Verwaltung von LDAP Accounts und Gruppen
Peter Hormanns
2019-07-22 2c168b0663c851e3cd9150601200286be99d423b
change subdomain, create contextlistener
1 files renamed
1 files added
9 files modified
102 ■■■■■ changed files
ldif/ldap-example-data.ldif 20 ●●●● patch | view | raw | blame | history
pom.xml 1 ●●●● patch | view | raw | blame | history
src/main/java/de/jalin/ldapadmin/ldap/DirectoryServiceRunner.java 17 ●●●● patch | view | raw | blame | history
src/main/java/de/jalin/ldapadmin/server/WebappDirectoryServer.java 20 ●●●●● patch | view | raw | blame | history
src/test/java/de/jalin/ldapadmin/ldap/TestCreateGroup.java 6 ●●●● patch | view | raw | blame | history
src/test/java/de/jalin/ldapadmin/ldap/TestCreateUser.java 6 ●●●● patch | view | raw | blame | history
src/test/java/de/jalin/ldapadmin/ldap/TestDeleteUser.java 6 ●●●● patch | view | raw | blame | history
src/test/java/de/jalin/ldapadmin/ldap/TestReadUser.java 6 ●●●● patch | view | raw | blame | history
src/test/java/de/jalin/ldapadmin/ldap/TestUpdateAsBindUser.java 6 ●●●● patch | view | raw | blame | history
src/test/java/de/jalin/ldapadmin/ldap/TestUpdateAsSimpleUser.java 8 ●●●● patch | view | raw | blame | history
src/test/java/de/jalin/ldapadmin/ldap/TestUpdateUser.java 6 ●●●● patch | view | raw | blame | history
ldif/ldap-example-data.ldif
@@ -1,36 +1,36 @@
version: 1
dn: dc=saastest,dc=example,dc=com
dn: dc=domain,dc=example,dc=com
objectclass: top
objectclass: domain
administrativeRole: accessControlSpecificArea
dc: saastest
dc: domain
dn: cn=saastestAuthenticationRequirementsACISubentry,dc=saastest,dc=example,dc=com
dn: cn=domainAuthenticationRequirementsACISubentry,dc=domain,dc=example,dc=com
objectClass: accessControlSubentry
objectClass: subentry
objectClass: top
subtreeSpecification: { }
prescriptiveACI: { identificationTag "subtreeFullAccessACI", precedence 11, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { name { "uid=application,ou=bind,dc=saastest,dc=example,dc=com" } }, userPermissions { { protectedItems { entry, allUserAttributeTypesAndValues }, grantsAndDenials { grantCompare, grantBrowse, grantRename, grantRemove, grantAdd, grantRead, grantFilterMatch, grantReturnDN, grantModify } } } } }
prescriptiveACI: { identificationTag "subtreeFullAccessACI", precedence 11, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { name { "uid=application,ou=bind,dc=domain,dc=example,dc=com" } }, userPermissions { { protectedItems { entry, allUserAttributeTypesAndValues }, grantsAndDenials { grantCompare, grantBrowse, grantRename, grantRemove, grantAdd, grantRead, grantFilterMatch, grantReturnDN, grantModify } } } } }
prescriptiveACI: { identificationTag "allUsersACI", precedence 9, authenticationLevel none, itemOrUserFirst userFirst: { userClasses { allUsers }, userPermissions { { protectedItems { attributeType { userPassword } }, grantsAndDenials { denyRead, denyFilterMatch, denyCompare } }, { protectedItems { entry, allUserAttributeTypesAndValues }, grantsAndDenials { grantCompare, grantBrowse,grantDiscloseOnError, grantRead, grantFilterMatch, grantReturnDN } } } } }
cn: saastestAuthenticationRequirementsACISubentry
cn: domainAuthenticationRequirementsACISubentry
dn: ou=groups,dc=saastest,dc=example,dc=com
dn: ou=groups,dc=domain,dc=example,dc=com
objectClass: top
objectClass: organizationalUnit
ou: groups
dn: ou=users,dc=saastest,dc=example,dc=com
dn: ou=users,dc=domain,dc=example,dc=com
objectClass: top
objectClass: organizationalUnit
ou: users
dn: ou=bind,dc=saastest,dc=example,dc=com
dn: ou=bind,dc=domain,dc=example,dc=com
objectClass: top
objectClass: organizationalUnit
ou: bind
dn: uid=admin,ou=users,dc=saastest,dc=example,dc=com
dn: uid=admin,ou=users,dc=domain,dc=example,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: person
@@ -41,7 +41,7 @@
uid: admin
userPassword: admin-secret
dn: uid=application,ou=bind,dc=saastest,dc=example,dc=com
dn: uid=application,ou=bind,dc=domain,dc=example,dc=com
objectClass: top
objectClass: inetOrgPerson
objectClass: person
pom.xml
@@ -66,7 +66,6 @@
            <groupId>org.apache.directory.server</groupId>
            <artifactId>apacheds-service</artifactId>
            <version>2.0.0.AM25</version>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>junit</groupId>
src/main/java/de/jalin/ldapadmin/ldap/DirectoryServiceRunner.java
File was renamed from src/test/java/de/jalin/ldapadmin/ldap/DirectoryServiceRunner.java
@@ -1,7 +1,6 @@
package de.jalin.ldapadmin.ldap;
import java.io.File;
import java.io.FilenameFilter;
import java.util.ArrayList;
import java.util.List;
@@ -28,18 +27,18 @@
    private final DirectoryService service;
    public DirectoryServiceRunner(final String dnString, final String ip, final String port) throws Exception {
        service = initService();
    public DirectoryServiceRunner(final String partition, final String dnString, final String ip, final String port) throws Exception {
        this.service = initService(partition);
        addPartition("ou=config", "config");
        addPartition(dnString, "example");
        service.startup();
        addPartition(dnString, partition);
        this.service.startup();
        loadData();
        startServer(ip, port);
    }
    private DirectoryService initService() throws Exception {
    private DirectoryService initService(final String partition) throws Exception {
        final DefaultDirectoryServiceFactory factory = new DefaultDirectoryServiceFactory();
        factory.init("example");
        factory.init(partition);
        final DirectoryService directoryService = factory.getDirectoryService();
        directoryService.setShutdownHookEnabled(true);
        directoryService.getChangeLog().setEnabled(false);
@@ -85,7 +84,7 @@
        if (serviceRunner == null) {
            final String dnName = "dc=" + name + ",dc=example,dc=com";
            try {
                serviceRunner = new DirectoryServiceRunner(dnName, "127.0.0.1", "10389");
                serviceRunner = new DirectoryServiceRunner("example", dnName, "127.0.0.1", "10389");
            } catch (Exception e) {
                throw new DirectoryServiceException(e);
            }
@@ -97,7 +96,7 @@
        final String ip = args[1];
        final String port = args[2];
        try {
            final DirectoryServiceRunner ads = new DirectoryServiceRunner(dnString, ip, port);
            final DirectoryServiceRunner ads = new DirectoryServiceRunner("example", dnString, ip, port);
            final Entry result = ads.service.getAdminSession().lookup(new Dn(dnString));
            System.out.println("Found entry : " + result);
        } catch (Exception e) {
src/main/java/de/jalin/ldapadmin/server/WebappDirectoryServer.java
New file
@@ -0,0 +1,20 @@
package de.jalin.ldapadmin.server;
import javax.servlet.ServletContext;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
public class WebappDirectoryServer implements ServletContextListener {
    @Override
    public void contextInitialized(final ServletContextEvent evt) {
        final ServletContext ctx = evt.getServletContext();
