Apache-Sling
view release on metacpan or search on metacpan
lib/Apache/Sling/LDAPSynch.pm view on Meta::CPAN
->check_exists( $class->{'CachePath'} . q(/) . $class->{'CacheFile'} ) )
{
croak q(No synch cache file present - initialization must have failed!);
}
${ $class->{'Content'} }
->view_file( $class->{'CachePath'} . q(/) . $class->{'CacheFile'} )
or croak q(Problem viewing synch cache file);
my $synch_cache;
my $success = eval ${ $class->{'Content'} }->{'Message'};
if ( !defined $success ) {
croak q{Error parsing synchronized cache dump.};
}
return $synch_cache;
}
#}}}
#{{{sub update_synch_cache
sub update_synch_cache {
my ( $class, $synch_cache ) = @_;
lib/Apache/Sling/LDAPSynch.pm view on Meta::CPAN
->check_exists( $class->{'CachePath'} . q(/) . $class->{'UserList'} ) )
{
croak q(No user list file present - you need to create one!);
}
${ $class->{'Content'} }
->view_file( $class->{'CachePath'} . q(/) . $class->{'UserList'} )
or croak q(Problem viewing synch user list);
my $synch_user_list;
my $success = eval ${ $class->{'Content'} }->{'Message'};
if ( !defined $success ) {
croak q{Error parsing synchronized user list dump.};
}
return $synch_user_list;
}
#}}}
#{{{sub update_synch_user_list
sub update_synch_user_list {
my ( $class, $synch_user_list ) = @_;
lib/Apache/Sling/LDAPSynch.pm view on Meta::CPAN
#{{{sub download_synch_user_list
sub download_synch_user_list {
my ( $class, $user_list_file ) = @_;
my $synch_user_list = $class->get_synch_user_list;
foreach my $user ( sort keys %{$synch_user_list} ) {
if ( open my $out, '>>', $user_list_file ) {
flock $out, LOCK_EX;
print {$out} $user . "\n"
or croak
q(Problem printing when downloading synchronized user list!);
flock $out, LOCK_UN;
close $out
or croak
q(Problem closing file handle when downloading synchronized user list!);
}
else {
croak q(Could not open file to download synchronized user list to!);
}
}
$class->{'Message'} =
"Successfully downloaded user list to $user_list_file!";
return 1;
}
#}}}
#{{{sub upload_synch_user_list
lib/Apache/Sling/LDAPSynch.pm view on Meta::CPAN
chomp;
$user_list_hash{$_} = 1;
}
close $input or croak q(Problem closing upload user list file handle!);
}
else {
croak q(Unable to open synch user list file to parse for upload!);
}
$class->update_synch_user_list( \%user_list_hash );
$class->{'Message'} =
q(Successfully uploaded user list for use in subsequent synchronizations!);
return 1;
}
#}}}
#{{{sub parse_attributes
sub parse_attributes {
my ( $ldap_attrs, $sling_attrs, $ldap_attrs_array, $sling_attrs_array ) =
@_;
lib/Apache/Sling/LDAPSynch.pm view on Meta::CPAN
# Found a modified property:
return 1;
}
}
return 0;
}
#}}}
#{{{sub perform_synchronization
sub perform_synchronization {
my ( $class, $array_of_dns, $search_result, $seen_user_ids, $synch_cache,
$ldap_attrs_array, $sling_attrs_array )
= @_;
foreach my $dn ( @{$array_of_dns} ) {
my $valref = $search_result->{$dn};
my $index = 0;
my $user_id = @{ $valref->{ $class->{'Filter'} } }[0];
$seen_user_ids->{$user_id} = 1;
my @properties_array;
my %properties_hash;
lib/Apache/Sling/LDAPSynch.pm view on Meta::CPAN
unshift @ldap_attrs_array, $class->{'Filter'};
my $search_result = $class->ldap_search( $search, \@ldap_attrs_array );
shift @ldap_attrs_array;
my $synch_cache = $class->get_synch_cache;
my %seen_user_ids;
# process each DN using it as a key
my @array_of_dns = sort keys %{$search_result};
$class->perform_synchronization(
\@array_of_dns, $search_result, \%seen_user_ids,
$synch_cache, \@ldap_attrs_array, \@sling_attrs_array
);
# Clean up records no longer in ldap:
my @disable_property;
push @disable_property, $class->{'Disabled'} . '=1';
foreach my $cache_entry ( sort keys %{$synch_cache} ) {
if ( $synch_cache->{$cache_entry}->{ $class->{'Disabled'} } eq '0'
&& !defined $seen_user_ids{$cache_entry} )
lib/Apache/Sling/LDAPSynch.pm view on Meta::CPAN
print
"Disabling user record in sling that no longer exists in ldap: $cache_entry\n"
or croak q{Problem printing!};
${ $class->{'User'} }->update( $cache_entry, \@disable_property )
or croak q(Problem disabling user in sling instance!);
$synch_cache->{$cache_entry}->{ $class->{'Disabled'} } = '1';
}
}
$class->update_synch_cache($synch_cache);
$class->{'Message'} = 'Successfully performed a full synchronization!';
return 1;
}
#}}}
#{{{sub synch_full_since
sub synch_full_since {
my ( $class, $ldap_attrs, $sling_attrs, $synch_since ) = @_;
my $search = q{(modifytimestamp>=} . $synch_since . q{)};
lib/Apache/Sling/LDAPSynch.pm view on Meta::CPAN
print <<"EOF";
Usage: perl $0 [-OPTIONS [-MORE_OPTIONS]] [--] [PROGRAM_ARG1 ...]
The following options are accepted:
--attributes or -a (attribs) - Comma separated list of attributes.
