Retrieve UUID from LDAP in same context (#29470)
This should avoid out-of-sync problems in distributed LDAP environments. Closes #29206 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
This commit is contained in:
Alexander Schwartz
GitHub
parent
673e122443
commit
2d053312a0
2 changed files with 16 additions and 29 deletions
|
|
@ -49,7 +49,6 @@ import javax.naming.directory.SearchResult;
|
|||
|
||||
import java.io.IOException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.LinkedHashSet;
|
||||
|
|
@ -101,8 +100,7 @@ public class LDAPIdentityStore implements IdentityStore {
|
|||
}
|
||||
|
||||
BasicAttributes ldapAttributes = extractAttributesForSaving(ldapObject, true);
|
||||
this.operationManager.createSubContext(ldapObject.getDn().getLdapName(), ldapAttributes);
|
||||
ldapObject.setUuid(getEntryIdentifier(ldapObject));
|
||||
ldapObject.setUuid(operationManager.createSubContext(ldapObject.getDn().getLdapName(), ldapAttributes));
|
||||
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debugf("Type with identifier [%s] and dn [%s] successfully added to LDAP store.", ldapObject.getUuid(), ldapObject.getDn());
|
||||
|
|
@ -604,23 +602,4 @@ public class LDAPIdentityStore implements IdentityStore {
|
|||
return attr;
|
||||
}
|
||||
|
||||
protected String getEntryIdentifier(final LDAPObject ldapObject) {
|
||||
try {
|
||||
// we need this to retrieve the entry's identifier from the ldap server
|
||||
String uuidAttrName = getConfig().getUuidLDAPAttributeName();
|
||||
|
||||
List<SearchResult> search = this.operationManager.search(ldapObject.getDn().getLdapName(),
|
||||
new LDAPQueryConditionsBuilder().present(LDAPConstants.OBJECT_CLASS),
|
||||
Arrays.asList(uuidAttrName), SearchControls.OBJECT_SCOPE);
|
||||
Attribute id = search.get(0).getAttributes().get(getConfig().getUuidLDAPAttributeName());
|
||||
|
||||
if (id == null) {
|
||||
throw new ModelException("Could not retrieve identifier for entry [" + ldapObject.getDn().toString() + "].");
|
||||
}
|
||||
|
||||
return this.operationManager.decodeEntryUUID(id.get());
|
||||
} catch (NamingException ne) {
|
||||
throw new ModelException("Could not retrieve identifier for entry [" + ldapObject.getDn().toString() + "].");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -600,7 +600,7 @@ public class LDAPOperationManager {
|
|||
}
|
||||
}
|
||||
|
||||
public void createSubContext(final LdapName name, final Attributes attributes) {
|
||||
public String createSubContext(final LdapName name, final Attributes attributes) {
|
||||
try {
|
||||
if (logger.isTraceEnabled()) {
|
||||
logger.tracef("Creating entry [%s] with attributes: [", name);
|
||||
|
|
@ -622,14 +622,22 @@ public class LDAPOperationManager {
|
|||
logger.tracef("]");
|
||||
}
|
||||
|
||||
execute(new LdapOperation<Void>() {
|
||||
return execute(new LdapOperation<>() {
|
||||
@Override
|
||||
public Void execute(LdapContext context) throws NamingException {
|
||||
public String execute(LdapContext context) throws NamingException {
|
||||
DirContext subcontext = context.createSubcontext(name, attributes);
|
||||
|
||||
subcontext.close();
|
||||
|
||||
return null;
|
||||
try {
|
||||
String uuidLDAPAttributeName = config.getUuidLDAPAttributeName();
|
||||
Attribute id = subcontext.getAttributes("", new String[]{uuidLDAPAttributeName}).get(uuidLDAPAttributeName);
|
||||
if (id == null) {
|
||||
throw new ModelException("Could not retrieve identifier for entry [" + name + "].");
|
||||
}
|
||||
return decodeEntryUUID(id.get());
|
||||
} catch (NamingException ne) {
|
||||
throw new ModelException("Could not retrieve identifier for entry [" + name + "].", ne);
|
||||
} finally {
|
||||
subcontext.close();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue