AC2: Implement whoami entry.

f8e1a0fe · Dustin Jenkins · 5032c231 · f8e1a0fe · f8e1a0fe · f8e1a0fe
Commit f8e1a0fe authored 9 years ago by Dustin Jenkins
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/UserPersistence.java
@@ -73,10 +73,7 @@ import java.security.Principal;
 import java.util.Collection;
 import java.util.Map;
-import ca.nrc.cadc.ac.User;
+import ca.nrc.cadc.ac.*;
-import ca.nrc.cadc.ac.UserAlreadyExistsException;
-import ca.nrc.cadc.ac.UserNotFoundException;
-import ca.nrc.cadc.ac.UserRequest;
 import ca.nrc.cadc.net.TransientException;
 import com.unboundid.ldap.sdk.DN;
@@ -91,7 +88,7 @@ public interface UserPersistence<T extends Principal>
     * @throws TransientException If an temporary, unexpected problem occurred.
     * @throws AccessControlException If the operation is not permitted.
     */
-    Map<String, String> getUsers()
+    Map<String, PersonalDetails> getUsers()
            throws TransientException, AccessControlException;
    /**

--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
@@ -424,15 +424,16 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
     * @return A map of string keys to string values.
     * @throws TransientException If an temporary, unexpected problem occurred.
     */
-    public Map<String, String> getUsers()
+    public Map<String, PersonalDetails> getUsers()
            throws TransientException
    {
-        final Map<String, String> users = new HashMap<String, String>();
+        final Map<String, PersonalDetails> users =
+                new HashMap<String, PersonalDetails>();
        try
        {
-            final Filter filter = Filter.createPresenceFilter(LDAP_COMMON_NAME);
+            final Filter filter = Filter.createPresenceFilter(LDAP_UID);
-            final String[] attributes = new String[]{LDAP_COMMON_NAME,
+            final String[] attributes = new String[]{LDAP_UID,
                                                     LDAP_FIRST_NAME,
                                                     LDAP_LAST_NAME,
                                                     LDAP_NSACCOUNTLOCK};
@@ -450,10 +451,16 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
                {
                    if (!next.hasAttribute(LDAP_NSACCOUNTLOCK))
                    {
-                        users.put(next.getAttributeValue(LDAP_COMMON_NAME),
+                        final String trimmedFirstName =
-                                  next.getAttributeValue(LDAP_FIRST_NAME)
+                                next.getAttributeValue(LDAP_FIRST_NAME).trim();
-                                  + " "
+                        final String trimmedLastName =
-                                  + next.getAttributeValue(LDAP_LAST_NAME));
+                                next.getAttributeValue(LDAP_LAST_NAME).trim();
+                        final String trimmedUID =
+                                next.getAttributeValue(LDAP_UID).trim();
+                        users.put(trimmedUID,
+                                  new PersonalDetails(trimmedFirstName,
+                                                      trimmedLastName));
                    }
                }
            }

--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserPersistence.java
@@ -68,10 +68,7 @@
 */
 package ca.nrc.cadc.ac.server.ldap;
-import ca.nrc.cadc.ac.User;
+import ca.nrc.cadc.ac.*;
-import ca.nrc.cadc.ac.UserAlreadyExistsException;
-import ca.nrc.cadc.ac.UserNotFoundException;
-import ca.nrc.cadc.ac.UserRequest;
 import ca.nrc.cadc.ac.server.UserPersistence;
 import ca.nrc.cadc.net.TransientException;
 import com.unboundid.ldap.sdk.DN;
@@ -100,7 +97,7 @@ public class LdapUserPersistence<T extends Principal>
        }
    }
-    public Map<String, String> getUsers()
+    public Map<String, PersonalDetails> getUsers()
        throws TransientException, AccessControlException
    {
        LdapUserDAO<T> userDAO = null;

--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UsersAction.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UsersAction.java
@@ -80,6 +80,7 @@ import java.util.Map;
 import javax.security.auth.Subject;
 import javax.servlet.http.HttpServletResponse;
+import ca.nrc.cadc.ac.PersonalDetails;
 import ca.nrc.cadc.ac.User;
 import ca.nrc.cadc.ac.UserRequest;
 import org.apache.log4j.Logger;
@@ -278,7 +279,7 @@ public abstract class UsersAction
     *
     * @param users         The Map of user IDs to names.
