com.atlassian.crowd.directory
Class DbCachingRemoteDirectory
java.lang.Object
com.atlassian.crowd.directory.DbCachingRemoteDirectory
- All Implemented Interfaces:
- RemoteDirectory, SynchronisableDirectory, Attributes
public class DbCachingRemoteDirectory
- extends Object
- implements RemoteDirectory, SynchronisableDirectory
A RemoteDirectory that provides LDAP and Crowd integration plus local storage in an internal directory
for LDAP user and group attributes, and local groups for LDAP and Crowd users with local caching of remote data.
The implementation delegates to an Remote directory for the "source of truth" and an internal directory for caching
and some special local storage.
All the attributes for the directory itself (e.g. base DN, other configuration options) are stored on
the directory instance.
Terminology used in this class:
- Remote user
- A user stored in the LDAP or Remote Crowd directory
- Remote group
- A group stored in the LDAP or Remote Crowd directory.
- Local group
- A group stored in the internal directory. There must
not be an Remote group with the same name for a local group to exist.
|
Method Summary |
Group |
addGroup(GroupTemplate group)
|
void |
addGroupToGroup(String childGroup,
String parentGroup)
|
User |
addUser(UserTemplate user,
PasswordCredential credential)
|
void |
addUserToGroup(String username,
String groupName)
|
User |
authenticate(String name,
PasswordCredential credential)
|
protected User |
authenticateAndUpdateInternalUser(String name,
PasswordCredential credential)
Authenticates user and ensures that internal directory contains the
authenticated user. |
BoundedCount |
countDirectMembersOfGroup(String groupName,
int querySizeHint)
|
void |
expireAllPasswords()
|
Group |
findGroupByName(String name)
|
GroupWithAttributes |
findGroupWithAttributesByName(String name)
|
User |
findUserByExternalId(String externalId)
|
User |
findUserByName(String name)
|
UserWithAttributes |
findUserWithAttributesByName(String name)
|
RemoteDirectory |
getAuthoritativeDirectory()
|
String |
getDescriptiveName()
|
long |
getDirectoryId()
|
Set<String> |
getKeys()
|
Iterable<Membership> |
getMemberships()
|
String |
getValue(String name)
|
Set<String> |
getValues(String name)
|
boolean |
isEmpty()
|
boolean |
isGroupDirectGroupMember(String childGroup,
String parentGroup)
|
boolean |
isRolesDisabled()
|
boolean |
isUserDirectGroupMember(String username,
String groupName)
|
void |
removeGroup(String name)
|
void |
removeGroupAttributes(String groupName,
String attributeName)
|
void |
removeGroupFromGroup(String childGroup,
String parentGroup)
|
void |
removeUser(String name)
|
void |
removeUserAttributes(String username,
String attributeName)
|
void |
removeUserFromGroup(String username,
String groupName)
|
Group |
renameGroup(String oldName,
String newName)
|
User |
renameUser(String oldName,
String newName)
|
|
searchGroupRelationships(MembershipQuery<T> query)
|
|
searchGroups(EntityQuery<T> query)
|
|
searchUsers(EntityQuery<T> query)
|
void |
setAttributes(Map<String,String> attributes)
|
void |
setDirectoryId(long directoryId)
|
void |
storeGroupAttributes(String groupName,
Map<String,Set<String>> attributes)
|
void |
storeUserAttributes(String username,
Map<String,Set<String>> attributes)
|
boolean |
supportsInactiveAccounts()
This implementation will store the active flag locally in the internal directory if local user status is enabled
and if the active flag cannot be persisted on the underlying remote directory. |
boolean |
supportsNestedGroups()
|
boolean |
supportsPasswordExpiration()
|
boolean |
supportsSettingEncryptedCredential()
|
void |
synchroniseCache(SynchronisationMode mode,
SynchronisationStatusManager synchronisationStatusManager)
|
void |
testConnection()
|
Group |
updateGroup(GroupTemplate group)
|
protected void |
updateGroupsMembershipOnLogin(User user)
|
User |
updateUser(UserTemplate user)
|
protected User |
updateUserAndSetActiveFlag(User remoteUser,
User internalUser)
|
void |
updateUserCredential(String username,
PasswordCredential credential)
|
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
INTERNAL_USER_PASSWORD
public static final String INTERNAL_USER_PASSWORD
- See Also:
- Constant Field Values
DbCachingRemoteDirectory
public DbCachingRemoteDirectory(RemoteDirectory remoteDirectory,
InternalRemoteDirectory internalDirectory,
