Skip to content
Browse files
[FIXED JENKINS-6648] when logged in, proactively copy information fro…
…m AD to Jenkins
  • Loading branch information
kohsuke committed Nov 4, 2011
1 parent 5c1a366 commit 46165c12e4fee0a458df64d18319175d675cd989
Showing 3 changed files with 44 additions and 20 deletions.
@@ -109,8 +109,8 @@ protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticati
true, true, true,
groups.toArray(new GrantedAuthority[groups.size()]),
usr.firstName(), usr.lastName(), usr.emailAddress(), usr.telephoneNumber().toString()
usr.fullName(), usr.emailAddress(), usr.telephoneNumber().toString()

private boolean isAccountDisabled(IADsUser usr) {
@@ -179,11 +179,10 @@ public UserDetails retrieveUser(String username, String password, String domainN

return new ActiveDirectoryUserDetail(id, password, true, true, true, true, groups.toArray(new GrantedAuthority[groups.size()]),
getStringAttribute(user, "givenName"),
getStringAttribute(user, "sn"),
getStringAttribute(user, "displayName"),
getStringAttribute(user, "mail"),
getStringAttribute(user, "telephoneNumber")
} catch (NamingException e) {
LOGGER.log(Level.WARNING, "Failed to retrieve user information for "+username, e);
throw new BadCredentialsException("Failed to retrieve user information for "+username, e);
@@ -1,45 +1,41 @@
package hudson.plugins.active_directory;

import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;

import hudson.tasks.Mailer;
import hudson.tasks.Mailer.UserProperty;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.userdetails.User;
import org.acegisecurity.userdetails.UserDetails;

* @author Kohsuke Kawaguchi
public class ActiveDirectoryUserDetail extends User {
// additional attributes from Active Directory
private final String givenName, sn, mail, telephoneNumber;
private final String displayName, mail, telephoneNumber;

public ActiveDirectoryUserDetail(String username, String password,
boolean enabled, boolean accountNonExpired,
boolean credentialsNonExpired, boolean accountNonLocked,
GrantedAuthority[] authorities,
String givenName, String sn, String mail, String telephoneNumber)
String displayName, String mail, String telephoneNumber)
throws IllegalArgumentException {
// Acegi doesn't like null password, but during remember-me processing
// we don't know the password so we need to set some dummy. See #1229
super(username, password != null ? password : "PASSWORD", enabled,
accountNonExpired, credentialsNonExpired, accountNonLocked,

this.givenName = givenName; = sn;
this.displayName = displayName;
this.mail = mail;
this.telephoneNumber = telephoneNumber;

public String getGivenName() {
return givenName;

* Surname, AKA last name.
* LDAP "sn" attribute.
public String getLastName() {
return sn;
public String getDisplayName() {
return displayName;

public String getMail() {
@@ -54,5 +50,34 @@ public static long getSerialVersionUID() {
return serialVersionUID;

* Gets the corresponding {@link hudson.model.User} object.
public hudson.model.User getJenkinsUser() {
return hudson.model.User.get(getUsername());

* Use the information to update the {@link hudson.model.User} object.
* @return this
public UserDetails updateUserInfo() {
hudson.model.User u = getJenkinsUser();
if (getDisplayName()!=null)

if (getMail()!=null)
try {
u.addProperty(new Mailer.UserProperty(getMail()));
} catch (IOException e) {
LOGGER.log(Level.WARNING,"Failed to associate the e-mail address",e);

return this;

private static final long serialVersionUID = 1L;

private static final Logger LOGGER = Logger.getLogger(ActiveDirectoryUserDetail.class.getName());

0 comments on commit 46165c1

Please sign in to comment.