     */
-    protected final void writeUsers(final Map<String, String> users)
+    protected final void writeUsers(final Map<String, PersonalDetails> users)
            throws IOException
    {
        response.setContentType(acceptedContentType);

--- a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/users/GetUsersActionTest.java
+++ b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/users/GetUsersActionTest.java
@@ -69,6 +69,7 @@
 package ca.nrc.cadc.ac.server.web.users;
+import ca.nrc.cadc.ac.PersonalDetails;
 import ca.nrc.cadc.ac.server.UserPersistence;
 import ca.nrc.cadc.auth.HttpPrincipal;
 import org.apache.log4j.Level;
@@ -112,11 +113,13 @@ public class GetUsersActionTest
                createMock(HttpServletResponse.class);
        final UserPersistence<HttpPrincipal> mockUserPersistence =
                createMock(UserPersistence.class);
-        final Map<String, String> userEntries = new HashMap<String, String>();
+        final Map<String, PersonalDetails> userEntries =
+                new HashMap<String, PersonalDetails>();
        for (int i = 1; i <= 5; i++)
        {
-            userEntries.put("USER_" + i, "USER " + i);
+            userEntries.put("USER_" + i,
+                            new PersonalDetails("USER", Integer.toString(i)));
        }
        final GetUsersAction testSubject = new GetUsersAction(null)
@@ -143,7 +146,7 @@ public class GetUsersActionTest
        testSubject.doAction(null, mockResponse);
        final JSONArray expected =
-                new JSONArray("[{\"id\":\"USER_1\",\"name\":\"USER 1\"},{\"id\":\"USER_3\",\"name\":\"USER 3\"},{\"id\":\"USER_2\",\"name\":\"USER 2\"},{\"id\":\"USER_4\",\"name\":\"USER 4\"},{\"id\":\"USER_5\",\"name\":\"USER 5\"}]");
+                new JSONArray("[{\"id\":\"USER_1\",\"firstName\":\"USER\",\"lastName\":\"1\"},{\"id\":\"USER_3\",\"firstName\":\"USER\",\"lastName\":\"3\"},{\"id\":\"USER_2\",\"firstName\":\"USER\",\"lastName\":\"2\"},{\"id\":\"USER_4\",\"firstName\":\"USER\",\"lastName\":\"4\"},{\"id\":\"USER_5\",\"firstName\":\"USER\",\"lastName\":\"5\"}]");
        final JSONArray result = new JSONArray(writer.toString());
        JSONAssert.assertEquals(expected, result, true);
@@ -158,11 +161,13 @@ public class GetUsersActionTest
                createMock(HttpServletResponse.class);
        final UserPersistence<HttpPrincipal> mockUserPersistence =
                createMock(UserPersistence.class);
-        final Map<String, String> userEntries = new HashMap<String, String>();
+        final Map<String, PersonalDetails> userEntries =
+                new HashMap<String, PersonalDetails>();
        for (int i = 1; i <= 5; i++)
        {
-            userEntries.put("USER_" + i, "USER " + i);
+            userEntries.put("USER_" + i,
+                            new PersonalDetails("USER", Integer.toString(i)));
        }
        final GetUsersAction testSubject = new GetUsersAction(null)
@@ -189,19 +194,24 @@ public class GetUsersActionTest
        final String expected = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n" +
                                "<users>\r\n" +
                                "  <user id=\"USER_1\">\r\n" +
-                                "    <name>USER 1</name>\r\n" +
+                                "    <firstName>USER</firstName>\r\n" +
+                                "    <lastName>1</lastName>\r\n" +
                                "  </user>\r\n" +
                                "  <user id=\"USER_3\">\r\n" +
-                                "    <name>USER 3</name>\r\n" +
+                                "    <firstName>USER</firstName>\r\n" +
+                                "    <lastName>3</lastName>\r\n" +
                                "  </user>\r\n" +
                                "  <user id=\"USER_2\">\r\n" +
-                                "    <name>USER 2</name>\r\n" +
+                                "    <firstName>USER</firstName>\r\n" +
+                                "    <lastName>2</lastName>\r\n" +
                                "  </user>\r\n" +
                                "  <user id=\"USER_4\">\r\n" +
-                                "    <name>USER 4</name>\r\n" +
+                                "    <firstName>USER</firstName>\r\n" +
+                                "    <lastName>4</lastName>\r\n" +
                                "  </user>\r\n" +
                                "  <user id=\"USER_5\">\r\n" +
