Index: src/main/java/com/xpn/xwiki/user/impl/LDAP/XWikiLDAPAuthServiceImpl.java
===================================================================
--- src/main/java/com/xpn/xwiki/user/impl/LDAP/XWikiLDAPAuthServiceImpl.java (revision 9570)
+++ src/main/java/com/xpn/xwiki/user/impl/LDAP/XWikiLDAPAuthServiceImpl.java (working copy)
@@ -123,6 +123,18 @@
}
/**
+ * @param name the name to convert.
+ * @return a valid XWiki user name:
+ *
+ */
+ private String getValidXWikiUserName(String name)
+ {
+ return name.replace(".", "");
+ }
+
+ /**
* Try LDAP login and return {@link Principal}.
*
* @param login the name of the user to log in.
@@ -142,7 +154,7 @@
// Clean login
// ////////////////////////////////////////////////////////////////////
- String userName = login;
+ String ldapUserName = login;
// strip possible "XWiki."
// ATTENTION: Possible incompatibility to before now user is NEVER located with
@@ -147,11 +159,13 @@
// strip possible "XWiki."
// ATTENTION: Possible incompatibility to before now user is NEVER located with
// "XWiki.username" in LDAP
- int i = userName.indexOf(XWIKI_SPACE_NAME_SEP);
+ int i = ldapUserName.indexOf(XWIKI_USER_SPACE + XWIKI_SPACE_NAME_SEP);
if (i != -1) {
- userName = userName.substring(i + 1);
+ ldapUserName = ldapUserName.substring(i + 1);
}
+ String validXWikiUserName = getValidXWikiUserName(ldapUserName);
+
// If we have the context then we are using direct mode then we should specify the database
// This is needed for virtual mode to work
@@ -167,7 +181,7 @@
// 1. Check for superadmin
// ////////////////////////////////////////////////////////////////////
- if (isSuperAdmin(userName)) {
+ if (isSuperAdmin(validXWikiUserName)) {
if (LOG.isDebugEnabled()) {
LOG.debug("Superadmin logged in.");
}
@@ -191,7 +205,7 @@
// 3. bind to LDAP => if failed try db
// ////////////////////////////////////////////////////////////////////
- if (!connector.open(userName, password, context)) {
+ if (!connector.open(ldapUserName, password, context)) {
throw new XWikiException(XWikiException.MODULE_XWIKI_USER,
XWikiException.ERROR_XWIKI_USER_INIT, "Bind to LDAP server failed.");
}
@@ -208,7 +222,7 @@
}
if (filterGroupDN.length() > 0) {
- userDN = ldapUtils.isUserInGroup(userName, filterGroupDN, context);
+ userDN = ldapUtils.isUserInGroup(ldapUserName, filterGroupDN, context);
if (userDN == null) {
throw new XWikiException(XWikiException.MODULE_XWIKI_USER,
@@ -214,7 +228,7 @@
throw new XWikiException(XWikiException.MODULE_XWIKI_USER,
XWikiException.ERROR_XWIKI_USER_INIT,
"LDAP user {0} does not belong to LDAP group {1}.", null, new Object[] {
- userName, filterGroupDN});
+ ldapUserName, filterGroupDN});
}
}
@@ -224,7 +238,7 @@
if (userDN == null) {
// get DN from existing XWiki user
- userDN = getUserDNFromXWiki(userName, context);
+ userDN = getUserDNFromXWiki(validXWikiUserName, context);
if (LOG.isDebugEnabled()) {
LOG.debug("Found user dn with the user object: " + userDN);
@@ -241,12 +255,12 @@
// search for the user in LDAP
String query =
- MessageFormat.format("({0}={1})", new Object[] {uidAttributeName, userName});
+ MessageFormat.format("({0}={1})", new Object[] {uidAttributeName, ldapUserName});
String baseDN = config.getLDAPParam("ldap_base_DN", "", context);
if (LOG.isDebugEnabled()) {
- LOG.debug("Searching for the user in LDAP: user:" + userName + " base:" + baseDN
- + " query:" + query + " uid:" + uidAttributeName);
+ LOG.debug("Searching for the user in LDAP: user:" + ldapUserName + " base:"
