LDAP
Uwiki
1.LDAP Interlocked
2.Organization model with LDAP directory
3.Organization-Chart Strategy Pattern – Members
4.Organization-Chart Strategy Pattern – discover actual mapping
5.RoleMapping
package com.nongsim.organization;
import org.apache.log4j.Logger;
import org.uengine.kernel.GlobalContext;
import org.uengine.kernel.ProcessInstance;
import org.uengine.kernel.RoleMapping;
import org.uengine.kernel.UEngineException;
import com.nongshim.ldap.LDAPSearch;
import com.nongshim.ldap.LDAPUserInfo;
public class MDMRoleMapping extends RoleMapping {
private static final long serialVersionUID = GlobalContext.SERIALIZATION_UID;
public void fill(ProcessInstance instance) throws Exception {
if (GlobalContext.isDesignTime())
return;
LDAPSearch ldapSearch = LDAPSearch.getInstance();
ldapSearch.connect();
LDAPUserInfo ldapUserInfo = ldapSearch.getUserInfo(getEndpoint());
if (ldapUserInfo != null) {
setResourceName(ldapUserInfo.getUserName()); // 실제이름
setEmailAddress(ldapUserInfo.getEmail()); // 이메일
// setTitle(JIKNAME); //직책
// setGroupId(PARTCODE); //그룹id - 반드시 필요한건 아님
// setGroupName(PARTNAME); //그룹이름 - 반드시 필요한건 아님
// setExtendedProperty("password", PASSWORD); //패스워드 - 반드시 필요한건 아님
setLocale("ko");
setUserPortrait(GlobalContext.WEB_CONTEXT_ROOT + "/images/portrait/" + getEndpoint() + ".gif");
} else
new UEngineException("There's no such user [" + getEndpoint() + "]");
}
}
6.RoleResolutionContext
package com.nongsim.organization;
import org.apache.log4j.Logger;
import java.util.ArrayList;
import java.util.Map;
import org.metaworks.FieldDescriptor;
import org.metaworks.Type;
import org.metaworks.inputter.RadioInput;
import org.metaworks.inputter.SelectInput;
import org.uengine.kernel.GlobalContext;
import org.uengine.kernel.ProcessDefinition;
import org.uengine.kernel.ProcessInstance;
import org.uengine.kernel.RoleMapping;
import org.uengine.kernel.RoleResolutionContext;
import org.uengine.ui.XMLValueInput;
import org.uengine.util.UEngineUtil;
import com.nongshim.MDMGlobalContext;
import com.nongshim.ldap.LDAPSearch;
public class MDMRoleResolutionContext extends RoleResolutionContext {
private static final long serialVersionUID = GlobalContext.SERIALIZATION_UID;
private static final String[] CONTROL_LEVEL_LIST_SELECTIONS = new String[] { "Global", "Region", "Company", "Plant" };
public static final Object[] CONTROL_LEVEL_LIST_VALUES = new String[] { "G", "R", "C", "P" };
public static void metaworksCallback_changeMetadata(Type type) {
FieldDescriptor fd;
type.removeFieldDescriptor("Name");
fd = type.getFieldDescriptor("ControlLevel");
fd.setInputter(new RadioInput(CONTROL_LEVEL_LIST_SELECTIONS, CONTROL_LEVEL_LIST_VALUES));
fd = type.getFieldDescriptor("FunctionRole");
fd.setInputter(new SelectInput(new String[] { "표준화", "제품-구매", "제품-생산", "제품-영업", "제품-SCM", "제품-해외영업", "제품-회계원가", "원자재-구매" }));
// XML 변경시
// fd.setInputter(new XMLValueInput("/mdm_user_manager/functionRole.jsp"));
}
public String getName() {
return "MDM RoleMapping";
}
String controlLevel;
public String getControlLevel() {
return controlLevel;
}
public void setControlLevel(String controlLevel) {
this.controlLevel = controlLevel;
}
String functionRole;
public String getFunctionRole() {
return functionRole;
}
public void setFunctionRole(String functionRole) {
this.functionRole = functionRole;
}
@Override
public RoleMapping getActualMapping(ProcessDefinition pd, ProcessInstance instance, String tracingTag, Map options) throws Exception {
String regionId = (String) instance.get("", MDMGlobalContext.REGION);
String companyId = (String) instance.get("", MDMGlobalContext.COMPANY);
String plantId = (String) instance.get("", MDMGlobalContext.PLANT);
ArrayList userList = null;
LDAPSearch ldapSearch = LDAPSearch.getInstance();
ldapSearch.connect();
String ou = null;
if (CONTROL_LEVEL_LIST_VALUES[0].equals(getControlLevel())) {
