Return-Path: X-Original-To: apmail-incubator-connectors-commits-archive@minotaur.apache.org Delivered-To: apmail-incubator-connectors-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 12EA922D0 for ; Tue, 3 May 2011 17:28:52 +0000 (UTC) Received: (qmail 733 invoked by uid 500); 3 May 2011 17:28:51 -0000 Delivered-To: apmail-incubator-connectors-commits-archive@incubator.apache.org Received: (qmail 695 invoked by uid 500); 3 May 2011 17:28:51 -0000 Mailing-List: contact connectors-commits-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: connectors-dev@incubator.apache.org Delivered-To: mailing list connectors-commits@incubator.apache.org Received: (qmail 688 invoked by uid 99); 3 May 2011 17:28:51 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 May 2011 17:28:51 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 03 May 2011 17:28:48 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 017B323889F7; Tue, 3 May 2011 17:28:28 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1099144 - /incubator/lcf/branches/CONNECTORS-195/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java Date: Tue, 03 May 2011 17:28:27 -0000 To: connectors-commits@incubator.apache.org From: kwright@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20110503172828.017B323889F7@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: kwright Date: Tue May 3 17:28:27 2011 New Revision: 1099144 URL: http://svn.apache.org/viewvc?rev=1099144&view=rev Log: Use existence of ObjectSid attribute to decide if user exists Modified: incubator/lcf/branches/CONNECTORS-195/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java Modified: incubator/lcf/branches/CONNECTORS-195/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java URL: http://svn.apache.org/viewvc/incubator/lcf/branches/CONNECTORS-195/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java?rev=1099144&r1=1099143&r2=1099144&view=diff ============================================================================== --- incubator/lcf/branches/CONNECTORS-195/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java (original) +++ incubator/lcf/branches/CONNECTORS-195/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java Tue May 3 17:28:27 2011 @@ -211,15 +211,6 @@ public class ActiveDirectoryAuthority ex //Specify the Base for the search String searchBase = parseUser(userName); - //Create the search controls for finding the user - SearchControls userSearchCtls = new SearchControls(); - - //Specify the search scope, must be base level search for users - //userSearchCtls.setSearchScope(SearchControls.OBJECT_SCOPE); - - //Specify the attributes to return - userSearchCtls.setReturningAttributes(new String[]{"sAMAccountName"}); - //Create the search controls for finding the access tokens SearchControls searchCtls = new SearchControls(); @@ -231,13 +222,10 @@ public class ActiveDirectoryAuthority ex try { - // Search for users - NamingEnumeration answer = ctx.search(searchBase, searchFilter, userSearchCtls); + //Search for tokens. Since every user *must* have a SID, the no user detection should be safe. + NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls); if (!answer.hasMoreElements()) return userNotFoundResponse; - - //Search for tokens - answer = ctx.search(searchBase, searchFilter, searchCtls); ArrayList theGroups = new ArrayList(); // All users get certain well-known groups