manifoldcf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kwri...@apache.org
Subject svn commit: r1534885 - in /manifoldcf/branches/CONNECTORS-754/connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint: SPSProxyHelper.java SharePointAuthority.java
Date Wed, 23 Oct 2013 01:10:18 GMT
Author: kwright
Date: Wed Oct 23 01:10:17 2013
New Revision: 1534885

URL: http://svn.apache.org/r1534885
Log:
Implement claim space, I hope, the way it should work if the specs are right.

Modified:
    manifoldcf/branches/CONNECTORS-754/connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint/SPSProxyHelper.java
    manifoldcf/branches/CONNECTORS-754/connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint/SharePointAuthority.java

Modified: manifoldcf/branches/CONNECTORS-754/connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint/SPSProxyHelper.java
URL: http://svn.apache.org/viewvc/manifoldcf/branches/CONNECTORS-754/connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint/SPSProxyHelper.java?rev=1534885&r1=1534884&r2=1534885&view=diff
==============================================================================
--- manifoldcf/branches/CONNECTORS-754/connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint/SPSProxyHelper.java
(original)
+++ manifoldcf/branches/CONNECTORS-754/connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint/SPSProxyHelper.java
Wed Oct 23 01:10:17 2013
@@ -137,6 +137,7 @@ public class SPSProxyHelper {
         throw new ManifoldCFException("Bad response - outer node should have been 'GetUserInfo'
node");
           
       String userID = null;
+      String userName = null;
       
       Iterator userIter = users.getChildElements();
       while (userIter.hasNext())
@@ -145,6 +146,7 @@ public class SPSProxyHelper {
         if (child.getElementName().getLocalName().equals("User"))
         {
           userID = child.getAttribute("ID");
+          userName = child.getAttribute("LoginName");
         }
       }
 
@@ -153,7 +155,7 @@ public class SPSProxyHelper {
         return null;
 
       List<String> accessTokens = new ArrayList<String>();
-      accessTokens.add("U"+userID);
+      accessTokens.add("U"+userName);
       
       com.microsoft.schemas.sharepoint.soap.directory.GetGroupCollectionFromUserResponseGetGroupCollectionFromUserResult
userGroupResp =
         userCall.getGroupCollectionFromUser( userLoginName );
@@ -199,7 +201,7 @@ public class SPSProxyHelper {
               String groupID = group.getAttribute("ID");
               String groupName = group.getAttribute("Name");
               // Add to the access token list
-              accessTokens.add("G"+groupID);
+              accessTokens.add("G"+groupName);
             }
           }
         }
@@ -245,7 +247,7 @@ public class SPSProxyHelper {
               String roleID = role.getAttribute("ID");
               String roleName = role.getAttribute("Name");
               // Add to the access token list
-              accessTokens.add("R"+roleID);
+              accessTokens.add("R"+roleName);
             }
           }
         }

Modified: manifoldcf/branches/CONNECTORS-754/connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint/SharePointAuthority.java
URL: http://svn.apache.org/viewvc/manifoldcf/branches/CONNECTORS-754/connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint/SharePointAuthority.java?rev=1534885&r1=1534884&r2=1534885&view=diff
==============================================================================
--- manifoldcf/branches/CONNECTORS-754/connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint/SharePointAuthority.java
(original)
+++ manifoldcf/branches/CONNECTORS-754/connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint/SharePointAuthority.java
Wed Oct 23 01:10:17 2013
@@ -414,7 +414,7 @@ public class SharePointAuthority extends
     {
       try
       {
-        List<String> adTokens = getADTokens(userPart,domainPart);
+        List<String> adTokens = getADTokens(userPart,domainPart,userName);
         // User not present in AD is perfectly OK provided the user exists in SharePoint
         if (adTokens != null)
           theGroups.addAll(adTokens);
@@ -446,7 +446,7 @@ public class SharePointAuthority extends
   }
 
   /** Get the AD-derived access tokens for a user and domain */
-  protected List<String> getADTokens(String userPart, String domainPart)
+  protected List<String> getADTokens(String userPart, String domainPart, String userName)
     throws NameNotFoundException, NamingException, ManifoldCFException
   {
     // Now, look through the rules for the matching domain controller
@@ -473,9 +473,14 @@ public class SharePointAuthority extends
       return null;
         
     // Use the complete fqn if the field is the "userPrincipalName"
+    String userBase;
     String userACLsUsername = dcParams.getUserACLsUsername();
     if (userACLsUsername != null && userACLsUsername.equals("userPrincipalName")){
-      userPart = userName;
+      userBase = userName;
+    }
+    else
+    {
+      userBase = userPart;
     }
         
     //Build the DN searchBase from domain part
@@ -500,7 +505,7 @@ public class SharePointAuthority extends
     LdapContext ctx = createDCSession(domainController);  
         
     //Get DistinguishedName (for this method we are using DomainPart as a searchBase ie:
DC=qa-ad-76,DC=metacarta,DC=com")
-    String searchBase = getDistinguishedName(ctx, userPart, domainsb.toString(), userACLsUsername);
+    String searchBase = getDistinguishedName(ctx, userBase, domainsb.toString(), userACLsUsername);
     if (searchBase == null)
       return null;
 
@@ -521,7 +526,10 @@ public class SharePointAuthority extends
     NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls);
 
     List<String> theGroups = new ArrayList<String>();
-
+    String userToken = userTokenFromLoginName(domainPart + "\\" + userPart);
+    if (userToken != null)
+      theGroups.add(userToken);
+    
     //Loop through the search results
     while (answer.hasMoreElements())
     {
@@ -539,7 +547,9 @@ public class SharePointAuthority extends
             Attribute attr = (Attribute)ae.next();
             for (NamingEnumeration e = attr.getAll();e.hasMore();)
             {
-              theGroups.add(groupTokenFromSID(sid2String((byte[])e.next())));
+              String sid = sid2String((byte[])e.next());
+              String token = attr.getID().equals("objectSid")?userTokenFromSID(sid):groupTokenFromSID(sid);
+              theGroups.add(token);
             }
           }
         }	 
@@ -547,7 +557,6 @@ public class SharePointAuthority extends
         {
           throw new ManifoldCFException(e.getMessage(),e);
         }
-                                    
       }
     }
 
@@ -555,14 +564,40 @@ public class SharePointAuthority extends
       return null;
     
     // User is in AD, so add the 'everyone' group
-    theGroups.add(groupTokenFromSID("S-1-1-0"));
+    theGroups.add(everyoneGroup());
     return theGroups;
   }
 
+  protected String everyoneGroup()
+  {
+    if (isClaimSpace)
+      return "c:0!.s|windows";
+    else
+      return "S-1-1-0";
+  }
+  
   protected String groupTokenFromSID(String SID)
   {
-    // MHL; called only if Claim Space enabled
-    return SID;
+    if (isClaimSpace)
+      return "c:0+.w|"+SID.toLowerCase(Locale.ROOT);
+    else
+      return SID;
+  }
+
+  protected String userTokenFromSID(String SID)
+  {
+    if (isClaimSpace)
+      return "i:0+.w|"+SID.toLowerCase(Locale.ROOT);
+    else
+      return SID;
+  }
+  
+  protected String userTokenFromLoginName(String loginName)
+  {
+    if (isClaimSpace)
+      return "i:0#.w|"+URLEncoder.encode(loginName);
+    else
+      return null;
   }
   
   // UI support methods.



Mime
View raw message