Package com.atlassian.crowd.directory

Class RFC2307Directory

java.lang.Object
com.atlassian.crowd.directory.SpringLDAPConnector
com.atlassian.crowd.directory.RFC2307Directory
All Implemented Interfaces:
LDAPDirectory, RemoteDirectory, Attributes
Direct Known Subclasses:
Rfc2307
public abstract class RFC2307Directory extends SpringLDAPConnector
Read-only, non-nesting implementation of RFC2307 user-group membership interactions.

A user is a member of a group if either:

  • the gidNumber of the user matches the gidNumber of the group
  • the username of user is present in the collection of member attribute values of the group
See Also:

  • Constructor Details

  • Method Details

    • getCustomGroupAttributeMappers

      protected List<AttributeMapper> getCustomGroupAttributeMappers()
      Description copied from class: SpringLDAPConnector
      As a minimum, this SHOULD provide an attribute mapper that maps the group members attribute (if available).
      Overrides:
      getCustomGroupAttributeMappers in class SpringLDAPConnector
      Returns:
      collection of custom attribute mappers (cannot be null but can be an empty list).

    • getMemberOnlyGroupAttributeMappers

      protected List<AttributeMapper> getMemberOnlyGroupAttributeMappers()
      Description copied from class: SpringLDAPConnector
      As a minimum, this SHOULD provide an attribute mapper that maps the group members attribute (if available).
      Overrides:
      getMemberOnlyGroupAttributeMappers in class SpringLDAPConnector
      Returns:
      collection of custom attribute mappers (cannot be null but can be an empty list).

    • getCustomUserAttributeMappers

      protected List<AttributeMapper> getCustomUserAttributeMappers(UserContextMapperConfig config)
      Overrides:
      getCustomUserAttributeMappers in class SpringLDAPConnector
      Returns:
      a collection of custom attribute mappers. By default just return an empty list.

    • isUserDirectGroupMember

      public boolean isUserDirectGroupMember(String username, String groupName) throws OperationFailedException
      Description copied from interface: RemoteDirectory
      Determines if a user is a direct member of a group. The directory is NOT expected to resolve any transitive group relationships.
      Parameters:
      username - name of user.
      groupName - name of group.
      Returns:
      true iff the user is a direct member of the group.
      Throws:
      OperationFailedException - underlying directory implementation failed to execute the operation.

    • isGroupDirectGroupMember

      public boolean isGroupDirectGroupMember(String childGroup, String parentGroup)
      Description copied from interface: RemoteDirectory
      Determines if a group is a direct member of another group. The directory is NOT expected to resolve any transitive group relationships.
      Parameters:
      childGroup - name of child group.
      parentGroup - name of parent group.
      Returns:
      false as nested groups are not supported.

    • searchGroupRelationshipsWithGroupTypeSpecified

      protected <T> Iterable<T> searchGroupRelationshipsWithGroupTypeSpecified(MembershipQuery<T> query) throws OperationFailedException
      Description copied from class: SpringLDAPConnector
      Execute the search for group relationships given that a group of type GROUP or LEGACY_ROLE has been specified in the EntityDescriptor for the group(s).
      Specified by:
      searchGroupRelationshipsWithGroupTypeSpecified in class SpringLDAPConnector
      Parameters:
      query - membership query with all GroupType's not null.
      Returns:
      list of members or memberships depending on the query.
      Throws:
      OperationFailedException - if the operation failed due to a communication error with the remote directory, or if the query is invalid

    • supportsNestedGroups

      public boolean supportsNestedGroups()
      As best I can determine, the RFC2307 schema does not support nested groups.
      Specified by:
      supportsNestedGroups in interface RemoteDirectory
      Overrides:
      supportsNestedGroups in class SpringLDAPConnector
      Returns:
      false.

    • supportsPasswordExpiration

      public boolean supportsPasswordExpiration()
      Does not support expiring passwords
      Specified by:
      supportsPasswordExpiration in interface RemoteDirectory
      Overrides:
      supportsPasswordExpiration in class SpringLDAPConnector
      Returns:
      false

    • getMemberships

      public Iterable<Membership> getMemberships() throws OperationFailedException
      Description copied from interface: RemoteDirectory

      Get an iterable view of the available group memberships. This may be implemented as a single remote call or separate calls, depending on the directory.

      If there is a failure in the underlying retrieval, the iterator may throw Membership.MembershipIterationException at runtime.

      If the directory does not have a bulk call interface then a typical implementation would be:

       
 return new DirectoryMembershipsIterable(this);
      Returns:
      an iterable view of the available group memberships
      Throws:
      OperationFailedException - if the underlying directory implementation failed to execute the operation