ou = "ou=G.global";
userList = ldapSearch.getRoleUserList(ou, "cn=" + getFunctionRole());
} else if (CONTROL_LEVEL_LIST_VALUES[1].equals(getControlLevel())) {
if (UEngineUtil.isNotEmpty(regionId)) {
ou = "ou=" + regionId + "," + "ou=R.region";
userList = ldapSearch.getRoleUserList(ou, "cn=" + getFunctionRole());
}
} else if (CONTROL_LEVEL_LIST_VALUES[2].equals(getControlLevel())) {
if (UEngineUtil.isNotEmpty(companyId)) {
ou = "ou=" + companyId + "," + "ou=C.company";
userList = ldapSearch.getRoleUserList(ou, "cn=" + getFunctionRole());
}
} else if (CONTROL_LEVEL_LIST_VALUES[3].equals(getControlLevel())) {
if (UEngineUtil.isNotEmpty(plantId)) {
ou = "ou=" + plantId + "," + "ou=P.plant";
userList = ldapSearch.getRoleUserList(ou, "cn=" + getFunctionRole());
}
}
RoleMapping roleMapping = RoleMapping.create();
if (userList != null) {
for (int i = 0; i < userList.size(); i++) {
String uid = (String) userList.get(i);
roleMapping.setEndpoint(uid);
roleMapping.moveToAdd();
}
}
return roleMapping;
}
@Override
public String getDisplayName() {
StringBuffer sb = new StringBuffer();
if (getControlLevel() != null && getFunctionRole() != null)
sb.append("Control Level = \"" + getControlLevel() + "\", Function Role = \"" + getFunctionRole() + "\" 인 사람");
return sb.toString();
}
}
7.LDAP Search API & Model
package com.nongshim.ldap;
import org.apache.log4j.Logger;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import java.util.Vector;
import javax.naming.*;
import javax.naming.directory.*;
import org.uengine.util.UEngineUtil;
import com.nongshim.MDMGlobalContext;
public class LDAPSearch {
/**
* Logger for this class
*/
private static final Logger logger = Logger.getLogger(LDAPSearch.class);
private LDAPSearch() {
}
private static class LDAPSearchSingletonHolder {
/**
* Logger for this class
*/
private static final Logger logger = Logger.getLogger(LDAPSearchSingletonHolder.class);
static LDAPSearch instance = new LDAPSearch();
}
public static LDAPSearch getInstance() {
return LDAPSearchSingletonHolder.instance;
}
private DirContext dirCtx = null;
private static final String MDM_ROLE_DN = "ou=wf_role_mdm,o=nongshim";
private static final String MDM_FUNCTION_ROLE_LIST_DN = "ou=MDM.role_master,ou=wf_role_mdm,o=nongshim";
private static final String PEOPLE_DN = "ou=people,o=nongshim";
public void connect() {
connect(null, null, null);
}
public void connect(String url, String id, String pass) {
if (logger.isDebugEnabled()) {
logger.debug("connect(String, String, String) - start");
}
url = UEngineUtil.isNotEmpty(url) ? url : MDMGlobalContext.LDAP_URL;
id = UEngineUtil.isNotEmpty(id) ? id : MDMGlobalContext.LDAP_ID;
pass = UEngineUtil.isNotEmpty(pass) ? pass : MDMGlobalContext.LDAP_PASS;
Hashtable env = new Hashtable(5, 0.75f);
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, url);
env.put(Context.URL_PKG_PREFIXES, "com.sun.jndi.url");
env.put(Context.REFERRAL, "ignore");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, id);
env.put(Context.SECURITY_CREDENTIALS, pass);
try {
dirCtx = new InitialDirContext(env);
} catch (NamingException e) {
logger.error("connect(String, String, String)", e);
e.printStackTrace();
}
if (logger.isDebugEnabled()) {
logger.debug("connect(String, String, String) - end");
}
}
public ArrayList getFunctionRoleList() {
final String[] ATTRIDS = { "cn", "uniquemember" };
ArrayList functionRoleList = new ArrayList();
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
if (ATTRIDS != null)
constraints.setReturningAttributes(ATTRIDS);
String filter = "(cn=*)";
try {
NamingEnumeration m_ne = dirCtx.search(MDM_FUNCTION_ROLE_LIST_DN, filter, constraints);
while (m_ne.hasMore()) {
SearchResult searchResult = (SearchResult) m_ne.next();
Attributes attributes = searchResult.getAttributes();
Attribute attr_cn = attributes.get(ATTRIDS[0]);
