Example 1 with Control
use of javax.naming.ldap.Control in project camel by apache.
the class LdapProducer method prepareNextPage.
private boolean prepareNextPage(LdapContext ldapContext) throws Exception {
Control[] responseControls = ldapContext.getResponseControls();
byte[] cookie = null;
if (responseControls != null) {
for (Control responseControl : responseControls) {
if (responseControl instanceof PagedResultsResponseControl) {
PagedResultsResponseControl prrc = (PagedResultsResponseControl) responseControl;
cookie = prrc.getCookie();
}
}
}
if (cookie == null) {
return false;
} else {
ldapContext.setRequestControls(new Control[] { new PagedResultsControl(pageSize, cookie, Control.CRITICAL) });
return true;
}
}
Also used :
Control(javax.naming.ldap.Control)
PagedResultsControl(javax.naming.ldap.PagedResultsControl)
PagedResultsResponseControl(javax.naming.ldap.PagedResultsResponseControl)
PagedResultsResponseControl(javax.naming.ldap.PagedResultsResponseControl)
PagedResultsControl(javax.naming.ldap.PagedResultsControl)
Example 2 with Control
use of javax.naming.ldap.Control in project Openfire by igniterealtime.
the class LdapUserTester method getSample.
/**
* Returns a list of usernames with a sample of the users found in LDAP.
*
* @param maxSample the max size of the sample to return.
* @return a list of usernames with a sample of the users found in LDAP.
* @throws NamingException if something goes wrong....
*/
public List<String> getSample(int maxSample) throws NamingException {
List<String> usernames = new ArrayList<>();
LdapContext ctx = null;
try {
ctx = manager.getContext();
// Sort on username field.
Control[] searchControl;
try {
searchControl = new Control[] { new SortControl(new String[] { manager.getUsernameField() }, Control.NONCRITICAL) };
} catch (IOException e) {
Log.error(e.getMessage(), e);
return Collections.emptyList();
}
ctx.setRequestControls(searchControl);
// Search for the dn based on the username.
SearchControls searchControls = new SearchControls();
// See if recursive searching is enabled. Otherwise, only search one level.
if (manager.isSubTreeSearch()) {
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
} else {
searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
}
searchControls.setReturningAttributes(new String[] { manager.getUsernameField() });
// Limit results to those we'll need to process
searchControls.setCountLimit(maxSample);
String filter = MessageFormat.format(manager.getSearchFilter(), "*");
NamingEnumeration answer = ctx.search("", filter, searchControls);
while (answer.hasMoreElements()) {
// Get the next userID.
String username = (String) ((SearchResult) answer.next()).getAttributes().get(manager.getUsernameField()).get();
// Escape username and add to results.
usernames.add(JID.escapeNode(username));
}
// Close the enumeration.
answer.close();
} finally {
try {
if (ctx != null) {
ctx.setRequestControls(null);
ctx.close();
}
} catch (Exception ignored) {
// Ignore.
}
}
return usernames;
}
Also used :
SortControl(javax.naming.ldap.SortControl)
Control(javax.naming.ldap.Control)
SortControl(javax.naming.ldap.SortControl)
NamingEnumeration(javax.naming.NamingEnumeration)
IOException(java.io.IOException)
LdapContext(javax.naming.ldap.LdapContext)
IOException(java.io.IOException)
NamingException(javax.naming.NamingException)
Example 3 with Control
use of javax.naming.ldap.Control in project Openfire by igniterealtime.
the class LdapManager method retrieveList.
/**
* Generic routine for retrieving a list of results from the LDAP server. It's meant to be very
* flexible so that just about any query for a list of results can make use of it without having
* to reimplement their own calls to LDAP. This routine also accounts for sorting settings,
* paging settings, any other global settings, and alternate DNs.
*
* The passed in filter string needs to be pre-prepared! In other words, nothing will be changed
* in the string before it is used as a string.
*
* @param attribute LDAP attribute to be pulled from each result and placed in the return results.
* Typically pulled from this manager.
