hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-14 21:43:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8814 from ubks-mp/DSpace-7.5

Browse Source 
LDAP Auth extended for many groups
This commit is contained in:
Tim Donohue
2023-05-08 16:44:40 -05:00
committed by GitHub
parent 568a733d5e c919df81fb
commit a2256ef8ec
1 changed files with 59 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java
View File

@@ -11,9 +11,11 @@ import static org.dspace.eperson.service.EPersonService.MD_PHONE;
import java.io.IOException; import java.io.IOException;
import java.sql.SQLException; import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collections; import java.util.Collections;
import java.util.Hashtable; import java.util.Hashtable;
import java.util.Iterator;
import java.util.List; import java.util.List;
import javax.naming.NamingEnumeration; import javax.naming.NamingEnumeration;
import javax.naming.NamingException; import javax.naming.NamingException;
@@ -64,6 +66,7 @@ import org.dspace.services.factory.DSpaceServicesFactory;
* @author Reuben Pasquini * @author Reuben Pasquini
* @author Samuel Ottenhoff * @author Samuel Ottenhoff
* @author Ivan Masár * @author Ivan Masár
* @author Michael Plate
*/ */
public class LDAPAuthentication public class LDAPAuthentication
implements AuthenticationMethod { implements AuthenticationMethod {
@@ -391,7 +394,7 @@ public class LDAPAuthentication
protected String ldapGivenName = null; protected String ldapGivenName = null;
protected String ldapSurname = null; protected String ldapSurname = null;
protected String ldapPhone = null; protected String ldapPhone = null;
protected String ldapGroup = null; protected ArrayList<String> ldapGroup = null;
/** /**
* LDAP settings * LDAP settings
@@ -406,9 +409,9 @@ public class LDAPAuthentication
final String ldap_surname_field; final String ldap_surname_field;
final String ldap_phone_field; final String ldap_phone_field;
final String ldap_group_field; final String ldap_group_field;
final boolean useTLS; final boolean useTLS;
SpeakerToLDAP(Logger thelog) { SpeakerToLDAP(Logger thelog) {
ConfigurationService configurationService ConfigurationService configurationService
= DSpaceServicesFactory.getInstance().getConfigurationService(); = DSpaceServicesFactory.getInstance().getConfigurationService();
@@ -547,7 +550,11 @@ public class LDAPAuthentication
if (attlist[4] != null) { if (attlist[4] != null) {
att = atts.get(attlist[4]); att = atts.get(attlist[4]);
if (att != null) { if (att != null) {
ldapGroup = (String) att.get(); // loop through all groups returned by LDAP
ldapGroup = new ArrayList<String>();
for (NamingEnumeration val = att.getAll(); val.hasMoreElements(); ) {
ldapGroup.add((String) val.next());
}
} }
} }
@@ -693,24 +700,44 @@ public class LDAPAuthentication
/* /*
* Add authenticated users to the group defined in dspace.cfg by * Add authenticated users to the group defined in dspace.cfg by
* the authentication-ldap.login.groupmap.* key. * the authentication-ldap.login.groupmap.* key.
*
* @param dn
* The string containing distinguished name of the user
*
* @param group
* List of strings with LDAP dn of groups
*
* @param context
* DSpace context
*/ */
private void assignGroups(String dn, String group, Context context) { private void assignGroups(String dn, ArrayList<String> group, Context context) {
if (StringUtils.isNotBlank(dn)) { if (StringUtils.isNotBlank(dn)) {
System.out.println("dn:" + dn); System.out.println("dn:" + dn);
int i = 1; int i = 1;
String groupMap = configurationService.getProperty("authentication-ldap.login.groupmap." + i); String groupMap = configurationService.getProperty("authentication-ldap.login.groupmap." + i);
boolean cmp; boolean cmp;
// groupmap contains the mapping of LDAP groups to DSpace groups
// outer loop with the DSpace groups
while (groupMap != null) { while (groupMap != null) {
String t[] = groupMap.split(":"); String t[] = groupMap.split(":");
String ldapSearchString = t[0]; String ldapSearchString = t[0];
String dspaceGroupName = t[1]; String dspaceGroupName = t[1];
if (group == null) { // list of strings with dn from LDAP groups
// inner loop
Iterator<String> groupIterator = group.iterator();
while (groupIterator.hasNext()) {
// save the current entry from iterator for further use
String currentGroup = groupIterator.next();
// very much the old code from DSpace <= 7.5
if (currentGroup == null) {
cmp = StringUtils.containsIgnoreCase(dn, ldapSearchString + ","); cmp = StringUtils.containsIgnoreCase(dn, ldapSearchString + ",");
} else { } else {
cmp = StringUtils.equalsIgnoreCase(group, ldapSearchString); cmp = StringUtils.equalsIgnoreCase(currentGroup, ldapSearchString);
} }
if (cmp) { if (cmp) {
@@ -737,6 +764,7 @@ public class LDAPAuthentication
dspaceGroupName)); dspaceGroupName));
} }
} }
}
groupMap = configurationService.getProperty("authentication-ldap.login.groupmap." + ++i); groupMap = configurationService.getProperty("authentication-ldap.login.groupmap." + ++i);
} }