portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r483771 [1/5] - in /portals/jetspeed-2/trunk/components/security: etc/ src/java/org/apache/jetspeed/security/spi/impl/ src/java/org/apache/jetspeed/security/spi/impl/ldap/ src/test/JETSPEED-INF/directory/config/apacheds/ src/test/JETSPEED-I...
Date Fri, 08 Dec 2006 01:47:33 GMT
Author: ate
Date: Thu Dec  7 17:47:28 2006
New Revision: 483771

URL: http://svn.apache.org/viewvc?view=rev&rev=483771
Log:
Patch for JS2-491: Enhance J2 LDAP Security + documentation
See: http://issues.apache.org/jira/browse/JS2-491
Patch provided by Davy De Waele who has put a lot of effort into this, with a great enhancement as well as extended documentation as result.
Thanks!

NB: 
I've only been able to successfully run the testcases against OpenLDAP. Our "default" ApacheDS fails miserably because of two critical bugs (which I have reported).
So, for the time being (we have to wait for release 1.0.1), ApacheDS cannot reliably be used with Jetspeed.
OpenLDAP is fine though, and Davy reported success with Domino and SunDS as well.

I'll try to update the documentation online asap.

Added:
    portals/jetspeed-2/trunk/components/security/etc/security-spi-ldap-atz.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/domino/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/company.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/README.TXT
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/company.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/company.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/README.TXT
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/setup1/
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/setup1/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/setup1/security-spi-ldap.xml   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/GroupFilterBase.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/GroupMembershipAttributes1.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/GroupMembershipAttributes2.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/GroupMembershipForRoleAttributes1.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/GroupMembershipForRoleAttributes2.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/GroupObjectClasses.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/IdAttributes.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/ObjectFilterBase.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/RoleFilterBase.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/RoleGroupMembershipForRoleAttributes1.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/RoleGroupMembershipForRoleAttributes2.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/RoleMembershipAttributes1.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/RoleMembershipAttributes2.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/RoleObjectClasses.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/UserFilterBase.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/UserGroupMembershipAttributes1.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/UserGroupMembershipAttributes2.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/UserIdAttribute.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/UserObjectClasses.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/UserRoleMembershipAttributes1.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/UserRoleMembershipAttributes2.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/rootPassword.png   (with props)
    portals/jetspeed-2/trunk/components/security/xdocs/images/ldap/userUidAttribute.png   (with props)
Removed:
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/ldap.properties
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/security-spi-atz.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/security-spi-ldap-atn.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/security-spi-ldap.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/apacheds/security-spi.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/ldap.properties
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/security-spi-atz.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/security-spi-ldap-atn.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/security-spi-ldap.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/openldap/security-spi.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/company1.ldif
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/ldap.properties
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/security-spi-atz.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/security-spi-ldap-atn.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/security-spi-ldap.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/directory/config/sunds/security-spi.xml
    portals/jetspeed-2/trunk/components/security/src/test/JETSPEED-INF/ldap/ldap.properties
Modified:
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/InitLdapSchema.java   (contents, props changed)
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java   (contents, props changed)
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapPrincipalDaoImpl.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapRoleDaoImpl.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserPrincipalDaoImpl.java
    portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/spi/ldap/AbstractLdapTest.java
    portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/spi/ldap/TestLdapRoleSecurityHandler.java
    portals/jetspeed-2/trunk/components/security/src/test/org/apache/jetspeed/security/spi/ldap/TestLdapSecurityMappingHandler.java
    portals/jetspeed-2/trunk/components/security/xdocs/ldap.xml

Added: portals/jetspeed-2/trunk/components/security/etc/security-spi-ldap-atz.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/etc/security-spi-ldap-atz.xml?view=auto&rev=483771
==============================================================================
--- portals/jetspeed-2/trunk/components/security/etc/security-spi-ldap-atz.xml (added)
+++ portals/jetspeed-2/trunk/components/security/etc/security-spi-ldap-atz.xml Thu Dec  7 17:47:28 2006
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Security SPI Handlers ************** -->  
+  <!-- Security SPI: RoleSecurityHandler -->
+  <bean id="org.apache.jetspeed.security.spi.RoleSecurityHandler" 
+    	   class="org.apache.jetspeed.security.spi.impl.LdapRoleSecurityHandler">  	   
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl"/></constructor-arg>
+  </bean>
+  
+  <!-- Security SPI: GroupSecurityHandler -->
+  <bean id="org.apache.jetspeed.security.spi.GroupSecurityHandler" 
+  	   class="org.apache.jetspeed.security.spi.impl.LdapGroupSecurityHandler"
+  >  	   
+  	   <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.impl.ldap.LdapGroupDaoImpl"/></constructor-arg>
+  </bean>
+
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapGroupDaoImpl" 
+  	   class="org.apache.jetspeed.security.spi.impl.ldap.LdapGroupDaoImpl"
+  >  	
+  <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"/></constructor-arg>   
+  </bean>
+  
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl" 
+  	   class="org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl"
+  >  	
+  <constructor-arg ><ref bean="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"/></constructor-arg>   
+  </bean>
+  
+
+  
+  <!-- Security SPI: SecurityMappingHandler -->
+  <bean id="org.apache.jetspeed.security.spi.SecurityMappingHandler" 
+    	class="org.apache.jetspeed.security.spi.impl.LdapSecurityMappingHandler"
+  >	
+  	   <constructor-arg index="0"><ref bean="org.apache.jetspeed.security.spi.impl.ldap.LdapUserPrincipalDao"/></constructor-arg>   
+  	   <constructor-arg index="1"><ref bean="org.apache.jetspeed.security.spi.impl.ldap.LdapGroupDaoImpl"/></constructor-arg>   
+  	   <constructor-arg index="2"><ref bean="org.apache.jetspeed.security.spi.impl.ldap.LdapRoleDaoImpl"/></constructor-arg>
+
+  	   <!-- Default role hierarchy strategy is by generalization.  Add contructor-arg to change the strategy. -->
+  	   <!-- Default group hierarchy strategy is by generalization.  Add contructor-arg to change the strategy. -->
+  </bean>
+  
+</beans>

Propchange: portals/jetspeed-2/trunk/components/security/etc/security-spi-ldap-atz.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: portals/jetspeed-2/trunk/components/security/etc/security-spi-ldap-atz.xml
------------------------------------------------------------------------------
    svn:keywords = Id

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java?view=diff&rev=483771&r1=483770&r2=483771
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java Thu Dec  7 17:47:28 2006
@@ -159,7 +159,6 @@
      */
     public void removeUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException
     {
-    	//TODO: check if this is ok
         verifyUserAndRoleExist(username, roleFullPathName);
         removeUserFromRole(username, roleFullPathName);
     }

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java?view=diff&rev=483771&r1=483770&r2=483771
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java Thu Dec  7 17:47:28 2006
@@ -28,6 +28,8 @@
 import javax.naming.ldap.LdapContext;
 
 import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.security.InvalidDnException;
 import org.apache.jetspeed.security.InvalidPasswordException;
 import org.apache.jetspeed.security.InvalidUidException;
@@ -43,6 +45,9 @@
  */
 public abstract class AbstractLdapDao
 {
+	
+	private static final Log logger = LogFactory.getLog(AbstractLdapDao.class);
+	
     /** The ldap binding configuration. */
     private LdapBindingConfig ldapBindingConfig = null;
 
@@ -167,7 +172,7 @@
     protected SearchControls setSearchControls()
     {
         SearchControls controls = new SearchControls();
-        controls.setReturningAttributes(new String[] {"cn","sn","o","uid","ou","objectClass","nsroledn","userPassword","member","uniqueMember"});
+        controls.setReturningAttributes(getKnownAttributes());
         controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
         controls.setReturningObjFlag(true);
 
@@ -198,53 +203,6 @@
         }
     }
     
-    /**
-     * <p>
-     * Searches the LDAP server for the group with the specified uid attribute.
-     * </p>
-     * 
-     * @return the user's DN
-     */
-    public String lookupGroupByUid(final String uid) throws SecurityException
-    {
-        validateUid(uid);
-
-        try
-        {
-            SearchControls cons = setSearchControls();
-            NamingEnumeration searchResults = searchGroupByWildcardedUid(uid, cons);
-
-            return getFirstDnForUid(searchResults);
-        }
-        catch (NamingException e)
-        {
-            throw new SecurityException(e);
-        }
-    }    
-    
-    /**
-     * <p>
-     * Searches the LDAP server for the role with the specified uid attribute.
-     * </p>
-     * 
-     * @return the user's DN
-     */
-    public String lookupRoleByUid(final String uid) throws SecurityException
-    {
-        validateUid(uid);
-
-        try
-        {
-            SearchControls cons = setSearchControls();
-            NamingEnumeration searchResults = searchRoleByWildcardedUid(uid, cons);
-
-            return getFirstDnForUid(searchResults);
-        }
-        catch (NamingException e)
-        {
-            throw new SecurityException(e);
-        }
-    }        
 
     /**
      * <p>
@@ -261,15 +219,7 @@
         while ((null != searchResults) && searchResults.hasMore())
         {
             SearchResult searchResult = (SearchResult) searchResults.next();
-            
-/* TODO: Java 5 dependency, needs to be resolved for Java 1.4 first before this can be enabled again
-            userDn = searchResult.getNameInNamespace();
-*/            
-//            if (searchResult.getObject() instanceof DirContext)
-//            {
-//                DirContext userEntry = (DirContext) searchResult.getObject();
-//                userDn = userEntry.getNameInNamespace();
-//            }
+            userDn = searchResult.getName();
         }
         return userDn;
     }
@@ -303,16 +253,20 @@
     protected NamingEnumeration searchByWildcardedUid(final String filter, SearchControls cons) throws NamingException
     {
     	// usa a template method to use users/groups/roles
-        String searchFilter = "";
-        if (getSearchSuffix()==null || getSearchSuffix().equals("")) {
-        	searchFilter = "(" + getEntryPrefix() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
+    	String query = "";
+        if (StringUtils.isEmpty(getSearchSuffix())) {
+        	query = "(" + getEntryPrefix() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
         } else {
-        	searchFilter = "(&(" + getEntryPrefix() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getSearchSuffix() + ")";
+        	query = "(&(" + getEntryPrefix() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getSearchSuffix() + ")";
         }
-        
-        NamingEnumeration searchResults = ((DirContext) ctx).search(getSearchDomain(), searchFilter, cons);
+        logger.debug("searchByWildCardedUid = " + query); 
+
+	    cons.setSearchScope(getSearchScope());
+	    //TODO: added this here for OpenLDAP (when users are stored in ou=People,o=evenSeas)
+	    String searchBase = StringUtils.replace(getSearchDomain(), "," + getRootContext(), "");
+	    NamingEnumeration results = ((DirContext) ctx).search(searchBase,query , cons);	
 
-        return searchResults;
+        return results;
     }
     
     /**
@@ -328,16 +282,20 @@
     protected NamingEnumeration searchGroupByWildcardedUid(final String filter, SearchControls cons) throws NamingException
     {
     	// usa a template method to use users/groups/roles
-        String searchFilter = "";
-        if (getSearchSuffix()==null || getSearchSuffix().equals("")) {
-        	searchFilter = "(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
+        String query = "";
+        if (StringUtils.isEmpty(getGroupFilter())) {
+        	query = "(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
         } else {
-        	searchFilter = "(&(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getGroupFilter() + ")";
+        	query = "(&(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getGroupFilter() + ")";
         }        
         
-        NamingEnumeration searchResults = ((DirContext) ctx).search("", searchFilter, cons);
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getGroupFilterBase()))
+	    	searchBase+=getGroupFilterBase();
+	    cons.setSearchScope(getSearchScope());
+	    NamingEnumeration results = ((DirContext) ctx).search(searchBase,query , cons);	
 
-        return searchResults;
+        return results;
     }   
     
     /**
@@ -352,16 +310,20 @@
      */
     protected NamingEnumeration searchRoleByWildcardedUid(final String filter, SearchControls cons) throws NamingException
     {
-        //String searchFilter = "(&(uid=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ") (objectclass="+ "jetspeed-2-role" + "))";
-        String searchFilter = "";
-        if (getRoleFilter()==null || getRoleFilter().equals("")) {
-        	searchFilter = "(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
+        String query = "";
+        if (StringUtils.isEmpty(getRoleFilter())) {
+        	query = "(" + getRoleIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
         } else {
-        	searchFilter = "(&(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getRoleFilter() + ")";
-        }      	
-        NamingEnumeration searchResults = ((DirContext) ctx).search("", searchFilter, cons);
+        	query = "(&(" + getRoleIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getRoleFilter() + ")";
+        }  
+        
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getRoleFilterBase()))
+	    	searchBase+=getRoleFilterBase();
+	    cons.setSearchScope(getSearchScope());
+	    NamingEnumeration results = ((DirContext) ctx).search(searchBase,query , cons);	
 
-        return searchResults;
+        return results;
     }      
 
     /**
@@ -501,14 +463,7 @@
     {
         return this.ldapBindingConfig.getUserFilter();
     }
-    
-    /**
-     * <p>
-     * Returns the default Group suffix dn.
-     * </p>
-     * 
-     * @return The defaultDnSuffix.
-     */
+
     protected String[] getUserObjectClasses()
     {
         return this.ldapBindingConfig.getUserObjectClasses();
@@ -560,6 +515,64 @@
         return this.ldapBindingConfig.getUserIdAttribute();
     }    
 
-	protected abstract String[] getObjectClasses();
-	
+    protected  String getUidAttribute()
+    {
+        return this.ldapBindingConfig.getUidAttribute();
+    }        
+    
+    protected  int getSearchScope()
+    {
+        return Integer.parseInt(this.ldapBindingConfig.getMemberShipSearchScope());
+    }        
+    
+    protected String getRoleUidAttribute()
+    {
+        return this.ldapBindingConfig.getRoleUidAttribute();
+    }        
+    
+    protected String getGroupUidAttribute()
+    {
+        return this.ldapBindingConfig.getGroupUidAttribute();
+    }        
+    
+    protected String getUserUidAttribute()
+    {
+        return this.ldapBindingConfig.getUserUidAttribute();
+    }        
+    
+    protected String getGroupObjectRequiredAttributeClasses()
+    {
+        return this.ldapBindingConfig.getGroupObjectRequiredAttributeClasses();
+    }        
+    
+    protected String getRoleObjectRequiredAttributeClasses()
+    {
+        return this.ldapBindingConfig.getRoleObjectRequiredAttributeClasses();
+    }        
+        
+    protected String[] getUserAttributes()
+    {
+        return this.ldapBindingConfig.getUserAttributes();
+    }        
+    
+    protected String[] getGroupAttributes()
+    {
+        return this.ldapBindingConfig.getGroupAttributes();
+    }        
+    
+    protected String[] getRoleAttributes()
+    {
+        return this.ldapBindingConfig.getRoleAttributes();
+    }        
+    
+    protected String getUserPasswordAttribute() {
+    	return this.ldapBindingConfig.getUserPasswordAttribute();
+    }
+    
+    protected String[] getKnownAttributes() {
+    	return this.ldapBindingConfig.getKnownAttributes();
+    }    
+
+    protected abstract String[] getObjectClasses();
+    protected abstract String[] getAttributes();
 }