* @param searchFilter Filter to use to perform the search. Typically pulled from this manager.
* @param startIndex Number/index of first result to include in results. (-1 for no limit)
* @param numResults Number of results to include. (-1 for no limit)
* @param suffixToTrim An arbitrary string to trim from the end of every attribute returned. null to disable.
* @param escapeJIDs Use JID-escaping for returned results (e.g. usernames)
* @return A simple list of strings (that should be sorted) of the results.
*/
public List<String> retrieveList(String attribute, String searchFilter, int startIndex, int numResults, String suffixToTrim, boolean escapeJIDs) {
List<String> results = new ArrayList<>();
int pageSize = -1;
String pageSizeStr = properties.get("ldap.pagedResultsSize");
if (pageSizeStr != null) {
try {
pageSize = Integer.parseInt(pageSizeStr);
/* radix -1 is invalid */
} catch (NumberFormatException e) {
// poorly formatted number, ignoring
}
}
Boolean clientSideSort = false;
String clientSideSortStr = properties.get("ldap.clientSideSorting");
if (clientSideSortStr != null) {
clientSideSort = Boolean.valueOf(clientSideSortStr);
}
LdapContext ctx = null;
LdapContext ctx2 = null;
try {
ctx = getContext(baseDN);
// Set up request controls, if appropriate.
List<Control> baseTmpRequestControls = new ArrayList<>();
if (!clientSideSort) {
// Server side sort on username field.
baseTmpRequestControls.add(new SortControl(new String[] { attribute }, Control.NONCRITICAL));
}
if (pageSize > 0) {
// Server side paging.
baseTmpRequestControls.add(new PagedResultsControl(pageSize, Control.NONCRITICAL));
}
Control[] baseRequestControls = baseTmpRequestControls.toArray(new Control[baseTmpRequestControls.size()]);
ctx.setRequestControls(baseRequestControls);
SearchControls searchControls = new SearchControls();
// See if recursive searching is enabled. Otherwise, only search one level.
if (isSubTreeSearch()) {
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
} else {
searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
}
searchControls.setReturningAttributes(new String[] { attribute });
// If server side sort, we'll skip the initial ones we don't want, and stop when we've hit
// the amount we do want.
int skip = -1;
int lastRes = -1;
if (!clientSideSort) {
if (startIndex != -1) {
skip = startIndex;
}
if (numResults != -1) {
lastRes = startIndex + numResults;
}
}
byte[] cookie;
int count = 0;
// Run through all pages of results (one page is also possible ;) )
do {
cookie = null;
NamingEnumeration<SearchResult> answer = ctx.search("", searchFilter, searchControls);
// Examine all of the results on this page
while (answer.hasMoreElements()) {
count++;
if (skip > 0 && count <= skip) {
answer.next();
continue;
}
if (lastRes != -1 && count > lastRes) {
answer.next();
break;
}
// Get the next result.
String result = (String) answer.next().getAttributes().get(attribute).get();
// Remove suffixToTrim if set
if (suffixToTrim != null && suffixToTrim.length() > 0 && result.endsWith(suffixToTrim)) {
result = result.substring(0, result.length() - suffixToTrim.length());
}
// Add this to the result.
results.add(escapeJIDs ? JID.escapeNode(result) : result);
}
// Examine the paged results control response
Control[] controls = ctx.getResponseControls();
if (controls != null) {
for (Control control : controls) {
if (control instanceof PagedResultsResponseControl) {
PagedResultsResponseControl prrc = (PagedResultsResponseControl) control;
cookie = prrc.getCookie();
}
}
}
// Close the enumeration.
answer.close();
// Re-activate paged results; affects nothing if no paging support
List<Control> tmpRequestControls = new ArrayList<>();
if (!clientSideSort) {
// Server side sort on username field.
tmpRequestControls.add(new SortControl(new String[] { attribute }, Control.NONCRITICAL));
}
if (pageSize > 0) {
// Server side paging.
