KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jivesoftware > messenger > ldap > LdapManager


1 /**
2  * $RCSfile: LdapManager.java,v $
3  * $Revision: 1.19 $
4  * $Date: 2005/08/01 16:54:39 $
5  *
6  * Copyright (C) 2004 Jive Software. All rights reserved.
7  *
8  * This software is published under the terms of the GNU Public License (GPL),
9  * a copy of which is included in this distribution.
10  */
11
12 package org.jivesoftware.messenger.ldap;
13
14 import org.jivesoftware.messenger.user.UserNotFoundException;
15 import org.jivesoftware.util.JiveGlobals;
16 import org.jivesoftware.util.Log;
17
18 import javax.naming.Context JavaDoc;
19 import javax.naming.NamingEnumeration JavaDoc;
20 import javax.naming.NamingException JavaDoc;
21 import javax.naming.directory.DirContext JavaDoc;
22 import javax.naming.directory.InitialDirContext JavaDoc;
23 import javax.naming.directory.SearchControls JavaDoc;
24 import javax.naming.directory.SearchResult JavaDoc;
25 import javax.naming.ldap.InitialLdapContext JavaDoc;
26 import javax.naming.ldap.LdapContext JavaDoc;
27 import java.net.URLEncoder JavaDoc;
28 import java.util.Hashtable JavaDoc;
29
30 /**
31  * Centralized administration of LDAP connections. The getInstance() method
32  * should be used to get an instace. The following configure this manager:<ul>
33  * <li>ldap.host</li>
34  * <li>ldap.port</li>
35  * <li>ldap.baseDN</li>
36  * <li>ldap.alternateBaseDN</li>
37  * <li>ldap.adminDN</li>
38  * <li>ldap.adminPassword</li>
39  * <li>ldap.usernameField -- default value is "uid".</li>
40  * <li>ldap.nameField -- default value is "cn".</li>
41  * <li>ldap.emailField -- default value is "mail".</li>
42  * <li>ldap.searchFilter -- the filter used to load the list of users. The
43  * default value is in the form "([usernameField]={0})" where [usernameField]
44  * is the value of ldap.usernameField.
45  * <li>ldap.groupNameField</li>
46  * <li>ldap.groupMemberField</li>
47  * <li>ldap.groupDescriptionField</li>
48  * <li>ldap.posixEnabled</li>
49  * <li>ldap.groupSearchFilter</li>
50  * <li>ldap.debugEnabled</li>
51  * <li>ldap.sslEnabled</li>
52  * <li>ldap.autoFollowReferrals</li>
53  * <li>ldap.initialContextFactory -- if this value is not specified,
54  * "com.sun.jndi.ldap.LdapCtxFactory" will be used.</li>
55  * </ul>
56  *
57  * @author Matt Tucker
58  */
59 public class LdapManager {
60
61     private String JavaDoc host;
62     private int port = 389;
63     private String JavaDoc usernameField = "uid";
64     private String JavaDoc nameField = "cn";
65     private String JavaDoc emailField = "mail";
66     private String JavaDoc baseDN = "";
67     private String JavaDoc alternateBaseDN = null;
68     private String JavaDoc adminDN = null;
69     private String JavaDoc adminPassword;
70     private boolean ldapDebugEnabled = false;
71     private boolean sslEnabled = false;
72     private String JavaDoc initialContextFactory;
73     private boolean followReferrals = false;
74     private boolean connectionPoolEnabled = true;
75     private String JavaDoc searchFilter = null;
76
77     private String JavaDoc groupNameField = "cn";
78     private String JavaDoc groupMemberField = "member";
79     private String JavaDoc groupDescriptionField = "description";
80     private boolean posixEnabled = false;
81     private String JavaDoc groupSearchFilter = null;
82
83     private static LdapManager instance = new LdapManager();
84
85     /**
86      * Provides singleton access to an instance of the LdapManager class.
87      *
88      * @return an LdapManager instance.
89      */
90     public static LdapManager getInstance() {
91         return instance;
92     }
93
94     /**
95      * Constructs a new LdapManager instance. This class is a singleton so the
96      * constructor is private.
97      */
98     private LdapManager() {
99         this.host = JiveGlobals.getXMLProperty("ldap.host");
100         String JavaDoc portStr = JiveGlobals.getXMLProperty("ldap.port");
101         if (portStr != null) {
102             try {
103                 this.port = Integer.parseInt(portStr);
104             }
105             catch (NumberFormatException JavaDoc nfe) { }
106         }
107         if (JiveGlobals.getXMLProperty("ldap.usernameField") != null) {
108             this.usernameField = JiveGlobals.getXMLProperty("ldap.usernameField");
109         }
110         if (JiveGlobals.getXMLProperty("ldap.baseDN") != null) {
111             this.baseDN = JiveGlobals.getXMLProperty("ldap.baseDN");
112         }
113         if (JiveGlobals.getXMLProperty("ldap.alternateBaseDN") != null) {
114             this.alternateBaseDN = JiveGlobals.getXMLProperty("ldap.alternateBaseDN");
115         }
116         if (JiveGlobals.getXMLProperty("ldap.nameField") != null) {
117             this.nameField = JiveGlobals.getXMLProperty("ldap.nameField");
118         }
119         if (JiveGlobals.getXMLProperty("ldap.emailField") != null) {
120             this.emailField = JiveGlobals.getXMLProperty("ldap.emailField");
121         }
122         if (JiveGlobals.getXMLProperty("ldap.connectionPoolEnabled") != null) {
123             this.connectionPoolEnabled = Boolean.valueOf(
124                     JiveGlobals.getXMLProperty("ldap.connectionPoolEnabled")).booleanValue();
125         }
126         if (JiveGlobals.getXMLProperty("ldap.searchFilter") != null) {
127             this.searchFilter = JiveGlobals.getXMLProperty("ldap.searchFilter");
128         }
129         else {
130             StringBuilder JavaDoc filter = new StringBuilder JavaDoc();
131             filter.append("(").append(usernameField).append("={0})");
132             this.searchFilter = filter.toString();
133         }
134         if (JiveGlobals.getXMLProperty("ldap.groupNameField") != null) {
135             this.groupNameField = JiveGlobals.getXMLProperty("ldap.groupNameField");
136         }
137         if (JiveGlobals.getXMLProperty("ldap.groupMemberField") != null) {
138             this.groupMemberField = JiveGlobals.getXMLProperty("ldap.groupMemberField");
139         }
140         if (JiveGlobals.getXMLProperty("ldap.groupDescriptionField") != null) {
141             this.groupDescriptionField = JiveGlobals.getXMLProperty("ldap.groupDescriptionField");
142         }
143         if (JiveGlobals.getXMLProperty("ldap.posixEnabled") != null) {
144             this.posixEnabled = Boolean.valueOf(JiveGlobals.getXMLProperty("ldap.posixEnabled"));
145         }
146         if (JiveGlobals.getXMLProperty("ldap.groupSearchFilter") != null) {
147             this.groupSearchFilter = JiveGlobals.getXMLProperty("ldap.groupSearchFilter");
148         }
149         else {
150             this.groupSearchFilter = "("+groupMemberField+"={0})";
151         }
152
153         this.adminDN = JiveGlobals.getXMLProperty("ldap.adminDN");
154         if (adminDN != null && adminDN.trim().equals("")) {
155             adminDN = null;
156         }
157         this.adminPassword = JiveGlobals.getXMLProperty("ldap.adminPassword");
158         this.ldapDebugEnabled = Boolean.valueOf(JiveGlobals.getXMLProperty(
159                 "ldap.debugEnabled")).booleanValue();
160         this.sslEnabled = Boolean.valueOf(JiveGlobals.getXMLProperty(
161                 "ldap.sslEnabled")).booleanValue();
162         this.followReferrals = Boolean.valueOf(JiveGlobals.getXMLProperty(
163                 "ldap.autoFollowReferrals")).booleanValue();
164         this.initialContextFactory = JiveGlobals.getXMLProperty("ldap.initialContextFactory");
165         if (initialContextFactory != null) {
166             try {
167                 Class.forName(initialContextFactory);
168             }
169             catch (ClassNotFoundException JavaDoc cnfe) {
170                 Log.error("Initial context factory class failed to load: " + initialContextFactory +
171                         ". Using default initial context factory class instead.");
172                 initialContextFactory = "com.sun.jndi.ldap.LdapCtxFactory";
173             }
174         }
175         // Use default value if none was set.
