Example 56 with SearchControls
use of javax.naming.directory.SearchControls in project nhin-d by DirectProject.
the class LdapPublicCertUtilImpl method getDefaultSearchControls.
/**
* Gets the search controls for searching the LDAP server. The default controls use SUBTREE_SCOPE and
* return the userSMIMECertificate attribute.
* @return A search control object.
*/
protected SearchControls getDefaultSearchControls() {
SearchControls ctls = new SearchControls();
ctls.setReturningObjFlag(true);
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
ctls.setReturningAttributes(new String[] { CERT_ATTRIBUTE, CERT_ATTRIBUTE_BINARY });
return ctls;
}
Also used :
SearchControls(javax.naming.directory.SearchControls)
Example 57 with SearchControls
use of javax.naming.directory.SearchControls in project cloudstack by apache.
the class OpenLdapUserManagerImpl method searchUsers.
@Override
public List<LdapUser> searchUsers(final String username, final LdapContext context) throws NamingException, IOException {
final SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(_ldapConfiguration.getScope());
searchControls.setReturningAttributes(_ldapConfiguration.getReturnAttributes());
String basedn = _ldapConfiguration.getBaseDn();
if (StringUtils.isBlank(basedn)) {
throw new IllegalArgumentException("ldap basedn is not configured");
}
byte[] cookie = null;
int pageSize = _ldapConfiguration.getLdapPageSize();
context.setRequestControls(new Control[] { new PagedResultsControl(pageSize, Control.NONCRITICAL) });
final List<LdapUser> users = new ArrayList<LdapUser>();
NamingEnumeration<SearchResult> results;
do {
results = context.search(basedn, generateSearchFilter(username), searchControls);
while (results.hasMoreElements()) {
final SearchResult result = results.nextElement();
if (!isUserDisabled(result)) {
users.add(createUser(result));
}
}
Control[] contextControls = context.getResponseControls();
if (contextControls != null) {
for (Control control : contextControls) {
if (control instanceof PagedResultsResponseControl) {
PagedResultsResponseControl prrc = (PagedResultsResponseControl) control;
cookie = prrc.getCookie();
}
}
} else {
s_logger.info("No controls were sent from the ldap server");
}
context.setRequestControls(new Control[] { new PagedResultsControl(pageSize, cookie, Control.CRITICAL) });
} while (cookie != null);
return users;
}
Also used :
PagedResultsResponseControl(javax.naming.ldap.PagedResultsResponseControl)
ArrayList(java.util.ArrayList)
SearchResult(javax.naming.directory.SearchResult)
Control(javax.naming.ldap.Control)
PagedResultsControl(javax.naming.ldap.PagedResultsControl)
PagedResultsResponseControl(javax.naming.ldap.PagedResultsResponseControl)
SearchControls(javax.naming.directory.SearchControls)
PagedResultsControl(javax.naming.ldap.PagedResultsControl)
Example 58 with SearchControls
use of javax.naming.directory.SearchControls in project karaf by apache.
the class LDAPCache method open.
public synchronized DirContext open() throws NamingException {
if (isContextAlive()) {
return context;
}
clearCache();
context = new InitialDirContext(options.getEnv());
EventDirContext eventContext = ((EventDirContext) context.lookup(""));
final SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
if (!options.getDisableCache()) {
String filter = options.getUserFilter();
filter = filter.replaceAll(Pattern.quote("%u"), Matcher.quoteReplacement("*"));
filter = filter.replace("\\", "\\\\");
eventContext.addNamingListener(options.getUserBaseDn(), filter, constraints, this);
filter = options.getRoleFilter();
if (filter != null) {
filter = filter.replaceAll(Pattern.quote("%u"), Matcher.quoteReplacement("*"));
filter = filter.replaceAll(Pattern.quote("%dn"), Matcher.quoteReplacement("*"));
filter = filter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement("*"));
filter = filter.replace("\\", "\\\\");
eventContext.addNamingListener(options.getRoleBaseDn(), filter, constraints, this);
}
}
return context;
}
Also used :
EventDirContext(javax.naming.event.EventDirContext)
SearchControls(javax.naming.directory.SearchControls)
InitialDirContext(javax.naming.directory.InitialDirContext)
Example 59 with SearchControls
use of javax.naming.directory.SearchControls in project simba-os by cegeka.
the class ActiveDirectoryLoginModule method verifyLoginData.
