Grouper Users - Open Discussion List

[Sonia Zorba <>]

Hi Shilen,

yes, I search for an user by email and if I don't find it I create a new 
LDAP account.
I paste some simplified code for testing.

Currently I set up a workaround loop which try to retrieve the subject 
multiple times, until it becames not null.

// --------------------------------------------------------

public class User {

    private final String uid;

    private final String email;

    public User(String uid, String email) {

        this.uid = uid;

        this.email = email;

    }

    public String getUid() {

        return uid;

    }

    public String getEmail() {

        return email;

    }

}

// --------------------------------------------------------

public class Util {

    private static final Logger log = Logger.getLogger(Util.class.getName());

    private static DirContext getDirContext() throws NamingException {

        Hashtable<String, String> env = new Hashtable<>();

        env.put(Context.INITIAL_CONTEXT_FACTORY, 
"com.sun.jndi.ldap.LdapCtxFactory");

        env.put(Context.PROVIDER_URL, "ldap://localhost:389";);

        env.put(Context.SECURITY_AUTHENTICATION, "simple");

        env.put(Context.SECURITY_PRINCIPAL, "cn=Manager,dc=.....");

        env.put(Context.SECURITY_CREDENTIALS, ".....");

        return new InitialDirContext(env);

    }

    public static List<User> getUsersByEmail(String emailAddress) {

        GcGetSubjects gs = new GcGetSubjects();

        gs.assignSearchString(emailAddress);

        gs.addSubjectAttributeName("mail");

        gs.addSubjectAttributeName("uid");

        WsSubject[] subjects = gs.execute().getWsSubjects();

        if (subjects == null) {

            return null;

        }

        List<User> users = new ArrayList<>();

        for (WsSubject wsSubject : subjects) {

            String mail = wsSubject.getAttributeValue(0);

            if (emailAddress.equals(mail)) {

                String uid = wsSubject.getAttributeValue(1);

                users.add(new User(uid, mail));

            }

        }

        if (users.isEmpty()) {

            return null;

        }

        return users;

    }

    public static void createUser(String scope, User user) throws 
NamingException {

        Attributes attributes = new BasicAttributes();

        attributes.put("objectClass", "inetOrgPerson");

        attributes.put("mail", user.getEmail());

        attributes.put("uid", user.getUid());

        attributes.put("cn", "N/A");

        attributes.put("sn", "N/A");

        attributes.put("userPassword", "foo");

        getDirContext().createSubcontext("uid=" + user.getUid() + "," + 
scope, attributes);

    }

    public static List<String> getSubjectsIdsFromAttribute(String 
attributeName, String attributeValue, boolean newlyCreatedUser) {

        log.debug("Searching the id of a subject with the attribute '" + attributeName + "' 
equals to '" + attributeValue + "'");

        GcGetSubjects gs = new GcGetSubjects();

        gs.assignSearchString(attributeValue);

        gs.addSubjectAttributeName(attributeName);

        List<String> subjectsIds = new ArrayList<>();

        for (int attempt = 1; attempt <= 40; attempt++) {

            WsSubject[] subjects = gs.execute().getWsSubjects();

            if (subjects != null) {

                for (WsSubject subject : subjects) {

                    String retrievedAttribute = subject.getAttributeValue(0);

                    if (attributeValue.equals(retrievedAttribute)) {

                        subjectsIds.add(subject.getId());

                    }

                }

            }

            if (!newlyCreatedUser) {

                if (subjectsIds.isEmpty()) {

                    return null;

                }

                return subjectsIds;

            }

            if (!subjectsIds.isEmpty()) {

                return subjectsIds;

            }

            log.debug("subjectId is null, attempt #" + attempt);

            try {

                Thread.sleep(1000);

            } catch (InterruptedException ex) {

            }

        }

        if (subjectsIds.isEmpty()) {

            return null;

        }

        return subjectsIds;

    }

}


// --------------------------------------------------------

public class MainTest {

    @Test

    public void test() throws Exception {

        String email = 
"";

        boolean newlyCreated = false;

        List<User> users = Util.getUsersByEmail(email);

        if (users == null) {

            User user = new User(email, email);

            Util.createUser("ou=custom_users,dc=oats,dc=inaf,dc=it", user);

            newlyCreated = true;

            users = new ArrayList<>();

            users.add(user);

        }

        for (User user : users) {

            assertNotNull(Util.getSubjectsIdsFromAttribute("mail", 
user.getEmail(), newlyCreated));

            // Use subject id to add user into groups

        }

    }

}


Thank you for your time.

Cheers,
Sonia


On 14/09/2016 16:03, Shilen Patel wrote:
> Hi Sonia,
>
> Are you running GcGetSubjects for a user, then adding the ldap account,
> and then running GcGetSubjects again?
>
> If so, then I could see the first query doing some caching.  Although, I
> haven't been able to reproduce it.  Can you send exactly how you're doing
> that query?
>
> Thanks!
>
> - Shilen
>
> On 9/14/16, 6:07 AM, "Sonia Zorba" 
> <>
>  wrote:
>
> > Hi,
> >
> > I have an application that adds a new account to a LDAP (using
> > javax.naming classes).
> > This LDAP is a source for Grouper and, after the insertion, the
> > application try to retrieve the new account using the Grouper API
> > (GcGetSubjects).
> >
> > For about the first 30 seconds the subject is not found, after it is
> > retrieved correctly.
> >
> > I imagine there could be a kind of cache or other reasons for this delay
> > but I wasn't able to find any reference about this in the documentation.
> >
> > Can you suggest me what I should configure to speed up this process?
> >
> > Thanks,
> > Sonia