-                                "    <name>USER 5</name>\r\n" +
+                                "    <firstName>USER</firstName>\r\n" +
+                                "    <lastName>5</lastName>\r\n" +
                                "  </user>\r\n" +
                                "</users>\r\n";
        final String result = writer.toString();

--- a/projects/cadcAccessControl/src/ca/nrc/cadc/ac/client/GMSClient.java
+++ b/projects/cadcAccessControl/src/ca/nrc/cadc/ac/client/GMSClient.java
@@ -68,12 +68,7 @@
 */
 package ca.nrc.cadc.ac.client;
-import java.io.BufferedReader;
+import java.io.*;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
 import java.net.HttpURLConnection;
 import java.net.MalformedURLException;
 import java.net.URL;
@@ -93,16 +88,14 @@ import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLSocketFactory;
 import javax.security.auth.Subject;
+import ca.nrc.cadc.ac.*;
+import ca.nrc.cadc.auth.HttpPrincipal;
+import ca.nrc.cadc.util.StringUtil;
 import org.apache.log4j.Logger;
-import ca.nrc.cadc.ac.Group;
-import ca.nrc.cadc.ac.GroupAlreadyExistsException;
-import ca.nrc.cadc.ac.GroupNotFoundException;
 import ca.nrc.cadc.ac.xml.GroupReader;
 import ca.nrc.cadc.ac.xml.GroupWriter;
 import ca.nrc.cadc.ac.xml.GroupsReader;
-import ca.nrc.cadc.ac.Role;
-import ca.nrc.cadc.ac.UserNotFoundException;
 import ca.nrc.cadc.auth.AuthenticationUtil;
 import ca.nrc.cadc.auth.SSLUtil;
 import ca.nrc.cadc.net.HttpDownload;
@@ -110,6 +103,7 @@ import ca.nrc.cadc.net.HttpPost;
 import ca.nrc.cadc.net.HttpUpload;
 import ca.nrc.cadc.net.InputStreamWrapper;
 import ca.nrc.cadc.net.NetUtil;
+import org.json.JSONObject;
 /**
@@ -132,7 +126,7 @@ public class GMSClient
     * @param baseURL The URL of the supporting access control web service
     *                obtained from the registry.
     */
-    public GMSClient(String baseURL)
+    public GMSClient(final String baseURL)
            throws IllegalArgumentException
    {
        if (baseURL == null)
@@ -169,6 +163,63 @@ public class GMSClient
        throw new UnsupportedOperationException("Not yet implemented");
    }
+    /**
+     * Obtain all of the users as userID - name in JSON format.
+     *
+     * @return List of HTTP Principal users.
+     * @throws IOException Any errors in reading.
+     */
+    public List<User<HttpPrincipal>> getDisplayUsers() throws IOException
+    {
+        final List<User<HttpPrincipal>> webUsers =
+                new ArrayList<User<HttpPrincipal>>();
+        final HttpDownload httpDownload =
+                createDisplayUsersHTTPDownload(webUsers);
+        httpDownload.setRequestProperty("Accept", "application/json");
+        httpDownload.run();
+        final Throwable error = httpDownload.getThrowable();
+        if (error != null)
+        {
+            final String errMessage = error.getMessage();
+            final int responseCode = httpDownload.getResponseCode();
+            log.debug("getDisplayUsers response " + responseCode + ": " +
+                      errMessage);
+            if ((responseCode == 401) || (responseCode == 403) ||
+                (responseCode == -1))
+            {
+                throw new AccessControlException(errMessage);
+            }
+            else if (responseCode == 400)
+            {
+                throw new IllegalArgumentException(errMessage);
+            }
+            throw new IOException("HttpResponse (" + responseCode + ") - "
+                                  + errMessage);
+        }
+        log.debug("Content-Length: " + httpDownload.getContentLength());
+        log.debug("Content-Type: " + httpDownload.getContentType());
+        return webUsers;
+    }
+    HttpDownload createDisplayUsersHTTPDownload(
+            final List<User<HttpPrincipal>> webUsers) throws IOException
+    {
+        final URL usersListURL = new URL(this.baseURL + "/users");
+        return new HttpDownload(usersListURL,
+                                new JSONUserListInputStreamWrapper(webUsers));
+    }
    /**
     * Create a new group.
     *
@@ -264,7 +315,8 @@ public class GMSClient
        Throwable error = transfer.getThrowable();
        if (error != null)
        {
-            log.debug("getGroup throwable (" + transfer.getResponseCode() + ")", error);
+            log.debug("getGroup throwable (" + transfer
+                    .getResponseCode() + ")", error);
            // transfer returns a -1 code for anonymous access.
