Add LDAP support.

wise-webapp/pom.xml

@@ -77,6 +77,12 @@
             <version>${org.springframework.version}</version>
             <scope>compile</scope>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-ldap</artifactId>
+            <version>${org.springframework.version}</version>
+            <scope>compile</scope>
+        </dependency>
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-beans</artifactId>

wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java

@@ -85,7 +85,7 @@ public class AdminController extends BaseController {
         }
 
         // Finally create the user ...
-        userService.createUser(delegated, false);
+        userService.createUser(delegated, false,true);
         response.setHeader("Location", "/service/admin/users/" + user.getId());
     }
 

wise-webapp/src/main/java/com/wisemapping/security/UserDetails.java

@@ -27,10 +27,10 @@ import java.util.ArrayList;
 import java.util.Collection;
 
 public class UserDetails implements org.springframework.security.core.userdetails.UserDetails {
-    private com.wisemapping.model.User user;
+	private com.wisemapping.model.User user;
     private boolean isAdmin;
 
-    public UserDetails(@NotNull final com.wisemapping.model.User user, boolean isAdmin) {
+    public  UserDetails(@NotNull final com.wisemapping.model.User user, boolean isAdmin) {
         this.user = user;
         this.isAdmin = isAdmin;
     }

wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java

@@ -18,13 +18,12 @@
 
 package com.wisemapping.security;
 
-import com.wisemapping.dao.UserManager;
+
 import com.wisemapping.model.User;
 import com.wisemapping.service.UserService;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
-import org.springframework.beans.factory.annotation.Autowired;
+
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.dao.DataAccessException;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 

wise-webapp/src/main/java/com/wisemapping/security/ldap/LdapUserDetailsContextMapper.java

@@ -0,0 +1,79 @@
+package com.wisemapping.security.ldap;
+
+
+import com.wisemapping.exceptions.WiseMappingException;
+import com.wisemapping.model.User;
+import com.wisemapping.security.UserDetails;
+import com.wisemapping.service.UserService;
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
+import org.springframework.ldap.core.DirContextAdapter;
+import org.springframework.ldap.core.DirContextOperations;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.ldap.userdetails.UserDetailsContextMapper;
+
+import java.util.Calendar;
+import java.util.Collection;
+
+public class LdapUserDetailsContextMapper implements UserDetailsContextMapper {
+
+    private UserService userService;
+    private String adminUser;
+
+
+    public UserService getUserService() {
+        return userService;
+    }
+
+    public void setUserService(UserService userService) {
+        this.userService = userService;
+    }
+
+
+    private boolean isAdmin(@Nullable String email) {
+        return email != null && adminUser != null && email.trim().endsWith(adminUser);
+    }
+
+    public String getAdminUser() {
+        return adminUser;
+    }
+
+    public void setAdminUser(String adminUser) {
+        this.adminUser = adminUser;
+    }
+
+    @Override
+    public UserDetails mapUserFromContext(@NotNull DirContextOperations userData,
+                                          String email, Collection<? extends GrantedAuthority> arg2) {
+        User user = userService.getUserBy(email);
+        if (user == null) {
+            // If the user was not found in the database, create a new one ...
+            user = new User();
+            user.setEmail(email);
+
+            final String firstName = userData.getStringAttribute("givenName");
+            user.setFirstname(firstName);
+
+            final String lastName = userData.getStringAttribute("sn");
+            user.setLastname(lastName);
+
+            user.setPassword(email);
+            final Calendar now = Calendar.getInstance();
+            user.setActivationDate(now);
+
+            try {
+                userService.createUser(user, false,false);
+            } catch (WiseMappingException e) {
+                throw new IllegalStateException(e);
+            }
+        }
+        return new UserDetails(user, isAdmin(email));
+    }
+
+    @Override
+    public void mapUserToContext(org.springframework.security.core.userdetails.UserDetails userDetails, DirContextAdapter dirContextAdapter) {
+        // To be implemented ...
+    }
+
+
+}

wise-webapp/src/main/java/com/wisemapping/service/UserService.java

@@ -26,7 +26,7 @@ public interface UserService {
 
     public void activateAccount(long code) throws InvalidActivationCodeException;
 
