diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/base/PrivilegeConstants.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/base/PrivilegeConstants.java index d81971076..fc204ad55 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/base/PrivilegeConstants.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/base/PrivilegeConstants.java @@ -10,7 +10,8 @@ public class PrivilegeConstants { public static final String REALM = "realm"; public static final String LOCATION = "location"; - public static final String DEFAULT_LOCATION = "defaultLocation"; + public static final String PRIMARY_LOCATION = "primaryLocation"; + public static final String SECONDARY_LOCATIONS = "secondaryLocations"; public static final String ROLES = "roles"; public static final String EMAIL = "email"; } diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/BaseLdapPrivilegeHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/BaseLdapPrivilegeHandler.java index fe826d294..8ed731d6f 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/BaseLdapPrivilegeHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/BaseLdapPrivilegeHandler.java @@ -121,7 +121,7 @@ public abstract class BaseLdapPrivilegeHandler extends DefaultPrivilegeHandler { } } - protected User buildUserFromSearchResult(String username, SearchResult sr) throws NamingException { + protected User buildUserFromSearchResult(String username, SearchResult sr) throws Exception { Attributes attrs = sr.getAttributes(); validateLdapUsername(username, attrs); @@ -143,7 +143,7 @@ public abstract class BaseLdapPrivilegeHandler extends DefaultPrivilegeHandler { } protected abstract Map buildProperties(String username, Attributes attrs, Set ldapGroups, - Set strolchRoles) throws NamingException; + Set strolchRoles) throws Exception; protected void validateLdapUsername(String username, Attributes attrs) throws NamingException { Attribute sAMAccountName = attrs.get("sAMAccountName"); diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/JsonConfigLdapPrivilegeHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/JsonConfigLdapPrivilegeHandler.java index 2c317d9e9..7f2b1c4a1 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/JsonConfigLdapPrivilegeHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/JsonConfigLdapPrivilegeHandler.java @@ -151,27 +151,39 @@ public class JsonConfigLdapPrivilegeHandler extends BaseLdapPrivilegeHandler { @Override protected Map buildProperties(String username, Attributes attrs, Set ldapGroups, - Set strolchRoles) throws NamingException { + Set strolchRoles) { - String defaultLocation = ""; + String primaryLocation = ""; + String secondaryLocations = ""; Set locations = new HashSet<>(); for (String ldapGroup : ldapGroups) { JsonObject mappingJ = this.ldapGroupConfigs.get(ldapGroup).getAsJsonObject(); mappingJ.get(LOCATION).getAsJsonArray().forEach(e -> locations.add(e.getAsString())); - JsonElement defaultLocationJ = mappingJ.get(DEFAULT_LOCATION); - if (defaultLocationJ != null && !defaultLocationJ.isJsonNull()) { - if (!defaultLocation.isEmpty()) - logger.warn("Default location already set by previous LDAP Group config, overriding for LDAP Group " + + JsonElement primaryLocationJ = mappingJ.get(PRIMARY_LOCATION); + if (primaryLocationJ != null && !primaryLocationJ.isJsonNull()) { + if (!primaryLocation.isEmpty()) + logger.warn("Primary location already set by previous LDAP Group config, overriding for LDAP Group " + ldapGroup); - defaultLocation = defaultLocationJ.getAsString(); + primaryLocation = primaryLocationJ.getAsString(); + } + + JsonElement secondaryLocationsJ = mappingJ.get(SECONDARY_LOCATIONS); + if (secondaryLocationsJ != null && !secondaryLocationsJ.isJsonNull()) { + if (!secondaryLocations.isEmpty()) + logger.warn( + "Secondary locations already set by previous LDAP Group config, overriding for LDAP Group " + + ldapGroup); + secondaryLocations = secondaryLocationsJ.getAsString(); } } Map properties = new HashMap<>(); properties.put(REALM, this.realm); properties.put(LOCATION, join(",", locations)); - properties.put(DEFAULT_LOCATION, defaultLocation); + properties.put(PRIMARY_LOCATION, primaryLocation); + properties.put(SECONDARY_LOCATIONS, secondaryLocations); return properties; } }