            if ((transfer.getResponseCode() == -1) ||
                (transfer.getResponseCode() == 401) ||
@@ -314,14 +366,16 @@ public class GMSClient
                new HttpDownload(getGroupNamesURL, new InputStreamWrapper()
                {
                    @Override
-            public void read(final InputStream inputStream) throws IOException
+                    public void read(final InputStream inputStream) throws
+                                                                    IOException
                    {
                        try
                        {
                            InputStreamReader inReader = new InputStreamReader(inputStream);
                            BufferedReader reader = new BufferedReader(inReader);
                            String line;
-                    while ((line = reader.readLine()) != null) {
+                            while ((line = reader.readLine()) != null)
+                            {
                                groupNames.add(line);
                            }
                        }
@@ -376,7 +430,8 @@ public class GMSClient
     * @throws java.io.IOException
     */
    public Group updateGroup(Group group)
-        throws IllegalArgumentException, GroupNotFoundException, UserNotFoundException,
+            throws IllegalArgumentException, GroupNotFoundException,
+                   UserNotFoundException,
                   AccessControlException, IOException
    {
        URL updateGroupURL = new URL(this.baseURL + "/groups/" + group.getID());
@@ -410,11 +465,16 @@ public class GMSClient
            }
            if (transfer.getResponseCode() == 404)
            {
-                if (error.getMessage() != null && error.getMessage().toLowerCase().contains("user"))
+                if (error.getMessage() != null && error.getMessage()
+                        .toLowerCase().contains("user"))
+                {
                    throw new UserNotFoundException(error.getMessage());
+                }
                else
+                {
                    throw new GroupNotFoundException(error.getMessage());
                }
+            }
            throw new IOException(error);
        }
@@ -556,7 +616,8 @@ public class GMSClient
     * @throws AccessControlException If unauthorized to perform this operation.
     */
    public void addUserMember(String targetGroupName, Principal userID)
-        throws GroupNotFoundException, UserNotFoundException, AccessControlException, IOException
+            throws GroupNotFoundException, UserNotFoundException,
+                   AccessControlException, IOException
    {
        String userIDType = AuthenticationUtil.getPrincipalType(userID);
        String encodedUserID = URLEncoder.encode(userID.getName(), "UTF-8");
@@ -593,11 +654,16 @@ public class GMSClient
            }
            if (responseCode == 404)
            {
-                if (errMessage != null && errMessage.toLowerCase().contains("user"))
+                if (errMessage != null && errMessage.toLowerCase()
+                        .contains("user"))
+                {
                    throw new UserNotFoundException(errMessage);
+                }
                else
+                {
                    throw new GroupNotFoundException(errMessage);
                }
+            }
            throw new IOException(errMessage);
        }
    }
@@ -641,7 +707,9 @@ public class GMSClient
        {
            responseCode = conn.getResponseCode();
        }
-        catch (Exception ignore) {}
+        catch (Exception ignore)
+        {
+        }
        if (responseCode != 200)
        {
@@ -678,7 +746,8 @@ public class GMSClient
     * @throws AccessControlException If unauthorized to perform this operation.
     */
    public void removeUserMember(String targetGroupName, Principal userID)
-        throws GroupNotFoundException, UserNotFoundException, AccessControlException, IOException
+            throws GroupNotFoundException, UserNotFoundException,
+                   AccessControlException, IOException
    {
        String userIDType = AuthenticationUtil.getPrincipalType(userID);
        String encodedUserID = URLEncoder.encode(userID.toString(), "UTF-8");
@@ -710,7 +779,9 @@ public class GMSClient
        {
            responseCode = conn.getResponseCode();
        }
-        catch (Exception ignore) {}
+        catch (Exception ignore)
+        {
+        }
        if (responseCode != 200)
        {
@@ -730,11 +801,16 @@ public class GMSClient
            }
            if (responseCode == 404)
            {
-                if (errMessage != null && errMessage.toLowerCase().contains("user"))
+                if (errMessage != null && errMessage.toLowerCase()
+                        .contains("user"))
+                {
                    throw new UserNotFoundException(errMessage);
+                }
                else
+                {
                    throw new GroupNotFoundException(errMessage);
                }
+            }
            throw new IOException(errMessage);
        }
    }
@@ -826,7 +902,7 @@ public class GMSClient
     * Return the group, specified by paramter groupName, if the user,
     * identified by userID, is a member of that group.  Return null
     * otherwise.
-     * 
+     * <p/>
     * This call is identical to getMemberShip(userID, groupName, Role.MEMBER)
     *
     * @param userID    Identifies the user.
@@ -951,7 +1027,7 @@ public class GMSClient
    /**
     * Check if userID is a member of groupName.
-     * 
+     * <p/>
     * This is equivalent to isMember(userID, groupName, Role.MEMBER)
     *
     * @param userID    Identifies the user.