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/InitLdapSchema.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/InitLdapSchema.java?view=diff&rev=483771&r1=483770&r2=483771
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/InitLdapSchema.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/InitLdapSchema.java Thu Dec  7 17:47:28 2006
@@ -1,158 +1,132 @@
-/*
- * Copyright 2000-2001,2004 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jetspeed.security.spi.impl.ldap;
-
-import javax.naming.NamingException;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.BasicAttribute;
-import javax.naming.directory.BasicAttributes;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.jetspeed.security.SecurityException;
-
-public class InitLdapSchema extends AbstractLdapDao
-{
-
-    /**
-     * <p>
-     * Default constructor.
-     * </p>
-     * 
-     * @throws SecurityException A {@link SecurityException}.
-     */
-    public InitLdapSchema() throws SecurityException
-    {
-        super();
-    }
-
-    /**
-     * <p>
-     * Initializes the LDAP schema.
-     * </p>
-     * 
-     * @param ldapConfig Holds the ldap binding configuration.
-     * @throws SecurityException A {@link SecurityException}.
-     */
-    public InitLdapSchema(LdapBindingConfig ldapConfig) throws SecurityException
-    {
-        super(ldapConfig);
-        init();
-    }
-
-    /**
-     * @see org.apache.jetspeed.security.spi.impl.ldap.AbstractLdapDao#getObjectClass()
-     */
-    protected String getObjectClass()
-    {
-        // Implementation not required for initializing the ldap schema.
-        return null;
-    }
-
-    /**
-     * @see org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao#create(java.lang.String)
-     */
-    public void init() throws SecurityException
-    {
-    	initOu("OrgUnit1");
-    	initOu("People","ou=OrgUnit1");
-    	initOu("Groups","ou=OrgUnit1");
-    	initOu("Roles","ou=OrgUnit1");
-//        initOu(getUsersOu());
-//        initOu(getGroupsOu());
-//        initOu(getRolesOu());
-    }
-
-    /**
-     * <p>
-     * Inits a given ou.
-     * </p>
-     * 
-     * @param ou The org unit.
-     * @throws SecurityException
-     */
-    public void initOu(String ou) throws SecurityException
-    {
-        if (!StringUtils.isEmpty(ou))
-        {
-            Attributes attrs = defineLdapAttributes(ou);
-            try
-            {
-                String dn = "ou=" + ou; // + "," + getDefaultSearchBase();
-                ctx.createSubcontext(dn, attrs);
-            }
-            catch (NamingException e)
-            {
-                throw new SecurityException(e);
-            }
-        }
-    }
-    
-    public void initOu(String ou,String folder) throws SecurityException
-    {
-        if (!StringUtils.isEmpty(ou))
-        {
-            Attributes attrs = defineLdapAttributes(ou);
-            try
-            {
-                ctx.createSubcontext("ou=" + ou + "," + folder, attrs);
-            }
-            catch (NamingException e)
-            {
-                throw new SecurityException(e);
-            }
-        }
-    }    
-
-    /**
-     * <p>
-     * A template method for defining the attributes for a particular LDAP class.
-     * </p>
-     * 
-     * @param principalUid The principal uid.
-     * @return the LDAP attributes object for the particular class.
-     */
-    protected Attributes defineLdapAttributes(String ou)
-    {
-        Attributes attrs = new BasicAttributes(true);
-        BasicAttribute classes = new BasicAttribute("objectclass");
-
-        classes.add("top");
-        classes.add("organizationalUnit");
-        attrs.put(classes);
-        attrs.put("ou", ou);
-
-        return attrs;
-    }
-
-	protected String getEntryPrefix()
-	{
-		return null;
-	}
-	
-	protected String getSearchSuffix() {
-		return null;
-	}
-
-	protected String getSearchDomain() {
-		return null;
-	}
-
-	protected String[] getObjectClasses() {
-		return null;
-	}
-
-
-}
+/*
+ * Copyright 2000-2001,2004 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.security.spi.impl.ldap;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.jetspeed.security.SecurityException;
+
+public class InitLdapSchema extends AbstractLdapDao
+{
+
+    /**
+     * <p>
+     * Default constructor.
+     * </p>
+     * 
+     * @throws SecurityException A {@link SecurityException}.
+     */
+    public InitLdapSchema() throws SecurityException
+    {
+        super();
+    }
+
+    /**
+     * <p>
+     * Initializes the LDAP schema.
+     * </p>
+     * 
+     * @param ldapConfig Holds the ldap binding configuration.
+     * @throws SecurityException A {@link SecurityException}.
+     */
+    public InitLdapSchema(LdapBindingConfig ldapConfig) throws SecurityException
+    {
+        super(ldapConfig);
+    }
+
+    /**
+     * @see org.apache.jetspeed.security.spi.impl.ldap.AbstractLdapDao#getObjectClass()
+     */
+    protected String getObjectClass()
+    {
+        // Implementation not required for initializing the ldap schema.
+        return null;
+    }
+
+    /**
+     * <p>
+     * Inits a given ou.
+     * </p>
+     * 
+     * @param ou The org unit.
+     * @throws SecurityException
+     */
+    public void initOu(String ou) throws NamingException
+    {
+        if (!StringUtils.isEmpty(ou))
+        {
+            Attributes attrs = defineLdapAttributes(ou);
+            String dn = "ou=" + ou; // + "," + getDefaultSearchBase();
+            ctx.createSubcontext(dn, attrs);
+        }
+    }
+    
+    public void initOu(String ou,String folder) throws NamingException
+    {
+        if (!StringUtils.isEmpty(ou))
+        {
+            Attributes attrs = defineLdapAttributes(ou);
+            ctx.createSubcontext("ou=" + ou + "," + folder, attrs);
+        }
+    }    
+
+    /**
+     * <p>
+     * A template method for defining the attributes for a particular LDAP class.
+     * </p>
+     * 
+     * @param principalUid The principal uid.
+     * @return the LDAP attributes object for the particular class.
+     */
+    protected Attributes defineLdapAttributes(String ou)
+    {
+        Attributes attrs = new BasicAttributes(true);
+        BasicAttribute classes = new BasicAttribute("objectclass");
+
+        classes.add("top");
+        classes.add("organizationalUnit");
+        attrs.put(classes);
+        attrs.put("ou", ou);
+
+        return attrs;
+    }
+
+	protected String getEntryPrefix()
+	{
+		return null;
+	}
+	
+	protected String getSearchSuffix() {
+		return null;
+	}
+
+	protected String getSearchDomain() {
+		return null;
+	}
+
+	protected String[] getObjectClasses() {
+		return null;
+	}
+
+    protected String[] getAttributes() {
+        return null;
+    }
+
+}

