Java: Pega Grupos do Usuario no LDAP

Essa classe conecta a um servidor LDAP e busca os grupos que usuário pertence, logo depois busca o atributo name do grupo respectivo

Solução testada usando o IBM Tivoli Directory Server

Os pré-requisitos são


 * Dados para conexão ao servidor ldap

Código abaixo.

import javax.naming.*; import javax.naming.directory.*; import java.io.PrintStream; import java.util.ArrayList; import java.util.Iterator; import java.util.Enumeration; import java.util.Hashtable; import java.util.Properties; /** * Solução testada com o Tivoli Directory Server * @author ebasso * */ public class PegaGruposUsuario { public static final String _IBM_ALL_GROUPS_ = "ibm-allGroups"; public static final String _AD_MEMBER_OF = "MemberOf"; /** 	 * @param args */ 	public static void main(String[] args) { try { PrintStream out = System.out; Properties pconn = new Properties; PegaGruposUsuario jlquery = new PegaGruposUsuario; // Dev pconn.setProperty("ldap.URL", "ldap://192.168.10.1:389/"); pconn.setProperty("ldap.BaseDN", "O=EMPRESAX,C=BR"); pconn.setProperty("ldap.user","uid=UsuarioBind,ou=usuarios,o=empresax,c=br"); pconn.setProperty("ldap.password", "password"); String commonName = "Fulano de Tak"; jlquery.runSolucao(out,pconn,commonName); } catch (Exception e) { e.printStackTrace; } 	} 	public void runSolucao(PrintStream out, Properties ldapconn, String userName) throws Exception { if ((userName == null) || (userName.equals(""))){ printNoGroup(out); return; } 		userName = userName+"*"; ArrayList userGroups = buscaGruposUsuario(ldapconn, userName); if (userGroups == null ) { // usuário não cadastrado em grupos printNoGroup(out); return ; } 		ArrayList arrayGruposLDAP = buscaNomeGrupo(ldapconn, userGroups); if ( arrayGruposLDAP == null) { // nenhuma grupo tem caixa postal corporativa printNoName(out); return ; } 		// Pega os resultados e monta Retorno printRetorno(out, arrayGruposLDAP); } 	private ArrayList buscaGruposUsuario (Properties ldapconn, String userName) throws Exception{ String filter = "(&(objectClass=person)(uid=" + userName + "))"; String[] attrIDs = {_IBM_ALL_GROUPS_}; NamingEnumeration result = executaLdapQuery(ldapconn,filter,attrIDs); ArrayList userGroups = null; if (result.hasMore) { userGroups = new ArrayList; while (result.hasMore) { SearchResult sr = (SearchResult)result.next; System.out.println("1>>>" + sr.toString); Attributes attrs = sr.getAttributes; for ( Enumeration e1 = attrs.get(_IBM_ALL_GROUPS_).getAll ; e1.hasMoreElements ; ) { String dnGroup = e1.nextElement.toString; userGroups.add(dnGroup); //System.out.println("dnGroup>" + dnGroup); }    	            break; }         }        	          ldapconn.setProperty("filter",""); return userGroups; } 	private ArrayList buscaNomeGrupo (Properties ldapconn, ArrayList userGroups) throws Exception { //String[] attrIDs = {"*"}; String[] attrIDs = {"name"}; ArrayList arrayAUX = null; Iterator itr = userGroups.iterator; while (itr.hasNext){ String groupName = (String) itr.next; groupName = this.getCN(groupName); //System.out.println("=>" + groupName); String filter = "(&(objectClass=groupOfUniqueNames)(cn="+ groupName + "))"; NamingEnumeration result = executaLdapQuery(ldapconn,filter,attrIDs); while (result.hasMore) { SearchResult sr = (SearchResult)result.next; System.out.println("Z>>>" +sr.toString); String[] sAux = this.getGroupAttributes(sr.getAttributes); if (sAux != null) { if (arrayAUX == null) { arrayAUX = new ArrayList; } 	        		arrayAUX.add(sAux); } 	   	} 	    } 	    ldapconn.setProperty("filter",""); return arrayAUX; } 	private NamingEnumeration executaLdapQuery(Properties ldapquery,String filter,String[] attrIDs) throws Exception { // Set up the environment for creating the initial context String ldapCF = "com.sun.jndi.ldap.LdapCtxFactory"; String ldapURL = ldapquery.getProperty("ldap.URL"); String ldapBaseDN = ldapquery.getProperty("ldap.BaseDN"); String ldapUserID = ldapquery.getProperty("ldap.user"); String ldapPassword = ldapquery.getProperty("ldap.password"); Hashtable env = new Hashtable(5); env.put(Context.INITIAL_CONTEXT_FACTORY, ldapCF); env.put(Context.PROVIDER_URL, ldapURL + ldapBaseDN); env.put(Context.SECURITY_PRINCIPAL, ldapUserID); env.put(Context.SECURITY_CREDENTIALS, ldapPassword); //set security credentials, note using simple cleartext authentication env.put(Context.SECURITY_AUTHENTICATION,"simple"); // Create initial context DirContext ctx = new InitialDirContext(env); SearchControls ctls = new SearchControls; ctls.setReturningAttributes(attrIDs); ctls.setSearchScope(SearchControls.SUBTREE_SCOPE); // Search for objects using the above filter NamingEnumeration result = ctx.search("", filter, ctls); // Close the context when we're done ctx.close; return result; }   private void printRetorno(PrintStream out, ArrayList arrayAUX) { String xOut = ""; Iterator itr = arrayAUX.iterator; while (itr.hasNext){ String[] sDado = (String[]) itr.next; xOut = "N>> [" + sDado[0] + "]"; out.println(xOut); }   }    private void printNoGroup(PrintStream out) { String xOut = "Usuário não está dentro de Grupos"; out.println(xOut); }   private void printNoName(PrintStream out) { String xOut = "Sem Nome Populados"; out.println(xOut); }   public static String getCN(String aux) { if (aux != null && aux.toUpperCase.startsWith("CN=")) { aux = aux.substring(3).trim; }       int position = aux.indexOf(','); if (position == -1) { return aux; } else { return aux.substring(0, position); }   }    private String[] getGroupAttributes(Attributes attrs) { String aux3 = ""; Attribute attr3 = attrs.get("name"); if (attr3 != null) { aux3 = attr3.toString; if (aux3.toUpperCase.startsWith("NAME:")) { aux3 = aux3.substring(5).trim; }   	}	        return (new String[] {aux3}); } }