176 else {
177             initialContextFactory = "com.sun.jndi.ldap.LdapCtxFactory";
178         }
179
180         if (Log.isDebugEnabled()) {
181             Log.debug("Created new LdapManager() instance, fields:");
182             Log.debug("\t host: " + host);
183             Log.debug("\t port: " + port);
184             Log.debug("\t usernamefield: " + usernameField);
185             Log.debug("\t baseDN: " + baseDN);
186             Log.debug("\t alternateBaseDN: " + alternateBaseDN);
187             Log.debug("\t nameField: " + nameField);
188             Log.debug("\t emailField: " + emailField);
189             Log.debug("\t adminDN: " + adminDN);
190             Log.debug("\t adminPassword: " + adminPassword);
191             Log.debug("\t searchFilter: " + searchFilter);
192             Log.debug("\t ldapDebugEnabled: " + ldapDebugEnabled);
193             Log.debug("\t sslEnabled: " + sslEnabled);
194             Log.debug("\t initialContextFactory: " + initialContextFactory);
195             Log.debug("\t connectionPoolEnabled: " + connectionPoolEnabled);
196             Log.debug("\t autoFollowReferrals: " + followReferrals);
197             Log.debug("\t groupNameField: " + groupNameField);
198             Log.debug("\t groupMemberField: " + groupMemberField);
199             Log.debug("\t groupDescriptionField: " + groupDescriptionField);
200             Log.debug("\t posixEnabled: " + posixEnabled);
201             Log.debug("\t groupSearchFilter: " + groupSearchFilter);
202         }
203     }
204
205     /**
206      * Returns a DirContext for the LDAP server that can be used to perform
207      * lookups and searches using the default base DN. The context uses the
208      * admin login that is defined by <tt>adminDN</tt> and <tt>adminPassword</tt>.
209      *
210      * @return a connection to the LDAP server.
211      * @throws NamingException if there is an error making the LDAP connection.
212      */
213     public LdapContext JavaDoc getContext() throws NamingException JavaDoc {
214         return getContext(baseDN);
215     }
216
217     /**
218      * Returns a DirContext for the LDAP server that can be used to perform
219      * lookups and searches using the specified base DN. The context uses the
220      * admin login that is defined by <tt>adminDN</tt> and <tt>adminPassword</tt>.
221      *
222      * @param baseDN the base DN to use for the context.
223      * @return a connection to the LDAP server.
224      * @throws NamingException if there is an error making the LDAP connection.
225      */
226     public LdapContext JavaDoc getContext(String JavaDoc baseDN) throws NamingException JavaDoc {
227         boolean debug = Log.isDebugEnabled();
228         if (debug) {
229             Log.debug("Creating a DirContext in LdapManager.getContext()...");
230         }
231
232          // Set up the environment for creating the initial context
233 Hashtable JavaDoc env = new Hashtable JavaDoc();
234         env.put(Context.INITIAL_CONTEXT_FACTORY, initialContextFactory);
235         env.put(Context.PROVIDER_URL, getProviderURL(baseDN));
236         if (sslEnabled) {
237             env.put("java.naming.ldap.factory.socket",
238                     "org.jivesoftware.util.SimpleSSLSocketFactory");
239             env.put(Context.SECURITY_PROTOCOL, "ssl");
240         }
241
242         // Use simple authentication to connect as the admin.
243 if (adminDN != null) {
244             env.put(Context.SECURITY_AUTHENTICATION, "simple");
245             env.put(Context.SECURITY_PRINCIPAL, adminDN);
246             if (adminPassword != null) {
247                 env.put(Context.SECURITY_CREDENTIALS, adminPassword);
248             }
249         }
250         // No login information so attempt to use anonymous login.
251 else {
252             env.put(Context.SECURITY_AUTHENTICATION, "none");
253         }
254
255         if (ldapDebugEnabled) {
256             env.put("com.sun.jndi.ldap.trace.ber", System.err);
257         }
258         if (connectionPoolEnabled) {
259             env.put("com.sun.jndi.ldap.connect.pool", "true");
260         }
261         if (followReferrals) {
262             env.put(Context.REFERRAL, "follow");
263         }
264
265         if (debug) {
266             Log.debug("Created hashtable with context values, attempting to create context...");
267         }
268         // Create new initial context
269 LdapContext JavaDoc context = new InitialLdapContext JavaDoc(env, null);
270         if (debug) {
271             Log.debug("... context created successfully, returning.");
272         }
273         return context;
274     }
275
276     /**
277      * Returns true if the user is able to successfully authenticate against
278      * the LDAP server. The "simple" authentication protocol is used.
279      *
280      * @param userDN the user's dn to authenticate (relative to <tt>baseDN</tt>).
281      * @param password the user's password.
282      * @return true if the user successfully authenticates.
283      */
284     public boolean checkAuthentication(String JavaDoc userDN, String JavaDoc password) {
285         boolean debug = Log.isDebugEnabled();
286         if (debug) {
287             Log.debug("In LdapManager.checkAuthentication(userDN, password), userDN is: " + userDN + "...");
288         }
289
290         DirContext JavaDoc ctx = null;
291         try {
292             // See if the user authenticates.
293 Hashtable JavaDoc env = new Hashtable JavaDoc();
294             env.put(Context.INITIAL_CONTEXT_FACTORY, initialContextFactory);
295             env.put(Context.PROVIDER_URL, getProviderURL(baseDN));
296             if (sslEnabled) {
297                 env.put("java.naming.ldap.factory.socket",
298                         "org.jivesoftware.util.SimpleSSLSocketFactory");
299                 env.put(Context.SECURITY_PROTOCOL, "ssl");
300             }
301             env.put(Context.SECURITY_AUTHENTICATION, "simple");
302             env.put(Context.SECURITY_PRINCIPAL, userDN + "," + baseDN);
303             env.put(Context.SECURITY_CREDENTIALS, password);
304             // Specify timeout to be 10 seconds, only on non SSL since SSL connections
305 // break with a teimout.
306 if (!sslEnabled) {
307                 env.put("com.sun.jndi.ldap.connect.timeout", "10000");
308             }
309             if (ldapDebugEnabled) {
310                 env.put("com.sun.jndi.ldap.trace.ber", System.err);
311             }
312             if (debug) {
313                 Log.debug("Created context values, attempting to create context...");
314             }
315             ctx = new InitialDirContext JavaDoc(env);
316             if (debug) {
317                 Log.debug("... context created successfully, returning.");
318             }
319         }
320         catch (NamingException JavaDoc ne) {
321             // If an alt baseDN is defined, attempt a lookup there.
322 if (alternateBaseDN != null) {
323                 try { ctx.close(); }
324                 catch (Exception JavaDoc ignored) { }
325                 try {
326                     // See if the user authenticates.
327 Hashtable JavaDoc env = new Hashtable JavaDoc();
328                     // Use a custom initial context factory if specified. Otherwise, use the default.
329 env.put(Context.INITIAL_CONTEXT_FACTORY, initialContextFactory);
330                     env.put(Context.PROVIDER_URL, getProviderURL(alternateBaseDN));
331                     if (sslEnabled) {
332                         env.put("java.naming.ldap.factory.socket", "org.jivesoftware.util.SimpleSSLSocketFactory");
333                         env.put(Context.SECURITY_PROTOCOL, "ssl");
334                     }
335                     env.put(Context.SECURITY_AUTHENTICATION, "simple");
336                     env.put(Context.SECURITY_PRINCIPAL, userDN + "," + alternateBaseDN);
337                     env.put(Context.SECURITY_CREDENTIALS, password);
338                     // Specify timeout to be 10 seconds, only on non SSL since SSL connections
339 // break with a teimout.
340 if (!sslEnabled) {
341                         env.put("com.sun.jndi.ldap.connect.timeout", "10000");
342                     }
343                     if (ldapDebugEnabled) {
344                         env.put("com.sun.jndi.ldap.trace.ber", System.err);
345                     }
346                     if (debug) {
347                         Log.debug("Created context values, attempting to create context...");
348                     }
349                     ctx = new InitialDirContext JavaDoc(env);
350                 }
351                 catch (NamingException JavaDoc e) {
352                     if (debug) {
353                         Log.debug("Caught a naming exception when creating InitialContext", ne);
354                     }
355                     return false;
356                 }
357             }
358             else {
359                 if (debug) {
360                     Log.debug("Caught a naming exception when creating InitialContext", ne);
361                 }
362                 return false;
363             }
364         }
365         finally {
366             try { ctx.close(); }
367             catch (Exception JavaDoc ignored) { }
368         }
369         return true;
370     }
371
372     /**
373      * Finds a user's dn using their username. Normally, this search will
374      * be performed using the field "uid", but this can be changed by setting
375      * the <tt>usernameField</tt> property.<p>
376      *
377      * Searches are performed over all subtrees relative to the <tt>baseDN</tt>.
378      * If the search fails in the <tt>baseDN</tt> then another search will be
379      * performed in the <tt>alternateBaseDN</tt>. For example, if the <tt>baseDN</tt>
380      * is "o=jivesoftware, o=com" and we do a search for "mtucker", then we might
381      * find a userDN of "uid=mtucker,ou=People". This kind of searching is a good
382      * thing since it doesn't make the assumption that all user records are stored
383      * in a flat structure. However, it does add the requirement that "uid" field
384      * (or the other field specified) must be unique over the entire subtree from
385      * the <tt>baseDN</tt>. For example, it's entirely possible to create two dn's
386      * in your LDAP directory with the same uid: "uid=mtucker,ou=People" and
387      * "uid=mtucker,ou=Administrators". In such a case, it's not possible to
388      * uniquely identify a user, so this method will throw an error.<p>
389      *
390      * The dn that's returned is relative to the default <tt>baseDN</tt>.
