Refactored PKI JNDI realm.

The PKI JNDI realm has been modified to utilize the authentication
and authorization subsystems in PKI engine directly. It's no longer
necessary to define the LDAP connection settings in Tomcat's
configuration files.

Ticket #126

1 files changed, 31 insertions, 0 deletions

diff --git a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
index 0489fa30a..259173078 100644
--- a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
@@ -1225,6 +1225,37 @@ public final class UGSubsystem implements IUGSubsystem {
         return null;
     }
 
+    public Enumeration<IGroup> findGroupsByUser(String userDn) throws EUsrGrpException {
+        if (userDn == null) {
+            return null;
+        }
+
+        LDAPConnection ldapconn = null;
+
+        try {
+            String attrs[] = new String[2];
+
+            attrs[0] = "cn";
+            attrs[1] = "description";
+
+            ldapconn = getConn();
+            LDAPSearchResults res =
+                    ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB,
+                            "(&(objectclass=groupofuniquenames)(uniqueMember=" + userDn + "))",
+                            attrs, false);
+
+            return buildGroups(res);
+        } catch (LDAPException e) {
+            log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString()));
+        } catch (ELdapException e) {
+            log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString()));
+        } finally {
+            if (ldapconn != null)
+                returnConn(ldapconn);
+        }
+        return null;
+    }
+
     /**
      * builds an instance of a Group entry
      * @throws EUsrGrpException