001
014
015 package com.liferay.portal.security.ldap;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.PropsKeys;
020 import com.liferay.portal.model.Contact;
021 import com.liferay.portal.model.User;
022 import com.liferay.portal.model.UserGroup;
023 import com.liferay.portal.security.auth.AuthSettingsUtil;
024 import com.liferay.portal.service.UserGroupLocalServiceUtil;
025 import com.liferay.portal.service.UserLocalServiceUtil;
026 import com.liferay.portal.util.PrefsPropsUtil;
027
028 import java.io.Serializable;
029
030 import java.util.List;
031 import java.util.Map;
032 import java.util.Properties;
033
034 import javax.naming.Binding;
035 import javax.naming.CompositeName;
036 import javax.naming.Name;
037 import javax.naming.NameNotFoundException;
038 import javax.naming.directory.Attributes;
039 import javax.naming.directory.ModificationItem;
040 import javax.naming.ldap.LdapContext;
041
042
048 public class PortalLDAPExporterImpl implements PortalLDAPExporter {
049
050 public void exportToLDAP(
051 Contact contact, Map<String, Serializable> contactExpandoAttributes)
052 throws Exception {
053
054 long companyId = contact.getCompanyId();
055
056 if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId) ||
057 !LDAPSettingsUtil.isExportEnabled(companyId)) {
058
059 return;
060 }
061
062 User user = UserLocalServiceUtil.getUserByContactId(
063 contact.getContactId());
064
065 long ldapServerId = PortalLDAPUtil.getLdapServerId(
066 companyId, user.getScreenName(), user.getEmailAddress());
067
068 LdapContext ldapContext = PortalLDAPUtil.getContext(
069 ldapServerId, companyId);
070
071 try {
072 if (ldapContext == null) {
073 return;
074 }
075
076 Properties contactMappings = LDAPSettingsUtil.getContactMappings(
077 ldapServerId, companyId);
078 Properties contactExpandoMappings =
079 LDAPSettingsUtil.getContactExpandoMappings(
080 ldapServerId, companyId);
081
082 Binding binding = PortalLDAPUtil.getUser(
083 ldapServerId, contact.getCompanyId(), user.getScreenName(),
084 user.getEmailAddress());
085
086 if (binding == null) {
087 Properties userMappings = LDAPSettingsUtil.getUserMappings(
088 ldapServerId, companyId);
089
090 binding = addUser(
091 ldapServerId, ldapContext, user, userMappings);
092 }
093
094 Name name = new CompositeName();
095
096 name.add(
097 PortalLDAPUtil.getNameInNamespace(
098 ldapServerId, companyId, binding));
099
100 Modifications modifications =
101 _portalToLDAPConverter.getLDAPContactModifications(
102 contact, contactExpandoAttributes, contactMappings,
103 contactExpandoMappings);
104
105 if (modifications == null) {
106 return;
107 }
108
109 ModificationItem[] modificationItems = modifications.getItems();
110
111 ldapContext.modifyAttributes(name, modificationItems);
112 }
113 catch (Exception e) {
114 throw e;
115 }
116 finally {
117 if (ldapContext != null) {
118 ldapContext.close();
119 }
120 }
121 }
122
123 public void exportToLDAP(long userId, long userGroupId) throws Exception {
124 User user = UserLocalServiceUtil.getUser(userId);
125
126 long companyId = user.getCompanyId();
127
128 if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId) ||
129 !LDAPSettingsUtil.isExportEnabled(companyId) ||
130 !LDAPSettingsUtil.isExportGroupEnabled(companyId)) {
131
132 return;
133 }
134
135 long ldapServerId = PortalLDAPUtil.getLdapServerId(
136 companyId, user.getScreenName(), user.getEmailAddress());
137
138 LdapContext ldapContext = PortalLDAPUtil.getContext(
139 ldapServerId, companyId);
140
141 try {
142 if (ldapContext == null) {
143 return;
144 }
145
146 UserGroup userGroup = UserGroupLocalServiceUtil.getUserGroup(
147 userGroupId);
148
149 Properties groupMappings = LDAPSettingsUtil.getGroupMappings(
150 ldapServerId, companyId);
151
152 Properties userMappings = LDAPSettingsUtil.getUserMappings(
153 ldapServerId, companyId);
154
155 Binding binding = PortalLDAPUtil.getGroup(
156 ldapServerId, companyId, userGroup.getName());
157
158 if (binding == null) {
159 addGroup(
160 ldapServerId, ldapContext, userGroup, user, groupMappings,
161 userMappings);
162
163 return;
164 }
165
166 Name name = new CompositeName();
167
168 name.add(
169 PortalLDAPUtil.getNameInNamespace(
170 ldapServerId, companyId, binding));
171
172 Modifications modifications =
173 _portalToLDAPConverter.getLDAPGroupModifications(
174 ldapServerId, userGroup, user, groupMappings, userMappings);
175
176 ModificationItem[] modificationItems = modifications.getItems();
177
178 ldapContext.modifyAttributes(name, modificationItems);
179 }
180 catch (Exception e) {
181 _log.error(e, e);
182 }
183 finally {
184 if (ldapContext != null) {
185 ldapContext.close();
186 }
187 }
188 }
189
190 public void exportToLDAP(
191 User user, Map<String, Serializable> userExpandoAttributes)
192 throws Exception {
193
194 long companyId = user.getCompanyId();
195
196 if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId) ||
197 !LDAPSettingsUtil.isExportEnabled(companyId)) {
198
199 return;
200 }
201
202 long ldapServerId = PortalLDAPUtil.getLdapServerId(
203 companyId, user.getScreenName(), user.getEmailAddress());
204
205 LdapContext ldapContext = PortalLDAPUtil.getContext(
206 ldapServerId, companyId);
207
208 try {
209 if (ldapContext == null) {
210 return;
211 }
212
213 Properties userMappings = LDAPSettingsUtil.getUserMappings(
214 ldapServerId, companyId);
215 Properties userExpandoMappings =
216 LDAPSettingsUtil.getUserExpandoMappings(
217 ldapServerId, companyId);
218
219 Binding binding = PortalLDAPUtil.getUser(
220 ldapServerId, user.getCompanyId(), user.getScreenName(),
221 user.getEmailAddress());
222
223 if (binding == null) {
224 binding = addUser(
225 ldapServerId, ldapContext, user, userMappings);
226 }
227
228 Name name = new CompositeName();
229
230 name.add(
231 PortalLDAPUtil.getNameInNamespace(
232 ldapServerId, companyId, binding));
233
234 Modifications modifications =
235 _portalToLDAPConverter.getLDAPUserModifications(
236 user, userExpandoAttributes, userMappings,
237 userExpandoMappings);
238
239 if (modifications == null) {
240 return;
241 }
242
243 ModificationItem[] modificationItems = modifications.getItems();
244
245 ldapContext.modifyAttributes(name, modificationItems);
246
247 if (!LDAPSettingsUtil.isExportGroupEnabled(companyId)) {
248 return;
249 }
250
251 List<UserGroup> userGroups =
252 UserGroupLocalServiceUtil.getUserUserGroups(user.getUserId());
253
254 for (UserGroup userGroup : userGroups) {
255 exportToLDAP(user.getUserId(), userGroup.getUserGroupId());
256 }
257
258 Modifications groupModifications =
259 _portalToLDAPConverter.getLDAPUserGroupModifications(
260 ldapServerId, userGroups, user, userMappings);
261
262 ModificationItem[] groupModificationItems =
263 groupModifications.getItems();
264
265 if (groupModificationItems.length > 0) {
266 ldapContext.modifyAttributes(name, groupModificationItems);
267 }
268 }
269 catch (NameNotFoundException nnfe) {
270 if (PrefsPropsUtil.getBoolean(
271 companyId, PropsKeys.LDAP_AUTH_REQUIRED)) {
272
273 throw nnfe;
274 }
275
276 _log.error(nnfe, nnfe);
277 }
278 catch (Exception e) {
279 throw e;
280 }
281 finally {
282 if (ldapContext != null) {
283 ldapContext.close();
284 }
285 }
286 }
287
288 public void setPortalToLDAPConverter(
289 PortalToLDAPConverter portalToLDAPConverter) {
290
291 _portalToLDAPConverter = portalToLDAPConverter;
292 }
293
294 protected Binding addGroup(
295 long ldapServerId, LdapContext ldapContext, UserGroup userGroup,
296 User user, Properties groupMappings, Properties userMappings)
297 throws Exception {
298
299 Name name = new CompositeName();
300
301 name.add(
302 _portalToLDAPConverter.getGroupDNName(
303 ldapServerId, userGroup, groupMappings));
304
305 Attributes attributes = _portalToLDAPConverter.getLDAPGroupAttributes(
306 ldapServerId, userGroup, user, groupMappings, userMappings);
307
308 ldapContext.bind(name, new PortalLDAPContext(attributes));
309
310 Binding binding = PortalLDAPUtil.getGroup(
311 ldapServerId, userGroup.getCompanyId(), userGroup.getName());
312
313 return binding;
314 }
315
316 protected Binding addUser(
317 long ldapServerId, LdapContext ldapContext, User user,
318 Properties userMappings)
319 throws Exception {
320
321 Name name = new CompositeName();
322
323 name.add(
324 _portalToLDAPConverter.getUserDNName(
325 ldapServerId, user, userMappings));
326
327 Attributes attributes = _portalToLDAPConverter.getLDAPUserAttributes(
328 ldapServerId, user, userMappings);
329
330 ldapContext.bind(name, new PortalLDAPContext(attributes));
331
332 Binding binding = PortalLDAPUtil.getUser(
333 ldapServerId, user.getCompanyId(), user.getScreenName(),
334 user.getEmailAddress());
335
336 return binding;
337 }
338
339 private static Log _log = LogFactoryUtil.getLog(
340 PortalLDAPExporterImpl.class);
341
342 private PortalToLDAPConverter _portalToLDAPConverter;
343
344 }