public virtual void testFilterByGroupMemberPosix() { // by default the configuration does not use posix groups LdapConfiguration ldapConfiguration = new LdapConfiguration(); ldapConfiguration.GroupMemberAttribute = "memberUid"; ldapConfiguration.GroupSearchFilter = "(someFilter)"; LdapIdentityProviderSession session = new LdapIdentityProviderSessionAnonymousInnerClass(this, ldapConfiguration); // if I query for groups by group member LdapGroupQuery query = new LdapGroupQuery(); query.groupMember("jonny"); // then the full DN is requested. This is the default behavior. string filter = session.getGroupSearchFilter(query); assertEquals("(&(someFilter)(memberUid=jonny, fullDn))", filter); // If I turn on posix groups ldapConfiguration.UsePosixGroups = true; // then the filter string does not contain the full DN for the // user but the simple (unqualified) userId as provided in the query filter = session.getGroupSearchFilter(query); assertEquals("(&(someFilter)(memberUid=jonny))", filter); }
protected internal virtual string getGroupSearchFilter(LdapGroupQuery query) { StringWriter search = new StringWriter(); search.write("(&"); // restrict to groups search.write(ldapConfiguration.GroupSearchFilter); // add additional filters from query if (!string.ReferenceEquals(query.Id, null)) { addFilter(ldapConfiguration.GroupIdAttribute, query.Id, search); } if (query.Ids != null && query.Ids.Length > 0) { search.write("(|"); foreach (string id in query.Ids) { addFilter(ldapConfiguration.GroupIdAttribute, id, search); } search.write(")"); } if (!string.ReferenceEquals(query.Name, null)) { addFilter(ldapConfiguration.GroupNameAttribute, query.Name, search); } if (!string.ReferenceEquals(query.NameLike, null)) { addFilter(ldapConfiguration.GroupNameAttribute, query.NameLike, search); } if (!string.ReferenceEquals(query.UserId, null)) { string userDn = null; if (ldapConfiguration.UsePosixGroups) { userDn = query.UserId; } else { userDn = getDnForUser(query.UserId); } addFilter(ldapConfiguration.GroupMemberAttribute, escapeLDAPSearchFilter(userDn), search); } search.write(")"); return(search.ToString()); }
public virtual IList <Group> findGroupByQueryCriteria(LdapGroupQuery query) { ensureContextInitialized(); string groupBaseDn = composeDn(ldapConfiguration.GroupSearchBase, ldapConfiguration.BaseDn); if (ldapConfiguration.SortControlSupported) { applyRequestControls(query); } NamingEnumeration <SearchResult> enumeration = null; try { string filter = getGroupSearchFilter(query); enumeration = initialContext.search(groupBaseDn, filter, ldapConfiguration.SearchControls); // perform client-side paging int resultCount = 0; IList <Group> groupList = new List <Group>(); StringBuilder resultLogger = new StringBuilder(); if (LdapPluginLogger.INSTANCE.DebugEnabled) { resultLogger.Append("LDAP group query results: ["); } while (enumeration.hasMoreElements() && groupList.Count < query.MaxResults) { SearchResult result = enumeration.nextElement(); GroupEntity group = transformGroup(result); string groupId = group.Id; if (string.ReferenceEquals(groupId, null)) { LdapPluginLogger.INSTANCE.invalidLdapGroupReturned(group, result); } else { if (isAuthorized(READ, GROUP, groupId)) { if (resultCount >= query.FirstResult) { if (LdapPluginLogger.INSTANCE.DebugEnabled) { resultLogger.Append(group); resultLogger.Append(" based on "); resultLogger.Append(result); resultLogger.Append(", "); } groupList.Add(group); } resultCount++; } } } if (LdapPluginLogger.INSTANCE.DebugEnabled) { resultLogger.Append("]"); LdapPluginLogger.INSTANCE.groupQueryResult(resultLogger.ToString()); } return(groupList); } catch (NamingException e) { throw new IdentityProviderException("Could not query for users", e); } finally { try { if (enumeration != null) { enumeration.close(); } } catch (Exception) { // ignore silently } } }
public virtual long findGroupCountByQueryCriteria(LdapGroupQuery ldapGroupQuery) { ensureContextInitialized(); return(findGroupByQueryCriteria(ldapGroupQuery).Count); }