in connectors/sharepoint/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/sharepoint/SPSProxyHelper.java [108:370]
public List<String> getAccessTokens( String site, String userLoginName )
throws ManifoldCFException
{
try
{
if ( site.compareTo("/") == 0 )
site = ""; // root case
userLoginName = mapToClaimSpace(userLoginName);
UserGroupWS userService = new UserGroupWS( baseUrl + site, userName, password, configuration, httpClient );
com.microsoft.schemas.sharepoint.soap.directory.UserGroupSoap userCall = userService.getUserGroupSoapHandler( );
com.microsoft.schemas.sharepoint.soap.directory.GetUserInfoResponseGetUserInfoResult userResp = userCall.getUserInfo( userLoginName );
org.apache.axis.message.MessageElement[] usersList = userResp.get_any();
/* Response looks like this:
<GetUserInfo xmlns="http://schemas.microsoft.com/sharepoint/soap/directory/">
<User ID="4" Sid="S-1-5-21-2127521184-1604012920-1887927527-34577" Name="User1_Display_Name"
LoginName="DOMAIN\User1_Alias" Email="User1_E-mail"
Notes="Notes" IsSiteAdmin="False" IsDomainGroup="False" />
</GetUserInfo>
*/
if (usersList.length != 1)
throw new ManifoldCFException("Bad response - expecting one outer 'GetUserInfo' node, saw "+Integer.toString(usersList.length));
if (Logging.authorityConnectors.isDebugEnabled()){
Logging.authorityConnectors.debug("SharePoint authority: getUserInfo xml response: '" + usersList[0].toString() + "'");
}
MessageElement users = usersList[0];
if (!users.getElementName().getLocalName().equals("GetUserInfo"))
throw new ManifoldCFException("Bad response - outer node should have been 'GetUserInfo' node");
String userID = null;
String userName = null;
Iterator userIter = users.getChildElements();
while (userIter.hasNext())
{
MessageElement child = (MessageElement)userIter.next();
if (child.getElementName().getLocalName().equals("User"))
{
userID = child.getAttribute("ID");
userName = child.getAttribute("LoginName");
}
}
// If userID is null, no such user
if (userID == null)
return null;
List<String> accessTokens = new ArrayList<String>();
accessTokens.add("U"+userName);
com.microsoft.schemas.sharepoint.soap.directory.GetGroupCollectionFromUserResponseGetGroupCollectionFromUserResult userGroupResp =
userCall.getGroupCollectionFromUser( userLoginName );
org.apache.axis.message.MessageElement[] groupsList = userGroupResp.get_any();
/* Response looks like this:
<GetGroupCollectionFromUser xmlns=
"http://schemas.microsoft.com/sharepoint/soap/directory/">
<Groups>
<Group ID="3" Name="Group1" Description="Description" OwnerID="1"
OwnerIsUser="False" />
<Group ID="15" Name="Group2" Description="Description"
OwnerID="12" OwnerIsUser="True" />
<Group ID="16" Name="Group3" Description="Description"
OwnerID="7" OwnerIsUser="False" />
</Groups>
</GetGroupCollectionFromUser>
*/
if (groupsList.length != 1)
throw new ManifoldCFException("Bad response - expecting one outer 'GetGroupCollectionFromUser' node, saw "+Integer.toString(groupsList.length));
if (Logging.authorityConnectors.isDebugEnabled()){
Logging.authorityConnectors.debug("SharePoint authority: getGroupCollectionFromUser xml response: '" + groupsList[0].toString() + "'");
}
MessageElement groups = groupsList[0];
if (!groups.getElementName().getLocalName().equals("GetGroupCollectionFromUser"))
throw new ManifoldCFException("Bad response - outer node should have been 'GetGroupCollectionFromUser' node");
Iterator groupsIter = groups.getChildElements();
while (groupsIter.hasNext())
{
MessageElement child = (MessageElement)groupsIter.next();
