[Building Sakai] Sakai Web Services Plugin (sakai-axis)
Earle Nietzel
enietzel at anisakai.com
Fri Oct 10 08:28:45 PDT 2014
Hi Shane,
You should be able to us the following methods to know whether or a user
exists given their ID or EID
getUserId(String eid) - Find the user id from a user eid
getUserEid(String id) - Find the user eid from a user id
On Thu, Oct 9, 2014 at 9:25 PM, Norton, Shane <shane.norton1 at det.nsw.edu.au>
wrote:
> Hi all,
>
> I have discovered another issue trying to provision access to accounts in
> Sakai prior to LDAP provisioning. If we have a student that completes their
> study, eventually their account is deleted in LDAP. If they then decide to
> return as a student, the student is reprovisioned with same LDAP account.
>
> Now as we have a timing issue now that can be several days lag time during
> enrolment periods between IDM and LDAP, I initially check to see if a Sakai
> account exists using
> org.sakaiproject.user.api.UserDirectoryService.getUserByEid which returns
> null and indicates there is no account. I attempt to create the account
> using org.sakaiproject.user.api.UserDirectoryService.addUser(null,
> <Username>, null , null, null, null, "registered", null); which throws
> org.sakaiproject.user.api.UserAlreadyDefinedException .
>
> What I am after is a method that will retrieve the 'user_id' from the
> 'sakai_user_id_map' table in the event the LDAP account does not exist that
> is accessible from the sakai-axis framework.
>
> So far this is the only routine I have managed to come up with which I see
> is a messy way to achieve this.
>
> public String getUserId(String sessionId, String eid) throws AxisFault{
> Connection conn = null;
> String userid=null;
> Statement stmt = null;
> ResultSet rs = null;
>
> try {
> conn = sqlService.borrowConnection();
> stmt = conn.createStatement(ResultSet.TYPE_FORWARD_ONLY,
> ResultSet.CONCUR_READ_ONLY);
> String query = "SELECT USER_ID FROM SAKAI_USER_ID_MAP
> WHERE EID='" + eid + "';";
> rs = stmt.executeQuery(query);
> while(rs.next()) {
> userid = rs.getString ("USER_ID");
> }
> } catch (Exception e) {
> return null;
> } finally {
> if (rs != null) {
> try {
> rs.close();
> } catch (SQLException e) {}
> }
>
> if (stmt != null) {
> try {
> stmt.close();
> } catch (SQLException e) {}
> }
>
> if (conn != null) {
> try {
> conn.close();
> } catch (SQLException e) {}
> }
> }
>
> return userid;
> }
>
> Any advice on a better way/more future proof way of achieving the same,
> please advise.
>
> Regards,
> Shane
>
> -----Original Message-----
> From: Norton, Shane
> Sent: Thursday, 2 October 2014 9:56 AM
> To: 'Steve Swinsburg'
> Cc: sakai-dev at collab.sakaiproject.org
> Subject: RE: [Building Sakai] Sakai Web Services Plugin (sakai-axis)
>
> Hi Steve,
>
> Many thanks for your response. I entirely agree and was expecting the
> response of fix the LDAP issue as this indicates the risk of other
> issues.... Unfortunately this is all managed outside of our organisation
> and the response has been a flat out refusal to resolve this.
>
> The "org.sakaiproject.user.api.UserDirectoryService.addUser" method seems
> to perform what I believe I am after. I am only concerned by having a null
> password passed to this method that this would allow login as an internal
> account. Potentially I could generate a uuid and set that as the password...
>
> When I started building the Apache Axis plugin (jws) we were running Sakai
> 2.8. We are now running Sakai 10 and I have noticed that there is a
> sakai-ws running Apache CXF. I would like to also know if there are any
> plans to drop Apache Axis any future Sakai versions, and if so, what
> timeframe?
>
> Regards,
> Shane
>
> **********************************************************************
> From: Steve Swinsburg [mailto:steve.swinsburg at gmail.com]
> Sent: Tuesday, 30 September 2014 10:55 PM
> To: Norton, Shane
> Cc: sakai-dev at collab.sakaiproject.org
> Subject: Re: [Building Sakai] Sakai Web Services Plugin (sakai-axis) Hi
> Shane, You are probably better off sorting out the LDAP provisioning and/or
> allow your script to be able to run as a nightly process to sync up any new
> accounts that have been found in LDAP (ie late enrolments etc). Even if the
> user has a map entry, a lookup is likely to fail since they wont be able to
> be found in LDAP which could cause other problems.
> cheers,
> Steve
>
>
> On Fri, Sep 26, 2014 at 4:37 PM, Norton, Shane <
> shane.norton1 at det.nsw.edu.au> wrote:
> Hi all,
>
> I am writing a web services plugin to make students members of sites and
> site groups. Unfortunately our Sakai instance that is bound ok to LDAP is
> getting messages prior to the LDAP account being provisioned.
>
> What I am wanting to do is to create the sakai_user_id_map entry and grant
> access to this entry prior to the LDAP user being provisioned.
>
> At this stage I am using
> org.sakaiproject.user.api.UserDirectoryService.addUser(null, <Username>,
> null , null, null, null, "registered", null);
>
> I have noticed that this creates an entry also in the sakai_user table and
> I am concerned that this may create an internal account with a null
> password.
>
> Please advise.
>
> Regards
> Shane
>
>
> **********************************************************************
> This message is intended for the addressee named and may contain
> privileged information or confidential information or both. If you
> are not the intended recipient please delete it and notify the sender.
> **********************************************************************
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>
>
> **********************************************************************
> This message is intended for the addressee named and may contain
> privileged information or confidential information or both. If you
> are not the intended recipient please delete it and notify the sender.
> **********************************************************************
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>
--
earle,
asahi net int.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20141010/13262522/attachment.html
More information about the sakai-dev
mailing list