Example 1 with LDAPReferralException
use of com.novell.ldap.LDAPReferralException in project OpenUnison by TremoloSecurity.
the class ADProvider method doFindUser.
private User doFindUser(String userID, Set<String> attributes, StringBuffer filter, LDAPConnection con) throws LDAPException {
boolean externalUser = false;
LDAPSearchResults res = con.search(searchBase, 2, filter.toString(), this.toStringArray(attributes), false);
LDAPEntry ldapUser = null;
if (!res.hasMore()) {
ldapUser = getMyVDUser(filter);
if (ldapUser == null) {
return null;
} else {
externalUser = true;
}
} else {
try {
ldapUser = res.next();
while (res.hasMore()) res.next();
} catch (LDAPReferralException e) {
}
if (ldapUser == null) {
ldapUser = getMyVDUser(filter);
if (ldapUser == null) {
return null;
} else {
externalUser = true;
}
}
}
User user = new User(userID);
Iterator<LDAPAttribute> it = ldapUser.getAttributeSet().iterator();
while (it.hasNext()) {
LDAPAttribute attr = it.next();
Attribute userAttr = new Attribute(attr.getName());
String[] vals = attr.getStringValueArray();
for (int i = 0; i < vals.length; i++) {
userAttr.getValues().add(vals[i]);
}
user.getAttribs().put(userAttr.getName(), userAttr);
}
if (externalUser) {
/*if (ldapf.contains("\\,")) {
ldapf = ldapf.replaceAll("\\\\\\\\,","\\5C,");
} */
// ldapf = this.adEscape(ldapf);
res = con.search(searchBase, 2, equal(this.externalGroupAttr, ldapUser.getDN()).toString(), new String[] { "cn" }, false);
while (res.hasMore()) {
LDAPEntry group = null;
try {
group = res.next();
} catch (LDAPReferralException e) {
continue;
}
user.getGroups().add(group.getAttribute("cn").getStringValue());
}
} else {
StringBuffer f = new StringBuffer();
String ldapf = equal("member", ldapUser.getDN()).toString();
/*if (ldapf.contains("\\,")) {
ldapf = ldapf.replaceAll("[\\\\][,]","\\\\5C,");
} */
// ldapf = this.adEscape(ldapf);
res = con.search(searchBase, 2, ldapf, new String[] { "cn" }, false);
while (res.hasMore()) {
LDAPEntry group = null;
try {
group = res.next();
} catch (LDAPReferralException e) {
continue;
}
user.getGroups().add(group.getAttribute("cn").getStringValue());
}
}
return user;
}
Also used :
LDAPReferralException(com.novell.ldap.LDAPReferralException)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
LDAPEntry(com.novell.ldap.LDAPEntry)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
User(com.tremolosecurity.provisioning.core.User)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(com.tremolosecurity.saml.Attribute)
Example 2 with LDAPReferralException
use of com.novell.ldap.LDAPReferralException in project OpenUnison by TremoloSecurity.
the class ADProvider method doSync.
private void doSync(User user, boolean fromUserOnly, Set<String> attributes, StringBuffer filter, LDAPConnection con, Map<String, Object> request) throws LDAPException, ProvisioningException {
LDAPSearchResults res = con.search(searchBase, 2, filter.toString(), this.toStringArray(attributes), false);
int approvalID = 0;
boolean isExternal = false;
LDAPEntry ldapUser = null;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
if (!res.hasMore()) {
if (this.supportExternalUsers) {
ldapUser = this.getMyVDUser(filter);
if (ldapUser == null) {
this.createUser(user, attributes, request);
} else {
isExternal = true;
ArrayList<LDAPModification> mods = new ArrayList<LDAPModification>();
HashSet<String> done = new HashSet<String>();
syncUser(user, fromUserOnly, attributes, con, approvalID, workflow, mods, done, ldapUser, isExternal, request);
}
} else {
this.createUser(user, attributes, request);
}
} else {
ArrayList<LDAPModification> mods = new ArrayList<LDAPModification>();
HashSet<String> done = new HashSet<String>();
try {
ldapUser = res.next();
try {
while (res.hasMore()) res.next();
} catch (LDAPReferralException e) {
}
} catch (LDAPReferralException e) {
if (this.supportExternalUsers) {
ldapUser = this.getMyVDUser(filter);
if (ldapUser == null) {
this.createUser(user, attributes, request);
return;
} else {
isExternal = true;
}
} else {
this.createUser(user, attributes, request);
return;
}
}
syncUser(user, fromUserOnly, attributes, con, approvalID, workflow, mods, done, ldapUser, isExternal, request);
}
}
Also used :
LDAPReferralException(com.novell.ldap.LDAPReferralException)
LDAPEntry(com.novell.ldap.LDAPEntry)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
LDAPModification(com.novell.ldap.LDAPModification)
ArrayList(java.util.ArrayList)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
HashSet(java.util.HashSet)
Example 3 with LDAPReferralException
use of com.novell.ldap.LDAPReferralException in project OpenUnison by TremoloSecurity.
the class ADProvider method syncGroups.
private void syncGroups(User user, boolean fromUserOnly, LDAPConnection con, int approvalID, Workflow workflow, HashSet<String> done, LDAPEntry ldapUser, boolean isExternal) throws LDAPException, ProvisioningException {
LDAPSearchResults res;
if (isExternal) {
String fdn = ldapUser.getDN();
/*if (fdn.contains("\\\\\\\\,")) {
fdn = fdn.replaceAll("\\\\\\\\,","\\5C,");
}
if (fdn.contains("\\,")) {
fdn = fdn.replaceAll("\\\\,","\\\\5C,");
}*/
// fdn = this.adEscape(fdn);
res = con.search(searchBase, 2, equal(this.externalGroupAttr, fdn).toString(), new String[] { "cn" }, false);
} else {
String fdn = ldapUser.getDN();
/*if (fdn.contains("\\,")) {
fdn = fdn.replaceAll("[\\\\][,]","\\\\5C,");
} */
// fdn = this.adEscape(fdn);
StringBuffer f = new StringBuffer();
res = con.search(searchBase, 2, equal("member", fdn).toString(), new String[] { "cn" }, false);
}
done.clear();
while (res.hasMore()) {
LDAPEntry groupEntry = null;
try {
groupEntry = res.next();
} catch (LDAPReferralException e) {
break;
}
String memberDN = ldapUser.getDN();
if (memberDN.contains("\\\\\\,")) {
memberDN = memberDN.replaceAll("\\\\\\\\,", "\\,");
}
if (!user.getGroups().contains(groupEntry.getAttribute("cn").getStringValue())) {
if (!fromUserOnly) {
if (isExternal) {
if (logger.isDebugEnabled()) {
logger.debug("Deleting external '" + memberDN + "' from '" + groupEntry.getDN() + "'");
}
con.modify(groupEntry.getDN(), new LDAPModification(LDAPModification.DELETE, new LDAPAttribute(this.externalGroupAttr, memberDN)));
} else {
if (logger.isDebugEnabled()) {
logger.debug("Deleting internal '" + memberDN + "' from '" + groupEntry.getDN() + "'");
}
con.modify(groupEntry.getDN(), new LDAPModification(LDAPModification.DELETE, new LDAPAttribute("member", memberDN)));
}
this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Delete, approvalID, workflow, "group", groupEntry.getAttribute("cn").getStringValue());
}
}
done.add(groupEntry.getAttribute("cn").getStringValue());
}
Iterator<String> itgroups = user.getGroups().iterator();
while (itgroups.hasNext()) {
String groupName = itgroups.next();
if (done.contains(groupName)) {
continue;
}
StringBuffer b = new StringBuffer();
b.append("(cn=").append(groupName).append(")");
res = con.search(searchBase, 2, b.toString(), new String[] { "1.1" }, false);
if (!res.hasMore()) {
if (!isExternal) {
b.setLength(0);
b.append("Group ").append(groupName).append(" does not exist");
logger.warn(b.toString());
}
continue;
}
String groupDN = res.next().getDN();
while (res.hasMore()) {
try {
res.next();
} catch (LDAPException e) {
// do nothing
}
}
String memberDN = ldapUser.getDN();
if (memberDN.contains("\\\\\\,")) {
memberDN = memberDN.replaceAll("\\\\\\\\,", "\\,");
}
if (isExternal) {
if (logger.isDebugEnabled()) {
logger.debug("Adding external '" + memberDN + "' to '" + groupDN + "'");
}
con.modify(groupDN, new LDAPModification(LDAPModification.ADD, new LDAPAttribute(this.externalGroupAttr, memberDN)));
} else {
if (logger.isDebugEnabled()) {
logger.debug("Adding internal '" + memberDN + "' to '" + groupDN + "'");
}
con.modify(groupDN, new LDAPModification(LDAPModification.ADD, new LDAPAttribute("member", memberDN)));
}
this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, "group", groupName);
}
}
Also used :
LDAPReferralException(com.novell.ldap.LDAPReferralException)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
LDAPEntry(com.novell.ldap.LDAPEntry)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
LDAPException(com.novell.ldap.LDAPException)
LDAPModification(com.novell.ldap.LDAPModification)
Example 4 with LDAPReferralException
use of com.novell.ldap.LDAPReferralException in project OpenUnison by TremoloSecurity.
the class LDAPProvider method doFindUser.
private User doFindUser(String userID, Set<String> attributes, StringBuffer filter, LDAPConnection con) throws LDAPException {
LDAPEntry ldapUser = null;
boolean isExternal = false;
LDAPSearchResults res = con.search(searchBase, 2, filter.toString(), this.toStringArray(attributes), false);
if (!res.hasMore()) {
if (this.allowExternalUsers) {
res = searchExternalUser(userID);
if (!res.hasMore()) {
return null;
}
isExternal = true;
} else {
return null;
}
}
try {
ldapUser = res.next();
while (res.hasMore()) res.next();
} catch (LDAPReferralException e) {
}
if (ldapUser == null) {
return null;
}
User user = new User(userID);
Iterator<LDAPAttribute> it = ldapUser.getAttributeSet().iterator();
while (it.hasNext()) {
LDAPAttribute attr = it.next();
Attribute userAttr = new Attribute(attr.getName());
String[] vals = attr.getStringValueArray();
for (int i = 0; i < vals.length; i++) {
userAttr.getValues().add(vals[i]);
}
user.getAttribs().put(userAttr.getName(), userAttr);
}
StringBuffer b = new StringBuffer();
// b.append("(uniqueMember=").append(ldapUser.getDN()).append(")");
String userDN = ldapUser.getDN();
if (isExternal) {
userDN = this.mapUnison2Dir(userDN);
}
res = con.search(searchBase, 2, equal(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getGroupMemberAttribute(), userDN).toString(), new String[] { "cn" }, false);
while (res.hasMore()) {
LDAPEntry group = res.next();
user.getGroups().add(group.getAttribute("cn").getStringValue());
}
return user;
}
Also used :
LDAPReferralException(com.novell.ldap.LDAPReferralException)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
LDAPEntry(com.novell.ldap.LDAPEntry)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
User(com.tremolosecurity.provisioning.core.User)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(com.tremolosecurity.saml.Attribute)
Example 5 with LDAPReferralException
use of com.novell.ldap.LDAPReferralException in project OpenUnison by TremoloSecurity.
the class UpdateApprovalAZListener method sendNotification.
private void sendNotification(String emailTemplate, ConfigManager cfg, Session session, String userKey) throws ProvisioningException {
try {
ArrayList<String> attrs = new ArrayList<String>();
// attrs.add("mail");
// attrs.add(cfg.getProvisioningEngine().getUserIDAttribute());
LDAPSearchResults res = cfg.getMyVD().search(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getLdapRoot(), 2, equal(cfg.getProvisioningEngine().getUserIDAttribute(), userKey).toString(), attrs);
if (!res.hasMore()) {
if (logger.isDebugEnabled()) {
logger.debug("Can not find '" + userKey + "'");
}
return;
}
LDAPEntry entry = res.next();
if (logger.isDebugEnabled()) {
logger.debug("Approver DN - " + entry.getDN());
LDAPAttributeSet attrsx = entry.getAttributeSet();
for (Object o : attrsx) {
LDAPAttribute attrx = (LDAPAttribute) o;
for (String val : attrx.getStringValueArray()) {
logger.debug("Approver Attribute '" + attrx.getName() + "'='" + val + "'");
}
}
}
String userID = entry.getAttribute(cfg.getProvisioningEngine().getUserIDAttribute()).getStringValue();
if (entry.getAttribute("mail") == null) {
StringBuffer b = new StringBuffer();
b.append("No email address for ").append(userKey);
logger.warn(b.toString());
} else {
String mail = entry.getAttribute("mail").getStringValue();
logger.debug("Sedning notification to '" + mail + "'");
cfg.getProvisioningEngine().sendNotification(mail, emailTemplate, new User(entry));
}
} catch (LDAPReferralException le) {
StringBuffer b = new StringBuffer();
b.append("User : '").append(userKey).append("' not found");
logger.warn(b.toString());
} catch (LDAPException le) {
if (le.getResultCode() == 32) {
StringBuffer b = new StringBuffer();
b.append("User : '").append(userKey).append("' not found");
logger.warn(b.toString());
} else {
throw new ProvisioningException("could not create approver", le);
}
} catch (Exception e) {
throw new ProvisioningException("Could not create approver", e);
}
}
Also used :
LDAPAttribute(com.novell.ldap.LDAPAttribute)
User(com.tremolosecurity.provisioning.core.User)
LDAPAttributeSet(com.novell.ldap.LDAPAttributeSet)
ArrayList(java.util.ArrayList)
LDAPException(com.novell.ldap.LDAPException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
SQLException(java.sql.SQLException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
JMSException(javax.jms.JMSException)
BadPaddingException(javax.crypto.BadPaddingException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
LDAPReferralException(com.novell.ldap.LDAPReferralException)
LDAPReferralException(com.novell.ldap.LDAPReferralException)
LDAPEntry(com.novell.ldap.LDAPEntry)
LDAPSearchResults(com.novell.ldap.LDAPSearchResults)
LDAPException(com.novell.ldap.LDAPException)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Aggregations
LDAPEntry (com.novell.ldap.LDAPEntry)9
LDAPReferralException (com.novell.ldap.LDAPReferralException)9
LDAPSearchResults (com.novell.ldap.LDAPSearchResults)9
LDAPAttribute (com.novell.ldap.LDAPAttribute)7
LDAPException (com.novell.ldap.LDAPException)5
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)5
LDAPModification (com.novell.ldap.LDAPModification)4
User (com.tremolosecurity.provisioning.core.User)4
Workflow (com.tremolosecurity.provisioning.core.Workflow)3
ArrayList (java.util.ArrayList)3
LDAPAttributeSet (com.novell.ldap.LDAPAttributeSet)2
Attribute (com.tremolosecurity.saml.Attribute)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
SQLException (java.sql.SQLException)2
GenPasswd (com.tremolosecurity.provisioning.util.GenPasswd)1
LdapConnection (com.tremolosecurity.provisioning.util.ldap.pool.LdapConnection)1
IOException (java.io.IOException)1
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)1
InvalidKeyException (java.security.InvalidKeyException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
