Examples with BerDecoder com.sun.jndi.ldap.BerDecoder used on opensource projects

Search in sources :

Example 1 with BerDecoder

use of com.sun.jndi.ldap.BerDecoder in project adempiere by adempiere.

the class LdapMessage method decode.

// reset()
/**
	 * 	Decode Message
	 *	@param data input buffer
	 *  @param length buffer size
	 */
public void decode(byte[] data, int length) {
    try {
        // Create the decoder
        decoder = new BerDecoder(data, 0, length);
    } catch (Exception e) {
        log.log(Level.SEVERE, data.toString(), e);
        return;
    }
    try {
        // Parse the message envelope
        decoder.parseSeq(null);
        //  Parse message Id
        msgId = decoder.parseInt();
        // Parse the operation protocol
        m_protocolOp = decoder.parseSeq(null);
        //	Payload
        if (m_protocolOp == BIND_REQUEST)
            handleBind();
        else if (m_protocolOp == UNBIND_REQUEST)
            log.info("#" + msgId + ": unbind");
        else if (m_protocolOp == SEARCH_REQUEST)
            handleSearch();
        else // Only supoort BIND, UNBIND and SEARCH
        {
            result.setErrorNo(LdapResult.LDAP_PROTOCOL_ERROR);
            result.setErrorString(": Unsupported Request");
            log.warning("#" + msgId + ": Unknown Op + " + m_protocolOp);
        }
    } catch (Exception ex) {
        result.setErrorNo(LdapResult.LDAP_PROTOCOL_ERROR);
        log.log(Level.SEVERE, "", ex);
    }
}
Also used : BerDecoder(com.sun.jndi.ldap.BerDecoder)

Example 2 with BerDecoder

use of com.sun.jndi.ldap.BerDecoder in project lobcder by skoulouzis.

the class LdapConnection method _handleRequest.

protected void _handleRequest(byte[] inbuf, int offset) throws IOException {
    // dumpBer(inbuf, offset);
    BerDecoder reqBer = new BerDecoder(inbuf, 0, offset);
    int currentMessageId = 0;
    try {
        reqBer.parseSeq(null);
        currentMessageId = reqBer.parseInt();
        int requestOperation = reqBer.peekByte();
        if (requestOperation == Ldap.LDAP_REQ_BIND) {
            reqBer.parseSeq(null);
            responseHandler.setVersion(reqBer.parseInt());
            userName = reqBer.parseString(responseHandler.isLdapV3());
            log.info("Bind user name: " + userName);
            if (reqBer.peekByte() == (Ber.ASN_CONTEXT | Ber.ASN_CONSTRUCTOR | 3)) {
                // SASL authentication
                reqBer.parseSeq(null);
                // Get mechanism, usually DIGEST-MD5
                String mechanism = reqBer.parseString(responseHandler.isLdapV3());
                byte[] serverResponse;
                CallbackHandler callbackHandler = new CallbackHandler() {

                    @Override
                    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
                        // look for username in callbacks
                        for (Callback callback : callbacks) {
                            if (callback instanceof NameCallback) {
                                userName = ((NameCallback) callback).getDefaultName();
                                // get password from session pool
                                password = userFactory.getUserPassword(userName);
                            }
                        }
                        // handle other callbacks
                        for (Callback callback : callbacks) {
                            if (callback instanceof AuthorizeCallback) {
                                ((AuthorizeCallback) callback).setAuthorized(true);
                            } else if (callback instanceof PasswordCallback) {
                                if (password != null) {
                                    ((PasswordCallback) callback).setPassword(password.toCharArray());
                                }
                            }
                        }
                    }
                };
                int status;
                if (reqBer.bytesLeft() > 0 && saslServer != null) {
                    byte[] clientResponse = reqBer.parseOctetString(Ber.ASN_OCTET_STR, null);
                    serverResponse = saslServer.evaluateResponse(clientResponse);
                    status = Ldap.LDAP_SUCCESS;
                    LogUtils.debug(log, "LOG_LDAP_REQ_BIND_USER", currentMessageId, userName);
                    user = userFactory.getUser(userName, password);
                    if (user != null) {
                        LogUtils.debug(log, "LOG_LDAP_REQ_BIND_SUCCESS");
                    } else {
                        LogUtils.debug(log, "LOG_LDAP_REQ_BIND", "No user! " + userName);
                    }
                } else {
                    Map<String, String> properties = new HashMap<String, String>();
                    properties.put("javax.security.sasl.qop", "auth,auth-int");
                    saslServer = Sasl.createSaslServer(mechanism, "ldap", client.getLocalAddress().getHostAddress(), properties, callbackHandler);
                    serverResponse = saslServer.evaluateResponse(EMPTY_BYTE_ARRAY);
                    status = Ldap.LDAP_SASL_BIND_IN_PROGRESS;
                }
                responseHandler.sendBindResponse(currentMessageId, status, serverResponse);
            } else {
                password = reqBer.parseStringWithTag(Ber.ASN_CONTEXT, responseHandler.isLdapV3(), null);
                if (userName.length() > 0 && password.length() > 0) {
                    log.debug("LOG_LDAP_REQ_BIND_USER", currentMessageId, userName);
                    try {
                        user = userFactory.getUser(userName, password);
                        LogUtils.debug(log, "LOG_LDAP_REQ_BIND_SUCCESS");
                        responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_BIND, Ldap.LDAP_SUCCESS, "");
                    } catch (IOException e) {
                        LogUtils.debug(log, "LOG_LDAP_REQ_BIND_INVALID_CREDENTIALS");
                        responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_BIND, Ldap.LDAP_INVALID_CREDENTIALS, "");
                    }
                } else {
                    LogUtils.debug(log, "LOG_LDAP_REQ_BIND_ANONYMOUS", currentMessageId);
                    // anonymous bind
                    responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_BIND, Ldap.LDAP_SUCCESS, "");
                }
            }
        } else if (requestOperation == Ldap.LDAP_REQ_UNBIND) {
            log.debug("LOG_LDAP_REQ_UNBIND", currentMessageId);
            if (user != null) {
                user = null;
            }
        } else if (requestOperation == Ldap.LDAP_REQ_SEARCH) {
            reqBer.parseSeq(null);
            String dn = reqBer.parseString(responseHandler.isLdapV3());
            log.info("Parsed DN: " + dn);
            int scope = reqBer.parseEnumeration();
            /*
                 * int derefAliases =
                 */
            reqBer.parseEnumeration();
            int sizeLimit = reqBer.parseInt();
            if (sizeLimit > 100 || sizeLimit == 0) {
                sizeLimit = 100;
            }
            int timelimit = reqBer.parseInt();
            /*
                 * boolean typesOnly =
                 */
            reqBer.parseBoolean();
            LdapFilter ldapFilter = ldapParser.parseFilter(reqBer, user, userName);
            Set<String> returningAttributes = ldapParser.parseReturningAttributes(reqBer);
            SearchRunnable searchRunnable = new SearchRunnable(userFactory, propertyMapper, currentMessageId, dn, scope, sizeLimit, timelimit, ldapFilter, returningAttributes, responseHandler, user, searchManager);
            if (Ldap.BASE_CONTEXT.equalsIgnoreCase(dn) || Ldap.OD_USER_CONTEXT.equalsIgnoreCase(dn) || Ldap.OD_USER_CONTEXT_LION.equalsIgnoreCase(dn)) {
                // launch search in a separate thread
                searchManager.beginAsyncSearch(this, currentMessageId, searchRunnable);
            } else {
                // no need to create a separate thread, just run
                searchManager.search(this, searchRunnable);
            }
        } else if (requestOperation == Ldap.LDAP_REQ_ABANDON) {
            searchManager.abandonSearch(this, currentMessageId, reqBer);
        } else {
            LogUtils.debug(log, "LOG_LDAP_UNSUPPORTED_OPERATION", requestOperation);
            responseHandler.sendClient(currentMessageId, Ldap.LDAP_REP_RESULT, Ldap.LDAP_OTHER, "Unsupported operation");
        }
    } catch (IOException e) {
        responseHandler.dumpBer(inbuf, offset);
        try {
            responseHandler.sendErr(currentMessageId, Ldap.LDAP_REP_RESULT, e);
        } catch (IOException e2) {
            log.debug("LOG_EXCEPTION_SENDING_ERROR_TO_CLIENT", e2);
        }
        throw e;
    }
}
Also used : HashMap(java.util.HashMap) BerDecoder(com.sun.jndi.ldap.BerDecoder) IOException(java.io.IOException) AuthorizeCallback(javax.security.sasl.AuthorizeCallback) AuthorizeCallback(javax.security.sasl.AuthorizeCallback)

Aggregations

BerDecoder (com.sun.jndi.ldap.BerDecoder)2 IOException (java.io.IOException)1 HashMap (java.util.HashMap)1 AuthorizeCallback (javax.security.sasl.AuthorizeCallback)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial