserProperties). Disabling LDAP"); setEnableLDAPLogins(false); return; } // check SSL certifications, throws Startup Exception if certificate is not found if (isSslEnabled()) { if (!checkServerCertValidity(0)) { throw new StartupException( "LDAP enabled but no valid server certificate found. Please fix!"); } if (!checkServerCertValidity(30)) { log.warn("Server Certificate will expire in less than 30 days."); } } // Check ldap connection if (ldapManager.bindSystem() == null) { // don't disable ldap, maybe just a temporary problem, but still report // problem in logfile log.warn( "LDAP connection test failed during module initialization, edit config or contact network administrator"); } // OK, everything finished checkes passed log.info("LDAP login is enabled"); /* * */ // Sync LDAP Users on Startup if (isLdapSyncOnStartup()) { initStartSyncJob(); } else { log.info("LDAP start sync is disabled"); } // Start LDAP cron sync job if (isLdapSyncCronSync()) { initCronSyncJob(); } else { log.info("LDAP cron sync is disabled"); } // OK, everything finished checkes passed log.info("LDAP login is enabled"); }