DirectoryCacheFactory directoryCacheFactory,
CqlQueryParser cqlQueryParser)
getDirectoryId
public long getDirectoryId()
- Specified by:
getDirectoryId in interface RemoteDirectory
setDirectoryId
public void setDirectoryId(long directoryId)
- Specified by:
setDirectoryId in interface RemoteDirectory
getDescriptiveName
public String getDescriptiveName()
- Specified by:
getDescriptiveName in interface RemoteDirectory
setAttributes
public void setAttributes(Map<String,String> attributes)
- Specified by:
setAttributes in interface RemoteDirectory
findUserByName
public User findUserByName(String name)
throws UserNotFoundException,
OperationFailedException
- Specified by:
findUserByName in interface RemoteDirectory
- Throws:
UserNotFoundException
OperationFailedException
findUserWithAttributesByName
public UserWithAttributes findUserWithAttributesByName(String name)
throws UserNotFoundException,
OperationFailedException
- Specified by:
findUserWithAttributesByName in interface RemoteDirectory
- Throws:
UserNotFoundException
OperationFailedException
findUserByExternalId
public User findUserByExternalId(String externalId)
throws UserNotFoundException,
OperationFailedException
- Specified by:
findUserByExternalId in interface RemoteDirectory
- Throws:
UserNotFoundException
OperationFailedException
authenticate
public User authenticate(String name,
PasswordCredential credential)
throws UserNotFoundException,
InactiveAccountException,
InvalidAuthenticationException,
ExpiredCredentialException,
OperationFailedException
- Specified by:
authenticate in interface RemoteDirectory
- Throws:
UserNotFoundException
InactiveAccountException
InvalidAuthenticationException
ExpiredCredentialException
OperationFailedException
getMemberships
public Iterable<Membership> getMemberships()
throws OperationFailedException
- Specified by:
getMemberships in interface RemoteDirectory
- Throws:
OperationFailedException
authenticateAndUpdateInternalUser
protected User authenticateAndUpdateInternalUser(String name,
PasswordCredential credential)
throws UserNotFoundException,
InactiveAccountException,
InvalidAuthenticationException,
ExpiredCredentialException,
OperationFailedException
- Authenticates user and ensures that internal directory contains the
authenticated user.
Updates user data (including groups membership) if the user exists in the internal directory. Renames user if necessary.
If user does not exists tries to add the user and the user's memberships in the internal
directory.
User might not exist in the internal directory yet because the user was
added after the latest synchronisation. This happens for example when
the remote directory uses delegated authentication, and creates users on
successful authentication.
- Parameters:
name - of the usercredential - credential of the user
- Returns:
- The populated user if the authentication is valid.
- Throws:
UserNotFoundException - if the user does not exist
ExpiredCredentialException - if the password has expired and the user is required to change their password
InactiveAccountException - if the user account is not active
InvalidAuthenticationException - if the user name/password combination is invalid
OperationFailedException - if the operation failed for any other reason
updateUserAndSetActiveFlag
protected User updateUserAndSetActiveFlag(User remoteUser,
User internalUser)
throws UserNotFoundException,
InvalidUserException,
OperationFailedException
- Throws:
UserNotFoundException
InvalidUserException
OperationFailedException
updateGroupsMembershipOnLogin
protected void updateGroupsMembershipOnLogin(User user)
throws OperationFailedException,
UserNotFoundException
- Throws:
OperationFailedException
UserNotFoundException
addUser
public User addUser(UserTemplate user,
PasswordCredential credential)
throws InvalidUserException,
InvalidCredentialException,
UserAlreadyExistsException,
OperationFailedException
- Specified by:
addUser in interface RemoteDirectory
- Throws:
InvalidUserException
InvalidCredentialException
UserAlreadyExistsException
OperationFailedException
updateUser
public User updateUser(UserTemplate user)
throws InvalidUserException,
UserNotFoundException,
OperationFailedException
- Specified by:
updateUser in interface RemoteDirectory
- Throws:
InvalidUserException
UserNotFoundException
OperationFailedException
updateUserCredential