--auth (type) - Specify auth type. If ommitted, default is used.
--download-user-list (userList) - Download user list to file userList
--flag-disabled or -f - property to denote user should be disabled.
--help or -? - View the script synopsis and options.
--ldap-attributes or -A (attribs) - Specify ldap attributes to be updated.
--ldap-base or -B (ldapBase) - Specify ldap base to synchronize users from.
--ldap-dn or -D (ldapDN) - Specify ldap DN for authentication.
--ldap-filter or -F (filter) - Specify ldap attribute to search for users with.
--ldap-host or -H (host) - Specify ldap host to synchronize from.
--ldap-pass or -P (pass) - Specify ldap pass for authentication.
--log or -L (log) - Log script output to specified log file.
--man or -M - View the full script documentation.
--pass or -p (password) - Password of user performing actions.
--synch-full or -s - Perform a full synchronization from ldap to sling.
--synch-full-since or -S (since) - Perform a full synchronization from ldap to sling using changes since specified time.
--synch-listed or -l - Perform a sychronization of listed users from ldap to sling.
--synch-listed-since (since) - Perform a sychronization of listed users from ldap to sling using changes since specified time.
--upload-user-list (userList) - Upload user list specified by file userList.
--url or -U (URL) - URL for system being tested against.
--user or -u (username) - Name of user to perform any actions as.
--verbose or -v or -vv or -vvv - Increase verbosity of output.
Options may be merged together. -- stops processing of options.
Space is not required between options and their arguments.
For full details run: perl $0 --man
lib/Apache/Sling/LDAPSynch.pm view on Meta::CPAN
}
#}}}
#{{{ sub man
sub man {
my ($ldap_synch) = @_;
print <<'EOF';
LDAP synchronization perl script. Provides a means of synchronizing user
information from an LDAP server into a running sling instance from the command
line. The script also acts as a reference implementation for the LDAPSynch perl
library.
EOF
$ldap_synch->help();
print <<"EOF";
Example Usage
* Upload a restricted list of users (one id per line of specified file) to use in synchronizations:
perl $0 --upload-user-list user_list.txt --sling-host http://localhost:8080 --sling-user admin --sling-pass admin
* Download a previously specified list of users to be synchronized to a specified file:
perl $0 --download-user-list user_list.txt --sling-host http://localhost:8080 --sling-user admin --sling-pass admin
* Authenticate and perform a full synchronization:
perl $0 -s -h ldap://ldap.org -b "ou=people,o=ldap,dc=org" -H http://localhost:8080 -u admin -P admin -a "displayname,mail,sn" -A "name,email,surname"
EOF
return 1;
}
#}}}
#{{{sub run
lib/Apache/Sling/LDAPSynch.pm view on Meta::CPAN
}
#}}}
1;
__END__
=head1 NAME
Apache::Sling::LDAPSynch - synchronize users from an external LDAP server into an Apache Sling instance.
=head1 ABSTRACT
Synchronize users from an external LDAP server with the internal users
in an Apache Sling instance.
=head1 METHODS
=head2 new
lib/Apache/Sling/LDAPSynch.pm view on Meta::CPAN
=head2 ldap_search
Perform an ldap search.
=head2 init_synch_cache
Initialize the Apache Sling synch cache.
=head2 get_synch_cache
Fetch the synchronization cache file.
=head2 update_synch_cache
Update the synchronization cache file with the latest state.
=head2 get_synch_user_list
Fetch the synchronization user list file.
=head2 update_synch_user_list
Update the synchronization user_list file with the latest state.
=head2 download_synch_user_list
Download the current synchronization user list file.
=head2 upload_synch_user_list
Upload a list of users to be synchronized into the sling system.
=head2 parse_attributes
Read the given ldap and sling attributes into two separate specified arrays.
Check that the length of the arrays match.
=head2 check_for_property_modifications
Compare a new property hash with a cached version. If any changes to properties
have been made, then return true. Else return false.
=head2 perform_synchronization
Carry out the synchronization from LDAP to Sling.
=head2 synch_full
Perform a full synchronization of Sling internal users with the external LDAP
users.
=head2 synch_full_since
Perform a synchronization of Sling internal users with the external LDAP users,
using LDAP changes since a given timestamp.
=head2 synch_listed
Perform a synchronization of Sling internal users with the external LDAP users
for a set of users listed in a specified file.
=head2 synch_listed_since
Perform a synchronization of Sling internal users with the external LDAP users,
using LDAP changes since a given timestamp for a set of users listed in a
specified file.
=head2 config
Fetch hash of ldap synchronization configuration.
=head2 run
Run ldap synchronization related actions.
=head1 USAGE
use Apache::Sling::LDAPSynch;
=head1 DESCRIPTION
Perl library providing a means to synchronize users from an external
LDAP server with the internal users in an Apache Sling instance.
=head1 REQUIRED ARGUMENTS
None required.
=head1 OPTIONS
n/a
scripts/sling.pl view on Meta::CPAN
Usage: perl sling.pl [-OPTIONS [-MORE_OPTIONS]] [--] [PROGRAM_ARG1 ...]
The following options are accepted:
--help or help - view the script synopsis and options
--man or man - view the full script documentation
authz - run authz related actions
content - run content related actions
group_member - run group membership related actions
group - run group related actions
json_query_servlet - run json query servlet related actions
ldap_synch - run ldap synchronization related actions
user - run user related actions
Options may be merged together. -- stops processing of options.
Space is not required between options and their arguments.
For full details run: perl sling.pl --man
=head1 USAGE
=over
( run in 0.823 second using v1.01-cache-2.11-cpan-0d8aa00de5b )