|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.atlassian.crowd.directory.SpringLDAPConnector com.atlassian.crowd.directory.RFC4519Directory com.atlassian.crowd.directory.MicrosoftActiveDirectory
public class MicrosoftActiveDirectory
Microsoft Active Directory connector.
Field Summary | |
---|---|
static PropertyImpl<String> |
OBJECT_SID
|
static int |
UF_ACCOUNTDISABLE
|
Fields inherited from class com.atlassian.crowd.directory.SpringLDAPConnector |
---|
attributes, contextSource, contextSourceTransactionManager, DEFAULT_PAGE_SIZE, eventPublisher, ldapPropertiesMapper, ldapQueryTranslater, ldapTemplate, nameConverter, searchDN |
Constructor Summary | |
---|---|
MicrosoftActiveDirectory(ActiveDirectoryQueryTranslaterImpl activeDirectoryQueryTranslater,
com.atlassian.event.api.EventPublisher eventPublisher,
InstanceFactory instanceFactory)
|
Method Summary | ||
---|---|---|
void |
addUserToGroup(String username,
String groupName)
Adds a user as a member of a group. |
|
protected byte[] |
encodePassword(String unencodedPassword)
Converts the clear-text password to the { AD_PASSWORD_ENCODED encoding - currently UTF-16LE |
|
long |
fetchHighestCommittedUSN()
|
|
List<LDAPGroupWithAttributes> |
findAddedOrUpdatedGroupsSince(long usnChanged)
|
|
protected
|
findAddedOrUpdatedObjectsSince(long usnChange,
Name objectBaseDN,
String objectFilter,
ContextMapperWithRequiredAttributes<T> contextMapper)
|
|
List<LDAPUserWithAttributes> |
findAddedOrUpdatedUsersSince(long usnChange)
|
|
Iterable<LdapName> |
findDirectMembersOfGroup(LdapName groupDn)
This method is not part of RemoteDirectory 's contract. |
|
protected Iterable<String> |
findGroupMembershipNames(MembershipQuery<String> query)
|
|
protected List<? extends LDAPGroupWithAttributes> |
findGroupMemberships(MembershipQuery<? extends LDAPGroupWithAttributes> query)
|
|
List<Tombstone> |
findGroupTombstonesSince(long usnChange)
|
|
protected List<Tombstone> |
findTombstonesSince(long usnChange,
Name objectBaseDN,
String objectClass)
|
|
protected List<LDAPUserWithAttributes> |
findUserMembersOfGroupViaMemberDN(String groupName,
GroupType groupType,
int startIndex,
int maxResults)
|
|
protected Iterable<LDAPUserWithAttributes> |
findUserMembersOfGroupViaMemberOf(String groupName,
GroupType groupType,
int startIndex,
int maxResults)
|
|
List<Tombstone> |
findUserTombstonesSince(long usnChange)
|
|
protected Map<String,String> |
getBaseEnvironmentProperties()
Returns the properties used to set up the Ldap ContextSource. |
|
protected List<AttributeMapper> |
getCustomGroupAttributeMappers()
As a minimum, this SHOULD provide an attribute mapper that maps the group members attribute (if available). |
|
protected List<AttributeMapper> |
getCustomUserAttributeMappers()
|
|
String |
getDescriptiveName()
Returns a descriptive name for the type of directory. |
|
protected String |
getInitialGroupMemberDN()
AD does not need a default container member. |
|
protected List<AttributeMapper> |
getMemberDnMappers()
|
|
protected void |
getNewGroupDirectorySpecificAttributes(Group group,
Attributes attributes)
If we want to be able to nest groups, we need to create distribution groups rather than security groups. |
|
protected void |
getNewUserDirectorySpecificAttributes(User user,
Attributes attributes)
Active Directory needs a couple of additional attributes set - the sAMAccountName (which is the account name you use to log on to Windows), and the account disabled flag. |
|
static String |
getStaticDirectoryType()
|
|
ContextMapperWithRequiredAttributes<LDAPUserWithAttributes> |
getUserContextMapper()
Returns a ContextMapper that can transform a Context into a User. |
|
protected List<ModificationItem> |
getUserModificationItems(User userTemplate,
LDAPUserWithAttributes currentUser)
|
|
boolean |
isUserDirectGroupMember(String username,
String groupName)
Determines if a user is a direct member of a group. |
|
protected List<LDAPGroupWithAttributes> |
postprocessGroups(List<LDAPGroupWithAttributes> groups)
Perform any post-processing on groups. |
|
void |
removeGroup(String name)
Removes the group that matches the supplied name . |
|
void |
removeUserFromGroup(String username,
String groupName)
Removes a user as a member of a group. |
|
boolean |
supportsInactiveAccounts()
This connector supports inactive accounts while, in general, LDAP connector do not. |
Methods inherited from class com.atlassian.crowd.directory.RFC4519Directory |
---|
addDnToGroup, addGroupToGroup, findGroupMembershipsOfUserViaMemberOf, getLdapName, getMemberships, isDnDirectGroupMember, isGroupDirectGroupMember, removeDnFromGroup, removeGroupFromGroup, searchGroupRelationshipsWithGroupTypeSpecified, toGenericIterable |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final int UF_ACCOUNTDISABLE
public static final PropertyImpl<String> OBJECT_SID
Constructor Detail |
---|
public MicrosoftActiveDirectory(ActiveDirectoryQueryTranslaterImpl activeDirectoryQueryTranslater, com.atlassian.event.api.EventPublisher eventPublisher, InstanceFactory instanceFactory)
Method Detail |
---|
public static String getStaticDirectoryType()
public String getDescriptiveName()
RemoteDirectory
public void removeGroup(String name) throws GroupNotFoundException, OperationFailedException
RemoteDirectory
group
that matches the supplied name
.
removeGroup
in interface RemoteDirectory
removeGroup
in class SpringLDAPConnector
name
- The name of the group.
GroupNotFoundException
- The group does not exist.
OperationFailedException
- underlying directory implementation failed to execute the operation.public boolean isUserDirectGroupMember(String username, String groupName) throws OperationFailedException
RemoteDirectory
isUserDirectGroupMember
in interface RemoteDirectory
isUserDirectGroupMember
in class RFC4519Directory
username
- name of user.groupName
- name of group.
true
iff the user is a direct member of the group.
OperationFailedException
- underlying directory implementation failed to execute the operation.public void addUserToGroup(String username, String groupName) throws GroupNotFoundException, OperationFailedException, UserNotFoundException, MembershipAlreadyExistsException
RemoteDirectory
childGroup
will
appear as members of parentGroup
to querying applications.
addUserToGroup
in interface RemoteDirectory
addUserToGroup
in class RFC4519Directory
username
- The user that will become a member of groupName
groupName
- The group that will gain a new member.
GroupNotFoundException
- If the group cannot be found.
OperationFailedException
- underlying directory implementation failed to execute the operation.
UserNotFoundException
- If the user cannot be found.
MembershipAlreadyExistsException
- if the user is already a member of the grouppublic void removeUserFromGroup(String username, String groupName) throws UserNotFoundException, GroupNotFoundException, MembershipNotFoundException, OperationFailedException
RemoteDirectory
removeUserFromGroup
in interface RemoteDirectory
removeUserFromGroup
in class RFC4519Directory
username
- The user that will be removed from parentGroup
groupName
- The group that will lose the member.
UserNotFoundException
- If the user cannot be found.
GroupNotFoundException
- If the group cannot be found.
MembershipNotFoundException
- if the user is not a direct member of the group.