String cn = (String) attr_cn.get();
functionRoleList.add(cn);
}
} catch (NamingException e) {
e.printStackTrace();
}
return functionRoleList;
}
private ArrayList getGroupUserList(String uniqueMemberDN) {
final String[] ATTRIDS = { "cn", "uniquemember" };
ArrayList userList = new ArrayList();
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.OBJECT_SCOPE);
if (ATTRIDS != null)
constraints.setReturningAttributes(ATTRIDS);
String filter = "(cn=*)";
try {
NamingEnumeration m_ne = dirCtx.search(uniqueMemberDN, filter, constraints);
while (m_ne.hasMoreElements()) {
SearchResult searchResult = (SearchResult) m_ne.nextElement();
Attributes attributes = searchResult.getAttributes();
Attribute attr_uniquemember = attributes.get(ATTRIDS[1]);
NamingEnumeration attrUniquemembeNamingEnumeration = attr_uniquemember.getAll();
while (attrUniquemembeNamingEnumeration.hasMoreElements()) {
String uniqueMember = (String) attrUniquemembeNamingEnumeration.nextElement();
String tempUniqueMember = uniqueMember;
tempUniqueMember = tempUniqueMember.substring(0, tempUniqueMember.indexOf(","));
tempUniqueMember = tempUniqueMember.substring(tempUniqueMember.indexOf("=") + 1);
userList.add(tempUniqueMember);
}
}
} catch (NamingException e) {
e.printStackTrace();
}
return userList;
}
public ArrayList getRoleUserList(String controlLevel, String functionRole) {
if (logger.isDebugEnabled()) {
logger.debug("getRoleUserList(String, String) - start");
}
final String[] ATTRIDS = { "cn", "uniquemember" };
ArrayList userList = new ArrayList();
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
if (ATTRIDS != null)
constraints.setReturningAttributes(ATTRIDS);
String filter = "(cn=*)";
try {
NamingEnumeration m_ne = dirCtx.search(functionRole + "," + controlLevel + "," + MDM_ROLE_DN, filter, constraints);
while (m_ne.hasMoreElements()) {
SearchResult searchResult = (SearchResult) m_ne.nextElement();
Attributes attributes = searchResult.getAttributes();
Attribute attr_uniquemember = attributes.get(ATTRIDS[1]);
NamingEnumeration attrUniquemembeNamingEnumeration = attr_uniquemember.getAll();
while (attrUniquemembeNamingEnumeration.hasMoreElements()) {
String uniqueMemberDN = (String) attrUniquemembeNamingEnumeration.nextElement();
String tempUniqueMember = uniqueMemberDN;
tempUniqueMember = tempUniqueMember.substring(0, tempUniqueMember.indexOf(","));
String uniqueMemberType = tempUniqueMember.substring(0, tempUniqueMember.indexOf("=")).toLowerCase();
if ("cn".equals(uniqueMemberType)) {
ArrayList groupUserList = getGroupUserList(uniqueMemberDN);
for (int i = 0; i < groupUserList.size(); i++) {
String user = (String) groupUserList.get(i);
userList.add(user);
}
} else if ("uid".equals(uniqueMemberType)) {
tempUniqueMember = tempUniqueMember.substring(tempUniqueMember.indexOf("=") + 1);
userList.add(tempUniqueMember);
}
}
// 임시
// SearchResult searchResult = (SearchResult) m_ne.nextElement();
// Attributes attributes = searchResult.getAttributes();
// Attribute attr_uniquemember = attributes.get(ATTRIDS[1]);
// Object uniqueMemberObject = (Object) attr_uniquemember.get();
//
// if (uniqueMemberObject instanceof String) {
// String uniqueMember = (String) uniqueMemberObject;
// uniqueMember = uniqueMember.substring(0, uniqueMember.indexOf(","));
// uniqueMember = uniqueMember.substring(uniqueMember.indexOf("=") + 1);
//
// userList.add(uniqueMember);
//
// } else if (uniqueMemberObject instanceof Vector) {
// Vector uniqueMembers = (Vector) uniqueMemberObject;
//
// for (int i = 0; i < uniqueMembers.size(); i++) {
// String uniqueMember = (String) uniqueMembers.get(i);
// uniqueMember = uniqueMember.substring(0, uniqueMember.indexOf(","));
// uniqueMember = uniqueMember.substring(uniqueMember.indexOf("=") + 1);
//
// userList.add(uniqueMember);
// }
// }
}
//중복된 유저를 삭제 합니다.
