LDAPProperties.java

/*
 * ProActive Parallel Suite(TM):
 * The Open Source library for parallel and distributed
 * Workflows & Scheduling, Orchestration, Cloud Automation
 * and Big Data Analysis on Enterprise Grids & Clouds.
 *
 * Copyright (c) 2007 - 2017 ActiveEon
 * Contact: contact@activeeon.com
 *
 * This library is free software: you can redistribute it and/or
 * modify it under the terms of the GNU Affero General Public License
 * as published by the Free Software Foundation: version 3 of
 * the License.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program. If not, see <http://www.gnu.org/licenses/>.
 *
 * If needed, contact us to obtain a release under GPL Version 2 or 3
 * or a different license than the AGPL.
 */
package org.ow2.proactive.authentication;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.Properties;

import org.objectweb.proactive.annotation.PublicAPI;


/**
 * LDAPProperties contains all LDAP configuration properties.
 *
 * You must use provided methods in order to get these properties.
 */
@PublicAPI
public class LDAPProperties {

    /* ***************************************************************** */
    /* ************************** LDAP PROPERTIES ********************** */
    /* ***************************************************************** */

    /** URL of a ldap used for authentication */
    public static final String LDAP_URL = "pa.ldap.url";

    /** path in the LDAP tree users containing */
    public static final String LDAP_USERS_SUBTREE = "pa.ldap.userssubtree";

    /** path in the LDAP tree groups containing */
    public static final String LDAP_GROUPS_SUBTREE = "pa.ldap.groupssubtree";

    /**
     * Filter that allows to find the user dn given its scheduler login
     * {@code pa.ldap.user.filter=(&(objectclass=inetOrgPerson)(uid=%s))}
     * the {@code %s} parameter is the login used during the scheduler authentication process
     **/
    public static final String LDAP_USER_FILTER = "pa.ldap.user.filter";

    /**
     * Retrieves the group the user dn belongs to
     * {@code pa.ldap.group.filter=(&(objectclass=groupOfUniqueNames)(uniqueMember=%s))}
     * the {@code %s} parameter is the user dn.
     **/
    public static final String LDAP_GROUP_FILTER = "pa.ldap.group.filter";

    /** the attribute in the group entry that matches the jaas' group name */
    public static final String LDAP_GROUPNAME_ATTR = "pa.ldap.group.name.attr";

    /** authentication method used to connect to LDAP : none, simple or a SASL method */
    public static final String LDAP_AUTHENTICATION_METHOD = "pa.ldap.authentication.method";

    /** login name used to perform ldap's binding */
    public static final String LDAP_BIND_LOGIN = "pa.ldap.bind.login";

    /** password used to perform ldap's binding */
    public static final String LDAP_BIND_PASSWD = "pa.ldap.bind.pwd";

    /** path of the java keystore file used by LDAP module for SSL/TLS authentication */
    public static final String LDAP_KEYSTORE_PATH = "pa.ldap.keystore.path";

    /** path of the java truststore file used by LDAP module for SSL/TLS authentication */
    public static final String LDAP_TRUSTSTORE_PATH = "pa.ldap.truststore.path";

    /** password for the keystore defined by pa.ldap.keystore.path */
    public static final String LDAP_KEYSTORE_PASSWD = "pa.ldap.keystore.passwd";

    /** password for the truststore defined by pa.ldap.truststore.path */
    public static final String LDAP_TRUSTSTORE_PASSWD = "pa.ldap.truststore.passwd";

    /** boolean defining whether the LDAP service provider has to use connection pooling or not */
    public static final String LDAP_CONNECTION_POOLING = "pa.ldap.connection.pooling";

    /** fall back property, check user/password and group in files if user is not found in LDAP.
     * true or false */
    public static final String FALLBACK_USER_AUTH = "pa.ldap.authentication.fallback";

    /** group fall back property, check user group membership group file if user is not found in corresponding LDAP group.
     * true or false */
    public static final String FALLBACK_GROUP_MEMBERSHIP = "pa.ldap.group.membership.fallback";

    /* ***************************************************************************** */
    /* ***************************************************************************** */
    /** memory entity of the properties file. */
    private Properties prop = new Properties();

    /**
     * Create a new instance of LDAPProperties
     *
     * @param propertiesFileName properties file name
     */
    public LDAPProperties(String propertiesFileName) {
        try {
            FileInputStream stream = new FileInputStream(new File(propertiesFileName));
            prop.load(stream);
            stream.close();
            setUserJavaProperties();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    /**
     * Set the user java properties to the LDAPProperties.<br/>
     * User properties are defined using the -Dname=value in the java command.
     */
    private void setUserJavaProperties() {
        for (Object o : prop.keySet()) {
            String s = System.getProperty((String) o);
            if (s != null) {
                prop.setProperty((String) o, s);
            }
        }
    }

    /**
     * Retrieves the value of the property
     *
     * @param key property name
     * @return property value
     */
    public String getProperty(String key) {
        return prop.getProperty(key);
    }
}