001
014
015 package com.liferay.portal.security.ldap;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.PropsKeys;
020 import com.liferay.portal.model.Contact;
021 import com.liferay.portal.model.User;
022 import com.liferay.portal.model.UserGroup;
023 import com.liferay.portal.security.auth.AuthSettingsUtil;
024 import com.liferay.portal.service.UserGroupLocalServiceUtil;
025 import com.liferay.portal.service.UserLocalServiceUtil;
026 import com.liferay.portal.util.PrefsPropsUtil;
027
028 import java.io.Serializable;
029
030 import java.util.List;
031 import java.util.Map;
032 import java.util.Properties;
033
034 import javax.naming.Binding;
035 import javax.naming.CompositeName;
036 import javax.naming.Name;
037 import javax.naming.NameNotFoundException;
038 import javax.naming.directory.Attributes;
039 import javax.naming.directory.ModificationItem;
040 import javax.naming.ldap.LdapContext;
041
042
048 public class PortalLDAPExporterImpl implements PortalLDAPExporter {
049
050 public void exportToLDAP(
051 Contact contact, Map<String, Serializable> contactExpandoAttributes)
052 throws Exception {
053
054 long companyId = contact.getCompanyId();
055
056 if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId) ||
057 !LDAPSettingsUtil.isExportEnabled(companyId)) {
058
059 return;
060 }
061
062 User user = UserLocalServiceUtil.getUserByContactId(
063 contact.getContactId());
064
065 long ldapServerId = PortalLDAPUtil.getLdapServerId(
066 companyId, user.getScreenName(), user.getEmailAddress());
067
068 LdapContext ldapContext = PortalLDAPUtil.getContext(
069 ldapServerId, companyId);
070
071 try {
072 if (ldapContext == null) {
073 return;
074 }
075
076 Properties contactMappings = LDAPSettingsUtil.getContactMappings(
077 ldapServerId, companyId);
078 Properties contactExpandoMappings =
079 LDAPSettingsUtil.getContactExpandoMappings(
080 ldapServerId, companyId);
081
082 Binding binding = PortalLDAPUtil.getUser(
083 ldapServerId, contact.getCompanyId(), user.getScreenName(),
084 user.getEmailAddress());
085
086 if (binding == null) {
087 Properties userMappings = LDAPSettingsUtil.getUserMappings(
088 ldapServerId, companyId);
089
090 binding = addUser(
091 ldapServerId, ldapContext, user, userMappings);
092 }
093
094 Name name = new CompositeName();
095
096 name.add(
097 PortalLDAPUtil.getNameInNamespace(
098 ldapServerId, companyId, binding));
099
100 Modifications modifications =
101 _portalToLDAPConverter.getLDAPContactModifications(
102 contact, contactExpandoAttributes,
103 contactMappings, contactExpandoMappings);
104
105 if (modifications == null) {
106 return;
107 }
108
109 ModificationItem[] modificationItems = modifications.getItems();
110
111 ldapContext.modifyAttributes(name, modificationItems);
112 }
113 catch (Exception e) {
114 throw e;
115 }
116 finally {
117 if (ldapContext != null) {
118 ldapContext.close();
119 }
120 }
121 }
122
123 public void exportToLDAP(
124 User user, Map<String, Serializable> userExpandoAttributes)
125 throws Exception {
126
127 long companyId = user.getCompanyId();
128
129 if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId) ||
130 !LDAPSettingsUtil.isExportEnabled(companyId)) {
131
132 return;
133 }
134
135 long ldapServerId = PortalLDAPUtil.getLdapServerId(
136 companyId, user.getScreenName(), user.getEmailAddress());
137
138 LdapContext ldapContext = PortalLDAPUtil.getContext(
139 ldapServerId, companyId);
140
141 try {
142 if (ldapContext == null) {
143 return;
144 }
145
146 Properties userMappings = LDAPSettingsUtil.getUserMappings(
147 ldapServerId, companyId);
148 Properties userExpandoMappings =
149 LDAPSettingsUtil.getUserExpandoMappings(
150 ldapServerId, companyId);
151
152 Binding binding = PortalLDAPUtil.getUser(
153 ldapServerId, user.getCompanyId(), user.getScreenName(),
154 user.getEmailAddress());
155
156 if (binding == null) {
157 binding = addUser(
158 ldapServerId, ldapContext, user, userMappings);
159 }
160
161 Name name = new CompositeName();
162
163 name.add(
164 PortalLDAPUtil.getNameInNamespace(
165 ldapServerId, companyId, binding));
166
167 Modifications modifications =
168 _portalToLDAPConverter.getLDAPUserModifications(
169 user, userExpandoAttributes, userMappings,
170 userExpandoMappings);
171
172 if (modifications == null) {
173 return;
174 }
175
176 ModificationItem[] modificationItems = modifications.getItems();
177
178 ldapContext.modifyAttributes(name, modificationItems);