tmpRequestControls.add(new PagedResultsControl(pageSize, cookie, Control.CRITICAL));
}
Control[] requestControls = tmpRequestControls.toArray(new Control[tmpRequestControls.size()]);
ctx.setRequestControls(requestControls);
} while (cookie != null && (lastRes == -1 || count <= lastRes));
// Add groups found in alternate DN
if (alternateBaseDN != null && (lastRes == -1 || count <= lastRes)) {
ctx2 = getContext(alternateBaseDN);
ctx2.setRequestControls(baseRequestControls);
// Run through all pages of results (one page is also possible ;) )
do {
cookie = null;
NamingEnumeration<SearchResult> answer = ctx2.search("", searchFilter, searchControls);
// Examine all of the results on this page
while (answer.hasMoreElements()) {
count++;
if (skip > 0 && count <= skip) {
answer.next();
continue;
}
if (lastRes != -1 && count > lastRes) {
answer.next();
break;
}
// Get the next result.
String result = (String) answer.next().getAttributes().get(attribute).get();
// Remove suffixToTrim if set
if (suffixToTrim != null && suffixToTrim.length() > 0 && result.endsWith(suffixToTrim)) {
result = result.substring(0, result.length() - suffixToTrim.length());
}
// Add this to the result.
results.add(escapeJIDs ? JID.escapeNode(result) : result);
}
// Examine the paged results control response
Control[] controls = ctx2.getResponseControls();
if (controls != null) {
for (Control control : controls) {
if (control instanceof PagedResultsResponseControl) {
PagedResultsResponseControl prrc = (PagedResultsResponseControl) control;
cookie = prrc.getCookie();
}
}
}
// Close the enumeration.
answer.close();
// Re-activate paged results; affects nothing if no paging support
List<Control> tmpRequestControls = new ArrayList<>();
if (!clientSideSort) {
// Server side sort on username field.
tmpRequestControls.add(new SortControl(new String[] { attribute }, Control.NONCRITICAL));
}
if (pageSize > 0) {
// Server side paging.
tmpRequestControls.add(new PagedResultsControl(pageSize, cookie, Control.CRITICAL));
}
Control[] requestControls = tmpRequestControls.toArray(new Control[tmpRequestControls.size()]);
ctx2.setRequestControls(requestControls);
} while (cookie != null && (lastRes == -1 || count <= lastRes));
}
// If client-side sorting is enabled, sort and trim.
if (clientSideSort) {
Collections.sort(results);
if (startIndex != -1 || numResults != -1) {
if (startIndex == -1) {
startIndex = 0;
}
if (numResults == -1) {
numResults = results.size();
}
int endIndex = Math.min(startIndex + numResults, results.size() - 1);
results = results.subList(startIndex, endIndex);
}
}
} catch (Exception e) {
Log.error(e.getMessage(), e);
} finally {
try {
if (ctx != null) {
ctx.setRequestControls(null);
ctx.close();
}
if (ctx2 != null) {
ctx2.setRequestControls(null);
ctx2.close();
}
} catch (Exception ignored) {
// Ignore.
}
}
return results;
}
Also used :
PagedResultsResponseControl(javax.naming.ldap.PagedResultsResponseControl)
ArrayList(java.util.ArrayList)
SearchResult(javax.naming.directory.SearchResult)
NamingException(javax.naming.NamingException)
GroupNotFoundException(org.jivesoftware.openfire.group.GroupNotFoundException)
UserNotFoundException(org.jivesoftware.openfire.user.UserNotFoundException)
SortControl(javax.naming.ldap.SortControl)
Control(javax.naming.ldap.Control)
SortControl(javax.naming.ldap.SortControl)
PagedResultsControl(javax.naming.ldap.PagedResultsControl)
PagedResultsResponseControl(javax.naming.ldap.PagedResultsResponseControl)
SearchControls(javax.naming.directory.SearchControls)
JiveInitialLdapContext(org.jivesoftware.util.JiveInitialLdapContext)
LdapContext(javax.naming.ldap.LdapContext)
PagedResultsControl(javax.naming.ldap.PagedResultsControl)
Example 4 with Control
use of javax.naming.ldap.Control in project Openfire by igniterealtime.
the class LdapManager method retrieveListCount.