-    public User createUser(@NotNull User user, boolean emailConfirmEnabled) throws WiseMappingException;
+    public User createUser(@NotNull User user, boolean emailConfirmEnabled,boolean welcomeEmail) throws WiseMappingException;
 
     public void changePassword(@NotNull User user);
 
@@ -41,4 +41,6 @@ public interface UserService {
     public void deleteUser(@NotNull User user);
 
     public void auditLogin(@NotNull User user);
+    
+    public User getCasUserBy(String uid);
 }

wise-webapp/src/main/java/com/wisemapping/service/UserServiceImpl.java

@@ -107,7 +107,7 @@ public class UserServiceImpl
         userManager.auditLogin(accessAuditory);
     }
 
-    public User createUser(@NotNull User user, boolean emailConfirmEnabled) throws WiseMappingException {
+    public User createUser(@NotNull User user, boolean emailConfirmEnabled, boolean welcomeEmail) throws WiseMappingException {
         final UUID uuid = UUID.randomUUID();
         user.setCreationDate(Calendar.getInstance());
         user.setActivationCode(uuid.getLeastSignificantBits());
@@ -120,6 +120,7 @@ public class UserServiceImpl
         }
 
         Collaborator col = userManager.getCollaboratorBy(user.getEmail());
+
         if (col != null) {
             userManager.createUser(user, col);
         } else {
@@ -134,7 +135,7 @@ public class UserServiceImpl
         // Send registration email.
         if (emailConfirmEnabled) {
             notificationService.sendRegistrationEmail(user);
-        } else {
+        } else if (welcomeEmail) {
             // Send a welcome email ..
             notificationService.newAccountCreated(user);
         }
@@ -205,4 +206,10 @@ public class UserServiceImpl
     public void setVelocityEngine(VelocityEngine velocityEngine) {
         this.velocityEngine = velocityEngine;
     }
+
+    @Override
+    public User getCasUserBy(String uid) {
+        // TODO Auto-generated method stub
+        return null;
+    }
 }

wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java

@@ -110,7 +110,7 @@ public class UsersController {
             user.setPassword(userBean.getPassword());
 
             boolean confirmRegistrationByEmail = false;
-            userService.createUser(user, confirmRegistrationByEmail);
+            userService.createUser(user, confirmRegistrationByEmail,true);
 
             // Forward to the success view ...
             result = new ModelAndView("userRegistrationSuccess");

wise-webapp/src/main/webapp/WEB-INF/app.properties

@@ -98,3 +98,25 @@ google.analytics.account=UA-XXXX
 # Google Ads enable
 ##################################################################################
 google.ads.enabled=false
+
+#######################################################################################
+LDAP Configuration Section
+#######################################################################################
+security.ldap.enabled=false
+security.ldap.server=ldap://localhost:389
+security.ldap.server.user=cn=pveiga,dc=wisemapping,dc=com
+security.ldap.server.password=password
+
+security.ldap.basedn=dc=wisemapping,dc=com
+security.ldap.subDn=people
+security.ldap.auth.attribute=mail
+#######################################################################################
+
+
+
+
+
+
+
+
+

wise-webapp/src/main/webapp/WEB-INF/web.xml

@@ -28,6 +28,7 @@
       - The application context is then available via
       - WebApplicationContextUtils.getWebApplicationContext(servletContext).
     -->
+
     <listener>
         <listener-class>com.wisemapping.service.HibernateAppListener</listener-class>
     </listener>