OperationFailedException
- underlying directory implementation failed to execute the operation.protected List<? extends LDAPGroupWithAttributes> findGroupMemberships(MembershipQuery<? extends LDAPGroupWithAttributes> query) throws OperationFailedException
findGroupMemberships
in class RFC4519Directory
OperationFailedException
protected Iterable<String> findGroupMembershipNames(MembershipQuery<String> query) throws OperationFailedException
findGroupMembershipNames
in class RFC4519Directory
OperationFailedException
protected List<LDAPUserWithAttributes> findUserMembersOfGroupViaMemberDN(String groupName, GroupType groupType, int startIndex, int maxResults) throws OperationFailedException
findUserMembersOfGroupViaMemberDN
in class RFC4519Directory
OperationFailedException
protected Iterable<LDAPUserWithAttributes> findUserMembersOfGroupViaMemberOf(String groupName, GroupType groupType, int startIndex, int maxResults) throws OperationFailedException
findUserMembersOfGroupViaMemberOf
in class RFC4519Directory
OperationFailedException
public Iterable<LdapName> findDirectMembersOfGroup(LdapName groupDn) throws OperationFailedException
RFC4519Directory
RemoteDirectory
's contract. It is introduced by RFC4519Directory
to
support RFC4519DirectoryMembershipsIterable
.
findDirectMembersOfGroup
in class RFC4519Directory
groupDn
- LDAP name of a group
OperationFailedException
- if the operation fails for any reasonprotected String getInitialGroupMemberDN()
getInitialGroupMemberDN
in class SpringLDAPConnector
null
.protected byte[] encodePassword(String unencodedPassword) throws InvalidCredentialException
AD_PASSWORD_ENCODED
encoding - currently UTF-16LE
encodePassword
in class SpringLDAPConnector
unencodedPassword
-
InvalidCredentialException
- If the specified encoding is not available on this system.protected void getNewUserDirectorySpecificAttributes(User user, Attributes attributes)
getNewUserDirectorySpecificAttributes
in class SpringLDAPConnector
user
- attributes
- protected void getNewGroupDirectorySpecificAttributes(Group group, Attributes attributes)
getNewGroupDirectorySpecificAttributes
in class SpringLDAPConnector
group
- attributes
- protected List<AttributeMapper> getCustomUserAttributeMappers()
getCustomUserAttributeMappers
in class RFC4519Directory
protected List<AttributeMapper> getCustomGroupAttributeMappers()
SpringLDAPConnector
getCustomGroupAttributeMappers
in class RFC4519Directory
protected List<AttributeMapper> getMemberDnMappers()
getMemberDnMappers
in class RFC4519Directory
protected List<LDAPGroupWithAttributes> postprocessGroups(List<LDAPGroupWithAttributes> groups) throws OperationFailedException
SpringLDAPConnector
postprocessGroups
in class SpringLDAPConnector
groups
- to post-process
OperationFailedException
- if processing encounters a problem with the underlying directoryprotected Map<String,String> getBaseEnvironmentProperties()
SpringLDAPConnector
getBaseEnvironmentProperties
in class SpringLDAPConnector
public long fetchHighestCommittedUSN() throws OperationFailedException
OperationFailedException
public List<LDAPUserWithAttributes> findAddedOrUpdatedUsersSince(long usnChange) throws OperationFailedException
OperationFailedException
public List<LDAPGroupWithAttributes> findAddedOrUpdatedGroupsSince(long usnChanged) throws OperationFailedException
OperationFailedException
public List<Tombstone> findUserTombstonesSince(long usnChange) throws OperationFailedException
OperationFailedException
public List<Tombstone> findGroupTombstonesSince(long usnChange) throws OperationFailedException
OperationFailedException
protected <T> List<T> findAddedOrUpdatedObjectsSince(long usnChange, Name objectBaseDN, String objectFilter, ContextMapperWithRequiredAttributes<T> contextMapper) throws OperationFailedException
OperationFailedException
protected List<Tombstone> findTombstonesSince(long usnChange, Name objectBaseDN, String objectClass) throws OperationFailedException
OperationFailedException
public ContextMapperWithRequiredAttributes<LDAPUserWithAttributes> getUserContextMapper()
SpringLDAPConnector
getUserContextMapper
in class SpringLDAPConnector
protected List<ModificationItem> getUserModificationItems(User userTemplate, LDAPUserWithAttributes currentUser)
getUserModificationItems
in class SpringLDAPConnector
public boolean supportsInactiveAccounts()
supportsInactiveAccounts
in interface RemoteDirectory
supportsInactiveAccounts
in class SpringLDAPConnector
true
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |