From 47468774b6b87c67d8ba98e52bfece04d6d48d1a Mon Sep 17 00:00:00 2001 From: Anton Tananaev Date: Tue, 29 Dec 2020 11:11:13 -0800 Subject: Migrate LDAP configuration --- .../org/traccar/api/resource/UserResource.java | 5 +- src/main/java/org/traccar/config/Config.java | 2 +- src/main/java/org/traccar/config/Keys.java | 88 ++++++++++++++++++++++ .../java/org/traccar/database/LdapProvider.java | 53 +++++++------ 4 files changed, 121 insertions(+), 27 deletions(-) (limited to 'src/main/java/org') diff --git a/src/main/java/org/traccar/api/resource/UserResource.java b/src/main/java/org/traccar/api/resource/UserResource.java index 813ace6d6..d54cc2382 100644 --- a/src/main/java/org/traccar/api/resource/UserResource.java +++ b/src/main/java/org/traccar/api/resource/UserResource.java @@ -17,6 +17,7 @@ package org.traccar.api.resource; import org.traccar.Context; import org.traccar.api.BaseObjectResource; +import org.traccar.config.Keys; import org.traccar.database.UsersManager; import org.traccar.helper.LogAction; import org.traccar.model.ManagedUser; @@ -73,8 +74,8 @@ public class UserResource extends BaseObjectResource { Context.getPermissionsManager().checkUserLimit(getUserId()); } else { Context.getPermissionsManager().checkRegistration(getUserId()); - entity.setDeviceLimit(Context.getConfig().getInteger("users.defaultDeviceLimit", -1)); - int expirationDays = Context.getConfig().getInteger("users.defaultExpirationDays"); + entity.setDeviceLimit(Context.getConfig().getInteger(Keys.USERS_DEFAULT_DEVICE_LIMIT)); + int expirationDays = Context.getConfig().getInteger(Keys.USERS_DEFAULT_EXPIRATION_DAYS); if (expirationDays > 0) { entity.setExpirationTime( new Date(System.currentTimeMillis() + (long) expirationDays * 24 * 3600 * 1000)); diff --git a/src/main/java/org/traccar/config/Config.java b/src/main/java/org/traccar/config/Config.java index dd61e1f00..54e6efd06 100644 --- a/src/main/java/org/traccar/config/Config.java +++ b/src/main/java/org/traccar/config/Config.java @@ -66,7 +66,7 @@ public class Config { } public String getString(ConfigKey key) { - return getString(key.getKey()); + return getString(key.getKey(), key.getDefaultValue()); } @Deprecated diff --git a/src/main/java/org/traccar/config/Keys.java b/src/main/java/org/traccar/config/Keys.java index 215b00805..4531c7541 100644 --- a/src/main/java/org/traccar/config/Keys.java +++ b/src/main/java/org/traccar/config/Keys.java @@ -198,6 +198,94 @@ public final class Keys { Collections.singletonList(KeyType.GLOBAL), 300L); + /** + * Device limit for self registered users. Default value is -1, which indicates no limit. + */ + public static final ConfigKey USERS_DEFAULT_DEVICE_LIMIT = new ConfigKey<>( + "users.defaultDeviceLimit", + Collections.singletonList(KeyType.GLOBAL), + -1); + + /** + * Default user expiration for self registered users. Value is in days. By default no expiration is set. + */ + public static final ConfigKey USERS_DEFAULT_EXPIRATION_DAYS = new ConfigKey<>( + "users.defaultExpirationDays", + Collections.singletonList(KeyType.GLOBAL)); + + /** + * LDAP server URL. + */ + public static final ConfigKey LDAP_URL = new ConfigKey<>( + "ldap.url", + Collections.singletonList(KeyType.GLOBAL)); + + /** + * LDAP server login. + */ + public static final ConfigKey LDAP_USER = new ConfigKey<>( + "ldap.user", + Collections.singletonList(KeyType.GLOBAL)); + + /** + * LDAP server password. + */ + public static final ConfigKey LDAP_PASSWORD = new ConfigKey<>( + "ldap.password", + Collections.singletonList(KeyType.GLOBAL)); + + /** + * LDAP user search base. + */ + public static final ConfigKey LDAP_BASE = new ConfigKey<>( + "ldap.base", + Collections.singletonList(KeyType.GLOBAL)); + + /** + * LDAP attribute used as user id. Default value is 'uid'. + */ + public static final ConfigKey LDAP_ID_ATTRIBUTE = new ConfigKey<>( + "ldap.idAttribute", + Collections.singletonList(KeyType.GLOBAL), + "uid"); + + /** + * LDAP attribute used as user name. Default value is 'cn'. + */ + public static final ConfigKey LDAP_NAME_ATTRIBUTE = new ConfigKey<>( + "ldap.nameAttribute", + Collections.singletonList(KeyType.GLOBAL), + "cn"); + + /** + * LDAP attribute used