manifoldcf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kwri...@apache.org
Subject svn commit: r1536506 - in /manifoldcf/integration/solr-3.x/trunk/mcf/src/java/org/apache/solr/mcf: ManifoldCFQParserPlugin.java ManifoldCFSearchComponent.java
Date Mon, 28 Oct 2013 20:34:16 GMT
Author: kwright
Date: Mon Oct 28 20:34:16 2013
New Revision: 1536506

URL: http://svn.apache.org/r1536506
Log:
Add ability to handle multiple user domains

Modified:
    manifoldcf/integration/solr-3.x/trunk/mcf/src/java/org/apache/solr/mcf/ManifoldCFQParserPlugin.java
    manifoldcf/integration/solr-3.x/trunk/mcf/src/java/org/apache/solr/mcf/ManifoldCFSearchComponent.java

Modified: manifoldcf/integration/solr-3.x/trunk/mcf/src/java/org/apache/solr/mcf/ManifoldCFQParserPlugin.java
URL: http://svn.apache.org/viewvc/manifoldcf/integration/solr-3.x/trunk/mcf/src/java/org/apache/solr/mcf/ManifoldCFQParserPlugin.java?rev=1536506&r1=1536505&r2=1536506&view=diff
==============================================================================
--- manifoldcf/integration/solr-3.x/trunk/mcf/src/java/org/apache/solr/mcf/ManifoldCFQParserPlugin.java
(original)
+++ manifoldcf/integration/solr-3.x/trunk/mcf/src/java/org/apache/solr/mcf/ManifoldCFQParserPlugin.java
Mon Oct 28 20:34:16 2013
@@ -53,8 +53,15 @@ public class ManifoldCFQParserPlugin ext
 {
   /** The component name */
   static final public String COMPONENT_NAME = "mcf";
-  /** The parameter that is supposed to contain the authenticated user name, possibly including
the domain */
+  /** The parameter that is supposed to contain the authenticated user name, possibly including
the AD domain */
   static final public String AUTHENTICATED_USER_NAME = "AuthenticatedUserName";
+  /** The parameter that is supposed to contain the MCF authorization domain, if any */
+  static final public String AUTHENTICATED_USER_DOMAIN = "AuthenticatedUserDomain";
+  /** If there are more than one user/domain, this prefix will allow us to get the users...
*/
+  static final public String AUTHENTICATED_USER_NAME_PREFIX = "AuthenticatedUserName_";
+  /** If there are more than one user/domain, this prefix will allow us to get the authorization
domains... */
+  static final public String AUTHENTICATED_USER_DOMAIN_PREFIX = "AuthenticatedUserDomain_";
+  
   /** This parameter is an array of strings, which contain the tokens to use if there is
no authenticated user name.
    * It's meant to work with mod_authz_annotate,
    * running under Apache */
@@ -151,11 +158,36 @@ public class ManifoldCFQParserPlugin ext
 
       List<String> userAccessTokens;
       
+      // Map from domain to user
+      Map<String,String> domainMap = new HashMap<String,String>();
+      
       // Get the authenticated user name from the parameters
       String authenticatedUserName = params.get(AUTHENTICATED_USER_NAME);
+      if (authenticatedUserName != null)
+      {
+        String authenticatedUserDomain = params.get(AUTHENTICATED_USER_DOMAIN);
+        if (authenticatedUserDomain == null)
+          authenticatedUserDomain = "";
+        domainMap.put(authenticatedUserDomain, authenticatedUserName);
+      }
+      else
+      {
+        // Look for user names/domains using the prefix
+        int i = 0;
+        while (true)
+        {
+          String userName = params.get(AUTHENTICATED_USER_NAME_PREFIX+i);
+          String domain = params.get(AUTHENTICATED_USER_DOMAIN+i);
+          if (userName == null)
+            break;
+          if (domain == null)
+            domain = "";
+          domainMap.put(domain,userName);
+        }
+      }
       
