com.atlassian.crowd.directory

Class DbCachingRemoteDirectory

java.lang.Object

com.atlassian.crowd.directory.AbstractForwardingDirectory

com.atlassian.crowd.directory.DbCachingRemoteDirectory

All Implemented Interfaces:

FastEntityCountProvider, MultiValuesQueriesSupport, RemoteDirectory, SynchronisableDirectory, Attributes

public class DbCachingRemoteDirectory
extends AbstractForwardingDirectory
implements RemoteDirectory, SynchronisableDirectory, FastEntityCountProvider, MultiValuesQueriesSupport

A RemoteDirectory that provides LDAP and Crowd integration plus local storage in an internal directory for LDAP user and group attributes, and local groups for LDAP and Crowd users with local caching of remote data. The implementation delegates to an Remote directory for the "source of truth" and an internal directory for caching and some special local storage.

All the attributes for the directory itself (e.g. base DN, other configuration options) are stored on the directory instance.

Terminology used in this class:

Remote user

A user stored in the LDAP or Remote Crowd directory

Remote group

A group stored in the LDAP or Remote Crowd directory.

Local group

A group stored in the internal directory. There must not be an Remote group with the same name for a local group to exist.

Constructor Summary

Constructors

Constructor and Description
DbCachingRemoteDirectory(RemoteDirectory remoteDirectory, InternalRemoteDirectory internalDirectory, DirectoryCacheFactory directoryCacheFactory, CacheRefresherFactory cacheRefresherFactory, AuditService auditService, AuditLogUserMapper auditLogUserMapper, String directoryName, com.atlassian.event.api.EventPublisher eventPublisher, DirectoryDao directoryDao, BatchConfigParser batchConfigParser)

Method Summary

Modifier and Type	Method and Description
Group	addGroup(GroupTemplate group) Adds a group to the directory store.
void	addGroupToGroup(String childGroup, String parentGroup) Adds a group as a member of a parent group.
UserWithAttributes	addUser(UserTemplateWithAttributes user, PasswordCredential credential) Adds a user to the directory store.
void	addUserToGroup(String username, String groupName) Adds a user as a member of a group.
User	authenticate(String name, PasswordCredential credential) Authenticates a user with the directory store.
protected User	authenticateAndUpdateInternalUser(String name, PasswordCredential credential) Authenticates user and ensures that internal directory contains the authenticated user.
protected void	checkIfUserCanBeUpdatedWithCurrentGroupFiltering(String username, Set<String> userRemoteGroupNames)
void	expireAllPasswords() Sets the UserConstants.REQUIRES_PASSWORD_CHANGE attribute to true for all users in the directory using bulk operations
RemoteDirectory	getAuthoritativeDirectory()
protected InternalRemoteDirectory	getDelegate()
String	getDescriptiveName() Returns a descriptive name for the type of directory.
long	getDirectoryId() Gets the internal unique directoryId of the directory store.
long	getGroupCount()
Set<String>	getKeys() Gets all the keys of the attributes.
long	getUserCount()
String	getValue(String name) Returns any value associated with the given key, returns null if there is no value.
Set<String>	getValues(String name) Get all the values associated with a given key.
boolean	isEmpty()
boolean	isIncrementalSyncEnabled() Gets the preferred synchronisation mode for this remote directory.
boolean	isRolesDisabled() Expose whether the directory has roles disabled.
void	removeGroup(String name) Removes the group that matches the supplied name.
void	removeGroupAttributes(String groupName, String attributeName) Removes all the values for a single attribute key for a group.
void	removeGroupFromGroup(String childGroup, String parentGroup) Removes a group as a member of a parent group.
void	removeUser(String name) Removes the user that matches the supplied name.
void	removeUserAttributes(String username, String attributeName) Removes all the values for a single attribute key for a user.
void	removeUserFromGroup(String username, String groupName) Removes a user as a member of a group.
Group	renameGroup(String oldName, String newName) Renames a group.
User	renameUser(String oldName, String newName) Renames a user.
<T> com.google.common.collect.ListMultimap<String,T>	searchGroupRelationshipsGroupedByName(MembershipQuery<T> query) Searches for groups that match the supplied query criteria.
void	setAttributes(Map<String,String> attributes) When a directory store is loaded, the attributes map will be set by the Crowd framework.
void	setDirectoryId(long directoryId) When a directory store is loaded, the directoryId will be set by the crowd framework.
protected boolean	shouldSyncGroupMembershipAfterUserAuthentication(boolean isNewUser)
void	storeGroupAttributes(String groupName, Map<String,Set<String>> attributes) Adds or updates a group's attributes with the new Map of attribute values in the directory specified by the passed in directoryId.
void	storeUserAttributes(String username, Map<String,Set<String>> attributes) Adds or updates a user's attributes with the new Map of attribute values in the directory specified by the passed in directoryId.
boolean	supportsInactiveAccounts() This implementation will store the active flag locally in the internal directory if local user status is enabled and if the active flag cannot be persisted on the underlying remote directory.
boolean	supportsNestedGroups() Allows us to only display nested-group related UI for directories that support it.
boolean	supportsPasswordExpiration() Return true if this directory supports manually expiring passwords.
boolean	supportsSettingEncryptedCredential() If this method returns true, then calling RemoteDirectory.updateUserCredential(String, PasswordCredential) or RemoteDirectory.addUser(com.atlassian.crowd.model.user.UserTemplate, com.atlassian.crowd.embedded.api.PasswordCredential) with a PasswordCredential instance where PasswordCredential.isEncryptedCredential() returns true and the instance is not equal to PasswordCredential.NONE will succeed; otherwise, it will fail.
void	synchroniseCache(SynchronisationMode mode, SynchronisationStatusManager synchronisationStatusManager) Requests that this directory should update its cache by synchronising with the remote data.
void	testConnection() Test if a connection to the directory server can be established.
Group	updateGroup(GroupTemplate group) Updates the group.
protected void	updateGroupsMembershipOnLogin(User user, Set<String> userRemoteGroupNames)
User	updateUser(UserTemplate user) Updates the user.
protected User	updateUserAndSetActiveFlag(User remoteUser, User internalUser)
void	updateUserCredential(String username, PasswordCredential credential) Updates the password for a user.
User	updateUserFromRemoteDirectory(User remoteUser)
User	userAuthenticated(String username)

