AnsweredAssumed Answered

Override LDAPUserRegistry Failed

Question asked by smilehahohi on May 8, 2012
Latest reply on May 4, 2016 by archimadhu86@gmail.com
Hi All,

I was trying to co-operate alfresco with LDAP-AD to implement the authentication and authorization.
Currently I successfully use ldap-ad to implement the authentication, the ldap user can login, but I can't synchronize the user and group into the alfresco system, the reason is that our LDAP-AD server doesn't support "queryBatchSize" feature, so I set the "queryBatchSize=0", as a result the server always return 3000 result when the synchronization is triggered, finally the synchronization failed.

Actually I wish the synchronization only happened when user login, and only export the current user from LDAP, but I found that there is no way to put a placeholder into the property "ldap.synchronization.personQuery", and use the user login name to replace the placeholder at the running time.

I have looked into the java class "org.alfresco.repo.security.sync.ldap.LDAPUserRegistry", then I decided to override the function
public void setPersonQuery(String personQuery)
    {
        this.personQuery = personQuery;
    }

  
    public void setPersonDifferentialQuery(String personDifferentialQuery)
    {
        this.personDifferentialQuery = personDifferentialQuery;
    }

to make the "personQuery" like "(&(objectclass\=user)(uid\=currentUser))".

I have create a custom java class in package "org.xxx.custom.ldap" as below:

public class LDAPUserRegistryCustom extends LDAPUserRegistry {
       public void setPersonQuery(String personQuery)
    {
        //custom code
    }

  
    public void setPersonDifferentialQuery(String personDifferentialQuery)
    {
        //custom code
    }
}

Then I package this class into a jar, and put it into the [TOMCAT_HOME]/shared/lib.

I also create a custom-context.xml file under the path "[TOMCAT_HOME]/shared/classes/alfresco/extension/subsystems/Authentication/ldap-ad/ldap1/custom-context.xml", the content is as below:

<beans>
<bean id="userRegistry" class="org.xxx.custom.ldap.LDAPUserRegistryCustom">
        <property name="active">
            <value>${ldap.synchronization.active}</value>
        </property>

        <!–
        If positive, this property indicates that RFC 2696 paged results should be
        used to split q
        …………..
</bean>
</beans>

After I re-start the server, I got the "org.alfresco.repo.security.sync.ldap.LDAPUserRegistry" class not found error, it seems like the alfresco class is not loaded into the child application context after I have overrided the spring bean file.

Could somebody tell me how should I override this java class in the subsystem?  I also tried to package this class into a AMP, and deploy it into the alfresco.war, still failed… :cry:

Outcomes