       // If this parameter is empty or does not exist, we have to presume this is a guest,
and treat them accordingly
-      if (authenticatedUserName == null || authenticatedUserName.length() == 0)
+      if (domainMap.size() == 0)
       {
         // No authenticated user name.
         // mod_authz_annotate may be in use upstream, so look for tokens from it.
@@ -178,7 +210,18 @@ public class ManifoldCFQParserPlugin ext
       }
       else
       {
-        LOG.info("Trying to match docs for user '"+authenticatedUserName+"'");
+        StringBuilder sb = new StringBuilder("[");
+        boolean first = true;
+        for (String domain : domainMap.keySet())
+        {
+          if (!first)
+            sb.append(",");
+          else
+            first = false;
+          sb.append(domain).append(":").append(domainMap.get(domain));
+        }
+        sb.append("]");
+        LOG.info("Trying to match docs for user '"+sb.toString()+"'");
         // Valid authenticated user name.  Look up access tokens for the user.
         // Check the configuration arguments for validity
         if (authorityBaseURL == null)
@@ -187,7 +230,7 @@ public class ManifoldCFQParserPlugin ext
         }
         try
         {
-          userAccessTokens = getAccessTokens(authenticatedUserName);
+          userAccessTokens = getAccessTokens(domainMap);
         }
         catch (IOException e)
         {
@@ -253,11 +296,27 @@ public class ManifoldCFQParserPlugin ext
     // Protected methods
     
     /** Get access tokens given a username */
-    protected List<String> getAccessTokens(String authenticatedUserName)
+    protected List<String> getAccessTokens(Map<String,String> domainMap)
       throws IOException
     {
       // We can make this more complicated later, with support for https etc., but this is
enough to demonstrate how it all should work.
-      String theURL = authorityBaseURL + "/UserACLs?username="+URLEncoder.encode(authenticatedUserName,"utf-8");
+      StringBuilder urlBuffer = new StringBuilder(authorityBaseURL);
+      urlBuffer.append("/UserACLs");
+      int i = 0;
+      for (String domain : domainMap.keySet())
+      {
+        if (i = 0)
+        {
+          urlBuffer.append("?");
+          first = false;
+        }
+        else
+          urlBuffer.append("&");
+        urlBuffer.append("username_").append(Integer.toString(i)).append("=").append(URLEncoder.encode(domainMap.get(domain),"utf-8")).append("&")
+          .append("domain_").append(Integer.toString(i)).append("=").append(URLEncoder.encode(domain,"utf-8"));
+        i++;
+      }
+      String theURL = urlBuffer.toString();
         
       GetMethod method = new GetMethod(theURL);
       try

Modified: manifoldcf/integration/solr-3.x/trunk/mcf/src/java/org/apache/solr/mcf/ManifoldCFSearchComponent.java
URL: http://svn.apache.org/viewvc/manifoldcf/integration/solr-3.x/trunk/mcf/src/java/org/apache/solr/mcf/ManifoldCFSearchComponent.java?rev=1536506&r1=1536505&r2=1536506&view=diff
==============================================================================
--- manifoldcf/integration/solr-3.x/trunk/mcf/src/java/org/apache/solr/mcf/ManifoldCFSearchComponent.java
(original)
+++ manifoldcf/integration/solr-3.x/trunk/mcf/src/java/org/apache/solr/mcf/ManifoldCFSearchComponent.java
Mon Oct 28 20:34:16 2013
@@ -45,8 +45,15 @@ public class ManifoldCFSearchComponent e
 {
   /** The component name */
   static final public String COMPONENT_NAME = "mcf";
-  /** The parameter that is supposed to contain the authenticated user name, possibly including
the domain */
+  /** The parameter that is supposed to contain the authenticated user name, possibly including
the AD domain */
   static final public String AUTHENTICATED_USER_NAME = "AuthenticatedUserName";
+  /** The parameter that is supposed to contain the MCF authorization domain, if any */
+  static final public String AUTHENTICATED_USER_DOMAIN = "AuthenticatedUserDomain";
+  /** If there are more than one user/domain, this prefix will allow us to get the users...
*/
+  static final public String AUTHENTICATED_USER_NAME_PREFIX = "AuthenticatedUserName_";
+  /** If there are more than one user/domain, this prefix will allow us to get the authorization
domains... */
+  static final public String AUTHENTICATED_USER_DOMAIN_PREFIX = "AuthenticatedUserDomain_";
+  
   /** This parameter is an array of strings, which contain the tokens to use if there is
no authenticated user name.
    * It's meant to work with mod_authz_annotate,
    * running under Apache */
@@ -127,7 +134,7 @@ public class ManifoldCFSearchComponent e
     
