Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[JENKINS-6648] Look up e-mail address from AD.
- Loading branch information
Showing
4 changed files
with
132 additions
and
25 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
47 changes: 47 additions & 0 deletions
47
src/main/java/hudson/plugins/active_directory/ActiveDirectoryMailAddressResolverImpl.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
package hudson.plugins.active_directory; | ||
|
||
import hudson.Extension; | ||
import hudson.model.Hudson; | ||
import hudson.model.User; | ||
import hudson.security.SecurityRealm; | ||
import hudson.tasks.MailAddressResolver; | ||
import org.acegisecurity.AcegiSecurityException; | ||
import org.springframework.dao.DataAccessException; | ||
|
||
import java.util.logging.Logger; | ||
|
||
import static java.util.logging.Level.*; | ||
|
||
/** | ||
* If the security realm is Active Directory, try to pick up e-mail | ||
* address from it. | ||
* | ||
* @author Animesh Banerjee | ||
* | ||
*/ | ||
@Extension | ||
public class ActiveDirectoryMailAddressResolverImpl extends | ||
MailAddressResolver { | ||
public String findMailAddressFor(User u) { | ||
SecurityRealm realm = Hudson.getInstance().getSecurityRealm(); | ||
if(!(realm instanceof ActiveDirectorySecurityRealm)){ | ||
return null; | ||
} | ||
try { | ||
ActiveDirectoryUserDetail details = (ActiveDirectoryUserDetail) realm | ||
.getSecurityComponents().userDetails.loadUserByUsername(u | ||
.getId()); | ||
LOGGER.log(FINE, "Email address = '"+ details.getMail() + "'"); | ||
return details.getMail(); | ||
} catch (DataAccessException e) { | ||
LOGGER.log(FINE, "Failed to look Active Directory for e-mail address", e); | ||
return null; | ||
} catch (AcegiSecurityException e) { | ||
LOGGER.log(FINE, "Failed to look up Active Directory for e-mail address", e); | ||
return null; | ||
} | ||
} | ||
|
||
private static final Logger LOGGER = Logger | ||
.getLogger(ActiveDirectoryMailAddressResolverImpl.class.getName()); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
53 changes: 48 additions & 5 deletions
53
src/main/java/hudson/plugins/active_directory/ActiveDirectoryUserDetail.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,15 +1,58 @@ | ||
package hudson.plugins.active_directory; | ||
|
||
import java.util.HashMap; | ||
|
||
import org.acegisecurity.GrantedAuthority; | ||
import org.acegisecurity.userdetails.User; | ||
|
||
/** | ||
* @author Kohsuke Kawaguchi | ||
*/ | ||
public class ActiveDirectoryUserDetail extends User { | ||
public ActiveDirectoryUserDetail(String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, GrantedAuthority[] authorities) throws IllegalArgumentException { | ||
// Acegi doesn't like null password, but during remember-me processing we don't know the password. | ||
// so we need to set some dummy. See #1229 | ||
super(username, password!=null?password:"PASSWORD", enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities); | ||
// additional attributes from Active Directory | ||
private final String givenName, sn, mail, telephoneNumber; | ||
|
||
public ActiveDirectoryUserDetail(String username, String password, | ||
boolean enabled, boolean accountNonExpired, | ||
boolean credentialsNonExpired, boolean accountNonLocked, | ||
GrantedAuthority[] authorities, | ||
String givenName, String sn, String mail, String telephoneNumber) | ||
throws IllegalArgumentException { | ||
// Acegi doesn't like null password, but during remember-me processing | ||
// we don't know the password so we need to set some dummy. See #1229 | ||
super(username, password != null ? password : "PASSWORD", enabled, | ||
accountNonExpired, credentialsNonExpired, accountNonLocked, | ||
authorities); | ||
|
||
this.givenName = givenName; | ||
this.sn = sn; | ||
this.mail = mail; | ||
this.telephoneNumber = telephoneNumber; | ||
} | ||
|
||
public String getGivenName() { | ||
return givenName; | ||
} | ||
} | ||
|
||
/** | ||
* Surname, AKA last name. | ||
* LDAP "sn" attribute. | ||
*/ | ||
public String getLastName() { | ||
return sn; | ||
} | ||
|
||
public String getMail() { | ||
return mail; | ||
} | ||
|
||
public String getTelephoneNumber() { | ||
return telephoneNumber; | ||
} | ||
|
||
public static long getSerialVersionUID() { | ||
return serialVersionUID; | ||
} | ||
|
||
private static final long serialVersionUID = 1L; | ||
} |