|
|
@ -9,6 +9,7 @@ import javax.naming.NamingException;
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
import org.springframework.ldap.core.DirContextOperations;
|
|
|
|
import org.springframework.ldap.core.DirContextOperations;
|
|
|
|
|
|
|
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* Pomocná třída pro import uživatele z LDAP serveru (nebo Active Directory) do databáze aplikace
|
|
|
|
* Pomocná třída pro import uživatele z LDAP serveru (nebo Active Directory) do databáze aplikace
|
|
|
@ -19,12 +20,18 @@ import org.springframework.ldap.core.DirContextOperations;
|
|
|
|
public class LdapUserImporter {
|
|
|
|
public class LdapUserImporter {
|
|
|
|
|
|
|
|
|
|
|
|
private UserService userService;
|
|
|
|
private UserService userService;
|
|
|
|
|
|
|
|
private String allowedGroup;
|
|
|
|
private final static Logger logger = LoggerFactory.getLogger(LdapUserImporter.class);
|
|
|
|
private final static Logger logger = LoggerFactory.getLogger(LdapUserImporter.class);
|
|
|
|
|
|
|
|
|
|
|
|
public LdapUserImporter(UserService userService) {
|
|
|
|
public LdapUserImporter(UserService userService) {
|
|
|
|
this.userService = userService;
|
|
|
|
this.userService = userService;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public LdapUserImporter(UserService userService, String group) {
|
|
|
|
|
|
|
|
this.userService = userService;
|
|
|
|
|
|
|
|
this.allowedGroup = group;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* Provede import uživatele z LDAP do aplikační databáze
|
|
|
|
* Provede import uživatele z LDAP do aplikační databáze
|
|
|
|
*
|
|
|
|
*
|
|
|
@ -37,6 +44,21 @@ public class LdapUserImporter {
|
|
|
|
user.setUsername(login);
|
|
|
|
user.setUsername(login);
|
|
|
|
user.addAuthority(defaultRole);
|
|
|
|
user.addAuthority(defaultRole);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (allowedGroup != null && !allowedGroup.isEmpty()) {
|
|
|
|
|
|
|
|
boolean isAllowed = false;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
for (Object atr : userData.getObjectAttributes("memberOf")) {
|
|
|
|
|
|
|
|
if (atr.toString().startsWith("CN="+allowedGroup)) {
|
|
|
|
|
|
|
|
isAllowed = true;
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (!isAllowed) {
|
|
|
|
|
|
|
|
throw new UsernameNotFoundException("User is not member of group '" + allowedGroup + "'");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (userData.attributeExists("givenName")) {
|
|
|
|
if (userData.attributeExists("givenName")) {
|
|
|
|
try {
|
|
|
|
try {
|
|
|
|
user.setFirstName(userData.getAttributes().get("givenName").get().toString());
|
|
|
|
user.setFirstName(userData.getAttributes().get("givenName").get().toString());
|
|
|
|