[Building Sakai] Sakai Web Services Plugin (sakai-axis)

Earle Nietzel enietzel at anisakai.com
Fri Oct 10 08:28:45 PDT 2014 

Hi Shane,

You should be able to us the following methods to know whether or a user
exists given their ID or EID

getUserId(String eid) - Find the user id from a user eid

getUserEid(String id) - Find the user eid from a user id





On Thu, Oct 9, 2014 at 9:25 PM, Norton, Shane <shane.norton1 at det.nsw.edu.au>
wrote:

> Hi all,
>
> I have discovered another issue trying to provision access to accounts in
> Sakai prior to LDAP provisioning. If we have a student that completes their
> study, eventually their account is deleted in LDAP. If they then decide to
> return as a student, the student is reprovisioned with same LDAP account.
>
> Now as we have a timing issue now that can be several days lag time during
> enrolment periods between IDM and LDAP, I initially check to see if a Sakai
> account exists using
> org.sakaiproject.user.api.UserDirectoryService.getUserByEid which returns
> null and indicates there is no account. I attempt to create the account
> using org.sakaiproject.user.api.UserDirectoryService.addUser(null,
> <Username>, null , null, null, null, "registered", null); which throws
> org.sakaiproject.user.api.UserAlreadyDefinedException .
>
> What I am after is a method that will retrieve the 'user_id' from the
> 'sakai_user_id_map' table in the event the LDAP account does not exist that
> is accessible from the sakai-axis framework.
>
> So far this is the only routine I have managed to come up with which I see
> is a messy way to achieve this.
>
> public String getUserId(String sessionId, String eid) throws AxisFault{
>         Connection conn = null;
>         String userid=null;
>         Statement stmt = null;
>         ResultSet rs = null;
>
>         try {
>                 conn = sqlService.borrowConnection();
>                 stmt = conn.createStatement(ResultSet.TYPE_FORWARD_ONLY,
> ResultSet.CONCUR_READ_ONLY);
>                 String query = "SELECT USER_ID FROM SAKAI_USER_ID_MAP
> WHERE EID='" + eid + "';";
>                 rs = stmt.executeQuery(query);
>                 while(rs.next()) {
>                                 userid = rs.getString ("USER_ID");
>                 }
>         } catch (Exception e) {
>                 return null;
>         } finally {
>                 if (rs != null) {
>                                 try {
>                                         rs.close();
>                                 } catch (SQLException e) {}
>                 }
>
>                 if (stmt != null) {
>                                 try {
>                                         stmt.close();
>                                 } catch (SQLException e) {}
>                 }
>
>                 if (conn != null) {
>                                 try {
>                                         conn.close();
>                                 } catch (SQLException e) {}
>                 }
>         }
>
>         return userid;
> }
>
> Any advice on a better way/more future proof way of achieving the same,
> please advise.
>
> Regards,
> Shane
>
> -----Original Message-----
> From: Norton, Shane
> Sent: Thursday, 2 October 2014 9:56 AM
> To: 'Steve Swinsburg'
> Cc: sakai-dev at collab.sakaiproject.org
> Subject: RE: [Building Sakai] Sakai Web Services Plugin (sakai-axis)
>
> Hi Steve,
>
> Many thanks for your response. I entirely agree and was expecting the
> response of fix the LDAP issue as this indicates the risk of other
> issues.... Unfortunately this is all managed outside of our organisation
> and the response has been a flat out refusal to resolve this.
>
> The "org.sakaiproject.user.api.UserDirectoryService.addUser" method seems
> to perform what I believe I am after. I am only concerned by having a null
> password passed to this method that this would allow login as an internal
> account. Potentially I could generate a uuid and set that as the password...
>
> When I started building the Apache Axis plugin (jws) we were running Sakai
> 2.8. We are now running Sakai 10  and I have noticed that there is a
> sakai-ws running Apache CXF. I would like to also know if there are any
> plans to drop Apache Axis any future Sakai versions, and if so, what
> timeframe?
>
> Regards,
> Shane
>
> **********************************************************************
> From: Steve Swinsburg [mailto:steve.swinsburg at gmail.com]
> Sent: Tuesday, 30 September 2014 10:55 PM
> To: Norton, Shane
> Cc: sakai-dev at collab.sakaiproject.org
> Subject: Re: [Building Sakai] Sakai Web Services Plugin (sakai-axis) Hi
> Shane, You are probably better off sorting out the LDAP provisioning and/or
> allow your script to be able to run as a nightly process to sync up any new
> accounts that have been found in LDAP (ie late enrolments etc). Even if the
> user has a map entry, a lookup is likely to fail since they wont be able to
> be found in LDAP which could cause other problems.
> cheers,
> Steve
>
>
> On Fri, Sep 26, 2014 at 4:37 PM, Norton, Shane <
> shane.norton1 at det.nsw.edu.au> wrote:
> Hi all,
>
> I am writing a web services plugin to make students members of sites and
> site groups.  Unfortunately our Sakai instance that is bound ok to LDAP is
> getting messages prior to the LDAP account being provisioned.
>
> What I am wanting to do is to create the sakai_user_id_map entry and grant
> access to this entry prior to the LDAP user being provisioned.
>
> At this stage I am using
> org.sakaiproject.user.api.UserDirectoryService.addUser(null, <Username>,
> null , null, null, null, "registered", null);
>
> I have noticed that this creates an entry also in the sakai_user table and
> I am concerned that this may create an internal account with a null
> password.
>
> Please advise.
>
> Regards
> Shane
>
>
> **********************************************************************
> This message is intended for the addressee named and may contain
> privileged information or confidential information or both. If you
> are not the intended recipient please delete it and notify the sender.
> **********************************************************************
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>
>
> **********************************************************************
> This message is intended for the addressee named and may contain
> privileged information or confidential information or both. If you
> are not the intended recipient please delete it and notify the sender.
> **********************************************************************
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>



-- 
earle,
asahi net int.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20141010/13262522/attachment.html

More information about the sakai-dev mailing list