Methods inherited from class com.atlassian.crowd.directory.AbstractForwardingDirectory

addUser, countDirectMembersOfGroup, findGroupByName, findGroupWithAttributesByName, findUserByExternalId, findUserByName, findUserWithAttributesByName, getMemberships, getUserAvatarByName, isGroupDirectGroupMember, isUserDirectGroupMember, searchGroupRelationships, searchGroups, searchUsers

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.atlassian.crowd.directory.RemoteDirectory

addUser, countDirectMembersOfGroup, findGroupByName, findGroupWithAttributesByName, findUserByExternalId, findUserByName, findUserWithAttributesByName, getLocallyFilteredGroupNames, getMemberships, getUserAvatarByName, isGroupDirectGroupMember, isUserDirectGroupMember, searchGroupRelationships, searchGroups, searchUsers

Methods inherited from interface com.atlassian.crowd.directory.MultiValuesQueriesSupport

searchGroupRelationships

Constructor Detail

DbCachingRemoteDirectory

public DbCachingRemoteDirectory(RemoteDirectory remoteDirectory,
                                InternalRemoteDirectory internalDirectory,
                                DirectoryCacheFactory directoryCacheFactory,
                                CacheRefresherFactory cacheRefresherFactory,
                                AuditService auditService,
                                AuditLogUserMapper auditLogUserMapper,
                                String directoryName,
                                com.atlassian.event.api.EventPublisher eventPublisher,
                                DirectoryDao directoryDao,
                                BatchConfigParser batchConfigParser)

Method Detail

getDirectoryId

public long getDirectoryId()

Description copied from interface: RemoteDirectory

Gets the internal unique directoryId of the directory store.

Specified by:

getDirectoryId in interface RemoteDirectory

Overrides:

getDirectoryId in class AbstractForwardingDirectory

Returns:

The directoryId.

setDirectoryId

public void setDirectoryId(long directoryId)

Description copied from interface: RemoteDirectory

When a directory store is loaded, the directoryId will be set by the crowd framework.

