AnsweredAssumed Answered

LDAP Synchronization User Problems

Question asked by fracat71 on Feb 19, 2012
Latest reply on Feb 20, 2012 by fracat71
Hi all,
i have 3.2 R2 Alfresco (SVN 17458).
I have activated the LDAP-AD User Synchronization.

The users created are only in
Primary Path:    /{http://www.alfresco.org/model/system/1.0}system/{http://www.alfresco.org/model/system/1.0}people
under workspace://SpacesStore.

They are not created in 
Primary Path:    /{http://www.alfresco.org/model/system/1.0}system/{http://www.alfresco.org/model/system/1.0}people
under user://alfrescoUserStore .

This causes problems to update the password because the method updateUser RepositoryAuthenticationDao fails the lucene search
   public void updateUser(String userName, char[] rawPassword) throws AuthenticationException
    {
        NodeRef userRef = getUserOrNull(userName);
        if (userRef == null)
        {
            throw new AuthenticationException("User name does not exist: " + userName);
        }
        Map<QName, Serializable> properties = nodeService.getProperties(userRef);
        String salt = null; // GUID.generate();
        properties.remove(ContentModel.PROP_SALT);
        properties.put(ContentModel.PROP_SALT, salt);
        properties.remove(ContentModel.PROP_PASSWORD);
        properties.put(ContentModel.PROP_PASSWORD, passwordEncoder.encodePassword(new String(rawPassword), salt));
        nodeService.setProperties(userRef, properties);
    }
    public NodeRef getUserOrNull(String searchUserName)
    {
        if (searchUserName == null || searchUserName.length() == 0)
        {
            return null;
        }

        SearchParameters sp = new SearchParameters();
        sp.setLanguage(SearchService.LANGUAGE_LUCENE);
        sp.setQuery("@usr\\:username:\"" + StringUtils.delete(searchUserName, "\"") + "\"");

        try
        {
            sp.addStore(tenantService.getName(searchUserName, STOREREF_USERS));
        }
        catch (AlfrescoRuntimeException e)
        {
            return null; // no such tenant or tenant not enabled
        }

        sp.excludeDataInTheCurrentTransaction(false);

        ResultSet rs = null;

        try
        {
            rs = searchService.query(sp);

            NodeRef returnRef = null;

            for (ResultSetRow row : rs)
            {

                final NodeRef nodeRef = row.getNodeRef();
                if (nodeService.exists(nodeRef))
                {
                    String realUserName = DefaultTypeConverter.INSTANCE.convert(String.class, nodeService.getProperty(nodeRef, ContentModel.PROP_USER_USERNAME));

                    if(userNameMatcher.matches(realUserName, searchUserName))
                    {
                        if (returnRef == null)
                        {
                            returnRef = nodeRef;
                        }
                        else
                        {
                            try
                            {
                                this.retryingTransactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Object>()
                                {
                                    public Object execute() throws Throwable
                                    {
                                        // Delete the extra user node references
                                        RepositoryAuthenticationDao.this.nodeService.deleteNode(nodeRef);

                                        return null;
                                    }

                                }, false, true);
                            }
                            catch (InvalidNodeRefException exception)
                            {
                                // Ignore this exception as the node has already been deleted
                            }
                        }
                    }

                }
            }

            return returnRef;
        }
        finally
        {
            if (rs != null)
            {
                rs.close();
            }
        }
    }
I think that the problem is related to :
https://issues.alfresco.com/jira/browse/ETHREEOH-3801?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs
https://issues.alfresco.com/jira/browse/ALFCOM-3278?page=com.atlassian.jira.plugin.system.issuetabpanels:changehistory-tabpanel#issue-tabs

Someone can help me?

Best,

Outcomes