@@ -993,13 +1069,16 @@ public class GMSClient
    public void setSSLSocketFactory(SSLSocketFactory sslSocketFactory)
    {
        if (mySocketFactory != null)
+        {
            throw new IllegalStateException("Illegal use of GMSClient: "
                                            + "cannot set SSLSocketFactory after using one created from Subject");
+        }
        this.sslSocketFactory = sslSocketFactory;
        clearCache();
    }
    private int subjectHashCode = 0;
    private SSLSocketFactory getSSLSocketFactory()
    {
        AccessControlContext ac = AccessController.getContext();
@@ -1022,10 +1101,13 @@ public class GMSClient
        {
            int c = s.hashCode();
            if (c != subjectHashCode)
+            {
                throw new IllegalStateException("Illegal use of "
-                        + this.getClass().getSimpleName()
+                                                + this.getClass()
+                                                        .getSimpleName()
                                                + ": subject change not supported for internal SSLSocketFactory");
            }
+        }
        return this.mySocketFactory;
    }
@@ -1049,12 +1131,14 @@ public class GMSClient
        // only consult cache if the userID is of the calling subject
        if (userIsSubject(userID, subject))
        {
-            Set groupCredentialSet = subject.getPrivateCredentials(GroupMemberships.class);
+            Set groupCredentialSet = subject
+                    .getPrivateCredentials(GroupMemberships.class);
            if ((groupCredentialSet != null) &&
                (groupCredentialSet.size() == 1))
            {
                Iterator i = groupCredentialSet.iterator();
-                GroupMemberships groupMemberships = ((GroupMemberships) i.next());
+                GroupMemberships groupMemberships = ((GroupMemberships) i
+                        .next());
                return groupMemberships.memberships.get(role);
            }
        }
@@ -1072,7 +1156,8 @@ public class GMSClient
            log.debug("Caching groups for " + userID + ", role " + role);
            final GroupMemberships groupCredentials;
-            Set groupCredentialSet = subject.getPrivateCredentials(GroupMemberships.class);
+            Set groupCredentialSet = subject
+                    .getPrivateCredentials(GroupMemberships.class);
            if ((groupCredentialSet != null) &&
                (groupCredentialSet.size() == 1))
            {

--- a/projects/cadcAccessControl/src/ca/nrc/cadc/ac/client/JSONUserListInputStreamWrapper.java
+++ b/projects/cadcAccessControl/src/ca/nrc/cadc/ac/client/JSONUserListInputStreamWrapper.java
+/*
+ ************************************************************************
+ *******************  CANADIAN ASTRONOMY DATA CENTRE  *******************
+ **************  CENTRE CANADIEN DE DONNÉES ASTRONOMIQUES  **************
+ *
+ *  (c) 2015.                            (c) 2015.
+ *  Government of Canada                 Gouvernement du Canada
+ *  National Research Council            Conseil national de recherches
+ *  Ottawa, Canada, K1A 0R6              Ottawa, Canada, K1A 0R6
+ *  All rights reserved                  Tous droits réservés
+ *
+ *  NRC disclaims any warranties,        Le CNRC dénie toute garantie
+ *  expressed, implied, or               énoncée, implicite ou légale,
+ *  statutory, of any kind with          de quelque nature que ce
+ *  respect to the software,             soit, concernant le logiciel,
+ *  including without limitation         y compris sans restriction
+ *  any warranty of merchantability      toute garantie de valeur
+ *  or fitness for a particular          marchande ou de pertinence
+ *  purpose. NRC shall not be            pour un usage particulier.
+ *  liable in any event for any          Le CNRC ne pourra en aucun cas
+ *  damages, whether direct or           être tenu responsable de tout
+ *  indirect, special or general,        dommage, direct ou indirect,
+ *  consequential or incidental,         particulier ou général,
+ *  arising from the use of the          accessoire ou fortuit, résultant
+ *  software.  Neither the name          de l'utilisation du logiciel. Ni
+ *  of the National Research             le nom du Conseil National de
+ *  Council of Canada nor the            Recherches du Canada ni les noms
+ *  names of its contributors may        de ses  participants ne peuvent
+ *  be used to endorse or promote        être utilisés pour approuver ou
+ *  products derived from this           promouvoir les produits dérivés
+ *  software without specific prior      de ce logiciel sans autorisation
+ *  written permission.                  préalable et particulière
+ *                                       par écrit.
+ *
+ *  This file is part of the             Ce fichier fait partie du projet
+ *  OpenCADC project.                    OpenCADC.
+ *
+ *  OpenCADC is free software:           OpenCADC est un logiciel libre ;
+ *  you can redistribute it and/or       vous pouvez le redistribuer ou le
+ *  modify it under the terms of         modifier suivant les termes de
+ *  the GNU Affero General Public        la “GNU Affero General Public
+ *  License as published by the          License” telle que publiée
+ *  Free Software Foundation,            par la Free Software Foundation
+ *  either version 3 of the              : soit la version 3 de cette
+ *  License, or (at your option)         licence, soit (à votre gré)
+ *  any later version.                   toute version ultérieure.