if (child.getElementName().getLocalName().equals("Groups"))
{
Iterator groupIter = child.getChildElements();
while (groupIter.hasNext())
{
MessageElement group = (MessageElement)groupIter.next();
if (group.getElementName().getLocalName().equals("Group"))
{
String groupID = group.getAttribute("ID");
String groupName = group.getAttribute("Name");
// Add to the access token list
accessTokens.add("G"+groupName);
}
}
}
}
// AxisFault is expected for case where user has no assigned roles
try
{
com.microsoft.schemas.sharepoint.soap.directory.GetRoleCollectionFromUserResponseGetRoleCollectionFromUserResult userRoleResp =
userCall.getRoleCollectionFromUser( userLoginName );
org.apache.axis.message.MessageElement[] rolesList = userRoleResp.get_any();
if (rolesList.length != 1)
throw new ManifoldCFException("Bad response - expecting one outer 'GetRoleCollectionFromUser' node, saw "+Integer.toString(rolesList.length));
if (Logging.authorityConnectors.isDebugEnabled()){
Logging.authorityConnectors.debug("SharePoint authority: getRoleCollectionFromUser xml response: '" + rolesList[0].toString() + "'");
}
// Not specified in doc and must be determined experimentally
/*
<ns1:GetRoleCollectionFromUser xmlns:ns1="http://schemas.microsoft.com/sharepoint/soap/directory/">
<ns1:Roles>
<ns1:Role ID="1073741825" Name="Limited Access" Description="Can view specific lists, document libraries, list items, folders, or documents when given permissions."
Order="160" Hidden="True" Type="Guest" BasePermissions="ViewFormPages, Open, BrowseUserInfo, UseClientIntegration, UseRemoteAPIs"/>
</ns1:Roles>
</ns1:GetRoleCollectionFromUser>'
*/
MessageElement roles = rolesList[0];
if (!roles.getElementName().getLocalName().equals("GetRoleCollectionFromUser"))
throw new ManifoldCFException("Bad response - outer node should have been 'GetRoleCollectionFromUser' node");
Iterator rolesIter = roles.getChildElements();
while (rolesIter.hasNext())
{
MessageElement child = (MessageElement)rolesIter.next();
if (child.getElementName().getLocalName().equals("Roles"))
{
Iterator roleIter = child.getChildElements();
while (roleIter.hasNext())
{
MessageElement role = (MessageElement)roleIter.next();
if (role.getElementName().getLocalName().equals("Role"))
{
String roleID = role.getAttribute("ID");
String roleName = role.getAttribute("Name");
// Add to the access token list
accessTokens.add("R"+roleName);
}
}
}
}
}
catch (org.apache.axis.AxisFault e)
{
if (e.getFaultCode().equals(new javax.xml.namespace.QName("http://schemas.xmlsoap.org/soap/envelope/","Server")))
{
org.w3c.dom.Element elem = e.lookupFaultDetail(new javax.xml.namespace.QName("http://schemas.microsoft.com/sharepoint/soap/","errorcode"));
if (elem != null)
{
elem.normalize();
String sharepointErrorCode = elem.getFirstChild().getNodeValue().trim();
if (!sharepointErrorCode.equals("0x80131600"))
throw e;
}
}
else
throw e;
}
return accessTokens;
}
catch (java.net.MalformedURLException e)
{
throw new ManifoldCFException("Bad SharePoint url: "+e.getMessage(),e);
}
catch (javax.xml.rpc.ServiceException e)
{
if (Logging.authorityConnectors.isDebugEnabled())
Logging.authorityConnectors.debug("SharePoint: Got a service exception getting the acls for site "+site,e);
throw new ManifoldCFException("Service exception: "+e.getMessage(), e);
}
catch (org.apache.axis.AxisFault e)
{
if (e.getFaultCode().equals(new javax.xml.namespace.QName("http://xml.apache.org/axis/","HTTP")))
{
org.w3c.dom.Element elem = e.lookupFaultDetail(new javax.xml.namespace.QName("http://xml.apache.org/axis/","HttpErrorCode"));
if (elem != null)
{