Specified by:

setDirectoryId in interface RemoteDirectory

Overrides:

setDirectoryId in class AbstractForwardingDirectory

Parameters:

directoryId - The unique directoryId of the DirectoryImpl stored in the database.

getDescriptiveName

public String getDescriptiveName()

Description copied from interface: RemoteDirectory

Returns a descriptive name for the type of directory.

Specified by:

getDescriptiveName in interface RemoteDirectory

Overrides:

getDescriptiveName in class AbstractForwardingDirectory

Returns:

descriptive name.

setAttributes

public void setAttributes(Map<String,String> attributes)

Description copied from interface: RemoteDirectory

When a directory store is loaded, the attributes map will be set by the Crowd framework. Implementations may store a reference to this map in order to implement the Attributes

The Map is immutable and implementations are required to maintain immutability.

Specified by:

setAttributes in interface RemoteDirectory

Overrides:

setAttributes in class AbstractForwardingDirectory

Parameters:

attributes - attributes map.

authenticate

public User authenticate(String name,
                         PasswordCredential credential)
                  throws UserNotFoundException,
                         InactiveAccountException,
                         InvalidAuthenticationException,
                         ExpiredCredentialException,
                         OperationFailedException

Description copied from interface: RemoteDirectory

Authenticates a user with the directory store.

Specified by:

authenticate in interface RemoteDirectory

Overrides:

authenticate in class AbstractForwardingDirectory

Parameters:

name - The name of the user (username).

credential - The supplied credentials (password).

Returns:

The populated user if the authentication is valid.

Throws:

UserNotFoundException - The user with the supplied name does not exist.

InactiveAccountException - The supplied user is inactive.

InvalidAuthenticationException - Authentication with the provided credentials failed.

ExpiredCredentialException - The user's credentials have expired. The user must change their credentials in order to successfully authenticate.

OperationFailedException - underlying directory implementation failed to execute the operation.

authenticateAndUpdateInternalUser

protected User authenticateAndUpdateInternalUser(String name,
                                                 PasswordCredential credential)
                                          throws UserNotFoundException,
                                                 InactiveAccountException,
                                                 InvalidAuthenticationException,
                                                 ExpiredCredentialException,
                                                 OperationFailedException

Authenticates user and ensures that internal directory contains the authenticated user.

Updates user data (including groups membership) if the user exists in the internal directory. Renames user if necessary. If user does not exists tries to add the user and the user's memberships in the internal directory.

User might not exist in the internal directory yet because the user was added after the latest synchronisation. This happens for example when the remote directory uses delegated authentication, and creates users on successful authentication.

Parameters:

name - of the user

credential - credential of the user

Returns:

The populated user if the authentication is valid.

Throws:

UserNotFoundException - if the user does not exist

ExpiredCredentialException - if the password has expired and the user is required to change their password

InactiveAccountException - if the user account is not active

InvalidAuthenticationException - if the user name/password combination is invalid

OperationFailedException - if the operation failed for any other reason

updateUserFromRemoteDirectory

public User updateUserFromRemoteDirectory(@Nonnull
                                          User remoteUser)
                                   throws OperationFailedException,
                                          UserNotFoundException

Specified by:

updateUserFromRemoteDirectory in interface RemoteDirectory

Overrides:

updateUserFromRemoteDirectory in class AbstractForwardingDirectory

Throws:

OperationFailedException

UserNotFoundException

userAuthenticated

public User userAuthenticated(String username)
                       throws OperationFailedException,
                              UserNotFoundException,
                              InactiveAccountException

Specified by:

userAuthenticated in interface RemoteDirectory

Throws:

OperationFailedException

UserNotFoundException

InactiveAccountException

checkIfUserCanBeUpdatedWithCurrentGroupFiltering

protected void checkIfUserCanBeUpdatedWithCurrentGroupFiltering(String username,
                                                                Set<String> userRemoteGroupNames)
                                                         throws OperationFailedException,
                                                                UserNotFoundException

Throws:

