From 0e44acbb2fec928a1606dc60f427a148fff405c9 Mon Sep 17 00:00:00 2001
From: Mohamed Ragab <moragab@gmail.com>
Date: Wed, 02 May 2012 11:15:01 -0400
Subject: [PATCH] Added a script to facilitate setting the proxy host and port and no proxy hosts, and then it concatenates all the java system properties for setting the java proxy configurations and puts the resulting string in an environment variable JAVA_PROXY_CONFIG, modified the scirpts gitblit, gitblit-ubuntu, and gitblit-centos to source the java-proxy-config.sh script and then include the resulting java proxy configuration in the java command
---
src/com/gitblit/LdapUserService.java | 89 +++++++++++++++++++++++++++++---------------
1 files changed, 58 insertions(+), 31 deletions(-)
diff --git a/src/com/gitblit/LdapUserService.java b/src/com/gitblit/LdapUserService.java
index 674e2a0..78b5f99 100644
--- a/src/com/gitblit/LdapUserService.java
+++ b/src/com/gitblit/LdapUserService.java
@@ -56,7 +56,7 @@
@Override
public void setup(IStoredSettings settings) {
this.settings = settings;
- String file = settings.getString(Keys.realm.ldap_backingUserService, "users.conf");
+ String file = settings.getString(Keys.realm.ldap.backingUserService, "users.conf");
File realmFile = GitBlit.getFileOrFolder(file);
serviceImpl = createUserService(realmFile);
@@ -65,9 +65,9 @@
private LDAPConnection getLdapConnection() {
try {
- URI ldapUrl = new URI(settings.getRequiredString(Keys.realm.ldap_server));
- String bindUserName = settings.getString(Keys.realm.ldap_username, "");
- String bindPassword = settings.getString(Keys.realm.ldap_password, "");
+ URI ldapUrl = new URI(settings.getRequiredString(Keys.realm.ldap.server));
+ String bindUserName = settings.getString(Keys.realm.ldap.username, "");
+ String bindPassword = settings.getString(Keys.realm.ldap.password, "");
int ldapPort = ldapUrl.getPort();
if (ldapUrl.getScheme().equalsIgnoreCase("ldaps")) { // SSL
@@ -106,6 +106,29 @@
}
/**
+ * If no displayName pattern is defined then Gitblit can manage the display name.
+ *
+ * @return true if Gitblit can manage the user display name
+ * @since 1.0.0
+ */
+ @Override
+ public boolean supportsDisplayNameChanges() {
+ return StringUtils.isEmpty(settings.getString(Keys.realm.ldap.displayName, ""));
+ }
+
+ /**
+ * If no email pattern is defined then Gitblit can manage the email address.
+ *
+ * @return true if Gitblit can manage the user email address
+ * @since 1.0.0
+ */
+ @Override
+ public boolean supportsEmailAddressChanges() {
+ return StringUtils.isEmpty(settings.getString(Keys.realm.ldap.email, ""));
+ }
+
+
+ /**
* If the LDAP server will maintain team memberships then LdapUserService
* will not allow team membership changes. In this scenario all team
* changes must be made on the LDAP server by the LDAP administrator.