/**
* Generic routine for retrieving the number of available results from the LDAP server that
* match the passed search filter. This routine also accounts for paging settings and
* alternate DNs.
*
* The passed in filter string needs to be pre-prepared! In other words, nothing will be changed
* in the string before it is used as a string.
*
* @param attribute LDAP attribute to be pulled from each result and used in the query.
* Typically pulled from this manager.
* @param searchFilter Filter to use to perform the search. Typically pulled from this manager.
* @return The number of entries that match the filter.
*/
public Integer retrieveListCount(String attribute, String searchFilter) {
int pageSize = -1;
String pageSizeStr = properties.get("ldap.pagedResultsSize");
if (pageSizeStr != null) {
try {
pageSize = Integer.parseInt(pageSizeStr);
/* radix -1 is invalid */
} catch (NumberFormatException e) {
// poorly formatted number, ignoring
}
}
LdapContext ctx = null;
LdapContext ctx2 = null;
Integer count = 0;
try {
ctx = getContext(baseDN);
// Set up request controls, if appropriate.
List<Control> baseTmpRequestControls = new ArrayList<>();
if (pageSize > 0) {
// Server side paging.
baseTmpRequestControls.add(new PagedResultsControl(pageSize, Control.NONCRITICAL));
}
Control[] baseRequestControls = baseTmpRequestControls.toArray(new Control[baseTmpRequestControls.size()]);
ctx.setRequestControls(baseRequestControls);
SearchControls searchControls = new SearchControls();
// See if recursive searching is enabled. Otherwise, only search one level.
if (isSubTreeSearch()) {
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
} else {
searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
}
searchControls.setReturningAttributes(new String[] { attribute });
byte[] cookie;
// Run through all pages of results (one page is also possible ;) )
do {
cookie = null;
NamingEnumeration<SearchResult> answer = ctx.search("", searchFilter, searchControls);
// Examine all of the results on this page
while (answer.hasMoreElements()) {
answer.next();
count++;
}
// Examine the paged results control response
Control[] controls = ctx.getResponseControls();
if (controls != null) {
for (Control control : controls) {
if (control instanceof PagedResultsResponseControl) {
PagedResultsResponseControl prrc = (PagedResultsResponseControl) control;
cookie = prrc.getCookie();
}
}
}
// Close the enumeration.
answer.close();
// Re-activate paged results; affects nothing if no paging support
List<Control> tmpRequestControls = new ArrayList<>();
if (pageSize > 0) {
// Server side paging.
tmpRequestControls.add(new PagedResultsControl(pageSize, cookie, Control.CRITICAL));
}
Control[] requestControls = tmpRequestControls.toArray(new Control[tmpRequestControls.size()]);
ctx.setRequestControls(requestControls);
} while (cookie != null);
// Add groups found in alternate DN
if (alternateBaseDN != null) {
ctx2 = getContext(alternateBaseDN);
ctx2.setRequestControls(baseRequestControls);
// Run through all pages of results (one page is also possible ;) )
do {
cookie = null;
NamingEnumeration<SearchResult> answer = ctx2.search("", searchFilter, searchControls);
// Examine all of the results on this page
while (answer.hasMoreElements()) {
answer.next();
count++;
}
// Examine the paged results control response
Control[] controls = ctx2.getResponseControls();
if (controls != null) {
for (Control control : controls) {
if (control instanceof PagedResultsResponseControl) {
PagedResultsResponseControl prrc = (PagedResultsResponseControl) control;
cookie = prrc.getCookie();
}
}
}
// Close the enumeration.
answer.close();
// Re-activate paged results; affects nothing if no paging support
List<Control> tmpRequestControls = new ArrayList<>();
if (pageSize > 0) {
// Server side paging.
tmpRequestControls.add(new PagedResultsControl(pageSize, cookie, Control.CRITICAL));
}
Control[] requestControls = tmpRequestControls.toArray(new Control[tmpRequestControls.size()]);
ctx2.setRequestControls(requestControls);
} while (cookie != null);
}
} catch (Exception e) {
Log.error(e.getMessage(), e);
} finally {
try {
if (ctx != null) {
ctx.setRequestControls(null);
ctx.close();
}
if (ctx2 != null) {
ctx2.setRequestControls(null);
ctx2.close();
}
} catch (Exception ignored) {
// Ignore.
}
}
return count;
}
Also used :
PagedResultsResponseControl(javax.naming.ldap.PagedResultsResponseControl)
ArrayList(java.util.ArrayList)
SearchResult(javax.naming.directory.SearchResult)
NamingException(javax.naming.NamingException)
GroupNotFoundException(org.jivesoftware.openfire.group.GroupNotFoundException)
UserNotFoundException(org.jivesoftware.openfire.user.UserNotFoundException)
Control(javax.naming.ldap.Control)
SortControl(javax.naming.ldap.SortControl)
PagedResultsControl(javax.naming.ldap.PagedResultsControl)
PagedResultsResponseControl(javax.naming.ldap.PagedResultsResponseControl)
SearchControls(javax.naming.directory.SearchControls)
JiveInitialLdapContext(org.jivesoftware.util.JiveInitialLdapContext)
LdapContext(javax.naming.ldap.LdapContext)
PagedResultsControl(javax.naming.ldap.PagedResultsControl)
Example 5 with Control
use of javax.naming.ldap.Control in project spring-security by spring-projects.
the class PasswordPolicyAwareContextSource method getContext.
@Override
public DirContext getContext(String principal, String credentials) throws PasswordPolicyException {
if (principal.equals(userDn)) {
return super.getContext(principal, credentials);
}
final boolean debug = logger.isDebugEnabled();
if (debug) {
logger.debug("Binding as '" + userDn + "', prior to reconnect as user '" + principal + "'");
}
// First bind as manager user before rebinding as the specific principal.
LdapContext ctx = (LdapContext) super.getContext(userDn, password);
Control[] rctls = { new PasswordPolicyControl(false) };
try {
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, principal);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials);
ctx.reconnect(rctls);
} catch (javax.naming.NamingException ne) {
PasswordPolicyResponseControl ctrl = PasswordPolicyControlExtractor.extractControl(ctx);
if (debug) {
logger.debug("Failed to obtain context", ne);
logger.debug("Password policy response: " + ctrl);
}
LdapUtils.closeContext(ctx);
if (ctrl != null) {
if (ctrl.isLocked()) {
throw new PasswordPolicyException(ctrl.getErrorStatus());
}
}
throw LdapUtils.convertLdapException(ne);
}
if (debug) {
logger.debug("PPolicy control returned: " + PasswordPolicyControlExtractor.extractControl(ctx));
}
return ctx;
}
Also used :
Control(javax.naming.ldap.Control)
LdapContext(javax.naming.ldap.LdapContext)
Aggregations
Control (javax.naming.ldap.Control)10
LdapContext (javax.naming.ldap.LdapContext)6
ArrayList (java.util.ArrayList)4
SearchControls (javax.naming.directory.SearchControls)4
SearchResult (javax.naming.directory.SearchResult)4
PagedResultsControl (javax.naming.ldap.PagedResultsControl)4
PagedResultsResponseControl (javax.naming.ldap.PagedResultsResponseControl)4
SortControl (javax.naming.ldap.SortControl)4
NamingException (javax.naming.NamingException)3
NamingEnumeration (javax.naming.NamingEnumeration)2
GroupNotFoundException (org.jivesoftware.openfire.group.GroupNotFoundException)2
UserNotFoundException (org.jivesoftware.openfire.user.UserNotFoundException)2
JiveInitialLdapContext (org.jivesoftware.util.JiveInitialLdapContext)2
IOException (java.io.IOException)1
Attribute (javax.naming.directory.Attribute)1
Attributes (javax.naming.directory.Attributes)1
