(Stuart Lewis) - Enable ldap.login.specialgroup special group for all LDAP users

git-svn-id: http://scm.dspace.org/svn/repo/branches/dspace-1_5_x@3146 9c30dcfa-912a-0410-8fc2-9e0234be79fd
2025-10-17 06:53:09 +00:00 · 2008-09-22 09:35:25 +00:00
parent a0722e0f7b
commit 2e31496215
3 changed files with 42 additions and 11 deletions
--- a/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java
+++ b/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java
@@ -60,6 +60,7 @@ import org.dspace.core.ConfigurationManager;
 import org.dspace.core.Context;
 import org.dspace.core.LogManager;
 import org.dspace.eperson.EPerson;
+import org.dspace.eperson.Group;

 /**
 * Authentication module to authenticate against a flat LDAP tree where
@@ -119,10 +120,38 @@ public class LDAPAuthentication
    }

    /*
-     * Nothing here.
+     * Add authenticated users to the group defined in dspace.cfg by
+     * the ldap.login.specialgroup key.
     */
    public int[] getSpecialGroups(Context context, HttpServletRequest request)
    {
+		// Prevents anonymous users from being added to this group, and the second check
+		// ensures they are LDAP users
+		try
+		{
+			if (!context.getCurrentUser().getNetid().equals(""))
+			{
+				String groupName = ConfigurationManager.getProperty("ldap.login.specialgroup");
+				if ((groupName != null) && (!groupName.trim().equals("")))
+				{
+					ldapGroup = Group.findByName(context, groupName);
+					if (ldapGroup == null)
+					{
+						// Oops - the group isn't there.
+						log.warn(LogManager.getHeader(context,
+								"ldap_specialgroup",
+								"Group defined in ldap.login.specialgroup does not exist"));
+						return new int[0];
+					} else
+					{
+						return new int[] { ldapGroup.getID() };
+					}
+				}
+			}
+		}
+		catch (Exception npe) {
+			// The user is not an LDAP user, so we don't need to worry about them
+		}
 		return new int[0];
    }
 	
--- a/dspace/CHANGES
+++ b/dspace/CHANGES
@@ -1,5 +1,6 @@
 (Stuart Lewis)
 - [2057231] Refactor LDAPServlet to use Stackable Authentication
+ - Enable ldap.login.specialgroup special group for all LDAP users

 (Stuart Lewis / Chris Yates / Flavio Botelho / Alex Barbieri / Reuben Pasquini)
 - [2057378] Hierarchical LDAP support
--- a/dspace/config/dspace.cfg
+++ b/dspace/config/dspace.cfg
@@ -426,6 +426,14 @@ ldap.enable = false
 webui.ldap.autoregister = true


+##### LDAP users group #####
+
+# If required, a group name can be given here, and all users who log in
+# to LDAP will automatically become members of this group. This is useful
+# if you want a group made up of all internal authenticated users.
+#ldap.login.specialgroup = group-name
+
+
 ##### Hierarchical LDAP Settings #####

 # If your users are spread out across a hierarchical tree on your
@@ -460,13 +468,6 @@ webui.ldap.autoregister = true
 # to be 'user@example.com
 #ldap.netid_email_domain = @example.com

-##### LDAP users group #####
-
-# If required, a group name can be given here, and all users who log in
-# to LDAP will automatically become members of this group. This is useful
-# if you want a group made up of all internal authenticated users.
-#ldap.login.specialgroup = group-name
-

 #### Proxy Settings ######
 # uncomment and specify both properties if proxy server required