elem.normalize();
String httpErrorCode = elem.getFirstChild().getNodeValue().trim();
if (httpErrorCode.equals("404"))
{
// Page did not exist
if (Logging.authorityConnectors.isDebugEnabled())
Logging.authorityConnectors.debug("SharePoint: The page at "+baseUrl+site+" did not exist");
throw new ManifoldCFException("The page at "+baseUrl+site+" did not exist");
}
else if (httpErrorCode.equals("401"))
{
// User did not have permissions for this library to get the acls
if (Logging.authorityConnectors.isDebugEnabled())
Logging.authorityConnectors.debug("SharePoint: The user did not have access to the usergroups service for "+baseUrl+site);
throw new ManifoldCFException("The user did not have access to the usergroups service at "+baseUrl+site);
}
else if (httpErrorCode.equals("403"))
throw new ManifoldCFException("Http error "+httpErrorCode+" while reading from "+baseUrl+site+" - check IIS and SharePoint security settings! "+e.getMessage(),e);
else
throw new ManifoldCFException("Unexpected http error code "+httpErrorCode+" accessing SharePoint at "+baseUrl+site+": "+e.getMessage(),e);
}
throw new ManifoldCFException("Unknown http error occurred: "+e.getMessage(),e);
}
else if (e.getFaultCode().equals(new javax.xml.namespace.QName("http://schemas.xmlsoap.org/soap/envelope/","Server")))
{
org.w3c.dom.Element elem = e.lookupFaultDetail(new javax.xml.namespace.QName("http://schemas.microsoft.com/sharepoint/soap/","errorcode"));
if (elem != null)
{
elem.normalize();
String sharepointErrorCode = elem.getFirstChild().getNodeValue().trim();
if (sharepointErrorCode.equals("0x80131600"))
{
// No such user
return null;
}
if (Logging.authorityConnectors.isDebugEnabled())
{
org.w3c.dom.Element elem2 = e.lookupFaultDetail(new javax.xml.namespace.QName("http://schemas.microsoft.com/sharepoint/soap/","errorstring"));
String errorString = "";
if (elem != null)
errorString = elem2.getFirstChild().getNodeValue().trim();
Logging.authorityConnectors.debug("SharePoint: Getting usergroups in site "+site+" failed with unexpected SharePoint error code "+sharepointErrorCode+": "+errorString,e);
}
throw new ManifoldCFException("SharePoint server error code: "+sharepointErrorCode);
}
if (Logging.authorityConnectors.isDebugEnabled())
Logging.authorityConnectors.debug("SharePoint: Unknown SharePoint server error getting usergroups for site "+site+" - axis fault = "+e.getFaultCode().getLocalPart()+", detail = "+e.getFaultString(),e);
throw new ManifoldCFException("Unknown SharePoint server error: "+e.getMessage());
}
if (e.getFaultCode().equals(new javax.xml.namespace.QName("http://schemas.xmlsoap.org/soap/envelope/","Server.userException")))
{
String exceptionName = e.getFaultString();
if (exceptionName.equals("java.lang.InterruptedException"))
throw new ManifoldCFException("Interrupted",ManifoldCFException.INTERRUPTED);
}
if (Logging.authorityConnectors.isDebugEnabled())
Logging.authorityConnectors.debug("SharePoint: Got an unknown remote exception getting usergroups for "+site+" - axis fault = "+e.getFaultCode().getLocalPart()+", detail = "+e.getFaultString(),e);
throw new ManifoldCFException("Remote procedure exception: "+e.getMessage(), e);
}
catch (java.rmi.RemoteException e)
{
// We expect the axis exception to be thrown, not this generic one!
// So, fail hard if we see it.
if (Logging.authorityConnectors.isDebugEnabled())
Logging.authorityConnectors.debug("SharePoint: Got an unexpected remote exception usergroups for site "+site,e);
throw new ManifoldCFException("Unexpected remote procedure exception: "+e.getMessage(), e);
}
}