391      *
392      * @param username the username to lookup the dn for.
393      * @return the dn associated with <tt>username</tt>.
394      * @throws Exception if the search for the dn fails.
395      */
396     public String JavaDoc findUserDN(String JavaDoc username) throws Exception JavaDoc {
397         try {
398             return findUserDN(username, baseDN);
399         }
400         catch (Exception JavaDoc e) {
401             if (alternateBaseDN != null) {
402                 return findUserDN(username, alternateBaseDN);
403             }
404             else {
405                 throw e;
406             }
407         }
408     }
409
410     /**
411      * Finds a user's dn using their username in the specified baseDN. Normally, this search
412      * will be performed using the field "uid", but this can be changed by setting
413      * the <tt>usernameField</tt> property.<p>
414      *
415      * Searches are performed over all subtrees relative to the <tt>baseDN</tt>.
416      * For example, if the <tt>baseDN</tt> is "o=jivesoftware, o=com" and we
417      * do a search for "mtucker", then we might find a userDN of
418      * "uid=mtucker,ou=People". This kind of searching is a good thing since
419      * it doesn't make the assumption that all user records are stored in a flat
420      * structure. However, it does add the requirement that "uid" field (or the
421      * other field specified) must be unique over the entire subtree from the
422      * <tt>baseDN</tt>. For example, it's entirely possible to create two dn's
423      * in your LDAP directory with the same uid: "uid=mtucker,ou=People" and
424      * "uid=mtucker,ou=Administrators". In such a case, it's not possible to
425      * uniquely identify a user, so this method will throw an error.<p>
426      *
427      * The dn that's returned is relative to the <tt>baseDN</tt>.
428      *
429      * @param username the username to lookup the dn for.
430      * @param baseDN the base DN to use for this search.
431      * @return the dn associated with <tt>username</tt>.
432      * @throws Exception if the search for the dn fails.
433      * @see #findUserDN(String) to search using the default baseDN and alternateBaseDN.
434      */
435     public String JavaDoc findUserDN(String JavaDoc username, String JavaDoc baseDN) throws Exception JavaDoc {
436         boolean debug = Log.isDebugEnabled();
437         if (debug) {
438             Log.debug("Trying to find a user's DN based on their username. " + usernameField + ": " + username
439                     + ", Base DN: " + baseDN + "...");
440         }
441         DirContext JavaDoc ctx = null;
442         try {
443             ctx = getContext(baseDN);
444             if (debug) {
445                 Log.debug("Starting LDAP search...");
446             }
447             // Search for the dn based on the username.
448 SearchControls JavaDoc constraints = new SearchControls JavaDoc();
449             constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
450             constraints.setReturningAttributes(new String JavaDoc[] { usernameField });
451
452             NamingEnumeration JavaDoc answer = ctx.search("", searchFilter, new String JavaDoc[] {username},
453                     constraints);
454
455             if (debug) {
456                 Log.debug("... search finished");
457             }
458
459             if (answer == null || !answer.hasMoreElements()) {
460                 if (debug) {
461                     Log.debug("User DN based on username '" + username + "' not found.");
462                 }
463                 throw new UserNotFoundException("Username " + username + " not found");
464             }
465             String JavaDoc userDN = ((SearchResult JavaDoc)answer.next()).getName();
466             // Make sure there are no more search results. If there are, then
467 // the username isn't unique on the LDAP server (a perfectly possible
468 // scenario since only fully qualified dn's need to be unqiue).
469 // There really isn't a way to handle this, so throw an exception.
470 // The baseDN must be set correctly so that this doesn't happen.
471 if (answer.hasMoreElements()) {
472                 if (debug) {
473                     Log.debug("Search for userDN based on username '" + username + "' found multiple " +
474                             "responses, throwing exception.");
475                 }
476                 throw new UserNotFoundException("LDAP username lookup for " + username +
477                         " matched multiple entries.");
478             }
479             return userDN;
480         }
481         catch (Exception JavaDoc e) {
482             if (debug) {
483                 Log.debug("Exception thrown when searching for userDN based on username '" + username + "'", e);
484             }
485             throw e;
486         }
487         finally {
488             try { ctx.close(); }
489             catch (Exception JavaDoc ignored) { }
490         }
491     }
492
493     /**
494      * Returns a properly encoded URL for use as the PROVIDER_URL.
495      * If the encoding fails then the URL will contain the raw base dn.
496      *
497      * @param baseDN the base dn to use in the URL.
498      * @return the properly encoded URL for use in as PROVIDER_URL.