+ *
+ *  OpenCADC is distributed in the       OpenCADC est distribué
+ *  hope that it will be useful,         dans l’espoir qu’il vous
+ *  but WITHOUT ANY WARRANTY;            sera utile, mais SANS AUCUNE
+ *  without even the implied             GARANTIE : sans même la garantie
+ *  warranty of MERCHANTABILITY          implicite de COMMERCIALISABILITÉ
+ *  or FITNESS FOR A PARTICULAR          ni d’ADÉQUATION À UN OBJECTIF
+ *  PURPOSE.  See the GNU Affero         PARTICULIER. Consultez la Licence
+ *  General Public License for           Générale Publique GNU Affero
+ *  more details.                        pour plus de détails.
+ *
+ *  You should have received             Vous devriez avoir reçu une
+ *  a copy of the GNU Affero             copie de la Licence Générale
+ *  General Public License along         Publique GNU Affero avec
+ *  with OpenCADC.  If not, see          OpenCADC ; si ce n’est
+ *  <http://www.gnu.org/licenses/>.      pas le cas, consultez :
+ *                                       <http://www.gnu.org/licenses/>.
+ *
+ *
+ ************************************************************************
+ */
+package ca.nrc.cadc.ac.client;
+import ca.nrc.cadc.ac.PersonalDetails;
+import ca.nrc.cadc.ac.User;
+import ca.nrc.cadc.auth.HttpPrincipal;
+import ca.nrc.cadc.net.InputStreamWrapper;
+import ca.nrc.cadc.util.StringUtil;
+import org.apache.log4j.Logger;
+import org.json.JSONObject;
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.util.List;
+public class JSONUserListInputStreamWrapper implements InputStreamWrapper
+{
+    private static final Logger LOGGER = Logger
+            .getLogger(JSONUserListInputStreamWrapper.class);
+    private final List<User<HttpPrincipal>> output;
+    public JSONUserListInputStreamWrapper(
+            final List<User<HttpPrincipal>> output)
+    {
+        this.output = output;
+    }
+    /**
+     * Read the stream in.
+     *
+     * @param inputStream The stream to read from.
+     * @throws IOException Any reading exceptions.
+     */
+    @Override
+    public void read(final InputStream inputStream) throws IOException
+    {
+        String line = null;
+        try
+        {
+            final InputStreamReader inReader =
+                    new InputStreamReader(inputStream);
+            final BufferedReader reader = new BufferedReader(inReader);
+            while (StringUtil.hasText(line = reader.readLine()))
+            {
+                // Deal with arrays stuff.
+                while (line.startsWith("[") || line.startsWith(","))
+                {
+                    line = line.substring(1);
+                }
+                while (line.endsWith("]") || line.endsWith(","))
+                {
+                    line = line.substring(0, (line.length() - 1));
+                }
+                if (StringUtil.hasText(line))
+                {
+                    LOGGER.debug(String.format("Reading: %s", line));
+                    final JSONObject jsonObject = new JSONObject(line);
+                    final User<HttpPrincipal> webUser =
+                            new User<HttpPrincipal>(
+                                    new HttpPrincipal(jsonObject
+                                                              .getString("id")));
+                    final String firstName = jsonObject.getString("firstName");
+                    final String lastName = jsonObject.getString("lastName");
+                    webUser.details
+                            .add(new PersonalDetails(firstName, lastName));
+                    output.add(webUser);
+                }
+            }
+        }
+        catch (Exception bug)
+        {
+            throw new IOException(bug + (StringUtil.hasText(line)
+                                         ? "Error line is " + line : ""));
+        }
+    }
+}
--- a/projects/cadcAccessControl/src/ca/nrc/cadc/ac/json/UsersWriter.java
+++ b/projects/cadcAccessControl/src/ca/nrc/cadc/ac/json/UsersWriter.java
@@ -68,6 +68,7 @@
 package ca.nrc.cadc.ac.json;
+import ca.nrc.cadc.ac.PersonalDetails;
 import org.json.JSONException;
 import org.json.JSONWriter;
@@ -81,7 +82,7 @@ import java.util.Map;
 */
 public class UsersWriter
 {
-    public static void write(final Map<String, String> users,
+    public static void write(final Map<String, PersonalDetails> users,
                             final Writer writer) throws IOException
    {
        final JSONWriter jsonWriter = new JSONWriter(writer);
@@ -90,14 +91,19 @@ public class UsersWriter
        {
            jsonWriter.array();
-            for (final Map.Entry<String, String> entry : users.entrySet())
+            for (final Map.Entry<String, PersonalDetails> entry
+                    : users.entrySet())
            {
                jsonWriter.object();
                jsonWriter.key("id").value(entry.getKey());
-                jsonWriter.key("name").value(entry.getValue());
+                jsonWriter.key("firstName").value(entry.getValue().
+                        getFirstName());
+                jsonWriter.key("lastName").value(entry.getValue().