+ + baseDN + " query:" + query + " uid:" + uidAttributeName);
}
searchAttributes =
@@ -282,7 +296,7 @@
}
} else {
String bindDNFormat = config.getLDAPParam("ldap_bind_DN", "{0}", context);
- String bindDN = MessageFormat.format(bindDNFormat, new Object[] {userName});
+ String bindDN = MessageFormat.format(bindDNFormat, new Object[] {ldapUserName});
if (!userDN.equals(bindDN)) {
connector.getConnection().bind(LDAPConnection.LDAP_V3, userDN,
@@ -294,10 +308,11 @@
// 7. sync user
// ////////////////////////////////////////////////////////////////////
- boolean createuser = syncUser(userName, userDN, searchAttributes, ldapUtils, context);
+ boolean createuser =
+ syncUser(validXWikiUserName, userDN, searchAttributes, ldapUtils, context);
// from now on we can enter the application
- principal = getUserPrincipal(userName, context);
+ principal = getUserPrincipal(validXWikiUserName, context);
if (principal == null) {
throw new XWikiException(XWikiException.MODULE_XWIKI_USER,
XWikiException.ERROR_XWIKI_USER_INIT, "Could not create authenticated principal.");
@@ -307,7 +322,7 @@
// 8. sync groups membership
// ////////////////////////////////////////////////////////////////////
- syncGroupsMembership(userName, userDN, createuser, ldapUtils, context);
+ syncGroupsMembership(validXWikiUserName, userDN, createuser, ldapUtils, context);
return principal;
}
@@ -424,7 +439,7 @@
/**
* Synchronize user XWiki membership with it's LDAP membership.
*
- * @param userName the name of the user.
+ * @param xwikiUserName the name of the user.
* @param userDN the LDAP DN of the user.
* @param createuser indicate if the user is created or updated.
* @param ldapUtils the LDAP communication tool.
@@ -431,7 +446,7 @@
* @param context the XWiki context.
* @throws XWikiException error when synchronizing user membership.
*/
- protected void syncGroupsMembership(String userName, String userDN, boolean createuser,
+ protected void syncGroupsMembership(String xwikiUserName, String userDN, boolean createuser,
XWikiLDAPUtils ldapUtils, XWikiContext context) throws XWikiException
{
XWikiLDAPConfig config = XWikiLDAPConfig.getInstance();
@@ -447,7 +462,7 @@
if ((syncmode.equalsIgnoreCase("create") && createuser)
|| syncmode.equalsIgnoreCase("always")) {
- syncGroupsMembership(userName, userDN, groupMappings, ldapUtils, context);
+ syncGroupsMembership(xwikiUserName, userDN, groupMappings, ldapUtils, context);
/*
* This may not be necessary, but the group service does have a cache, and I've
@@ -463,7 +478,7 @@
/**
* Synchronize user XWiki membership with it's LDAP membership.
*
- * @param userName the name of the user.
+ * @param xwikiUserName the name of the user.
* @param userDN the LDAP DN of the user.
* @param groupMappings the mapping between XWiki groups names and LDAP groups names.
* @param ldapUtils the LDAP communication tool.
@@ -470,11 +485,11 @@
* @param context the XWiki context.
* @throws XWikiException error when synchronizing user membership.
*/
- protected void syncGroupsMembership(String userName, String userDN, Map groupMappings,
+ protected void syncGroupsMembership(String xwikiUserName, String userDN, Map groupMappings,
XWikiLDAPUtils ldapUtils, XWikiContext context) throws XWikiException
{
if (LOG.isDebugEnabled()) {
- LOG.debug("Updating group membership for the user: " + userName);
+ LOG.debug("Updating group membership for the user: " + xwikiUserName);
}
// ASSUMING the implementation still returns the actual list. In this case
@@ -481,8 +496,8 @@
// manipulations to the list are for real.