@@ -114,7 +137,7 @@
* @since 1.0.0
*/
public boolean supportsTeamMembershipChanges() {
- return !settings.getBoolean(Keys.realm.ldap_maintainTeams, false);
+ return !settings.getBoolean(Keys.realm.ldap.maintainTeams, false);
}
/**
@@ -135,8 +158,8 @@
LDAPConnection ldapConnection = getLdapConnection();
if (ldapConnection != null) {
// Find the logging in user's DN
- String accountBase = settings.getString(Keys.realm.ldap_accountBase, "");
- String accountPattern = settings.getString(Keys.realm.ldap_accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))");
+ String accountBase = settings.getString(Keys.realm.ldap.accountBase, "");
+ String accountPattern = settings.getString(Keys.realm.ldap.accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))");
accountPattern = StringUtils.replace(accountPattern, "${username}", escapeLDAPSearchFilter(simpleUsername));
SearchResult result = doSearch(ldapConnection, accountBase, accountPattern);
@@ -145,7 +168,7 @@
String loggingInUserDN = loggingInUser.getDN();
if (isAuthenticated(ldapConnection, loggingInUserDN, new String(password))) {
- logger.debug("Authenitcated: " + username);
+ logger.debug("LDAP authenticated: " + username);
UserModel user = getUserModel(simpleUsername);
if (user == null) // create user object for new authenticated user
@@ -176,7 +199,7 @@
private void setAdminAttribute(UserModel user) {
user.canAdmin = false;
- List<String> admins = settings.getStrings(Keys.realm.ldap_admins);
+ List<String> admins = settings.getStrings(Keys.realm.ldap.admins);
for (String admin : admins) {
if (admin.startsWith("@")) { // Team
if (user.getTeam(admin.substring(1)) != null)
@@ -194,27 +217,31 @@
// Don't want visibility into the real password, make up a dummy
user.password = "StoredInLDAP";
- // Get Attributes for full name / email
- String displayName = settings.getString(Keys.realm.ldap_displayName, "displayName");
- String email = settings.getString(Keys.realm.ldap_email, "email");
+ // Get full name Attribute
+ String displayName = settings.getString(Keys.realm.ldap.displayName, "");
+ if (!StringUtils.isEmpty(displayName)) {
+ // Replace embedded ${} with attributes
+ if (displayName.contains("${")) {
+ for (Attribute userAttribute : userEntry.getAttributes())
+ displayName = StringUtils.replace(displayName, "${" + userAttribute.getName() + "}", userAttribute.getValue());
- // Replace embedded ${} with attributes
- if (displayName.contains("${")) {
- for (Attribute userAttribute : userEntry.getAttributes())
- displayName = StringUtils.replace(displayName, "${" + userAttribute.getName() + "}", userAttribute.getValue());
-
- user.displayName = displayName;
- } else {
- user.displayName = userEntry.getAttribute(displayName).getValue();
+ user.displayName = displayName;
+ } else {
+ user.displayName = userEntry.getAttribute(displayName).getValue();
+ }
}
- if (email.contains("${")) {
- for (Attribute userAttribute : userEntry.getAttributes())
- email = StringUtils.replace(email, "${" + userAttribute.getName() + "}", userAttribute.getValue());
-
- user.emailAddress = email;
- } else {
- user.emailAddress = userEntry.getAttribute(email).getValue();
+ // Get email address Attribute
+ String email = settings.getString(Keys.realm.ldap.email, "");
+ if (!StringUtils.isEmpty(email)) {
+ if (email.contains("${")) {
+ for (Attribute userAttribute : userEntry.getAttributes())
+ email = StringUtils.replace(email, "${" + userAttribute.getName() + "}", userAttribute.getValue());
+
+ user.emailAddress = email;
+ } else {
+ user.emailAddress = userEntry.getAttribute(email).getValue();
+ }
}
}
@@ -222,8 +249,8 @@
String loggingInUserDN = loggingInUser.getDN();
user.teams.clear(); // Clear the users team memberships - we're going to get them from LDAP
- String groupBase = settings.getString(Keys.realm.ldap_groupBase, "");
- String groupMemberPattern = settings.getString(Keys.realm.ldap_groupMemberPattern, "(&(objectClass=group)(member=${dn}))");
+ String groupBase = settings.getString(Keys.realm.ldap.groupBase, "");
+ String groupMemberPattern = settings.getString(Keys.realm.ldap.groupMemberPattern, "(&(objectClass=group)(member=${dn}))");
groupMemberPattern = StringUtils.replace(groupMemberPattern, "${dn}", escapeLDAPSearchFilter(loggingInUserDN));
groupMemberPattern = StringUtils.replace(groupMemberPattern, "${username}", escapeLDAPSearchFilter(simpleUsername));
@@ -250,7 +277,7 @@
private TeamModel createTeamFromLdap(SearchResultEntry teamEntry) {
TeamModel answer = new TeamModel(teamEntry.getAttributeValue("cn"));
- // If attributes other than team name ever from from LDAP, this is where to get them
+ // potentially retrieve other attributes here in the future
return answer;
}
@@ -271,7 +298,7 @@
ldapConnection.bind(userDn, password);
return true;
} catch (LDAPException e) {
- logger.error("Error authenitcating user", e);
+ logger.error("Error authenticating user", e);
return false;
}
}
--
Gitblit v1.9.1