     // Log that we got here
     //LOG.info("prepare() entry params:\n" + params + "\ncontext: " + rb.req.getContext());
-		
+                
     String qry = (String)params.get(CommonParams.Q);
     if (qry != null)
     {
@@ -142,11 +149,36 @@ public class ManifoldCFSearchComponent e
 
     List<String> userAccessTokens;
     
+    // Map from domain to user
+    Map<String,String> domainMap = new HashMap<String,String>();
+      
     // Get the authenticated user name from the parameters
     String authenticatedUserName = params.get(AUTHENTICATED_USER_NAME);
-    
+    if (authenticatedUserName != null)
+    {
+      String authenticatedUserDomain = params.get(AUTHENTICATED_USER_DOMAIN);
+      if (authenticatedUserDomain == null)
+        authenticatedUserDomain = "";
+      domainMap.put(authenticatedUserDomain, authenticatedUserName);
+    }
+    else
+    {
+      // Look for user names/domains using the prefix
+      int i = 0;
+      while (true)
+      {
+        String userName = params.get(AUTHENTICATED_USER_NAME_PREFIX+i);
+        String domain = params.get(AUTHENTICATED_USER_DOMAIN+i);
+        if (userName == null)
+          break;
+        if (domain == null)
+          domain = "";
+        domainMap.put(domain,userName);
+      }
+    }
+      
     // If this parameter is empty or does not exist, we have to presume this is a guest,
and treat them accordingly
-    if (authenticatedUserName == null || authenticatedUserName.length() == 0)
+    if (domainMap.size() == 0)
     {
       // No authenticated user name.
       // mod_authz_annotate may be in use upstream, so look for tokens from it.
@@ -169,14 +201,25 @@ public class ManifoldCFSearchComponent e
     }
     else
     {
-      LOG.info("Trying to match docs for user '"+authenticatedUserName+"'");
+      StringBuilder sb = new StringBuilder("[");
+      boolean first = true;
+      for (String domain : domainMap.keySet())
+      {
+        if (!first)
+          sb.append(",");
+        else
+          first = false;
+        sb.append(domain).append(":").append(domainMap.get(domain));
+      }
+      sb.append("]");
+      LOG.info("Trying to match docs for user '"+sb.toString()+"'");
       // Valid authenticated user name.  Look up access tokens for the user.
       // Check the configuration arguments for validity
       if (authorityBaseURL == null)
       {
         throw new SolrException(SolrException.ErrorCode.SERVER_ERROR, "Error initializing
ManifoldCFSecurityFilter component: 'AuthorityServiceBaseURL' init parameter required");
       }
-      userAccessTokens = getAccessTokens(authenticatedUserName);
+      userAccessTokens = getAccessTokens(domainMap);
     }
 
     BooleanQuery bq = new BooleanQuery();
@@ -281,11 +324,27 @@ public class ManifoldCFSearchComponent e
   // Protected methods
   
   /** Get access tokens given a username */
-  protected List<String> getAccessTokens(String authenticatedUserName)
+  protected List<String> getAccessTokens(Map<String,String> domainMap)
     throws IOException
   {
     // We can make this more complicated later, with support for https etc., but this is
enough to demonstrate how it all should work.
-    String theURL = authorityBaseURL + "/UserACLs?username="+URLEncoder.encode(authenticatedUserName,"utf-8");
+    StringBuilder urlBuffer = new StringBuilder(authorityBaseURL);
+    urlBuffer.append("/UserACLs");
+    int i = 0;
+    for (String domain : domainMap.keySet())
+    {
+      if (i = 0)
+      {
+        urlBuffer.append("?");
+        first = false;
+      }
+      else
+        urlBuffer.append("&");
+      urlBuffer.append("username_").append(Integer.toString(i)).append("=").append(URLEncoder.encode(domainMap.get(domain),"utf-8")).append("&")
+        .append("domain_").append(Integer.toString(i)).append("=").append(URLEncoder.encode(domain,"utf-8"));
+      i++;
+    }
+    String theURL = urlBuffer.toString();
       
     GetMethod method = new GetMethod(theURL);
     try



Mime
View raw message