OperationFailedException

UserNotFoundException

updateUserAndSetActiveFlag

protected User updateUserAndSetActiveFlag(User remoteUser,
                                          User internalUser)
                                   throws UserNotFoundException,
                                          InvalidUserException,
                                          OperationFailedException

Throws:

UserNotFoundException

InvalidUserException

OperationFailedException

updateGroupsMembershipOnLogin

protected void updateGroupsMembershipOnLogin(User user,
                                             Set<String> userRemoteGroupNames)
                                      throws OperationFailedException,
                                             UserNotFoundException

Throws:

OperationFailedException

UserNotFoundException

addUser

public UserWithAttributes addUser(UserTemplateWithAttributes user,
                                  PasswordCredential credential)
                           throws InvalidUserException,
                                  InvalidCredentialException,
                                  UserAlreadyExistsException,
                                  OperationFailedException

Description copied from interface: RemoteDirectory

Adds a user to the directory store.

Specified by:

addUser in interface RemoteDirectory

Overrides:

addUser in class AbstractForwardingDirectory

Parameters:

user - template of the user to add.

credential - a password, or PasswordCredential.NONE for an account that cannot login with any password

Returns:

the added user retrieved from the underlying store.

Throws:

InvalidUserException - The supplied user is invalid.

InvalidCredentialException - The supplied credential is invalid.

UserAlreadyExistsException - The user already exists

OperationFailedException - underlying directory implementation failed to execute the operation.

See Also:

RemoteDirectory.supportsSettingEncryptedCredential()

updateUser

public User updateUser(UserTemplate user)
                throws InvalidUserException,
                       UserNotFoundException,
                       OperationFailedException

Description copied from interface: RemoteDirectory

Updates the user.

Specified by:

updateUser in interface RemoteDirectory

Overrides:

updateUser in class AbstractForwardingDirectory

Parameters:

user - The user to update.

Returns:

the updated user retrieved from the underlying store.

Throws:

InvalidUserException - the supplied user is invalid.

UserNotFoundException - the user does not exist in the directory store.

OperationFailedException - underlying directory implementation failed to execute the operation.

updateUserCredential

public void updateUserCredential(String username,
                                 PasswordCredential credential)
                          throws UserNotFoundException,
                                 InvalidCredentialException,
                                 OperationFailedException

Description copied from interface: RemoteDirectory

Updates the password for a user.

Specified by:

updateUserCredential in interface RemoteDirectory

Overrides:

updateUserCredential in class AbstractForwardingDirectory

Parameters:

username - The name of the user (username).

credential - The new credential (password).

Throws:

UserNotFoundException - The user does not exist.

InvalidCredentialException - The supplied credential is invalid.

OperationFailedException - underlying directory implementation failed to execute the operation.

See Also:

RemoteDirectory.supportsSettingEncryptedCredential()

renameUser

public User renameUser(String oldName,
                       String newName)
                throws UserNotFoundException,
                       InvalidUserException,
                       OperationFailedException,
                       UserAlreadyExistsException

Description copied from interface: RemoteDirectory

Renames a user.

Specified by:

renameUser in interface RemoteDirectory

Overrides:

renameUser in class AbstractForwardingDirectory

Parameters:

oldName - name of existing user.

newName - desired name of user.

Returns:

renamed user.

Throws:

UserNotFoundException - if the user with the existing name does not exist.

InvalidUserException - if the new username is invalid.

OperationFailedException - if the underlying directory implementation failed to execute the operation.

UserAlreadyExistsException - if the newName already exists.

storeUserAttributes

public void storeUserAttributes(String username,
                                Map<String,Set<String>> attributes)
                         throws UserNotFoundException,
                                OperationFailedException

Description copied from interface: RemoteDirectory

Adds or updates a user's attributes with the new Map of attribute values in the directory specified by the passed in directoryId.

The attributes map represents new or updated attributes and does not replace existing attributes unless the key of an attribute matches the key of an existing

Attributes with values of empty sets are not added (these attributes are effectively removed).

Specified by:

storeUserAttributes in interface RemoteDirectory

Overrides:

storeUserAttributes in class AbstractForwardingDirectory

Parameters:

username - name of user to update.

attributes - new or updated attributes (attributes that don't need changing should not appear in this Map).