499      */
500     private String JavaDoc getProviderURL(String JavaDoc baseDN) {
501         String JavaDoc ldapURL = "";
502         try {
503             // Create a correctly-encoded ldap URL for the PROVIDER_URL
504 ldapURL = "ldap://" + host + ":" + port + "/" +
505                     URLEncoder.encode(baseDN, "UTF-8");
506             // The java.net.URLEncoder class encodes spaces as +, but they need to be %20
507 ldapURL = ldapURL.replaceAll("\\+", "%20");
508         }
509         catch (java.io.UnsupportedEncodingException JavaDoc e) {
510             // UTF-8 is not supported, fall back to using raw baseDN
511 ldapURL = "ldap://" + host + ":" + port + "/" + baseDN;
512         }
513         return ldapURL;
514     }
515
516     /**
517      * Returns the LDAP server host; e.g. <tt>localhost</tt> or
518      * <tt>machine.example.com</tt>, etc. This value is stored as the Jive
519      * Property <tt>ldap.host</tt>.
520      *
521      * @return the LDAP server host name.
522      */
523     public String JavaDoc getHost() {
524         return host;
525     }
526
527     /**
528      * Sets the LDAP server host; e.g., <tt>localhost</tt> or
529      * <tt>machine.example.com</tt>, etc. This value is store as the Jive
530      * Property <tt>ldap.host</tt>
531      *
532      * @param host the LDAP server host name.
533      */
534     public void setHost(String JavaDoc host) {
535         this.host = host;
536         JiveGlobals.setXMLProperty("ldap.host", host);
537     }
538
539     /**
540      * Returns the LDAP server port number. The default is 389. This value is
541      * stored as the Jive Property <tt>ldap.port</tt>.
542      *
543      * @return the LDAP server port number.
544      */
545     public int getPort() {
546         return port;
547     }
548
549     /**
550      * Sets the LDAP server port number. The default is 389. This value is
551      * stored as the Jive property <tt>ldap.port</tt>.
552      *
553      * @param port the LDAP server port number.
554      */
555     public void setPort(int port) {
556         this.port = port;
557         JiveGlobals.setXMLProperty("ldap.port", ""+port);
558     }
559
560     /**
561      * Returns true if LDAP connection debugging is turned on. When on, trace
562      * information about BER buffers sent and received by the LDAP provider is
563      * written to System.out. Debugging is turned off by default.
564      *
565      * @return true if LDAP debugging is turned on.
566      */
567     public boolean isDebugEnabled() {
568         return ldapDebugEnabled;
569     }
570
571     /**
572      * Sets whether LDAP connection debugging is turned on. When on, trace
573      * information about BER buffers sent and received by the LDAP provider is
574      * written to System.out. Debugging is turned off by default.
575      *
576      * @param debugEnabled true if debugging should be turned on.
577      */
578     public void setDebugEnabled(boolean debugEnabled) {
579         this.ldapDebugEnabled = debugEnabled;
580         JiveGlobals.setXMLProperty("ldap.ldapDebugEnabled", ""+debugEnabled);
581     }
582
583     /**
584      * Returns true if LDAP connection is via SSL or not. SSL is turned off by default.
585      *
586      * @return true if SSL connections are enabled or not.
587      */
588     public boolean isSslEnabled() {
589         return sslEnabled;
590     }
591
592     /**
593      * Sets whether the connection to the LDAP server should be made via ssl or not.
594      *
595      * @param sslEnabled true if ssl should be enabled, false otherwise.
596      */
597     public void setSslEnabled(boolean sslEnabled) {
598         this.sslEnabled = sslEnabled;
599         JiveGlobals.setXMLProperty("ldap.sslEnabled", ""+sslEnabled);
600     }
601
602     /**
603      * Returns the LDAP field name that the username lookup will be performed
604      * on. By default this is "uid".
605      *
606      * @return the LDAP field that the username lookup will be performed on.
607      */
608     public String JavaDoc getUsernameField() {
609         return usernameField;
610     }
611
612     /**
613      * Sets the LDAP field name that the username lookup will be performed on.
614      * By default this is "uid".
615      *
616      * @param usernameField the LDAP field that the username lookup will be
617      * performed on.
618      */
619     public void setUsernameField(String JavaDoc usernameField) {
620         this.usernameField = usernameField;
621         if (usernameField == null) {
622             JiveGlobals.deleteXMLProperty("ldap.usernameField");
623         }
624         else {
625             JiveGlobals.setXMLProperty("ldap.usernameField", usernameField);
626         }
627     }
628
629     /**
630      * Returns the LDAP field name that the user's name is stored in. By default
631      * this is "cn". Another common value is "displayName".
632      *
633      * @return the LDAP field that that correspond's to the user's name.