// get the list of groups the user already belongs to
Collection userGroups =
- context.getWiki().getGroupService(context).getAllGroupsNamesForMember(userName, 0, 0,
- context);
+ context.getWiki().getGroupService(context).getAllGroupsNamesForMember(xwikiUserName,
+ 0, 0, context);
if (LOG.isDebugEnabled()) {
LOG.debug("The user belongs to following XWiki groups: ");
@@ -521,7 +536,7 @@
Map groupMembers = ldapUtils.getGroupMembers(groupDN, context);
- syncGroupMembership(userName, userDN, xwikiGroupName, userGroups, groupMembers,
+ syncGroupMembership(xwikiUserName, userDN, xwikiGroupName, userGroups, groupMembers,
context);
}
}
@@ -529,7 +544,7 @@
/**
* Synchronize user XWiki membership with it's LDAP membership for provided group.
*
- * @param userName the name of the user.
+ * @param xwikiUserName the name of the user.
* @param userDN the LDAP DN of the user.
* @param xwikiGroupName the name of the XWiki group.
* @param userGroups the XWiki groups of user.
@@ -536,8 +551,8 @@
* @param groupMembers the members of LDAP group.
* @param context the XWiki context.
*/
- protected void syncGroupMembership(String userName, String userDN, String xwikiGroupName,
- Collection userGroups, Map groupMembers, XWikiContext context)
+ protected void syncGroupMembership(String xwikiUserName, String userDN,
+ String xwikiGroupName, Collection userGroups, Map groupMembers, XWikiContext context)
{
if (groupMembers.containsKey(userDN)) {
// add to group if not there
@@ -542,7 +557,7 @@
if (groupMembers.containsKey(userDN)) {
// add to group if not there
if (!userGroups.contains(xwikiGroupName)) {
- addUserToXWikiGroup(userName, xwikiGroupName, context);
+ addUserToXWikiGroup(xwikiUserName, xwikiGroupName, context);
}
} else {
// remove from group if there
@@ -547,11 +562,11 @@
} else {
// remove from group if there
if (userGroups.contains(xwikiGroupName)) {
- removeUserFromGroup(userName, xwikiGroupName, context);
+ removeUserFromGroup(xwikiUserName, xwikiGroupName, context);
if (LOG.isDebugEnabled()) {
LOG.debug("Finished removing xwiki group " + xwikiGroupName + " from user "
- + userName);
+ + xwikiUserName);
}
}
}
@@ -570,7 +585,7 @@
try {
if (LOG.isDebugEnabled()) {
LOG.debug(String.format("Adding user {0} to xwiki group {1}", new Object[] {
- userName, groupName}));
+ userName, groupName}));
}
String fullWikiUserName = XWIKI_USER_SPACE + XWIKI_SPACE_NAME_SEP + userName;
@@ -600,7 +615,7 @@
} catch (Exception e) {
LOG.error(String.format("Failed to add a user [{0}] to a group [{1}]", new Object[] {
- userName, groupName}), e);
+ userName, groupName}), e);
}
}
@@ -728,7 +743,7 @@
/**
* Create an XWiki user and set all mapped attributes from LDAP to XWiki attributes.
*
- * @param userName the XWiki user name.
+ * @param xwikiUserName the XWiki user name.
* @param searchAttributes the attributes.
* @param context the XWiki context.
* @throws XWikiException error when creating XWiki user.
@@ -733,8 +748,8 @@
* @param context the XWiki context.
* @throws XWikiException error when creating XWiki user.
*/
- protected void createUserFromLDAP(String userName, List searchAttributes, XWikiContext context)
- throws XWikiException
+ protected void createUserFromLDAP(String xwikiUserName, List searchAttributes,
+ XWikiContext context) throws XWikiException
{
XWikiLDAPConfig config = XWikiLDAPConfig.getInstance();
@@ -758,7 +773,7 @@
// Mark user active
map.put("active", "1");
- context.getWiki().createUser(userName, map, userClass.getName(),
+ context.getWiki().createUser(xwikiUserName, map, userClass.getName(),
"#includeForm(\"XWiki.XWikiUserTemplate\")", "edit", context);
}