Throws:

UserNotFoundException - user with supplied username does not exist.

OperationFailedException - underlying directory implementation failed to execute the operation.

removeUserAttributes

public void removeUserAttributes(String username,
                                 String attributeName)
                          throws UserNotFoundException,
                                 OperationFailedException

Description copied from interface: RemoteDirectory

Removes all the values for a single attribute key for a user. If the attribute key does not exist nothing will happen.

Specified by:

removeUserAttributes in interface RemoteDirectory

Overrides:

removeUserAttributes in class AbstractForwardingDirectory

Parameters:

username - name of the user to update.

attributeName - name of attribute to remove.

Throws:

UserNotFoundException - user with supplied username does not exist.

OperationFailedException - underlying directory implementation failed to execute the operation.

removeUser

public void removeUser(String name)
                throws UserNotFoundException,
                       OperationFailedException

Description copied from interface: RemoteDirectory

Removes the user that matches the supplied name.

Specified by:

removeUser in interface RemoteDirectory

Overrides:

removeUser in class AbstractForwardingDirectory

Parameters:

name - The name of the user (username).

Throws:

UserNotFoundException - The user does not exist.

OperationFailedException - underlying directory implementation failed to execute the operation.

addGroup

public Group addGroup(GroupTemplate group)
               throws InvalidGroupException,
                      OperationFailedException

Description copied from interface: RemoteDirectory

Adds a group to the directory store.

Specified by:

addGroup in interface RemoteDirectory

Overrides:

addGroup in class AbstractForwardingDirectory

Parameters:

group - template of the group to add.

Returns:

the added group retrieved from the underlying store.

Throws:

InvalidGroupException - The supplied group is invalid or it already exists in the directory.

OperationFailedException - underlying directory implementation failed to execute the operation.

updateGroup

public Group updateGroup(GroupTemplate group)
                  throws InvalidGroupException,
                         GroupNotFoundException,
                         OperationFailedException,
                         ReadOnlyGroupException

Description copied from interface: RemoteDirectory

Updates the group.

Specified by:

updateGroup in interface RemoteDirectory

Overrides:

updateGroup in class AbstractForwardingDirectory

Parameters:

group - The group to update.

Returns:

the updated group retrieved from the underlying store.

Throws:

InvalidGroupException - the supplied group is invalid.

GroupNotFoundException - the group does not exist in the directory store.

OperationFailedException - underlying directory implementation failed to execute the operation.

ReadOnlyGroupException - the group is read-only

renameGroup

public Group renameGroup(String oldName,
                         String newName)
                  throws GroupNotFoundException,
                         InvalidGroupException

Description copied from interface: RemoteDirectory

Renames a group.

Specified by:

renameGroup in interface RemoteDirectory

Overrides:

renameGroup in class AbstractForwardingDirectory

Parameters:

oldName - name of existing group.

newName - desired name of group.

Returns:

renamed group.

Throws:

GroupNotFoundException - if the group with the existing name does not exist.

InvalidGroupException - if the new group name is invalid or already exists in the directory.

storeGroupAttributes

public void storeGroupAttributes(String groupName,
                                 Map<String,Set<String>> attributes)
                          throws GroupNotFoundException,
                                 OperationFailedException

Description copied from interface: RemoteDirectory

Adds or updates a group's attributes with the new Map of attribute values in the directory specified by the passed in directoryId.

The attributes map represents new or updated attributes and does not replace existing attributes unless the key of an attribute matches the key of an existing

Attributes with values of empty sets are not added (these attributes are effectively removed).

Specified by:

storeGroupAttributes in interface RemoteDirectory

Overrides:

storeGroupAttributes in class AbstractForwardingDirectory

Parameters:

groupName - name of group to update.

attributes - new or updated attributes (attributes that don't need changing should not appear in this Map).

Throws:

GroupNotFoundException - group with supplied groupName does not exist.

OperationFailedException - underlying directory implementation failed to execute the operation.

removeGroupAttributes

public void removeGroupAttributes(String groupName,
                                  String attributeName)
                           throws GroupNotFoundException,
                                  OperationFailedException

Description copied from interface: RemoteDirectory

Removes all the values for a single attribute key for a group.