634      */
635     public String JavaDoc getNameField() {
636         return nameField;
637     }
638
639     /**
640      * Sets the LDAP field name that the user's name is stored in. By default
641      * this is "cn". Another common value is "displayName".
642      *
643      * @param nameField the LDAP field that that correspond's to the user's name.
644      */
645     public void setNameField(String JavaDoc nameField) {
646         this.nameField = nameField;
647         if (nameField == null) {
648             JiveGlobals.deleteXMLProperty("ldap.nameField");
649         }
650         else {
651             JiveGlobals.setXMLProperty("ldap.nameField", nameField);
652         }
653     }
654
655     /**
656      * Returns the LDAP field name that the user's email address is stored in.
657      * By default this is "mail".
658      *
659      * @return the LDAP field that that correspond's to the user's email
660      * address.
661      */
662     public String JavaDoc getEmailField() {
663         return emailField;
664     }
665
666     /**
667      * Sets the LDAP field name that the user's email address is stored in.
668      * By default this is "mail".
669      *
670      * @param emailField the LDAP field that that correspond's to the user's
671      * email address.
672      */
673     public void setEmailField(String JavaDoc emailField) {
674         this.emailField = emailField;
675         if (emailField == null) {
676             JiveGlobals.deleteXMLProperty("ldap.emailField");
677         }
678         else {
679             JiveGlobals.setXMLProperty("ldap.emailField", emailField);
680         }
681     }
682
683     /**
684      * Returns the starting DN that searches for users will performed with.
685      * Searches will performed on the entire sub-tree under the base DN.
686      *
687      * @return the starting DN used for performing searches.
688      */
689     public String JavaDoc getBaseDN() {
690         return baseDN;
691     }
692
693     /**
694      * Sets the starting DN that searches for users will performed with.
695      * Searches will performed on the entire sub-tree under the base DN.
696      *
697      * @param baseDN the starting DN used for performing searches.
698      */
699     public void setBaseDN(String JavaDoc baseDN) {
700         this.baseDN = baseDN;
701         JiveGlobals.setXMLProperty("ldap.baseDN", baseDN);
702     }
703
704     /**
705      * Returns the alternate starting DN that searches for users will performed with.
706      * Searches will performed on the entire sub-tree under the alternate base DN after
707      * they are performed on the main base DN.
708      *
709      * @return the alternate starting DN used for performing searches. If no alternate
710      * DN is set, this method will return <tt>null</tt>.
711      */
712     public String JavaDoc getAlternateBaseDN() {
713         return alternateBaseDN;
714     }
715
716     /**
717      * Sets the alternate starting DN that searches for users will performed with.
718      * Searches will performed on the entire sub-tree under the alternate base DN after
719      * they are performed on the main base dn.
720      *
721      * @param alternateBaseDN the alternate starting DN used for performing searches.
722      */
723     public void setAlternateBaseDN(String JavaDoc alternateBaseDN) {
724         this.alternateBaseDN = alternateBaseDN;
725         if (alternateBaseDN == null) {
726             JiveGlobals.deleteXMLProperty("ldap.alternateBaseDN");
727         }
728         else {
729             JiveGlobals.setXMLProperty("ldap.alternateBaseDN", alternateBaseDN);
730         }
731     }
732
733     /**
734      * Returns the starting admin DN that searches for admins will performed with.
735      * Searches will performed on the entire sub-tree under the admin DN.
736      *
737      * @return the starting DN used for performing searches.
738      */
739     public String JavaDoc getAdminDN() {
740         return adminDN;
741     }
742
743     /**
744      * Sets the starting admin DN that searches for admins will performed with.
745      * Searches will performed on the entire sub-tree under the admins DN.
746      *
747      * @param adminDN the starting DN used for performing admin searches.
748      */
749     public void setAdminDN(String JavaDoc adminDN) {
750         this.adminDN = adminDN;
751         JiveGlobals.setXMLProperty("ldap.adminDN", adminDN);
752     }
753
754     /**
755      * Returns the starting admin DN that searches for admins will performed with.
756      * Searches will performed on the entire sub-tree under the admin DN.
757      *
758      * @return the starting DN used for performing searches.
759      */
760     public String JavaDoc getAdminPassword() {
761         return adminPassword;
762     }
763
764     /**
765      * Sets the admin password for the LDAP server we're connecting to.
766      *
767      * @param adminPassword the admin password for the LDAP server we're
768      * connecting to.
769      */
770     public void setAdminPassword(String JavaDoc adminPassword) {
771         this.adminPassword = adminPassword;
772         JiveGlobals.setXMLProperty("ldap.adminPassword", adminPassword);
773     }
774
775     /**
776      * Returns the filter used for searching the directory for users.