Propchange: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/InitLdapSchema.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java?view=diff&rev=483771&r1=483770&r2=483771
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java Thu Dec  7 17:47:28 2006
@@ -1,504 +1,620 @@
-/* Copyright 2004 Apache Software Foundation
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.jetspeed.security.spi.impl.ldap;
-
-import org.apache.commons.configuration.ConfigurationException;
-import org.apache.commons.configuration.PropertiesConfiguration;
-import org.apache.commons.lang.StringUtils;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.jetspeed.security.SecurityException;
-
-/**
- * <p>
- * Holds the configuration for ldap binding.
- * </p>
- * 
- * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
- */
-public class LdapBindingConfig
-{
-    /** The logger. */
-    private static final Log logger = LogFactory.getLog(LdapBindingConfig.class);
-
-    private String initialContextFactory;
-    private String ldapServerName;
-    private String ldapServerPort;
-    private String rootDn;
-    private String rootPassword;
-    private String rootContext;
-    
-    private String defaultDnSuffix;
-    
-    private PropertiesConfiguration props = null;
-
-	private String roleFilter;
-	private String groupFilter;
-	private String userFilter;
-
-	private String userAuthenticationFiler;
-	
-	private String roleMembershipAttributes;
-	private String userRoleMembershipAttributes;
-
-	private String groupMembershipAttributes;
-	private String userGroupMembershipAttributes;
-
-	private String defaultSearchBase;
-
-	private String roleFilterBase;
-	private String groupFilterBase;
-	private String userFilterBase;
-	
-	private String roleIdAttribute;
-	private String groupIdAttribute;
-	private String userIdAttribute;
-
-	private String[] roleObjectClasses;
-
-	private String[] groupObjectClasses;
-
-	private String[] userObjectClasses;
-
-	private String roleGroupMembershipForRoleAttributes;
-
-	private String groupMembershipForRoleAttributes;	
-
-    /**
-     * @param factory The initial context factory.
-     * @param name The ldap server name.
-     * @param port The ldap server port.
-     * @param suffix The default dn suffix.
-     * @param context The root context.
-     * @param dn The root dn.
-     * @param password The root password.
-     * @param uou The users organization unit.
-     * @param gou The groups organization unit.
-     */
-    public LdapBindingConfig(String factory, 
-    		String name, 
-    		String port, 
-    		String suffix, 
-    		String context, 
-    		String dn,
-            String password, 
-            String roleFilter,
-    		String groupFilter,
-    		String userFilter,
-			String userAuthenticationFiler,
-			String roleMembershipAttributes,
-			String userRoleMembershipAttributes,
-			String groupMembershipAttributes,
-			String userGroupMembershipAttributes,
-			String groupMembershipForRoleAttributes,
-			String roleGroupMembershipForRoleAttributes,			
-			String defaultSearchBase,
-			String roleFilterBase,
-			String groupFilterBase,
-			String userFilterBase,
-			String roleObjectClasses,
-			String groupObjectClasses,
-			String userObjectClasses,			
-			String roleIdAttribute,
-			String groupIdAttribute,
-			String userIdAttribute)    
-    {
-        try
-        {
-            initialContextFactory = factory;
-            ldapServerName = name;
-            ldapServerPort = port;
-            defaultDnSuffix = suffix;
-            rootContext = context;
-            rootDn = dn;
-            rootPassword = password;
-    
-            this.roleFilter=roleFilter;
-    		this.groupFilter=groupFilter;
-    		this.userFilter=userFilter;
-    		this.userAuthenticationFiler=userAuthenticationFiler;
-			
-    		this.roleMembershipAttributes=roleMembershipAttributes;
-			this.userRoleMembershipAttributes=userRoleMembershipAttributes;
-			
-			this.groupMembershipAttributes=groupMembershipAttributes;
-			this.userGroupMembershipAttributes=userGroupMembershipAttributes;
-			
-			this.groupMembershipForRoleAttributes=groupMembershipForRoleAttributes;
-			this.roleGroupMembershipForRoleAttributes=roleGroupMembershipForRoleAttributes;
-			this.defaultSearchBase=defaultSearchBase;
-    		
-			this.roleFilterBase=roleFilterBase;
-    		this.groupFilterBase=groupFilterBase;
-    		this.userFilterBase=userFilterBase;
-    		
-    		
-    		this.roleObjectClasses=StringUtils.split(roleObjectClasses,",");
-    		this.groupObjectClasses=StringUtils.split(groupObjectClasses,",");
-    		this.userObjectClasses=StringUtils.split(userObjectClasses,",");
-    		
-    		this.roleIdAttribute=roleIdAttribute;
-    		this.groupIdAttribute=groupIdAttribute;
-    		this.userIdAttribute=userIdAttribute;
-    		
-            new InitLdapSchema(this);
-        }
-        catch (SecurityException se)
-        {
-            if (logger.isWarnEnabled())
-            {
-                logger.warn("The LDAP directory should already be initialized.  If this is not the case, an exception"
-                        + "occured during initialization.");
-            }
-        }
-    }
-
-    /**
-     * <p>
-     * Default constructor. By default instantiates LdapBindingConfig from
-     * JETSPEED-INF/ldap/ldap.properties in the classpath.
-     * </p>
-     */
-    public LdapBindingConfig(String ldapType)
-    {
-        try
-        {
-            props = new PropertiesConfiguration("JETSPEED-INF/ldap/" + ldapType + "/ldap.properties");
-            initialContextFactory = props.getString("org.apache.jetspeed.ldap.initialContextFactory");
-            ldapServerName = props.getString("org.apache.jetspeed.ldap.ldapServerName");
-            ldapServerPort = props.getString("org.apache.jetspeed.ldap.ldapServerPort");
-            defaultDnSuffix = props.getString("org.apache.jetspeed.ldap.defaultDnSuffix");
-            rootContext = props.getString("org.apache.jetspeed.ldap.rootContext");
-            rootDn = props.getString("org.apache.jetspeed.ldap.rootDn");
-            rootPassword = props.getString("org.apache.jetspeed.ldap.rootPassword");
-            
-            roleFilter=props.getString("org.apache.jetspeed.ldap.RoleFilter");
-            groupFilter=props.getString("org.apache.jetspeed.ldap.GroupFilter");
-            userFilter=props.getString("org.apache.jetspeed.ldap.UserFilter");
-
-            userAuthenticationFiler=props.getString("org.apache.jetspeed.ldap.UserAuthenticationFiler");
-
-            roleMembershipAttributes=props.getString("org.apache.jetspeed.ldap.RoleMembershipAttributes");
-            userRoleMembershipAttributes=props.getString("org.apache.jetspeed.ldap.UserRoleMembershipAttributes");
-
-            groupMembershipAttributes=props.getString("org.apache.jetspeed.ldap.GroupMembershipAttributes");
-            userGroupMembershipAttributes=props.getString("org.apache.jetspeed.ldap.UserGroupMembershipAttributes");
-
-            groupMembershipForRoleAttributes=props.getString("org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes");
-            roleGroupMembershipForRoleAttributes=props.getString("org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes");
-
-            defaultSearchBase=props.getString("org.apache.jetspeed.ldap.DefaultSearchBase");
-            
-            roleFilterBase=props.getString("org.apache.jetspeed.ldap.RoleFilterBase");
-            groupFilterBase=props.getString("org.apache.jetspeed.ldap.GroupFilterBase");
-            userFilterBase=props.getString("org.apache.jetspeed.ldap.UserFilterBase");
-            
-            this.roleObjectClasses=StringUtils.split(props.getString("org.apache.jetspeed.ldap.RoleObjectClasses"),",");
-    		this.groupObjectClasses=StringUtils.split(props.getString("org.apache.jetspeed.ldap.GroupObjectClasses"),",");
-    		this.userObjectClasses=StringUtils.split(props.getString("org.apache.jetspeed.ldap.UserObjectClasses"),",");
-    		
-    		roleIdAttribute=props.getString("org.apache.jetspeed.ldap.RoleIdAttribute");
-            groupIdAttribute=props.getString("org.apache.jetspeed.ldap.GroupIdAttribute");
-            userIdAttribute=props.getString("org.apache.jetspeed.ldap.UserIdAttribute");
-
-            new InitLdapSchema(this);
-        }
-        catch (ConfigurationException ce)
-        {
-            logger.error("Could not configure LdapBindingConfig: " + ce);
-        }
-        catch (SecurityException se)