Specified by:

removeGroupAttributes in interface RemoteDirectory

Overrides:

removeGroupAttributes in class AbstractForwardingDirectory

Parameters:

groupName - name of the group to update.

attributeName - name of attribute to remove.

Throws:

GroupNotFoundException - group with supplied groupName does not exist.

OperationFailedException - underlying directory implementation failed to execute the operation.

removeGroup

public void removeGroup(String name)
                 throws GroupNotFoundException,
                        OperationFailedException,
                        ReadOnlyGroupException

Description copied from interface: RemoteDirectory

Removes the group that matches the supplied name.

Specified by:

removeGroup in interface RemoteDirectory

Overrides:

removeGroup in class AbstractForwardingDirectory

Parameters:

name - The name of the group.

Throws:

GroupNotFoundException - The group does not exist.

OperationFailedException - underlying directory implementation failed to execute the operation.

ReadOnlyGroupException - if the group is read-only and not allowed to be deleted.

addUserToGroup

public void addUserToGroup(String username,
                           String groupName)
                    throws GroupNotFoundException,
                           UserNotFoundException,
                           OperationFailedException,
                           ReadOnlyGroupException,
                           MembershipAlreadyExistsException

Description copied from interface: RemoteDirectory

Adds a user as a member of a group. This means that all user members of childGroup will appear as members of parentGroup to querying applications.

Specified by:

addUserToGroup in interface RemoteDirectory

Overrides:

addUserToGroup in class AbstractForwardingDirectory

Parameters:

username - The user that will become a member of groupName

groupName - The group that will gain a new member.

Throws:

GroupNotFoundException - If the group cannot be found.

UserNotFoundException - If the user cannot be found.

OperationFailedException - underlying directory implementation failed to execute the operation.

ReadOnlyGroupException - If the group is read-only

MembershipAlreadyExistsException - if the user is already a member of the group

addGroupToGroup

public void addGroupToGroup(String childGroup,
                            String parentGroup)
                     throws GroupNotFoundException,
                            InvalidMembershipException,
                            OperationFailedException,
                            ReadOnlyGroupException,
                            MembershipAlreadyExistsException

Description copied from interface: RemoteDirectory

Adds a group as a member of a parent group.

Specified by:

addGroupToGroup in interface RemoteDirectory

Overrides:

addGroupToGroup in class AbstractForwardingDirectory

Parameters:

childGroup - The group that will become a member of parentGroup

parentGroup - The group that will gain a new member

Throws:

GroupNotFoundException - One or both of the groups cannot be found.

InvalidMembershipException - if the childGroup and parentGroup exist but are of different GroupTypes.

OperationFailedException - underlying directory implementation failed to execute the operation.

ReadOnlyGroupException - if either of the groups are read-only

MembershipAlreadyExistsException - if the child group is already a child of the parent group

removeUserFromGroup

public void removeUserFromGroup(String username,
                                String groupName)
                         throws GroupNotFoundException,
                                UserNotFoundException,
                                MembershipNotFoundException,
                                OperationFailedException,
                                ReadOnlyGroupException

Description copied from interface: RemoteDirectory

Removes a user as a member of a group.

Specified by:

removeUserFromGroup in interface RemoteDirectory

Overrides:

removeUserFromGroup in class AbstractForwardingDirectory

Parameters:

username - The user that will be removed from parentGroup

groupName - The group that will lose the member.

Throws:

GroupNotFoundException - If the group cannot be found.

UserNotFoundException - If the user cannot be found.

MembershipNotFoundException - if the user is not a direct member of the group.

OperationFailedException - underlying directory implementation failed to execute the operation.

ReadOnlyGroupException - if the group is read-only

removeGroupFromGroup

public void removeGroupFromGroup(String childGroup,
                                 String parentGroup)
                          throws GroupNotFoundException,
                                 InvalidMembershipException,
                                 MembershipNotFoundException,
                                 OperationFailedException,
                                 ReadOnlyGroupException

Description copied from interface: RemoteDirectory

Removes a group as a member of a parent group.