        final String uri = ctx.getInitParameter("uri");
    }
    @Override
    public void contextDestroyed(final ServletContextEvent evt) {
    }
}
src/test/java/de/jalin/ldapadmin/ldap/TestCreateGroup.java
@@ -14,18 +14,18 @@
public class TestCreateGroup {
    private static final String USERS_DN = "uid=${uid},ou=users,dc=saastest,dc=example,dc=com";
    private static final String USERS_DN = "uid=${uid},ou=users,dc=domain,dc=example,dc=com";
    private LDAPSession session;
    @BeforeClass
    public static void setupClass() throws Exception {
        DirectoryServiceRunner.assureServiceRunning("saastest");
        DirectoryServiceRunner.assureServiceRunning("domain");
    }
    @Before
    public void setUp() throws Exception {
        session = new LDAPSession("ldap://localhost:10389/dc=saastest,dc=example,dc=com", "uid=admin,ou=system", "streng-geheim");
        session = new LDAPSession("ldap://localhost:10389/dc=domain,dc=example,dc=com", "uid=admin,ou=system", "streng-geheim");
    }
    @After
src/test/java/de/jalin/ldapadmin/ldap/TestCreateUser.java
@@ -11,18 +11,18 @@
public class TestCreateUser {
    private static final String USERS_DN = "uid=pet,ou=users,dc=saastest,dc=example,dc=com";
    private static final String USERS_DN = "uid=pet,ou=users,dc=domain,dc=example,dc=com";
    private LDAPSession session;
    @BeforeClass
    public static void setupClass() throws Exception {
        DirectoryServiceRunner.assureServiceRunning("saastest");
        DirectoryServiceRunner.assureServiceRunning("domain");
    }
    @Before
    public void setUp() throws Exception {
        session = new LDAPSession("ldap://localhost:10389/dc=saastest,dc=example,dc=com", "uid=admin,ou=system", "streng-geheim");
        session = new LDAPSession("ldap://localhost:10389/dc=domain,dc=example,dc=com", "uid=admin,ou=system", "streng-geheim");
    }
    @After
src/test/java/de/jalin/ldapadmin/ldap/TestDeleteUser.java
@@ -11,18 +11,18 @@
public class TestDeleteUser {
    private static final String USERS_DN = "uid=hei,ou=users,dc=saastest,dc=example,dc=com";
    private static final String USERS_DN = "uid=hei,ou=users,dc=domain,dc=example,dc=com";
    private LDAPSession session;
    @BeforeClass
    public static void setupClass() throws Exception {
        DirectoryServiceRunner.assureServiceRunning("saastest");
        DirectoryServiceRunner.assureServiceRunning("domain");
    }
    @Before
    public void setUp() throws Exception {
        session = new LDAPSession("ldap://localhost:10389/dc=saastest,dc=example,dc=com", "uid=admin,ou=system", "streng-geheim");
        session = new LDAPSession("ldap://localhost:10389/dc=domain,dc=example,dc=com", "uid=admin,ou=system", "streng-geheim");
    }
    @After
src/test/java/de/jalin/ldapadmin/ldap/TestReadUser.java
@@ -11,18 +11,18 @@
public class TestReadUser {
    private static final String USERS_DN = "uid=chr,ou=users,dc=saastest,dc=example,dc=com";
    private static final String USERS_DN = "uid=chr,ou=users,dc=domain,dc=example,dc=com";
    private LDAPSession session;
    @BeforeClass
    public static void setupClass() throws Exception {
        DirectoryServiceRunner.assureServiceRunning("saastest");
        DirectoryServiceRunner.assureServiceRunning("domain");
    }
    @Before
    public void setUp() throws Exception {
        session = new LDAPSession("ldap://localhost:10389/dc=saastest,dc=example,dc=com", "uid=admin,ou=system", "streng-geheim");
        session = new LDAPSession("ldap://localhost:10389/dc=domain,dc=example,dc=com", "uid=admin,ou=system", "streng-geheim");