-        {
-            if (logger.isWarnEnabled())
-            {
-                logger.warn("The LDAP directory should already be initialized.  If this is not the case, an exception"
-                        + "occured during initialization.");
-            }
-        }
-    }
-
-    /**
-     * @return Returns the defaultDnSuffix.
-     */
-    public String getDefaultDnSuffix()
-    {
-        return defaultDnSuffix;
-    }
-
-    /**
-     * @param defaultDnSuffix The defaultDnSuffix to set.
-     */
-    public void setDefaultDnSuffix(String defaultDnSuffix)
-    {
-        this.defaultDnSuffix = defaultDnSuffix;
-    }
-    /**
-     * @return Returns the initialContextFactory.
-     */
-    public String getInitialContextFactory()
-    {
-        return initialContextFactory;
-    }
-
-    /**
-     * @param initialContextFactory The initialContextFactory to set.
-     */
-    public void setInitialContextFactory(String initialContextFactory)
-    {
-        this.initialContextFactory = initialContextFactory;
-    }
-
-    /**
-     * @return Returns the ldapServerName.
-     */
-    public String getLdapServerName()
-    {
-        return ldapServerName;
-    }
-
-    /**
-     * @param ldapServerName The ldapServerName to set.
-     */
-    public void setLdapServerName(String ldapServerName)
-    {
-        this.ldapServerName = ldapServerName;
-    }
-
-    /**
-     * @return Returns the ldapServerPort.
-     */
-    public String getLdapServerPort()
-    {
-        return ldapServerPort;
-    }
-
-    /**
-     * @param ldapServerPort The ldapServerPort to set.
-     */
-    public void setLdapServerPort(String ldapServerPort)
-    {
-        this.ldapServerPort = ldapServerPort;
-    }
-
-    /**
-     * @return Returns the rootContext.
-     */
-    public String getRootContext()
-    {
-        return rootContext;
-    }
-
-    /**
-     * @param rootContext The rootContext to set.
-     */
-    public void setRootContext(String rootContext)
-    {
-        this.rootContext = rootContext;
-    }
-
-    /**
-     * @return Returns the rootDn.
-     */
-    public String getRootDn()
-    {
-        return rootDn;
-    }
-
-    /**
-     * @param rootDn The rootDn to set.
-     */
-    public void setRootDn(String rootDn)
-    {
-        this.rootDn = rootDn;
-    }
-
-    /**
-     * @return Returns the rootPassword.
-     */
-    public String getRootPassword()
-    {
-        return rootPassword;
-    }
-
-    /**
-     * @param rootPassword The rootPassword to set.
-     */
-    public void setRootPassword(String rootPassword)
-    {
-        this.rootPassword = rootPassword;
-    }
-
-	public String getRoleFilter() {
-		return roleFilter;
-	}
-
-	public void setRoleFilter(String roleFilter) {
-		this.roleFilter = roleFilter;
-	}
-
-	public String getRoleFilterBase() {
-		return roleFilterBase;
-	}
-
-	public void setRoleFilterBase(String roleFilterBase) {
-		this.roleFilterBase = roleFilterBase;
-	}
-
-	public String getRoleMembershipAttributes() {
-		return roleMembershipAttributes;
-	}
-
-	public void setRoleMembershipAttributes(String roleMembershipAttributes) {
-		this.roleMembershipAttributes = roleMembershipAttributes;
-	}
-
-	public String getUserAuthenticationFiler() {
-		return userAuthenticationFiler;
-	}
-
-	public void setUserAuthenticationFiler(String userAuthenticationFiler) {
-		this.userAuthenticationFiler = userAuthenticationFiler;
-	}
-
-	public String getUserFilter() {
-		return userFilter;
-	}
-
-	public void setUserFilter(String userFilter) {
-		this.userFilter = userFilter;
-	}
-
-	public String getUserFilterBase() {
-		return userFilterBase;
-	}
-
-	public void setUserFilterBase(String userFilterBase) {
-		this.userFilterBase = userFilterBase;
-	}
-
-	public String getUserGroupMembershipAttributes() {
-		return userGroupMembershipAttributes;
-	}
-
-	public void setUserGroupMembershipAttributes(
-			String userGroupMembershipAttributes) {
-		this.userGroupMembershipAttributes = userGroupMembershipAttributes;
-	}
-
-	public String getUserRoleMembershipAttributes() {
-		return userRoleMembershipAttributes;
-	}
-
-	public void setUserRoleMembershipAttributes(String userRoleMembershipAttributes) {
-		this.userRoleMembershipAttributes = userRoleMembershipAttributes;
-	}
-
-	public String getDefaultSearchBase() {
-		return defaultSearchBase;
-	}
-
-	public void setDefaultSearchBase(String defaultSearchBase) {
-		this.defaultSearchBase = defaultSearchBase;
-	}
-
-	public String getGroupFilter() {
-		return groupFilter;
-	}
-
-	public void setGroupFilter(String groupFilter) {
-		this.groupFilter = groupFilter;
-	}
-
-	public String getGroupFilterBase() {
-		return groupFilterBase;
-	}
-
-	public void setGroupFilterBase(String groupFilterBase) {
-		this.groupFilterBase = groupFilterBase;
-	}
-
-	public String getGroupMembershipAttributes() {
-		return groupMembershipAttributes;
-	}
-
-	public void setGroupMembershipAttributes(String groupMembershipAttributes) {
-		this.groupMembershipAttributes = groupMembershipAttributes;
-	}
-
-	public String getGroupIdAttribute() {
-		return groupIdAttribute;
-	}
-
-	public void setGroupIdAttribute(String groupIdAttribute) {
-		this.groupIdAttribute = groupIdAttribute;
-	}
-
-	public String getRoleIdAttribute() {
-		return roleIdAttribute;
-	}
-
-	public void setRoleIdAttribute(String roleIdAttribute) {
-		this.roleIdAttribute = roleIdAttribute;
-	}
-
-	public String getUserIdAttribute() {
-		return userIdAttribute;
-	}
-
-	public void setUserIdAttribute(String userIdAttribute) {
-		this.userIdAttribute = userIdAttribute;
-	}
-
-	public String[] getGroupObjectClasses() {
-		return groupObjectClasses;
-	}
-
-	public void setGroupObjectClasses(String[] groupObjectClasses) {
-		this.groupObjectClasses = groupObjectClasses;
-	}
-
-	public String[] getRoleObjectClasses() {
-		return roleObjectClasses;
-	}
-
-	public void setRoleObjectClasses(String[] roleObjectClasses) {
-		this.roleObjectClasses = roleObjectClasses;
-	}
-
-	public String[] getUserObjectClasses() {
-		return userObjectClasses;
-	}
-
-	public void setUserObjectClasses(String[] userObjectClasses) {
-		this.userObjectClasses = userObjectClasses;
-	}
-
-	public String getRoleGroupMembershipForRoleAttributes() {
-		return this.roleGroupMembershipForRoleAttributes;
-	}
-
-	public String getGroupMembershipForRoleAttributes() {
-		return this.groupMembershipForRoleAttributes;
-	}
-	
-	public void setRoleGroupMembershipForRoleAttributes(String roleGroupMembershipForRoleAttributes) {
-		this.roleGroupMembershipForRoleAttributes=roleGroupMembershipForRoleAttributes;
-	}
-
-	public void setGroupMembershipForRoleAttributes(String groupMembershipForRoleAttributes) {
-		this.groupMembershipForRoleAttributes=groupMembershipForRoleAttributes;
-	}	
-	
-}
+/* Copyright 2004 Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.security.spi.impl.ldap;
+
+import org.apache.commons.configuration.ConfigurationException;
+import org.apache.commons.configuration.PropertiesConfiguration;
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+/**
+ * <p>
+ * Holds the configuration for ldap binding.
+ * </p>
+ * 
+ * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
+ */
+public class LdapBindingConfig
+{
+    /** The logger. */
+    private static final Log logger = LogFactory.getLog(LdapBindingConfig.class);
+
+    private String initialContextFactory;
+    private String ldapServerName;
+    private String ldapServerPort;
+    private String rootDn;
+    private String rootPassword;
+    private String rootContext;
+    
+    private PropertiesConfiguration props = null;
+
+	private String groupFilter;
+	private String userFilter;
+
+	private String userRoleMembershipAttributes;
+
+	private String groupMembershipAttributes;
+	private String userGroupMembershipAttributes;
+
+	private String defaultSearchBase;
+
+	private String groupFilterBase;
+	private String userFilterBase;
+	
+	private String groupIdAttribute;
+	private String userIdAttribute;
+	
+	private String uidAttribute;
+	private String memberShipSearchScope;
+
+	private String[] groupObjectClasses;
+
+	private String[] userObjectClasses;
+
+	private String groupMembershipForRoleAttributes;
+
+	private String groupUidAttribute;
+	private String userUidAttribute;	
+	
+	private String[] groupAttributes;
+	private String[] userAttributes;	
+		
+	private String groupObjectRequiredAttributeClasses;
+	
+	private String[] roleObjectClasses;
+	private String roleGroupMembershipForRoleAttributes;