@Override
protected boolean verifyLoginData() throws FailedLoginException {
String[] returnedAtts = { authenticationAttribute };
Encoder encoder = DefaultEncoder.getInstance();
String requestSearchFilter = searchFilter.replaceAll("%USERNAME%", encoder.encodeForLDAP(getUsername()));
SearchControls searchCtls = new SearchControls();
searchCtls.setReturningAttributes(returnedAtts);
searchCtls.setSearchScope(searchScope);
Hashtable<String, String> env = getEnv();
debug("Verifying credentials for user: " + getUsername());
boolean ldapUser = false;
String userCN = null;
try {
LdapContext ldapContext = getLdapContext(env);
if (ldapContext != null) {
NamingEnumeration<SearchResult> answer = ldapContext.search(searchBase, requestSearchFilter, searchCtls);
while (!ldapUser && answer.hasMoreElements()) {
SearchResult sr = answer.next();
userCN = sr.getName();
Attributes attrs = sr.getAttributes();
if (attrs != null) {
NamingEnumeration<? extends Attribute> ne = attrs.getAll();
ldapUser = ne.hasMore();
ne.close();
}
}
debug("Authentication succeeded");
if (Boolean.TRUE.equals(GlobalContext.locate(ConfigurationServiceImpl.class).getValue(SimbaConfigurationParameter.ENABLE_AD_GROUPS)) && userCN != null) {
updateUserGroups(ldapContext, userCN);
}
}
return ldapUser;
} catch (NamingException ex) {
debug("Authentication failed");
throw new FailedLoginException(ex.getMessage());
}
}
Also used :
Attributes(javax.naming.directory.Attributes)
SearchResult(javax.naming.directory.SearchResult)
ConfigurationServiceImpl(org.simbasecurity.core.service.config.ConfigurationServiceImpl)
FailedLoginException(javax.security.auth.login.FailedLoginException)
Encoder(org.owasp.esapi.Encoder)
DefaultEncoder(org.owasp.esapi.reference.DefaultEncoder)
SearchControls(javax.naming.directory.SearchControls)
NamingException(javax.naming.NamingException)
InitialLdapContext(javax.naming.ldap.InitialLdapContext)
LdapContext(javax.naming.ldap.LdapContext)
Aggregations
SearchControls (javax.naming.directory.SearchControls)59
SearchResult (javax.naming.directory.SearchResult)46
NamingException (javax.naming.NamingException)27
ArrayList (java.util.ArrayList)23
Attributes (javax.naming.directory.Attributes)20
NamingEnumeration (javax.naming.NamingEnumeration)16
Attribute (javax.naming.directory.Attribute)15
DirContext (javax.naming.directory.DirContext)13
InitialDirContext (javax.naming.directory.InitialDirContext)8
LdapContext (javax.naming.ldap.LdapContext)8
HashMap (java.util.HashMap)5
GroupNotFoundException (org.jivesoftware.openfire.group.GroupNotFoundException)5
UserNotFoundException (org.jivesoftware.openfire.user.UserNotFoundException)5
IOException (java.io.IOException)4
HashSet (java.util.HashSet)4
LinkedHashSet (java.util.LinkedHashSet)4
Map (java.util.Map)4
PartialResultException (javax.naming.PartialResultException)4
Control (javax.naming.ldap.Control)4
PagedResultsControl (javax.naming.ldap.PagedResultsControl)4