HashMap userListMap = new HashMap();
ArrayList _userList = new ArrayList();
for (int i = 0; i < userList.size(); i++) {
String endpoint = (String) userList.get(i);
userListMap.put(endpoint, endpoint);
}
Set set = userListMap.entrySet();
Iterator itr = set.iterator();
Set clonedSet = new HashSet();
clonedSet.addAll(userListMap.keySet());
Iterator keyIter = clonedSet.iterator();
while (keyIter.hasNext()) {
String key = (String) keyIter.next();
_userList.add(key);
}
return _userList;
} catch (NamingException e) {
logger.error("getRoleUserList(String, String)", e);
e.printStackTrace();
}
if (logger.isDebugEnabled()) {
logger.debug("getRoleUserList(String, String) - end");
}
return null;
}
public LDAPUserInfo getUserInfo(String requestUserId) {
if (logger.isDebugEnabled()) {
logger.debug("getUserInfo(String) - start");
}
LDAPUserInfo ldapUserInfo = new LDAPUserInfo();
final String[] ATTRIDS = { "uid", "cn", "mail" };
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
if (ATTRIDS != null)
constraints.setReturningAttributes(ATTRIDS);
String filter = "(uid=" + requestUserId + ")";
try {
NamingEnumeration m_ne = dirCtx.search(PEOPLE_DN, filter, constraints);
while (m_ne.hasMore()) {
SearchResult searchResult = (SearchResult) m_ne.next();
Attributes attributes = searchResult.getAttributes();
Attribute attr_uid = attributes.get(ATTRIDS[0]);
Attribute attr_userName = attributes.get(ATTRIDS[1]);
Attribute attr_email = attributes.get(ATTRIDS[2]);
String uid = (String) attr_uid.get();
String email = (String) attr_email.get();
String userName = (String) attr_userName.get();
ldapUserInfo.setUid(uid);
ldapUserInfo.setEmail(email);
ldapUserInfo.setUserName(userName);
}
} catch (NamingException e) {
logger.error("getUserInfo(String)", e);
e.printStackTrace();
}
if (logger.isDebugEnabled()) {
logger.debug("getUserInfo(String) - end");
}
return ldapUserInfo;
}
public static void main(String args[]) {
if (logger.isDebugEnabled()) {
logger.debug("main(String[]) - start");
}
ArrayList userList = null;
LDAPSearch ldapSearch = LDAPSearch.getInstance();
ldapSearch.connect();
String ou = null;
ou = "ou=" + "KO" + "," + "ou=R.region";
userList = ldapSearch.getRoleUserList(ou, "cn=" + "11.표준화");
// ou = "ou=G.global";
// userList = ldapSearch.getRoleUserList(ou, "cn=" + "62.\\ED\\91\\9C\\EC\\A4\\80\\ED\\99\\94 \\EB\\B3\\80\\EA\\B2\\BD \\EC\\A0\\81\\EC\\9A\\A9");
for (int i = 0; i < userList.size(); i++) {
String user = (String) userList.get(i);
System.out.println(user);
}
if (logger.isDebugEnabled()) {
logger.debug("main(String[]) - end");
}
}
}
package com.nongshim.ldap;
public class LDAPUserInfo {
private String uid;
private String email;
private String userName;
public String getUid() {
return uid;
}
public void setUid(String uid) {
this.uid = uid;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
}