+	private String[] roleAttributes;
+	private String roleObjectRequiredAttributeClasses;
+	private String roleFilter;
+	private String roleFilterBase;
+	private String roleIdAttribute;
+	private String roleUidAttribute;
+	private String roleMembershipAttributes;
+	
+	private String userPasswordAttribute;
+
+	private String[] knownAttributes;
+
+    /**
+     * @param factory The initial context factory.
+     * @param name The ldap server name.
+     * @param port The ldap server port.
+     * @param suffix The default dn suffix.
+     * @param context The root context.
+     * @param dn The root dn.
+     * @param password The root password.
+     * @param uou The users organization unit.
+     * @param gou The groups organization unit.
+     */
+    public LdapBindingConfig(String factory, 
+    		String name, 
+    		String port, 
+    		String context, 
+    		String dn,
+            String password, 
+            String roleFilter,
+    		String groupFilter,
+    		String userFilter,
+			String roleMembershipAttributes,
+			String userRoleMembershipAttributes,
+			String groupMembershipAttributes,
+			String userGroupMembershipAttributes,
+			String groupMembershipForRoleAttributes,
+			String roleGroupMembershipForRoleAttributes,			
+			String defaultSearchBase,
+			String roleFilterBase,
+			String groupFilterBase,
+			String userFilterBase,
+			String roleObjectClasses,
+			String groupObjectClasses,
+			String userObjectClasses,			
+			String roleIdAttribute,
+			String groupIdAttribute,
+			String userIdAttribute,
+			String uidAttribute,
+			String memberShipSearchScope,
+			String roleUidAttribute,
+			String groupUidAttribute,
+			String userUidAttribute,
+			String roleObjectRequiredAttributeClasses,
+			String groupObjectRequiredAttributeClasses,
+			String userAttributes,
+			String roleAttributes,
+			String groupAttributes,
+			String userPasswordAttribute,
+			String knownAttributes)    
+    {
+        initialContextFactory = factory;
+        ldapServerName = name;
+        ldapServerPort = port;
+        rootContext = context;
+        rootDn = dn;
+        rootPassword = password;
+
+        this.roleFilter=roleFilter;
+        this.groupFilter=groupFilter;
+        this.userFilter=userFilter;
+        
+        this.roleMembershipAttributes=roleMembershipAttributes;
+        this.userRoleMembershipAttributes=userRoleMembershipAttributes;
+        
+        this.groupMembershipAttributes=groupMembershipAttributes;
+        this.userGroupMembershipAttributes=userGroupMembershipAttributes;
+        
+        this.groupMembershipForRoleAttributes=groupMembershipForRoleAttributes;
+        this.roleGroupMembershipForRoleAttributes=roleGroupMembershipForRoleAttributes;
+        this.defaultSearchBase=defaultSearchBase;
+        
+        this.roleFilterBase=roleFilterBase;
+        this.groupFilterBase=groupFilterBase;
+        this.userFilterBase=userFilterBase;
+        
+        
+        this.roleObjectClasses=StringUtils.split(roleObjectClasses,",");
+        this.groupObjectClasses=StringUtils.split(groupObjectClasses,",");
+        this.userObjectClasses=StringUtils.split(userObjectClasses,",");
+        
+        this.roleIdAttribute=roleIdAttribute;
+        this.groupIdAttribute=groupIdAttribute;
+        this.userIdAttribute=userIdAttribute;
+        
+        this.uidAttribute = uidAttribute;
+        this.memberShipSearchScope=memberShipSearchScope;
+        
+
+        this.roleUidAttribute=roleUidAttribute;
+        this.groupUidAttribute=groupUidAttribute;
+        this.userUidAttribute=userUidAttribute;             
+        
+        this.roleObjectRequiredAttributeClasses=roleObjectRequiredAttributeClasses;
+        this.groupObjectRequiredAttributeClasses=groupObjectRequiredAttributeClasses;
+        
+        this.roleAttributes=StringUtils.split(roleAttributes,",");
+        this.groupAttributes = StringUtils.split(groupAttributes,",");
+        this.userAttributes = StringUtils.split(userAttributes,",");
+        
+        this.userPasswordAttribute = userPasswordAttribute;
+        
+        this.knownAttributes =  StringUtils.split(knownAttributes,",");
+    }
+
+    /**
+     * <p>
+     * Default constructor. By default instantiates LdapBindingConfig from
+     * JETSPEED-INF/ldap/ldap.properties in the classpath.
+     * </p>
+     */
+    public LdapBindingConfig(String ldapType)
+    {
+        try
+        {
+            props = new PropertiesConfiguration("JETSPEED-INF/directory/config/" + ldapType + "/ldap.properties");
+            initialContextFactory = props.getString("org.apache.jetspeed.ldap.initialContextFactory");
+            ldapServerName = props.getString("org.apache.jetspeed.ldap.ldapServerName");
+            ldapServerPort = props.getString("org.apache.jetspeed.ldap.ldapServerPort");
+            rootContext = props.getString("org.apache.jetspeed.ldap.rootContext");
+            rootDn = props.getString("org.apache.jetspeed.ldap.rootDn");
+            rootPassword = props.getString("org.apache.jetspeed.ldap.rootPassword");
+            
+            roleFilter=props.getString("org.apache.jetspeed.ldap.RoleFilter");
+            groupFilter=props.getString("org.apache.jetspeed.ldap.GroupFilter");
+            userFilter=props.getString("org.apache.jetspeed.ldap.UserFilter");
+
+            roleMembershipAttributes=props.getString("org.apache.jetspeed.ldap.RoleMembershipAttributes");
+            userRoleMembershipAttributes=props.getString("org.apache.jetspeed.ldap.UserRoleMembershipAttributes");
+
+            groupMembershipAttributes=props.getString("org.apache.jetspeed.ldap.GroupMembershipAttributes");
+            userGroupMembershipAttributes=props.getString("org.apache.jetspeed.ldap.UserGroupMembershipAttributes");
+
+            groupMembershipForRoleAttributes=props.getString("org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes");
+            roleGroupMembershipForRoleAttributes=props.getString("org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes");
+
+            
+            defaultSearchBase=props.getString("org.apache.jetspeed.ldap.DefaultSearchBase");
+            
+            roleFilterBase=props.getString("org.apache.jetspeed.ldap.RoleFilterBase");
+            groupFilterBase=props.getString("org.apache.jetspeed.ldap.GroupFilterBase");
+            userFilterBase=props.getString("org.apache.jetspeed.ldap.UserFilterBase");
+            
+            this.roleObjectClasses=StringUtils.split(props.getString("org.apache.jetspeed.ldap.RoleObjectClasses"),",");
+    		this.groupObjectClasses=StringUtils.split(props.getString("org.apache.jetspeed.ldap.GroupObjectClasses"),",");
+    		this.userObjectClasses=StringUtils.split(props.getString("org.apache.jetspeed.ldap.UserObjectClasses"),",");
+    		
+    		roleIdAttribute=props.getString("org.apache.jetspeed.ldap.RoleIdAttribute");
+            groupIdAttribute=props.getString("org.apache.jetspeed.ldap.GroupIdAttribute");
+            userIdAttribute=props.getString("org.apache.jetspeed.ldap.UserIdAttribute");
+
+            uidAttribute =props.getString("org.apache.jetspeed.ldap.UidAttribute");
+            memberShipSearchScope = props.getString("org.apache.jetspeed.ldap.MemberShipSearchScope");
+            
+    		this.roleUidAttribute=props.getString("org.apache.jetspeed.ldap.roleUidAttribute");
+    		this.groupUidAttribute=props.getString("org.apache.jetspeed.ldap.groupUidAttribute");
+    		this.userUidAttribute=props.getString("org.apache.jetspeed.ldap.userUidAttribute");
+
+    		this.roleObjectRequiredAttributeClasses=props.getString("org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses");
+    		this.groupObjectRequiredAttributeClasses=props.getString("org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses");
+
+			this.roleAttributes=StringUtils.split(props.getString("org.apache.jetspeed.ldap.roleAttributes"),",");
+			this.groupAttributes=StringUtils.split(props.getString("org.apache.jetspeed.ldap.groupAttributes"),",");
+			this.userAttributes=StringUtils.split(props.getString("org.apache.jetspeed.ldap.userAttributes"),",");
+			this.userPasswordAttribute=props.getString("org.apache.jetspeed.ldap.userPasswordAttribute");
+			
+			this.knownAttributes=StringUtils.split(props.getString("org.apache.jetspeed.ldap.knownAttributes"),",");
+        }
+        catch (ConfigurationException ce)
+        {
+            logger.error("Could not configure LdapBindingConfig: " + ce);