+                        getLastName());
                jsonWriter.endObject();
+                writer.write("\n");
            }
        }
        catch (JSONException e)
@@ -112,7 +118,7 @@ public class UsersWriter
            }
            catch (JSONException e)
            {
-                throw new IOException(e);
+                // Do nothing.
            }
        }
    }

--- a/projects/cadcAccessControl/src/ca/nrc/cadc/ac/xml/UsersWriter.java
+++ b/projects/cadcAccessControl/src/ca/nrc/cadc/ac/xml/UsersWriter.java
@@ -68,6 +68,7 @@
 package ca.nrc.cadc.ac.xml;
+import ca.nrc.cadc.ac.PersonalDetails;
 import org.jdom2.Document;
 import org.jdom2.Element;
 import org.jdom2.output.Format;
@@ -86,21 +87,25 @@ public class UsersWriter
     * @param writer            The Writer to output to.
     * @throws IOException      Any writing errors.
     */
-    public static void write(final Map<String, String> users,
+    public static void write(final Map<String, PersonalDetails> users,
                             final Writer writer) throws IOException
    {
        // Create the root users Element.
        final Element usersElement = new Element("users");
-        for (final Map.Entry<String, String> entry : users.entrySet())
+        for (final Map.Entry<String, PersonalDetails> entry : users.entrySet())
        {
            final Element userEntryElement = new Element("user");
-            final Element nameElement = new Element("name");
+            final Element firstNameElement = new Element("firstName");
+            final Element lastNameElement = new Element("lastName");
            userEntryElement.setAttribute("id", entry.getKey());
-            nameElement.setText(entry.getValue());
+            firstNameElement.setText(entry.getValue().getFirstName());
-            userEntryElement.addContent(nameElement);
+            userEntryElement.addContent(firstNameElement);
+            lastNameElement.setText(entry.getValue().getLastName());
+            userEntryElement.addContent(lastNameElement);
            usersElement.addContent(userEntryElement);
        }

--- a/projects/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/GMSClientTest.java
+++ b/projects/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/GMSClientTest.java
@@ -69,6 +69,7 @@
 package ca.nrc.cadc.ac.client;
+import java.io.IOException;
 import java.net.URI;
 import java.net.URL;
 import java.security.PrivilegedExceptionAction;
@@ -77,10 +78,10 @@ import java.util.List;
 import javax.security.auth.Subject;
+import ca.nrc.cadc.ac.User;
+import ca.nrc.cadc.net.HttpDownload;
 import org.apache.log4j.Level;
 import org.apache.log4j.Logger;
-import org.junit.Assert;
-import org.junit.Test;
 import ca.nrc.cadc.ac.AC;
 import ca.nrc.cadc.ac.Group;
@@ -89,6 +90,11 @@ import ca.nrc.cadc.auth.HttpPrincipal;
 import ca.nrc.cadc.reg.client.RegistryClient;
 import ca.nrc.cadc.util.Log4jInit;
+import org.junit.Assert;
+import org.junit.Test;
+import static org.easymock.EasyMock.*;
 public class GMSClientTest
 {
@@ -99,6 +105,40 @@ public class GMSClientTest
        Log4jInit.setLevel("ca.nrc.cadc.ac", Level.DEBUG);
    }
+    @Test
+    public void testGetDisplayUsers() throws Exception
+    {
+        final HttpDownload mockHTTPDownload = createMock(HttpDownload.class);
+        final GMSClient testSubject = new GMSClient("http://mysite.com/users")
+        {
+            @Override
+            HttpDownload createDisplayUsersHTTPDownload(
+                    List<User<HttpPrincipal>> webUsers) throws IOException
+            {
+                return mockHTTPDownload;
+            }
+        };
+        mockHTTPDownload.setRequestProperty("Accept", "application/json");
+        expectLastCall().once();
+        mockHTTPDownload.run();
+        expectLastCall().once();
+        expect(mockHTTPDownload.getThrowable()).andReturn(null).once();
+        expect(mockHTTPDownload.getContentLength()).andReturn(88l).once();
+        expect(mockHTTPDownload.getContentType()).andReturn(
+                "application/json").once();
+        replay(mockHTTPDownload);
+        testSubject.getDisplayUsers();
+        verify(mockHTTPDownload);
+    }
    @Test
    public void testUserIsSubject()
    {

--- a/projects/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/JSONUserListInputStreamWrapperTest.java
+++ b/projects/cadcAccessControl/test/src/ca/nrc/cadc/ac/client/JSONUserListInputStreamWrapperTest.java
+/*
+ ************************************************************************
+ *******************  CANADIAN ASTRONOMY DATA CENTRE  *******************
+ **************  CENTRE CANADIEN DE DONNÉES ASTRONOMIQUES  **************
+ *
+ *  (c) 2015.                            (c) 2015.