    }
    @After
src/test/java/de/jalin/ldapadmin/ldap/TestUpdateAsBindUser.java
@@ -15,18 +15,18 @@
public class TestUpdateAsBindUser {
    private static final String USERS_DN = "uid=pau,ou=users,dc=saastest,dc=example,dc=com";
    private static final String USERS_DN = "uid=pau,ou=users,dc=domain,dc=example,dc=com";
    private LDAPSession session;
    @BeforeClass
    public static void setupClass() throws Exception {
        DirectoryServiceRunner.assureServiceRunning("saastest");
        DirectoryServiceRunner.assureServiceRunning("domain");
    }
    @Before
    public void setUp() throws Exception {
        session = new LDAPSession("ldap://localhost:10389/dc=saastest,dc=example,dc=com", "uid=application,ou=bind,dc=saastest,dc=example,dc=com", "app-secret");
        session = new LDAPSession("ldap://localhost:10389/dc=domain,dc=example,dc=com", "uid=application,ou=bind,dc=domain,dc=example,dc=com", "app-secret");
    }
    @After
src/test/java/de/jalin/ldapadmin/ldap/TestUpdateAsSimpleUser.java
@@ -17,16 +17,16 @@
public class TestUpdateAsSimpleUser {
    private static final String USERS_DN = "uid=mic,ou=users,dc=saastest,dc=example,dc=com";
    private static final String USERS_DN = "uid=mic,ou=users,dc=domain,dc=example,dc=com";
    @BeforeClass
    public static void setupClass() throws Exception {
        DirectoryServiceRunner.assureServiceRunning("saastest");
        DirectoryServiceRunner.assureServiceRunning("domain");
    }
    @Before
    public void setUp() throws Exception {
        final LDAPSession bindUserSession = new LDAPSession("ldap://localhost:10389/dc=saastest,dc=example,dc=com", "uid=application,ou=bind,dc=saastest,dc=example,dc=com", "app-secret");
        final LDAPSession bindUserSession = new LDAPSession("ldap://localhost:10389/dc=domain,dc=example,dc=com", "uid=application,ou=bind,dc=domain,dc=example,dc=com", "app-secret");
        final UsersDAO dao = new UsersDAO(bindUserSession);
        final User newUser = new User();
        newUser.setDn(USERS_DN);
@@ -54,7 +54,7 @@
    @Test
    public void test() {
        try {
            final LDAPSession simpleUserSession = new LDAPSession("ldap://localhost:10389/dc=saastest,dc=example,dc=com", "uid=plp,ou=users,dc=saastest,dc=example,dc=com", "geheim");
            final LDAPSession simpleUserSession = new LDAPSession("ldap://localhost:10389/dc=domain,dc=example,dc=com", "uid=plp,ou=users,dc=domain,dc=example,dc=com", "geheim");
            final UsersDAO dao = new UsersDAO(simpleUserSession);
            final User existingUser = dao.loadUsers().get(USERS_DN);
            assertNull("user already exists", existingUser);
src/test/java/de/jalin/ldapadmin/ldap/TestUpdateUser.java
@@ -14,18 +14,18 @@
public class TestUpdateUser {
    private static final String USERS_DN = "uid=kla,ou=users,dc=saastest,dc=example,dc=com";
    private static final String USERS_DN = "uid=kla,ou=users,dc=domain,dc=example,dc=com";
    private LDAPSession session;
    @BeforeClass
    public static void setupClass() throws Exception {
        DirectoryServiceRunner.assureServiceRunning("saastest");
        DirectoryServiceRunner.assureServiceRunning("domain");
    }
    @Before
    public void setUp() throws Exception {
        session = new LDAPSession("ldap://localhost:10389/dc=saastest,dc=example,dc=com", "uid=admin,ou=system", "streng-geheim");
        session = new LDAPSession("ldap://localhost:10389/dc=domain,dc=example,dc=com", "uid=admin,ou=system", "streng-geheim");
    }
    @After