LDAPUserGroupServicePanel.java

/* (c) 2016 Open Source Geospatial Foundation - all rights reserved
 * This code is licensed under the GPL 2.0 license, available at the root
 * application directory.
 */
package org.geoserver.web.security.ldap;

import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.ajax.markup.html.form.AjaxCheckBox;
import org.apache.wicket.markup.html.WebMarkupContainer;
import org.apache.wicket.markup.html.form.CheckBox;
import org.apache.wicket.markup.html.form.PasswordTextField;
import org.apache.wicket.markup.html.form.TextField;
import org.apache.wicket.model.IModel;
import org.geoserver.security.ldap.LDAPUserGroupServiceConfig;
import org.geoserver.security.web.usergroup.UserGroupServicePanel;

/**
 * 
 * @author Niels Charlier
 *
 */
public class LDAPUserGroupServicePanel extends UserGroupServicePanel<LDAPUserGroupServiceConfig> {
    private static final long serialVersionUID = -5052166946618920800L;

    class LDAPAuthenticationPanel extends WebMarkupContainer {

        private static final long serialVersionUID = 6533128678666053350L;

        public LDAPAuthenticationPanel(String id) {
            super(id);
            add(new TextField<String>("user"));

            PasswordTextField pwdField = new PasswordTextField("password");
            // avoid reseting the password which results in an
            // empty password on saving a modified configuration
            pwdField.setResetPassword(false);
            add(pwdField);
        }
        
        public void resetModel() {
            get("user").setDefaultModelObject(null);
            get("password").setDefaultModelObject(null);
        }
    }

    public LDAPUserGroupServicePanel(String id, IModel<LDAPUserGroupServiceConfig> model) {
        super(id, model);
        /** LDAP server parameters */
        add(new TextField<String>("serverURL").setRequired(true));
        add(new CheckBox("useTLS"));
        /** group options */
        add(new TextField<String>("groupSearchBase").setRequired(true));
        add(new TextField<String>("groupNameAttribute"));
        add(new TextField<String>("groupFilter"));
        add(new TextField<String>("allGroupsSearchFilter"));
        /** membership options */
        add(new TextField<String>("groupSearchFilter"));
        add(new TextField<String>("groupMembershipAttribute"));
        /** user options */
        add(new TextField<String>("userSearchBase").setRequired(true));
        add(new TextField<String>("userNameAttribute"));
        add(new TextField<String>("userFilter"));
        add(new TextField<String>("allUsersSearchFilter"));
        add(new TextField<String>("populatedAttributes"));

        /** privileged account for querying the LDAP server (if needed) */
        add(new AjaxCheckBox("bindBeforeGroupSearch") {
            private static final long serialVersionUID = -6388847010436939988L;

            @Override
            protected void onUpdate(AjaxRequestTarget target) {
                //reset any values that were set
                LDAPAuthenticationPanel ldapAuthenticationPanel = 
                        (LDAPAuthenticationPanel) LDAPUserGroupServicePanel.this.get("authenticationPanel");
                ldapAuthenticationPanel.resetModel();
                ldapAuthenticationPanel.setVisible(getModelObject().booleanValue());
                target.add(ldapAuthenticationPanel);
            }
        });
        LDAPAuthenticationPanel authPanel = new LDAPAuthenticationPanel("authenticationPanel");
        authPanel.setVisible(model.getObject().isBindBeforeGroupSearch());
        authPanel.setOutputMarkupPlaceholderTag(true);
        add(authPanel);
    }
}