179
180 if (!LDAPSettingsUtil.isExportGroupEnabled(companyId)) {
181 return;
182 }
183
184 List<UserGroup> userGroups =
185 UserGroupLocalServiceUtil.getUserUserGroups(user.getUserId());
186
187 for (UserGroup userGroup : userGroups) {
188 exportToLDAP(user.getUserId(), userGroup.getUserGroupId());
189 }
190
191 Modifications groupModifications =
192 _portalToLDAPConverter.getLDAPUserGroupModifications(
193 ldapServerId, userGroups, user, userMappings);
194
195 ModificationItem[] groupModificationItems =
196 groupModifications.getItems();
197
198 if (groupModificationItems.length > 0) {
199 ldapContext.modifyAttributes(name, groupModificationItems);
200 }
201 }
202 catch (NameNotFoundException nnfe) {
203 if (PrefsPropsUtil.getBoolean(
204 companyId, PropsKeys.LDAP_AUTH_REQUIRED)) {
205
206 throw nnfe;
207 }
208
209 _log.error(nnfe, nnfe);
210 }
211 catch (Exception e) {
212 throw e;
213 }
214 finally {
215 if (ldapContext != null) {
216 ldapContext.close();
217 }
218 }
219 }
220
221 public void exportToLDAP(long userId, long userGroupId) throws Exception {
222 User user = UserLocalServiceUtil.getUser(userId);
223
224 long companyId = user.getCompanyId();
225
226 if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId) ||
227 !LDAPSettingsUtil.isExportEnabled(companyId) ||
228 !LDAPSettingsUtil.isExportGroupEnabled(companyId)) {
229
230 return;
231 }
232
233 long ldapServerId = PortalLDAPUtil.getLdapServerId(
234 companyId, user.getScreenName(), user.getEmailAddress());
235
236 LdapContext ldapContext = PortalLDAPUtil.getContext(
237 ldapServerId, companyId);
238
239 try {
240 if (ldapContext == null) {
241 return;
242 }
243
244 UserGroup userGroup = UserGroupLocalServiceUtil.getUserGroup(
245 userGroupId);
246
247 Properties groupMappings = LDAPSettingsUtil.getGroupMappings(
248 ldapServerId, companyId);
249
250 Properties userMappings = LDAPSettingsUtil.getUserMappings(
251 ldapServerId, companyId);
252
253 Binding binding = PortalLDAPUtil.getGroup(
254 ldapServerId, companyId, userGroup.getName());
255
256 if (binding == null) {
257 addGroup(
258 ldapServerId, ldapContext, userGroup, user, groupMappings,
259 userMappings);
260
261 return;
262 }
263
264 Name name = new CompositeName();
265
266 name.add(
267 PortalLDAPUtil.getNameInNamespace(
268 ldapServerId, companyId, binding));
269
270 Modifications modifications =
271 _portalToLDAPConverter.getLDAPGroupModifications(
272 ldapServerId, userGroup, user, groupMappings, userMappings);
273
274 ModificationItem[] modificationItems = modifications.getItems();
275
276 ldapContext.modifyAttributes(name, modificationItems);
277 }
278 catch (Exception e) {
279 _log.error(e, e);
280 }
281 finally {
282 if (ldapContext != null) {
283 ldapContext.close();
284 }
285 }
286 }
287
288 public void setPortalToLDAPConverter(
289 PortalToLDAPConverter portalToLDAPConverter) {
290
291 _portalToLDAPConverter = portalToLDAPConverter;
292 }
293
294 protected Binding addGroup(
295 long ldapServerId, LdapContext ldapContext, UserGroup userGroup,
296 User user, Properties groupMappings, Properties userMappings)
297 throws Exception {
298
299 Name name = new CompositeName();
300
301 name.add(
302 _portalToLDAPConverter.getGroupDNName(
303 ldapServerId, userGroup, groupMappings));
304
305 Attributes attributes = _portalToLDAPConverter.getLDAPGroupAttributes(
306 ldapServerId, userGroup, user, groupMappings, userMappings);
307
308 ldapContext.bind(name, new PortalLDAPContext(attributes));
309
310 Binding binding = PortalLDAPUtil.getGroup(
311 ldapServerId, userGroup.getCompanyId(), userGroup.getName());
312
313 return binding;
314 }
315
316 protected Binding addUser(
317 long ldapServerId, LdapContext ldapContext, User user,
318 Properties userMappings)
319 throws Exception {
320
321 Name name = new CompositeName();
322
323 name.add(
324 _portalToLDAPConverter.getUserDNName(
325 ldapServerId, user, userMappings));
326
327 Attributes attributes = _portalToLDAPConverter.getLDAPUserAttributes(
328 ldapServerId, user, userMappings);
329
330 ldapContext.bind(name, new PortalLDAPContext(attributes));
331
332 Binding binding = PortalLDAPUtil.getUser(
333 ldapServerId, user.getCompanyId(), user.getScreenName(),
334 user.getEmailAddress());
335
336 return binding;
337 }
338
339 private static Log _log = LogFactoryUtil.getLog(
340 PortalLDAPExporterImpl.class);
341
342 private PortalToLDAPConverter _portalToLDAPConverter;
343
344 }