Specified by:

removeGroupFromGroup in interface RemoteDirectory

Overrides:

removeGroupFromGroup in class AbstractForwardingDirectory

Parameters:

childGroup - The group that will be removed from parentGroup

parentGroup - The group that will lose the member.

Throws:

GroupNotFoundException - One or both of the groups cannot be found.

InvalidMembershipException - if the childGroup and parentGroup exist but are of different GroupTypes.

MembershipNotFoundException - if the childGroup is not a direct member of the parentGroup.

OperationFailedException - underlying directory implementation failed to execute the operation.

ReadOnlyGroupException - if the groups are read-only

testConnection

public void testConnection()
                    throws OperationFailedException

Description copied from interface: RemoteDirectory

Test if a connection to the directory server can be established.

Specified by:

testConnection in interface RemoteDirectory

Overrides:

testConnection in class AbstractForwardingDirectory

Throws:

OperationFailedException - underlying directory implementation failed to execute the operation.

supportsInactiveAccounts

public boolean supportsInactiveAccounts()

This implementation will store the active flag locally in the internal directory if local user status is enabled and if the active flag cannot be persisted on the underlying remote directory.

Specified by:

supportsInactiveAccounts in interface RemoteDirectory

Overrides:

supportsInactiveAccounts in class AbstractForwardingDirectory

Returns:

true if the internal directory supports inactive accounts (which it should always do).

supportsNestedGroups

public boolean supportsNestedGroups()

Description copied from interface: RemoteDirectory

Allows us to only display nested-group related UI for directories that support it.

Specified by:

supportsNestedGroups in interface RemoteDirectory

Overrides:

supportsNestedGroups in class AbstractForwardingDirectory

Returns:

true if the directory can handle having a group added to a group.

supportsPasswordExpiration

public boolean supportsPasswordExpiration()

Description copied from interface: RemoteDirectory

Return true if this directory supports manually expiring passwords.

Specified by:

supportsPasswordExpiration in interface RemoteDirectory

Overrides:

supportsPasswordExpiration in class AbstractForwardingDirectory

Returns:

true if this directory supports manually expiring passwords

supportsSettingEncryptedCredential

public boolean supportsSettingEncryptedCredential()

Description copied from interface: RemoteDirectory

If this method returns true, then calling RemoteDirectory.updateUserCredential(String, PasswordCredential) or RemoteDirectory.addUser(com.atlassian.crowd.model.user.UserTemplate, com.atlassian.crowd.embedded.api.PasswordCredential) with a PasswordCredential instance where PasswordCredential.isEncryptedCredential() returns true and the instance is not equal to PasswordCredential.NONE will succeed; otherwise, it will fail.

Specified by:

supportsSettingEncryptedCredential in interface RemoteDirectory

Overrides:

supportsSettingEncryptedCredential in class AbstractForwardingDirectory

Returns:

true if this directory supports setting passwords by hash

isRolesDisabled

public boolean isRolesDisabled()

Description copied from interface: RemoteDirectory

Expose whether the directory has roles disabled. Always true.

Specified by:

isRolesDisabled in interface RemoteDirectory

Overrides:

isRolesDisabled in class AbstractForwardingDirectory

Returns:

true

shouldSyncGroupMembershipAfterUserAuthentication

protected boolean shouldSyncGroupMembershipAfterUserAuthentication(boolean isNewUser)

Parameters:

isNewUser - true if the user was created during authentication (ie. wasn't synced yet, and was created during this authentication)

Returns:

whether the user's group memberships should be synced during this authentication

See Also:

SynchronisableDirectoryProperties.SYNC_GROUP_MEMBERSHIP_AFTER_SUCCESSFUL_USER_AUTH_ENABLED

getValues

public Set<String> getValues(String name)

Description copied from interface: Attributes

Get all the values associated with a given key. Duplicate values are not allowed, and this should be enforced case-insensitively to match the behaviour of LDAP servers. Will return null if the key does not exist.

Specified by:

getValues in interface Attributes

Overrides:

getValues in class AbstractForwardingDirectory

Parameters:

name - the key to retrieve the values for

Returns:

the values associated with the given key. It may return null or empty set if the key does not exist.

getValue

public String getValue(String name)

Description copied from interface: Attributes

Returns any value associated with the given key, returns null if there is no value.