+        }
+    }
+
+    /**
+     * @return Returns the initialContextFactory.
+     */
+    public String getInitialContextFactory()
+    {
+        return initialContextFactory;
+    }
+
+    /**
+     * @param initialContextFactory The initialContextFactory to set.
+     */
+    public void setInitialContextFactory(String initialContextFactory)
+    {
+        this.initialContextFactory = initialContextFactory;
+    }
+
+    /**
+     * @return Returns the ldapServerName.
+     */
+    public String getLdapServerName()
+    {
+        return ldapServerName;
+    }
+
+    /**
+     * @param ldapServerName The ldapServerName to set.
+     */
+    public void setLdapServerName(String ldapServerName)
+    {
+        this.ldapServerName = ldapServerName;
+    }
+
+    /**
+     * @return Returns the ldapServerPort.
+     */
+    public String getLdapServerPort()
+    {
+        return ldapServerPort;
+    }
+
+    /**
+     * @param ldapServerPort The ldapServerPort to set.
+     */
+    public void setLdapServerPort(String ldapServerPort)
+    {
+        this.ldapServerPort = ldapServerPort;
+    }
+
+    /**
+     * @return Returns the rootContext.
+     */
+    public String getRootContext()
+    {
+        return rootContext;
+    }
+
+    /**
+     * @param rootContext The rootContext to set.
+     */
+    public void setRootContext(String rootContext)
+    {
+        this.rootContext = rootContext;
+    }
+
+    /**
+     * @return Returns the rootDn.
+     */
+    public String getRootDn()
+    {
+        return rootDn;
+    }
+
+    /**
+     * @param rootDn The rootDn to set.
+     */
+    public void setRootDn(String rootDn)
+    {
+        this.rootDn = rootDn;
+    }
+
+    /**
+     * @return Returns the rootPassword.
+     */
+    public String getRootPassword()
+    {
+        return rootPassword;
+    }
+
+    /**
+     * @param rootPassword The rootPassword to set.
+     */
+    public void setRootPassword(String rootPassword)
+    {
+        this.rootPassword = rootPassword;
+    }
+
+	public String getUserFilter() {
+		return userFilter;
+	}
+
+	public void setUserFilter(String userFilter) {
+		this.userFilter = userFilter;
+	}
+
+	public String getUserFilterBase() {
+		return userFilterBase;
+	}
+
+	public void setUserFilterBase(String userFilterBase) {
+		this.userFilterBase = userFilterBase;
+	}
+
+	public String getUserGroupMembershipAttributes() {
+		return userGroupMembershipAttributes;
+	}
+
+	public void setUserGroupMembershipAttributes(
+			String userGroupMembershipAttributes) {
+		this.userGroupMembershipAttributes = userGroupMembershipAttributes;
+	}
+
+	public String getUserRoleMembershipAttributes() {
+		return userRoleMembershipAttributes;
+	}
+
+	public void setUserRoleMembershipAttributes(String userRoleMembershipAttributes) {
+		this.userRoleMembershipAttributes = userRoleMembershipAttributes;
+	}
+
+	public String getDefaultSearchBase() {
+		return defaultSearchBase;
+	}
+
+	public void setDefaultSearchBase(String defaultSearchBase) {
+		this.defaultSearchBase = defaultSearchBase;
+	}
+
+	public String getGroupFilter() {
+		return groupFilter;
+	}
+
+	public void setGroupFilter(String groupFilter) {
+		this.groupFilter = groupFilter;
+	}
+
+	public String getGroupFilterBase() {
+		return groupFilterBase;
+	}
+
+	public void setGroupFilterBase(String groupFilterBase) {
+		this.groupFilterBase = groupFilterBase;
+	}
+
+	public String getGroupMembershipAttributes() {
+		return groupMembershipAttributes;
+	}
+
+	public void setGroupMembershipAttributes(String groupMembershipAttributes) {
+		this.groupMembershipAttributes = groupMembershipAttributes;
+	}
+
+	public String getGroupIdAttribute() {
+		return groupIdAttribute;
+	}
+
+	public void setGroupIdAttribute(String groupIdAttribute) {
+		this.groupIdAttribute = groupIdAttribute;
+	}
+
+
+	public String getUserIdAttribute() {
+		return userIdAttribute;
+	}
+
+	public void setUserIdAttribute(String userIdAttribute) {
+		this.userIdAttribute = userIdAttribute;
+	}
+
+	public String[] getGroupObjectClasses() {
+		return groupObjectClasses;
+	}
+
+	public void setGroupObjectClasses(String[] groupObjectClasses) {
+		this.groupObjectClasses = groupObjectClasses;
+	}
+
+
+
+	public String[] getUserObjectClasses() {
+		return userObjectClasses;
+	}
+
+	public void setUserObjectClasses(String[] userObjectClasses) {
+		this.userObjectClasses = userObjectClasses;
+	}
+
+
+	public String getGroupMembershipForRoleAttributes() {
+		return this.groupMembershipForRoleAttributes;
+	}
+	
+
+
+	public void setGroupMembershipForRoleAttributes(String groupMembershipForRoleAttributes) {
+		this.groupMembershipForRoleAttributes=groupMembershipForRoleAttributes;
+	}
+
+	public String getUidAttribute() {
+		return uidAttribute;
+	}
+
+	public void setUidAttribute(String uidAttribute) {
+		this.uidAttribute = uidAttribute;
+	}
+
+	public String getMemberShipSearchScope() {
+		return memberShipSearchScope;
+	}
+
+	public void setMemberShipSearchScope(String memberShipSearchScope) {
+		this.memberShipSearchScope = memberShipSearchScope;
+	}
+
+	public String getGroupUidAttribute() {
+		return this.groupUidAttribute;
+	}
+
+	public void setGroupUidAttribute(String groupUidAttribute) {
+		this.groupUidAttribute = groupUidAttribute;
+	}
+
+	public String getUserUidAttribute() {
+		return this.userUidAttribute;
+	}		
+	
+	public void setUserUidAttribute(String userUidAttribute) {
+		this.userUidAttribute = userUidAttribute;
+	}
+
+	public String getGroupObjectRequiredAttributeClasses() {
+		return groupObjectRequiredAttributeClasses;
+	}
+
+	public void setGroupObjectRequiredAttributeClasses(
+			String groupObjectRequiredAttributeClasses) {
+		this.groupObjectRequiredAttributeClasses = groupObjectRequiredAttributeClasses;
+	}
+
+
+
+	public String[] getGroupAttributes() {
+		return groupAttributes;
+	}
+
+	public void setGroupAttributes(String[] groupAttributes) {
+		this.groupAttributes = groupAttributes;
+	}
+
+	public String[] getUserAttributes() {
+		return userAttributes;
+	}
+
+	public void setUserAttributes(String[] userAttributes) {
+		this.userAttributes = userAttributes;
+	}	
+	
+	public String getRoleObjectRequiredAttributeClasses() {
+		return roleObjectRequiredAttributeClasses;
+	}
+
+	public void setRoleObjectRequiredAttributeClasses(
+			String roleObjectRequiredAttributeClasses) {
+		this.roleObjectRequiredAttributeClasses = roleObjectRequiredAttributeClasses;
+	}
+	
+	public String[] getRoleAttributes() {
+		return roleAttributes;
+	}
+
+	public void setRoleAttributes(String[] roleAttributes) {
+		this.roleAttributes = roleAttributes;
+	}
+	
+	public String[] getRoleObjectClasses() {
+		return roleObjectClasses;
+	}
+
+	public void setRoleObjectClasses(String[] roleObjectClasses) {
+		this.roleObjectClasses = roleObjectClasses;
+	}
+	
+
+	public String getRoleGroupMembershipForRoleAttributes() {
+		return this.roleGroupMembershipForRoleAttributes;
+	}
+	
+	public void setRoleGroupMembershipForRoleAttributes(String roleGroupMembershipForRoleAttributes) {
+		this.roleGroupMembershipForRoleAttributes=roleGroupMembershipForRoleAttributes;
+	}
+
+	public String getRoleFilter() {
+		return roleFilter;
+	}
+
+	public void setRoleFilter(String roleFilter) {
+		this.roleFilter = roleFilter;
+	}
+
+	public String getRoleFilterBase() {
+		return roleFilterBase;
+	}
+
+	public void setRoleFilterBase(String roleFilterBase) {
+		this.roleFilterBase = roleFilterBase;
+	}
+
+	public String getRoleMembershipAttributes() {
+		return roleMembershipAttributes;
+	}
+
+	public void setRoleMembershipAttributes(String roleMembershipAttributes) {
+		this.roleMembershipAttributes = roleMembershipAttributes;
+	}
+
+	public String getRoleUidAttribute() {
+		return this.roleUidAttribute;
+	}
+
+	public void setRoleUidAttribute(String roleUidAttribute) {
+		this.roleUidAttribute = roleUidAttribute;
+	}
+	
+
+	public String getRoleIdAttribute() {
+		return roleIdAttribute;
+	}
+
+	public void setRoleIdAttribute(String roleIdAttribute) {
+		this.roleIdAttribute = roleIdAttribute;
+	}
+
+	public String getUserPasswordAttribute() {
+		return userPasswordAttribute;
+	}
+
+	public void setUserPasswordAttribute(String userPasswordAttribute) {
+		this.userPasswordAttribute = userPasswordAttribute;
+	}
+
+	public String[] getKnownAttributes() {
+		return this.knownAttributes;
+	}	
+	
+	public void setKnownAttributes(String[] knownAttributes) {
+		this.knownAttributes = knownAttributes;
+	}	
+	
+}

Propchange: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java?view=diff&rev=483771&r1=483770&r2=483771
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java (original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java Thu Dec  7 17:47:28 2006
@@ -21,6 +21,7 @@
 import javax.naming.directory.BasicAttribute;
 import javax.naming.directory.BasicAttributes;
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.jetspeed.security.SecurityException;
 import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
 
@@ -77,6 +78,11 @@
         	classes.add(getObjectClasses()[i]);
         attrs.put(classes);
         attrs.put(getEntryPrefix(), principalUid);
+        if(!StringUtils.isEmpty(getGroupObjectRequiredAttributeClasses()))
+        	attrs.put(getGroupObjectRequiredAttributeClasses(), "");
+        for (int i=0;i<getAttributes().length;i++)
+        	attrs.put(parseAttr(getAttributes()[i],principalUid)[0], parseAttr(getAttributes()[i],principalUid)[1]);
+                
         return attrs;
     }
 
@@ -116,6 +122,14 @@
 
 	protected String[] getObjectClasses() {
 		return this.getGroupObjectClasses();
+	}
+
+	protected String getUidAttributeForPrincipal() {
+		return this.getGroupUidAttribute();
+	}
+
+	protected String[] getAttributes() {
+		return this.getGroupAttributes();
 	}
 	
  	



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message