public BooleanResult AuthenticatedUserGateway(SessionProperties properties)
{
m_logger.Debug("LDAP Plugin Gateway");
List <string> addedGroups = new List <string>();
LdapServer serv = properties.GetTrackedSingle <LdapServer>();
// If the server is unavailable, we go ahead and succeed anyway.
if (serv == null)
{
m_logger.ErrorFormat("AuthenticatedUserGateway: Internal error, LdapServer object not available.");
return(new BooleanResult()
{
Success = true,
Message = "LDAP server not available"
});
}
try
{
UserInformation userInfo = properties.GetTrackedSingle <UserInformation>();
string user = userInfo.Username;
List <GroupGatewayRule> rules = GroupRuleLoader.GetGatewayRules();
bool boundToServ = false;
foreach (GroupGatewayRule rule in rules)
{
bool inGroup = false;
// Don't need to check for group membership if the rule is to be always applied.
if (rule.RuleCondition != GroupRule.Condition.ALWAYS)
{
// If we haven't bound to server yet, do so.
if (!boundToServ)
{
serv.BindForSearch();
boundToServ = true;
}
inGroup = serv.MemberOfGroup(user, rule.Group);
m_logger.DebugFormat("User {0} {1} member of group {2}", user, inGroup ? "is" : "is not",
rule.Group);
}
if (rule.RuleMatch(inGroup))
{
m_logger.InfoFormat("Adding user {0} to local group {1}, due to rule \"{2}\"",
user, rule.LocalGroup, rule.ToString());
addedGroups.Add(rule.LocalGroup);
userInfo.AddGroup(new GroupInformation()
{
Name = rule.LocalGroup
});
}
}
}
catch (Exception e)
{
m_logger.ErrorFormat("Error during gateway: {0}", e);
// Error does not cause failure
return(new BooleanResult()
{
Success = true, Message = e.Message
});
}
string message = "";
if (addedGroups.Count > 0)
{
message = string.Format("Added to groups: {0}", string.Join(", ", addedGroups));
}
else
{
message = "No groups added.";
}
return(new BooleanResult()
{
Success = true, Message = message
});
}