Specified by:

getValue in interface Attributes

Overrides:

getValue in class AbstractForwardingDirectory

Parameters:

name - the key to retrieve the value for

Returns:

any value associated with the given key, or null if there is no value

isEmpty

public boolean isEmpty()

Specified by:

isEmpty in interface Attributes

Overrides:

isEmpty in class AbstractForwardingDirectory

Returns:

true if there are no attributes

getKeys

public Set<String> getKeys()

Description copied from interface: Attributes

Gets all the keys of the attributes. Warning: case-insensitive keys are currently no enforced, however this is the case for LDAP, so this may be implemented in the future.

Specified by:

getKeys in interface Attributes

Overrides:

getKeys in class AbstractForwardingDirectory

Returns:

a set of all the keys.

isIncrementalSyncEnabled

public boolean isIncrementalSyncEnabled()

Description copied from interface: SynchronisableDirectory

Gets the preferred synchronisation mode for this remote directory.

Note: some directory implementation don't support incremental sync and will ignore this preference.

Specified by:

isIncrementalSyncEnabled in interface SynchronisableDirectory

Returns:

true if incremental sync is preferred.

synchroniseCache

public void synchroniseCache(SynchronisationMode mode,
                             SynchronisationStatusManager synchronisationStatusManager)
                      throws OperationFailedException

Description copied from interface: SynchronisableDirectory

Requests that this directory should update its cache by synchronising with the remote data. Implementations of this method should publish a RemoteDirectorySynchronisedEvent after completing the synchronisation.

Specified by:

synchroniseCache in interface SynchronisableDirectory

Parameters:

mode - synchronisation mode

synchronisationStatusManager - listener for synchronisation status change notifications

Throws:

OperationFailedException - underlying directory implementation failed to execute the operation.

getAuthoritativeDirectory

public RemoteDirectory getAuthoritativeDirectory()

Specified by:

getAuthoritativeDirectory in interface RemoteDirectory

Overrides:

getAuthoritativeDirectory in class AbstractForwardingDirectory

Returns:

the directory that is the authoritative source of data for this directory, possibly itself.

expireAllPasswords

public void expireAllPasswords()
                        throws OperationFailedException

Description copied from interface: RemoteDirectory

Sets the UserConstants.REQUIRES_PASSWORD_CHANGE attribute to true for all users in the directory using bulk operations

Specified by:

expireAllPasswords in interface RemoteDirectory

Overrides:

expireAllPasswords in class AbstractForwardingDirectory

Throws:

OperationFailedException

getUserCount

public long getUserCount()
                  throws OperationFailedException

Specified by:

getUserCount in interface FastEntityCountProvider

Returns:

number of users found in this directory.

Throws:

OperationFailedException - underlying directory implementation failed to execute the operation.

getGroupCount

public long getGroupCount()
                   throws OperationFailedException

Specified by:

getGroupCount in interface FastEntityCountProvider

Returns:

number of groups found in this directory.

Throws:

OperationFailedException - underlying directory implementation failed to execute the operation.

getDelegate

protected InternalRemoteDirectory getDelegate()

Specified by:

getDelegate in class AbstractForwardingDirectory

Returns:

the directory to delegate method calls to

searchGroupRelationshipsGroupedByName

public <T> com.google.common.collect.ListMultimap<String,T> searchGroupRelationshipsGroupedByName(MembershipQuery<T> query)

Description copied from interface: MultiValuesQueriesSupport

Searches for groups that match the supplied query criteria. This method is similar to MultiValuesQueriesSupport.searchGroupRelationships(MembershipQuery), but it additionally groups results by elements of MembershipQuery.getEntityNamesToMatch().

Specified by:

searchGroupRelationshipsGroupedByName in interface MultiValuesQueriesSupport

Parameters:

query - EntityQuery for Entity.GROUP.

Returns:

ListMultimap<String, Group> or ListMultimap<String, String> of groups/groupnames matching the search criteria, grouped by MembershipQuery.getEntityNamesToMatch(). Results are ordered by entity name, case-insensitive. An empty ListMultimap will be returned if no groups matching the criteria are found.