Search in sources :

Example 1 with LDAPServiceException

use of com.iplanet.services.ldap.LDAPServiceException in project OpenAM by OpenRock.

the class LocalLdapAuthModule method authenticate.

private boolean authenticate(String dn, String passwd) throws LoginException {
    // LDAP connection used for authentication
    Connection localConn = null;
    String host;
    int port;
    Options ldapOptions = Options.defaultOptions();
    // Check if organization is present in options
    String orgUrl = (String) options.get(LoginContext.ORGNAME);
    if ((orgUrl == null) || (orgUrl.equals(LoginContext.LDAP_AUTH_URL)) || (orgUrl.equals(LoginContext.LDAPS_AUTH_URL)) || !(orgUrl.startsWith(LoginContext.LDAP_AUTH_URL) || orgUrl.startsWith(LoginContext.LDAPS_AUTH_URL))) {
        try {
            DSConfigMgr dscm = DSConfigMgr.getDSConfigMgr();
            // We need a handle on server instance so we can know the
            // Connection type. If it is SSL, the connection needs to be
            // accordingly created. Note: The user type does not make
            // a difference, as the connection type is Server group based,
            // so passing any user type for the second argument.
            ServerInstance si = dscm.getServerInstance(DSConfigMgr.DEFAULT, LDAPUser.Type.AUTH_BASIC);
            String hostName = dscm.getHostName(DSConfigMgr.DEFAULT);
            if (si.getConnectionType() == Server.Type.CONN_SSL) {
                try {
                    ldapOptions.set(LDAPConnectionFactory.SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
                } catch (GeneralSecurityException e) {
                    debug.error("getConnection.JSSESocketFactory", e);
                    throw new LDAPServiceException(AuthI18n.authI18n.getString(IUMSConstants.DSCFG_JSSSFFAIL));
                }
            }
            if (dn != null && passwd != null) {
                // The 389 port number passed is overridden by the
                // hostName:port
                // constructed by the getHostName method. So, this is not
                // a hardcoded port number.
                host = hostName;
                port = 389;
            } else {
                // Throw LoginException
                throw new LoginException(AuthI18n.authI18n.getString(IUMSConstants.DSCFG_CONNECTFAIL));
            }
        } catch (LDAPServiceException ex) {
            debug.error("Authenticate failed: " + ex);
            throw new LoginException(ex.getMessage());
        }
    } else {
        try {
            if (debug.messageEnabled()) {
                debug.message("authenticate(): orgUrl= " + orgUrl);
            }
            // Get hostname
            int start;
            boolean useSSL = false;
            if (orgUrl.startsWith(LoginContext.LDAPS_AUTH_URL)) {
                start = LoginContext.LDAPS_AUTH_URL.length();
                useSSL = true;
            } else {
                start = LoginContext.LDAP_AUTH_URL.length();
            }
            int end = orgUrl.indexOf(':', start);
            if (end == -1) {
                end = orgUrl.indexOf('/', start);
                if (end == -1)
                    end = orgUrl.length();
            }
            String hostName = orgUrl.substring(start, end);
            // Get port number
            String portNumber = "389";
            start = end + 1;
            if (start < orgUrl.length()) {
                end = orgUrl.indexOf('/', start);
                if (end == -1)
                    end = orgUrl.length();
                portNumber = orgUrl.substring(start, end);
            }
            if (useSSL) {
                try {
                    ldapOptions.set(LDAPConnectionFactory.SSL_CONTEXT, new SSLContextBuilder().getSSLContext());
                } catch (GeneralSecurityException e) {
                    debug.error("authentication().JSSESocketFactory()", e);
                    throw (new LoginException(e.getMessage()));
                }
            }
            if (debug.messageEnabled()) {
                debug.message("before connect(), hostName=" + hostName + ",port=" + portNumber);
            }
            host = hostName;
            port = Integer.parseInt(portNumber);
        } catch (Exception e) {
            debug.error("authentication", e);
            throw (new LoginException(e.getMessage()));
        }
    }
    try (ConnectionFactory factory = LDAPUtils.createFailoverConnectionFactory(host, port, dn, passwd, ldapOptions);
        Connection conn = factory.getConnection()) {
        return true;
    } catch (LdapException e) {
        throw new LoginException(e.getMessage());
    }
}
Also used : Options(org.forgerock.util.Options) GeneralSecurityException(java.security.GeneralSecurityException) Connection(org.forgerock.opendj.ldap.Connection) DSConfigMgr(com.iplanet.services.ldap.DSConfigMgr) LoginException(javax.security.auth.login.LoginException) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) LdapException(org.forgerock.opendj.ldap.LdapException) GeneralSecurityException(java.security.GeneralSecurityException) IOException(java.io.IOException) SearchResultReferenceIOException(org.forgerock.opendj.ldap.SearchResultReferenceIOException) ConnectionFactory(org.forgerock.opendj.ldap.ConnectionFactory) LDAPConnectionFactory(org.forgerock.opendj.ldap.LDAPConnectionFactory) LoginException(javax.security.auth.login.LoginException) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) ServerInstance(com.iplanet.services.ldap.ServerInstance) SSLContextBuilder(org.forgerock.opendj.ldap.SSLContextBuilder) LdapException(org.forgerock.opendj.ldap.LdapException)

Example 2 with LDAPServiceException

use of com.iplanet.services.ldap.LDAPServiceException in project OpenAM by OpenRock.

the class LocalLdapAuthModule method readServerConfig.

private void readServerConfig() throws LoginException {
    if (readServerConfiguration)
        return;
    try {
        DSConfigMgr cfgMgr = DSConfigMgr.getDSConfigMgr();
        conn = cfgMgr.getNewBasicConnectionFactory().getConnection();
        ServerInstance si = cfgMgr.getServerInstance(DSConfigMgr.DEFAULT, LDAPUser.Type.AUTH_BASIC);
        baseDN = si.getBaseDN();
        readServerConfiguration = true;
    } catch (LDAPServiceException | LdapException ex) {
        throw new LoginException(ex.getMessage());
    }
}
Also used : DSConfigMgr(com.iplanet.services.ldap.DSConfigMgr) LoginException(javax.security.auth.login.LoginException) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) ServerInstance(com.iplanet.services.ldap.ServerInstance) LdapException(org.forgerock.opendj.ldap.LdapException)

Example 3 with LDAPServiceException

use of com.iplanet.services.ldap.LDAPServiceException in project OpenAM by OpenRock.

the class ImportServiceConfiguration method getLDAPConnection.

private Connection getLDAPConnection() throws CLIException {
    IOutput outputWriter = getOutputWriter();
    if (isVerbose()) {
        outputWriter.printlnMessage(getResourceString("import-service-configuration-connecting-to-ds"));
    }
    try {
        Connection conn;
        DSConfigMgr dsCfg = DSConfigMgr.getDSConfigMgr();
        ServerGroup sg = dsCfg.getServerGroup("sms");
        if (sg != null) {
            conn = dsCfg.getNewConnectionFactory("sms", LDAPUser.Type.AUTH_ADMIN).getConnection();
        } else {
            throw new CLIException(getResourceString("import-service-configuration-not-connect-to-ds"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED, null);
        }
        if (isVerbose()) {
            outputWriter.printlnMessage(getResourceString("import-service-configuration-connected-to-ds"));
        }
        return conn;
    } catch (LDAPServiceException | LdapException e) {
        throw new CLIException(getResourceString("import-service-configuration-not-connect-to-ds"), ExitCodes.REQUEST_CANNOT_BE_PROCESSED, null);
    }
}
Also used : ServerGroup(com.iplanet.services.ldap.ServerGroup) IOutput(com.sun.identity.cli.IOutput) Connection(org.forgerock.opendj.ldap.Connection) DSConfigMgr(com.iplanet.services.ldap.DSConfigMgr) CLIException(com.sun.identity.cli.CLIException) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) LdapException(org.forgerock.opendj.ldap.LdapException)

Example 4 with LDAPServiceException

use of com.iplanet.services.ldap.LDAPServiceException in project OpenAM by OpenRock.

the class AdminUtils method initialize.

public static void initialize() {
    debug = Debug.getInstance(IUMSConstants.UMS_DEBUG);
    try {
        DSConfigMgr dscMgr = DSConfigMgr.getDSConfigMgr();
        ServerInstance svrInstance = dscMgr.getServerInstance(LDAPUser.Type.AUTH_ADMIN);
        if (svrInstance != null) {
            adminDN = svrInstance.getAuthID();
            String adminPW = (String) AccessController.doPrivileged(new ServerInstanceAction(svrInstance));
            adminPassword = xor(adminPW.getBytes());
        } else {
            debug.error("AdminUtils.initialize: server instance not found");
        }
    } catch (LDAPServiceException e) {
        if (SystemProperties.isServerMode()) {
            debug.error("AdminUtils.initialize: Initialize admin info ", e);
        } else if (debug.messageEnabled()) {
            debug.message("AdminUtilsinitialize: Could not initialize admin info message:" + e.getMessage());
        }
    }
}
Also used : ServerInstanceAction(com.sun.identity.security.ServerInstanceAction) DSConfigMgr(com.iplanet.services.ldap.DSConfigMgr) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) ServerInstance(com.iplanet.services.ldap.ServerInstance)

Example 5 with LDAPServiceException

use of com.iplanet.services.ldap.LDAPServiceException in project OpenAM by OpenRock.

the class AMSDKRepo method getDsSvrCfg.

private ServerInstance getDsSvrCfg(LDAPUser.Type authType) throws IdRepoException {
    ServerInstance svrCfg = null;
    try {
        DSConfigMgr dsCfg = DSConfigMgr.getDSConfigMgr();
        svrCfg = dsCfg.getServerInstance(authType);
    } catch (LDAPServiceException ldex) {
        if (debug.messageEnabled()) {
            debug.message("AMSDKRepo: getFullyQualifiedName" + " LDAPServiceException: " + ldex.getMessage());
        }
        Object[] args = { CLASS_NAME };
        throw new IdRepoException(IdRepoBundle.BUNDLE_NAME, IdRepoErrorCode.SEARCH_FAILED, args);
    }
    return (svrCfg);
}
Also used : IdRepoException(com.sun.identity.idm.IdRepoException) DSConfigMgr(com.iplanet.services.ldap.DSConfigMgr) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) ServerInstance(com.iplanet.services.ldap.ServerInstance)

Aggregations

LDAPServiceException (com.iplanet.services.ldap.LDAPServiceException)12 DSConfigMgr (com.iplanet.services.ldap.DSConfigMgr)10 ServerInstance (com.iplanet.services.ldap.ServerInstance)7 ServerGroup (com.iplanet.services.ldap.ServerGroup)4 Connection (org.forgerock.opendj.ldap.Connection)4 ConnectionFactory (org.forgerock.opendj.ldap.ConnectionFactory)4 LdapException (org.forgerock.opendj.ldap.LdapException)3 LoginException (javax.security.auth.login.LoginException)2 ShutdownListener (org.forgerock.util.thread.listener.ShutdownListener)2 ShutdownManager (org.forgerock.util.thread.listener.ShutdownManager)2 Provider (com.google.inject.Provider)1 TypeLiteral (com.google.inject.TypeLiteral)1 FactoryModuleBuilder (com.google.inject.assistedinject.FactoryModuleBuilder)1 SystemProperties (com.iplanet.am.util.SystemProperties)1 ServerSessionOperationStrategy (com.iplanet.dpro.session.operations.ServerSessionOperationStrategy)1 SessionOperationStrategy (com.iplanet.dpro.session.operations.SessionOperationStrategy)1 SessionService (com.iplanet.dpro.session.service.SessionService)1 Server (com.iplanet.services.ldap.Server)1 SSOException (com.iplanet.sso.SSOException)1 SSOToken (com.iplanet.sso.SSOToken)1