public void updateUserCredential(String username,
PasswordCredential credential)
throws UserNotFoundException,
InvalidCredentialException,
OperationFailedException
- Specified by:
updateUserCredential in interface RemoteDirectory
- Throws:
UserNotFoundException
InvalidCredentialException
OperationFailedException
renameUser
public User renameUser(String oldName,
String newName)
throws UserNotFoundException,
InvalidUserException,
OperationFailedException,
UserAlreadyExistsException
- Specified by:
renameUser in interface RemoteDirectory
- Throws:
UserNotFoundException
InvalidUserException
OperationFailedException
UserAlreadyExistsException
storeUserAttributes
public void storeUserAttributes(String username,
Map<String,Set<String>> attributes)
throws UserNotFoundException,
OperationFailedException
- Specified by:
storeUserAttributes in interface RemoteDirectory
- Throws:
UserNotFoundException
OperationFailedException
removeUserAttributes
public void removeUserAttributes(String username,
String attributeName)
throws UserNotFoundException,
OperationFailedException
- Specified by:
removeUserAttributes in interface RemoteDirectory
- Throws:
UserNotFoundException
OperationFailedException
removeUser
public void removeUser(String name)
throws UserNotFoundException,
OperationFailedException
- Specified by:
removeUser in interface RemoteDirectory
- Throws:
UserNotFoundException
OperationFailedException
searchUsers
public <T> List<T> searchUsers(EntityQuery<T> query)
throws OperationFailedException
- Specified by:
searchUsers in interface RemoteDirectory
- Throws:
OperationFailedException
findGroupByName
public Group findGroupByName(String name)
throws GroupNotFoundException,
OperationFailedException
- Specified by:
findGroupByName in interface RemoteDirectory
- Throws:
GroupNotFoundException
OperationFailedException
findGroupWithAttributesByName
public GroupWithAttributes findGroupWithAttributesByName(String name)
throws GroupNotFoundException,
OperationFailedException
- Specified by:
findGroupWithAttributesByName in interface RemoteDirectory
- Throws:
GroupNotFoundException
OperationFailedException
addGroup
public Group addGroup(GroupTemplate group)
throws InvalidGroupException,
OperationFailedException
- Specified by:
addGroup in interface RemoteDirectory
- Throws:
InvalidGroupException
OperationFailedException
updateGroup
public Group updateGroup(GroupTemplate group)
throws InvalidGroupException,
GroupNotFoundException,
OperationFailedException,
ReadOnlyGroupException
- Specified by:
updateGroup in interface RemoteDirectory
- Throws:
InvalidGroupException
GroupNotFoundException
OperationFailedException
ReadOnlyGroupException
renameGroup
public Group renameGroup(String oldName,
String newName)
throws GroupNotFoundException,
InvalidGroupException
- Specified by:
renameGroup in interface RemoteDirectory
- Throws:
GroupNotFoundException
InvalidGroupException
storeGroupAttributes
public void storeGroupAttributes(String groupName,
Map<String,Set<String>> attributes)
throws GroupNotFoundException,
OperationFailedException
- Specified by:
storeGroupAttributes in interface RemoteDirectory
- Throws:
GroupNotFoundException
OperationFailedException
removeGroupAttributes
public void removeGroupAttributes(String groupName,
String attributeName)
throws GroupNotFoundException,
OperationFailedException
- Specified by:
removeGroupAttributes in interface RemoteDirectory
- Throws:
GroupNotFoundException
OperationFailedException
removeGroup
public void removeGroup(String name)
throws GroupNotFoundException,
OperationFailedException,
ReadOnlyGroupException
- Specified by:
removeGroup in interface RemoteDirectory
- Throws:
GroupNotFoundException
OperationFailedException
ReadOnlyGroupException
searchGroups
public <T> List<T> searchGroups(EntityQuery<T> query)
throws OperationFailedException
- Specified by:
searchGroups in interface RemoteDirectory
- Throws:
OperationFailedException
isUserDirectGroupMember
public boolean isUserDirectGroupMember(String username,
String groupName)
throws OperationFailedException
- Specified by:
isUserDirectGroupMember in interface RemoteDirectory
- Throws:
OperationFailedException
isGroupDirectGroupMember
public boolean isGroupDirectGroupMember(String childGroup,
String parentGroup)
throws OperationFailedException
- Specified by:
isGroupDirectGroupMember in interface RemoteDirectory
- Throws:
OperationFailedException
countDirectMembersOfGroup
public BoundedCount countDirectMembersOfGroup(String groupName,
int querySizeHint)
throws OperationFailedException
- Specified by:
countDirectMembersOfGroup in interface RemoteDirectory
- Throws:
OperationFailedException
addUserToGroup
public void addUserToGroup(String username,
String groupName)
throws GroupNotFoundException,
UserNotFoundException,
OperationFailedException,
ReadOnlyGroupException,
MembershipAlreadyExistsException
- Specified by:
addUserToGroup in interface RemoteDirectory
- Throws:
GroupNotFoundException
UserNotFoundException
OperationFailedException
ReadOnlyGroupException
MembershipAlreadyExistsException
addGroupToGroup
public void addGroupToGroup(String childGroup,
String parentGroup)
throws GroupNotFoundException,
InvalidMembershipException,
OperationFailedException,
ReadOnlyGroupException,
MembershipAlreadyExistsException
- Specified by:
addGroupToGroup in interface RemoteDirectory
- Throws:
GroupNotFoundException
InvalidMembershipException
OperationFailedException
ReadOnlyGroupException
MembershipAlreadyExistsException
removeUserFromGroup
public void removeUserFromGroup(String username,
String groupName)
throws GroupNotFoundException,
UserNotFoundException,
MembershipNotFoundException,
OperationFailedException,
ReadOnlyGroupException
- Specified by:
removeUserFromGroup in interface RemoteDirectory
- Throws:
GroupNotFoundException
UserNotFoundException
MembershipNotFoundException
OperationFailedException
ReadOnlyGroupException
removeGroupFromGroup
public void removeGroupFromGroup(String childGroup,
String parentGroup)
throws GroupNotFoundException,
InvalidMembershipException,
MembershipNotFoundException,
OperationFailedException,
ReadOnlyGroupException
- Specified by:
removeGroupFromGroup in interface RemoteDirectory
- Throws:
GroupNotFoundException
InvalidMembershipException
MembershipNotFoundException
OperationFailedException
ReadOnlyGroupException
searchGroupRelationships
public <T> List<T> searchGroupRelationships(MembershipQuery<T> query)
throws OperationFailedException
- Specified by:
searchGroupRelationships in interface RemoteDirectory
- Throws:
OperationFailedException
testConnection
public void testConnection()
throws OperationFailedException
- Specified by:
testConnection in interface RemoteDirectory
- Throws:
OperationFailedException
supportsInactiveAccounts
public boolean supportsInactiveAccounts()
- This implementation will store the active flag locally in the internal directory if local user status is enabled
and if the active flag cannot be persisted on the underlying remote directory.
- Specified by:
supportsInactiveAccounts in interface RemoteDirectory
- Returns:
- true if the internal directory supports inactive accounts (which it should always do).
supportsNestedGroups
public boolean supportsNestedGroups()
- Specified by:
supportsNestedGroups in interface RemoteDirectory
supportsPasswordExpiration
public boolean supportsPasswordExpiration()
- Specified by:
supportsPasswordExpiration in interface RemoteDirectory
supportsSettingEncryptedCredential
public boolean supportsSettingEncryptedCredential()
- Specified by:
supportsSettingEncryptedCredential in interface RemoteDirectory
isRolesDisabled
public boolean isRolesDisabled()
- Specified by:
isRolesDisabled in interface RemoteDirectory
getValues
public Set<String> getValues(String name)
- Specified by:
getValues in interface Attributes
getValue
public String getValue(String name)
- Specified by:
getValue in interface Attributes
isEmpty
public boolean isEmpty()
- Specified by:
isEmpty in interface Attributes
getKeys
public Set<String> getKeys()
- Specified by:
getKeys in interface Attributes
synchroniseCache
public void synchroniseCache(SynchronisationMode mode,
SynchronisationStatusManager synchronisationStatusManager)
throws OperationFailedException
- Specified by:
synchroniseCache in interface SynchronisableDirectory
- Throws:
OperationFailedException
getAuthoritativeDirectory
public RemoteDirectory getAuthoritativeDirectory()
- Specified by:
getAuthoritativeDirectory in interface RemoteDirectory
expireAllPasswords
public void expireAllPasswords()
throws OperationFailedException
- Specified by:
expireAllPasswords in interface RemoteDirectory
- Throws:
OperationFailedException
Copyright © 2016 Atlassian. All Rights Reserved.