777      *
778      * @return the search filter.
779      */
780     public String JavaDoc getSearchFilter() {
781         return searchFilter;
782     }
783
784     /**
785      * Sets the filter used for searching the directory for users. The filter should
786      * contain a single token "{0}" that will be dynamically replaced with the
787      * user's unique ID.
788      *
789      * @param searchFilter the search filter.
790      */
791     public void setSearchFilter(String JavaDoc searchFilter) {
792         if (searchFilter == null || "".equals(searchFilter)) {
793             StringBuilder JavaDoc filter = new StringBuilder JavaDoc();
794             filter.append("(").append(usernameField).append("={0})");
795             this.searchFilter = filter.toString();
796             JiveGlobals.deleteXMLProperty("ldap.searchFilter");
797         }
798         else {
799             this.searchFilter = searchFilter;
800             JiveGlobals.setXMLProperty("ldap.searchFilter", searchFilter);
801         }
802     }
803
804     /**
805      * Returns the field name used for groups.
806      * Value of groupNameField defaults to "cn".
807      *
808      * @return the field used for groups.
809      */
810     public String JavaDoc getGroupNameField() {
811         return groupNameField;
812     }
813
814     /**
815      * Sets the field name used for groups.
816      *
817      * @param groupNameField the field used for groups.
818      */
819     public void setGroupNameField(String JavaDoc groupNameField) {
820         this.groupNameField = groupNameField;
821         JiveGlobals.setXMLProperty("ldap.groupNameField", groupNameField);
822     }
823
824     /**
825      * Return the field used to list members within a group.
826      * Value of groupMemberField defaults to "member".
827      *
828      * @return the field used to list members within a group.
829      */
830     public String JavaDoc getGroupMemberField() {
831         return groupMemberField;
832     }
833
834     /**
835      * Sets the field used to list members within a group.
836      * Value of groupMemberField defaults to "member".
837      *
838      * @param groupMemberField the field used to list members within a group.
839      */
840     public void setGroupmemberField(String JavaDoc groupMemberField) {
841         this.groupMemberField = groupMemberField;
842         JiveGlobals.setXMLProperty("ldap.groupMemberField", groupMemberField);
843     }
844
845     /**
846      * Return the field used to describe a group.
847      * Value of groupDescriptionField defaults to "description".
848      *
849      * @return the field used to describe a group.
850      */
851     public String JavaDoc getGroupDescriptionField() {
852         return groupDescriptionField;
853     }
854
855     /**
856      * Sets the field used to describe a group.
857      * Value of groupDescriptionField defaults to "description".
858      *
859      * @param groupDescriptionField the field used to describe a group.
860      */
861     public void setGroupDescriptionField(String JavaDoc groupDescriptionField) {
862         this.groupDescriptionField = groupDescriptionField;
863         JiveGlobals.setXMLProperty("ldap.groupDescriptionField", groupDescriptionField);
864     }
865
866     /**
867      * Return the field used to tell if ldap server is posix.
868      * Value of posixEnabled defaults to false.
869      *
870      * @return the field used to tell if ldap server is posix.
871      */
872     public boolean getPosixEnabled() {
873         return posixEnabled;
874     }
875
876     /**
877      * Sets the field used to tell if ldap server is posix.
878      * Value of posixEnabled defaults to false.
879      *
880      * @param posixEnabled the field used to tell if ldap server is posix.
881      */
882     public void setPosixEnabled(boolean posixEnabled) {
883         this.posixEnabled = posixEnabled;
884         Boolean JavaDoc b = new Boolean JavaDoc(posixEnabled);
885         JiveGlobals.setXMLProperty("ldap.posixEnabled", b.toString());
886     }
887
888     /**
889      * Return the field used as the search filter when searching for groups.
890      * Value of groupSearchFilter defaults "(groupMemberField=*)".
891      *
892      * @return the field used as the search filter when searching for groups.
893      */
894     public String JavaDoc getGroupSearchFilter() {
895         return groupSearchFilter;
896     }
897
898     /**
899      * Sets the field used as the search filter when searching for groups.
900      * Value of groupSearchFilter defaults "(groupMemberField=*)".
901      *
902      * @param groupSearchFilter the field used as the search filter when searching for groups.
903      */
904     public void setGroupSearchFilter(String JavaDoc groupSearchFilter) {
905         this.groupSearchFilter = groupSearchFilter;
906         JiveGlobals.setXMLProperty("ldap.groupSearchFilter", groupSearchFilter);
907     }
908 }
Popular Tags