import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
public class AddUserToGroup
{
public static void main( String[] args )
{
if (args.length != 5) {
usage();
}
String hostURL = args[0];
String loginDN = args[1];
String password = args[2];
String userDN = args[3];
String groupDN = args[4];
boolean status = false;
try {
Hashtable env = new Hashtable(5, 0.75f);
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, hostURL);
env.put( Context.SECURITY_PRINCIPAL, loginDN );
env.put( Context.SECURITY_CREDENTIALS, password );
DirContext ctx = new InitialDirContext (env);
status = addUserToGroup( ctx, userDN, groupDN );
if ( status )
System.out.println(
"\n\tUser: " + userDN +
" was enrolled in group: " + groupDN);
else
System.out.println( "\n\tUser: " + userDN +
" could not be enrolled in group: " + groupDN);
}
catch( NamingException e ) {
System.out.println("\n\tAddUserToGroup example succeeded." );
e.printStackTrace();
}
finally {
System.exit(0);
}
}
public static void usage() {
System.err.println("\n Usage: java AddUserToGroup <host URL> "
+ "<login dn> <password>\n <user dn > <group dn>\n");
System.err.println(" Example: java AddUserToGroup ldap://Acme.com:389"
+ " \"cn=Admin,o=Acme\" secret\n \"cn=James,ou=Sales,"
+ "o=Acme\" \"cn=salesGroup,ou=Sales,o=Acme\"\n");
System.exit(1);
}
public static boolean addUserToGroup( DirContext ctx,
String userdn,
String groupdn ) {
ModificationItem[] modGroup = new ModificationItem[2];
ModificationItem[] modUser = new ModificationItem[2];
BasicAttribute membership=new BasicAttribute("groupMembership",groupdn);
modUser[0] =new ModificationItem( DirContext.ADD_ATTRIBUTE, membership);
BasicAttribute security = new BasicAttribute("securityEquals",groupdn);
modUser[1] = new ModificationItem( DirContext.ADD_ATTRIBUTE, security);
BasicAttribute member = new BasicAttribute("uniqueMember", userdn);
modGroup[0] = new ModificationItem( DirContext.ADD_ATTRIBUTE, member);
BasicAttribute equivalent= new BasicAttribute("equivalentToMe", userdn);
modGroup[1]=new ModificationItem( DirContext.ADD_ATTRIBUTE, equivalent);
try {
ctx.modifyAttributes( userdn, modUser);
System.out.println("\n\tModified the user's attribute.");
}
catch( NamingException e ) {
System.out.println(
"\n\tFailed to modify user's attributes: \n" + e.toString() );
e.printStackTrace();
return false;
}
try {
ctx.modifyAttributes( groupdn, modGroup);
System.out.println("\n\tModified the group's attribute.");
}
catch( NamingException e ) {
System.out.println(
"Failed to modify group's attributes: \n" + e.toString() );
doCleanup( ctx, userdn, groupdn );
e.printStackTrace();
return false;
}
return true;
}
public static void doCleanup( DirContext ctx,
String userdn, String groupdn ) {
ModificationItem[] modUser = new ModificationItem[2];
BasicAttribute membership=new BasicAttribute("groupMembership",groupdn);
modUser[0]=new ModificationItem(DirContext.REMOVE_ATTRIBUTE,membership);
BasicAttribute security = new BasicAttribute("securityEquals",groupdn);
modUser[1]=new ModificationItem( DirContext.REMOVE_ATTRIBUTE, security);
try {
ctx.modifyAttributes( userdn, modUser);
System.out.println("Deleted the modified user's attribute values");
}
catch( NamingException e ) {
System.out.println(
"Could not delete modified user's attributes:" + e.toString());
e.printStackTrace();
}
}
}