+ *  Government of Canada                 Gouvernement du Canada
+ *  National Research Council            Conseil national de recherches
+ *  Ottawa, Canada, K1A 0R6              Ottawa, Canada, K1A 0R6
+ *  All rights reserved                  Tous droits réservés
+ *
+ *  NRC disclaims any warranties,        Le CNRC dénie toute garantie
+ *  expressed, implied, or               énoncée, implicite ou légale,
+ *  statutory, of any kind with          de quelque nature que ce
+ *  respect to the software,             soit, concernant le logiciel,
+ *  including without limitation         y compris sans restriction
+ *  any warranty of merchantability      toute garantie de valeur
+ *  or fitness for a particular          marchande ou de pertinence
+ *  purpose. NRC shall not be            pour un usage particulier.
+ *  liable in any event for any          Le CNRC ne pourra en aucun cas
+ *  damages, whether direct or           être tenu responsable de tout
+ *  indirect, special or general,        dommage, direct ou indirect,
+ *  consequential or incidental,         particulier ou général,
+ *  arising from the use of the          accessoire ou fortuit, résultant
+ *  software.  Neither the name          de l'utilisation du logiciel. Ni
+ *  of the National Research             le nom du Conseil National de
+ *  Council of Canada nor the            Recherches du Canada ni les noms
+ *  names of its contributors may        de ses  participants ne peuvent
+ *  be used to endorse or promote        être utilisés pour approuver ou
+ *  products derived from this           promouvoir les produits dérivés
+ *  software without specific prior      de ce logiciel sans autorisation
+ *  written permission.                  préalable et particulière
+ *                                       par écrit.
+ *
+ *  This file is part of the             Ce fichier fait partie du projet
+ *  OpenCADC project.                    OpenCADC.
+ *
+ *  OpenCADC is free software:           OpenCADC est un logiciel libre ;
+ *  you can redistribute it and/or       vous pouvez le redistribuer ou le
+ *  modify it under the terms of         modifier suivant les termes de
+ *  the GNU Affero General Public        la “GNU Affero General Public
+ *  License as published by the          License” telle que publiée
+ *  Free Software Foundation,            par la Free Software Foundation
+ *  either version 3 of the              : soit la version 3 de cette
+ *  License, or (at your option)         licence, soit (à votre gré)
+ *  any later version.                   toute version ultérieure.
+ *
+ *  OpenCADC is distributed in the       OpenCADC est distribué
+ *  hope that it will be useful,         dans l’espoir qu’il vous
+ *  but WITHOUT ANY WARRANTY;            sera utile, mais SANS AUCUNE
+ *  without even the implied             GARANTIE : sans même la garantie
+ *  warranty of MERCHANTABILITY          implicite de COMMERCIALISABILITÉ
+ *  or FITNESS FOR A PARTICULAR          ni d’ADÉQUATION À UN OBJECTIF
+ *  PURPOSE.  See the GNU Affero         PARTICULIER. Consultez la Licence
+ *  General Public License for           Générale Publique GNU Affero
+ *  more details.                        pour plus de détails.
+ *
+ *  You should have received             Vous devriez avoir reçu une
+ *  a copy of the GNU Affero             copie de la Licence Générale
+ *  General Public License along         Publique GNU Affero avec
+ *  with OpenCADC.  If not, see          OpenCADC ; si ce n’est
+ *  <http://www.gnu.org/licenses/>.      pas le cas, consultez :
+ *                                       <http://www.gnu.org/licenses/>.
+ *
+ *
+ ************************************************************************
+ */
+package ca.nrc.cadc.ac.client;
+import ca.nrc.cadc.ac.User;
+import ca.nrc.cadc.auth.HttpPrincipal;
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.List;
+import org.junit.Test;
+import static org.junit.Assert.*;
+public class JSONUserListInputStreamWrapperTest
+{
+    @Test
+    public void readInputStream() throws Exception
+    {
+        final List<User<HttpPrincipal>> output =
+                new ArrayList<User<HttpPrincipal>>();
+        final JSONUserListInputStreamWrapper testSubject =
+                new JSONUserListInputStreamWrapper(output);
+        final InputStream inputStream =
+                new ByteArrayInputStream("[{\"id\":\"CADCTest\",\"firstName\":\"CADCtest\",\"lastName\":\"USER\"}\n,{\"id\":\"User_2\",\"firstName\":\"User\",\"lastName\":\"2\"}]".getBytes());
+        testSubject.read(inputStream);
+        assertEquals("First item is wrong.", "CADCTest",
+                     output.get(0).getUserID().getName());
+        assertEquals("First item is wrong.", "User_2",
+                     output.get(1).getUserID().getName());
+    }
+}