as user email. Default value is 'mail'. + */ + public static final ConfigKey LDAP_MAIN_ATTRIBUTE = new ConfigKey<>( + "ldap.mailAttribute", + Collections.singletonList(KeyType.GLOBAL), + "mail"); + + /** + * LDAP custom search filter. If not specified, '({idAttribute}=:login)' will be used as a filter. + */ + public static final ConfigKey LDAP_SEARCH_FILTER = new ConfigKey<>( + "ldap.searchFilter", + Collections.singletonList(KeyType.GLOBAL)); + + /** + * LDAP custom admin search filter. + */ + public static final ConfigKey LDAP_ADMIN_FILTER = new ConfigKey<>( + "ldap.adminFilter", + Collections.singletonList(KeyType.GLOBAL)); + + /** + * LDAP admin user group. Used if custom admin filter is not specified. + */ + public static final ConfigKey LDAP_ADMIN_GROUP = new ConfigKey<>( + "ldap.adminGroup", + Collections.singletonList(KeyType.GLOBAL)); + /** * If no data is reported by a device for the given amount of time, status changes from online to unknown. Value is * in seconds. Default timeout is 10 minutes. diff --git a/src/main/java/org/traccar/database/LdapProvider.java b/src/main/java/org/traccar/database/LdapProvider.java index a8220ea8e..d659a11a1 100644 --- a/src/main/java/org/traccar/database/LdapProvider.java +++ b/src/main/java/org/traccar/database/LdapProvider.java @@ -26,6 +26,7 @@ import javax.naming.directory.SearchResult; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.traccar.config.Config; +import org.traccar.config.Keys; import org.traccar.model.User; import java.util.Hashtable; @@ -34,35 +35,39 @@ public class LdapProvider { private static final Logger LOGGER = LoggerFactory.getLogger(LdapProvider.class); - private String url; - private String searchBase; - private String idAttribute; - private String nameAttribute; - private String mailAttribute; - private String searchFilter; - private String adminFilter; - private String serviceUser; - private String servicePassword; + private final String url; + private final String searchBase; + private final String idAttribute; + private final String nameAttribute; + private final String mailAttribute; + private final String searchFilter; + private final String adminFilter; + private final String serviceUser; + private final String servicePassword; public LdapProvider(Config config) { - String url = config.getString("ldap.url"); - if (url != null) { - this.url = url; + url = config.getString(Keys.LDAP_URL); + searchBase = config.getString(Keys.LDAP_BASE); + idAttribute = config.getString(Keys.LDAP_ID_ATTRIBUTE); + nameAttribute = config.getString(Keys.LDAP_NAME_ATTRIBUTE); + mailAttribute = config.getString(Keys.LDAP_MAIN_ATTRIBUTE); + if (config.hasKey(Keys.LDAP_SEARCH_FILTER)) { + searchFilter = config.getString(Keys.LDAP_SEARCH_FILTER); } else { - this.url = "ldap://" + config.getString("ldap.server") + ":" + config.getInteger("ldap.port", 389); + searchFilter = "(" + idAttribute + "=:login)"; } - this.searchBase = config.getString("ldap.base"); - this.idAttribute = config.getString("ldap.idAttribute", "uid"); - this.nameAttribute = config.getString("ldap.nameAttribute", "cn"); - this.mailAttribute = config.getString("ldap.mailAttribute", "mail"); - this.searchFilter = config.getString("ldap.searchFilter", "(" + idAttribute + "=:login)"); - String adminGroup = config.getString("ldap.adminGroup"); - this.adminFilter = config.getString("ldap.adminFilter"); - if (this.adminFilter == null && adminGroup != null) { - this.adminFilter = "(&(" + idAttribute + "=:login)(memberOf=" + adminGroup + "))"; + if (config.hasKey(Keys.LDAP_ADMIN_FILTER)) { + adminFilter = config.getString(Keys.LDAP_ADMIN_FILTER); + } else { + String adminGroup = config.getString(Keys.LDAP_ADMIN_GROUP); + if (adminGroup != null) { + adminFilter = "(&(" + idAttribute + "=:login)(memberOf=" + adminGroup + "))"; + } else { + adminFilter = null; + } } - this.serviceUser = config.getString("ldap.user"); - this.servicePassword = config.getString("ldap.password"); + serviceUser = config.getString(Keys.LDAP_USER); + servicePassword = config.getString(Keys.LDAP_PASSWORD); } private InitialDirContext auth(String accountName, String password) throws NamingException { -- cgit v1.2.3