wise-webapp/src/main/webapp/WEB-INF/wisemapping-security-db.xml

@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:sec="http://www.springframework.org/schema/security"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans
+          http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
+          http://www.springframework.org/schema/security
+          http://www.springframework.org/schema/security/spring-security-3.1.xsd">
+
+    <sec:authentication-manager alias="authenticationManager">
+        <sec:authentication-provider ref="dbAuthenticationProvider"/>
+        <sec:authentication-provider user-service-ref="userDetailsService"/>
+    </sec:authentication-manager>
+
+    <bean id="dbAuthenticationProvider" class="com.wisemapping.security.AuthenticationProvider">
+        <property name="userDetailsService" ref="userDetailsService"/>
+        <property name="encoder" ref="encoder"/>
+    </bean>
+
+</beans>

wise-webapp/src/main/webapp/WEB-INF/wisemapping-security-ldap.xml

@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:sec="http://www.springframework.org/schema/security"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans
+          http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
+          http://www.springframework.org/schema/security
+          http://www.springframework.org/schema/security/spring-security-3.1.xsd">
+
+
+    <sec:authentication-manager>
+        <sec:authentication-provider ref="ldapAuthProvider"/>
+    </sec:authentication-manager>
+
+    <!-- ================================================== -->
+    <!-- LDAP Connection settings -->
+    <!-- ================================================== -->
+
+    <bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">
+        <property name="url" value="${security.ldap.server}"/>
+        <property name="userDn" value="${security.ldap.server.user}"/>
+        <property name="password" value="${security.ldap.server.password}"/>
+        <property name="base" value="${security.ldap.basedn}"/>
+    </bean>
+
+    <!-- ================================================== -->
+    <!-- Authentication and Authorization Handlers          -->
+    <!-- ================================================== -->
+    <bean id="ldapAuthProvider"
+          class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
+        <constructor-arg>
+            <bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
+                <constructor-arg ref="contextSource"/>
+                <property name="userSearch" ref="ldapUserSearch"/>
+            </bean>
+        </constructor-arg>
+        <property name="userDetailsContextMapper" ref="userDetailsContextMapper"/>
+    </bean>
+
+    <bean id="userDetailsContextMapper" class="com.wisemapping.security.ldap.LdapUserDetailsContextMapper">
+        <property name="userService" ref="userService"/>
+    </bean>
+
+    <bean id="ldapUserSearch"
+          class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
+        <constructor-arg index="0" value="ou=${security.ldap.subDn}"/>
+        <constructor-arg index="1" value="(${security.ldap.auth.attribute}={0})"/>
+        <constructor-arg index="2" ref="contextSource"/>
+        <property name="searchSubtree" value="true"/>
+    </bean>
+
+</beans>

wise-webapp/src/main/webapp/WEB-INF/wisemapping-security.xml

@@ -56,18 +56,10 @@
         <sec:logout logout-url="/c/logout" invalidate-session="true" logout-success-url="/c/login"/>
     </sec:http>
 
-    <sec:authentication-manager alias="authenticationManager">
+    <!--<import resource="wisemapping-security-db.xml"/>-->
-        <sec:authentication-provider ref="dbAuthenticationProvider"/>
+    <import resource="wisemapping-security-ldap.xml"/>
-        <sec:authentication-provider user-service-ref="userDetailsService"/>
-    </sec:authentication-manager>
-
-    <bean id="dbAuthenticationProvider" class="com.wisemapping.security.AuthenticationProvider">
-        <property name="userDetailsService" ref="userDetailsService"/>
-        <property name="encoder" ref="encoder"/>
-    </bean>
 
     <bean id="userDetailsService" class="com.wisemapping.security.UserDetailsService">
-        <!--suppress SpringModelInspection -->
         <property name="userService" ref="userService"/>
         <property name="adminUser" value="${admin.user}"/>
     </bean>
@@ -76,4 +68,5 @@
         <property name="defaultTargetUrl" value="/c/maps/"/>
         <property name="alwaysUseDefaultTargetUrl" value="false"/>
     </bean>
+
 </beans>