Example #1
0
        protected internal virtual string getUserSearchFilter(LdapUserQueryImpl query)
        {
            StringWriter search = new StringWriter();

            search.write("(&");

            // restrict to users
            search.write(ldapConfiguration.UserSearchFilter);

            // add additional filters from query
            if (!string.ReferenceEquals(query.Id, null))
            {
                addFilter(ldapConfiguration.UserIdAttribute, escapeLDAPSearchFilter(query.Id), search);
            }
            if (query.Ids != null && query.Ids.Length > 0)
            {
                // wrap ids in OR statement
                search.write("(|");
                foreach (string userId in query.Ids)
                {
                    addFilter(ldapConfiguration.UserIdAttribute, escapeLDAPSearchFilter(userId), search);
                }
                search.write(")");
            }
            if (!string.ReferenceEquals(query.Email, null))
            {
                addFilter(ldapConfiguration.UserEmailAttribute, query.Email, search);
            }
            if (!string.ReferenceEquals(query.EmailLike, null))
            {
                addFilter(ldapConfiguration.UserEmailAttribute, query.EmailLike, search);
            }
            if (!string.ReferenceEquals(query.FirstName, null))
            {
                addFilter(ldapConfiguration.UserFirstnameAttribute, query.FirstName, search);
            }
            if (!string.ReferenceEquals(query.FirstNameLike, null))
            {
                addFilter(ldapConfiguration.UserFirstnameAttribute, query.FirstNameLike, search);
            }
            if (!string.ReferenceEquals(query.LastName, null))
            {
                addFilter(ldapConfiguration.UserLastnameAttribute, query.LastName, search);
            }
            if (!string.ReferenceEquals(query.LastNameLike, null))
            {
                addFilter(ldapConfiguration.UserLastnameAttribute, query.LastNameLike, search);
            }

            search.write(")");

            return(search.ToString());
        }
Example #2
0
 public virtual IList <User> findUserByQueryCriteria(LdapUserQueryImpl query)
 {
     ensureContextInitialized();
     if (!string.ReferenceEquals(query.GroupId, null))
     {
         // if restriction on groupId is provided, we need to search in group tree first, look for the group and then further restrict on the members
         return(findUsersByGroupId(query));
     }
     else
     {
         string userBaseDn = composeDn(ldapConfiguration.UserSearchBase, ldapConfiguration.BaseDn);
         return(findUsersWithoutGroupId(query, userBaseDn, false));
     }
 }
Example #3
0
        public virtual IList <User> findUsersWithoutGroupId(LdapUserQueryImpl query, string userBaseDn, bool ignorePagination)
        {
            if (ldapConfiguration.SortControlSupported)
            {
                applyRequestControls(query);
            }

            NamingEnumeration <SearchResult> enumeration = null;

            try
            {
                string filter = getUserSearchFilter(query);
                enumeration = initialContext.search(userBaseDn, filter, ldapConfiguration.SearchControls);

                // perform client-side paging
                int          resultCount = 0;
                IList <User> userList    = new List <User>();

                StringBuilder resultLogger = new StringBuilder();
                if (LdapPluginLogger.INSTANCE.DebugEnabled)
                {
                    resultLogger.Append("LDAP user query results: [");
                }

                while (enumeration.hasMoreElements() && (userList.Count < query.MaxResults || ignorePagination))
                {
                    SearchResult result = enumeration.nextElement();

                    UserEntity user = transformUser(result);

                    string userId = user.Id;

                    if (string.ReferenceEquals(userId, null))
                    {
                        LdapPluginLogger.INSTANCE.invalidLdapUserReturned(user, result);
                    }
                    else
                    {
                        if (isAuthenticatedUser(user) || isAuthorized(READ, USER, userId))
                        {
                            if (resultCount >= query.FirstResult || ignorePagination)
                            {
                                if (LdapPluginLogger.INSTANCE.DebugEnabled)
                                {
                                    resultLogger.Append(user);
                                    resultLogger.Append(" based on ");
                                    resultLogger.Append(result);
                                    resultLogger.Append(", ");
                                }

                                userList.Add(user);
                            }

                            resultCount++;
                        }
                    }
                }

                if (LdapPluginLogger.INSTANCE.DebugEnabled)
                {
                    resultLogger.Append("]");
                    LdapPluginLogger.INSTANCE.userQueryResult(resultLogger.ToString());
                }

                return(userList);
            }
            catch (NamingException e)
            {
                throw new IdentityProviderException("Could not query for users", e);
            }
            finally
            {
                try
                {
                    if (enumeration != null)
                    {
                        enumeration.close();
                    }
                }
                catch (Exception)
                {
                    // ignore silently
                }
            }
        }
Example #4
0
        protected internal virtual IList <User> findUsersByGroupId(LdapUserQueryImpl query)
        {
            string baseDn = getDnForGroup(query.GroupId);

            // compose group search filter
            string groupSearchFilter = "(& " + ldapConfiguration.GroupSearchFilter + ")";

            NamingEnumeration <SearchResult> enumeration = null;

            try
            {
                enumeration = initialContext.search(baseDn, groupSearchFilter, ldapConfiguration.SearchControls);

                IList <string> groupMemberList = new List <string>();

                // first find group
                while (enumeration.hasMoreElements())
                {
                    SearchResult result          = enumeration.nextElement();
                    Attribute    memberAttribute = result.Attributes.get(ldapConfiguration.GroupMemberAttribute);
                    if (null != memberAttribute)
                    {
//JAVA TO C# CONVERTER WARNING: Java wildcard generics have no direct equivalent in .NET:
//ORIGINAL LINE: javax.naming.NamingEnumeration<?> allMembers = memberAttribute.getAll();
                        NamingEnumeration <object> allMembers = memberAttribute.All;

                        // iterate group members
                        while (allMembers.hasMoreElements())
                        {
                            groupMemberList.Add((string)allMembers.nextElement());
                        }
                    }
                }

                IList <User> userList    = new List <User>();
                string       userBaseDn  = composeDn(ldapConfiguration.UserSearchBase, ldapConfiguration.BaseDn);
                int          memberCount = 0;
                foreach (string memberId in groupMemberList)
                {
                    if (userList.Count < query.MaxResults && memberCount >= query.FirstResult)
                    {
                        if (ldapConfiguration.UsePosixGroups)
                        {
                            query.userId(memberId);
                        }
                        IList <User> users = ldapConfiguration.UsePosixGroups ? findUsersWithoutGroupId(query, userBaseDn, true) : findUsersWithoutGroupId(query, memberId, true);
                        if (users.Count > 0)
                        {
                            userList.Add(users[0]);
                        }
                    }
                    memberCount++;
                }

                return(userList);
            }
            catch (NamingException e)
            {
                throw new IdentityProviderException("Could not query for users", e);
            }
            finally
            {
                try
                {
                    if (enumeration != null)
                    {
                        enumeration.close();
                    }
                }
                catch (Exception)
                {
                    // ignore silently
                }
            }
        }
Example #5
0
 public virtual long findUserCountByQueryCriteria(LdapUserQueryImpl query)
 {
     ensureContextInitialized();
     return(findUserByQueryCriteria(query).Count);
 }