Search in sources :

Example 1 with MQGroup

use of com.sun.messaging.jmq.auth.jaas.MQGroup in project openmq by eclipse-ee4j.

the class LdapUserRepository method findGroups.

private void findGroups(String dn, Subject subject) throws NamingException {
    if (!grpsearch) {
        return;
    }
    Hashtable env = new Hashtable(11);
    env.put(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY);
    env.put(Context.PROVIDER_URL, server);
    env.put(Context.REFERRAL, "follow");
    if (bindDN != null) {
        env.put(Context.SECURITY_AUTHENTICATION, "simple");
        env.put(Context.SECURITY_PRINCIPAL, bindDN);
        env.put(Context.SECURITY_CREDENTIALS, bindPW);
    }
    if (sslprotocol) {
        env.put(Context.SECURITY_PROTOCOL, "ssl");
        if (sslfactory != null) {
            env.put("java.naming.ldap.factory.socket", sslfactory);
        }
    }
    DirContext ctx = null;
    try {
        ctx = new InitialDirContext(env);
        SearchControls ctls = new SearchControls();
        String[] attr = new String[1];
        attr[0] = gidattr;
        ctls.setReturningAttributes(attr);
        ctls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
        ctls.setTimeLimit(timelimitMillis);
        String filter = memattr + "=" + dn;
        if (grpfilter != null) {
            filter = "(&(" + grpfilter + ")(" + filter + "))";
        }
        if (DEBUG) {
            logger.log(Logger.INFO, "filter:" + filter + ":");
        }
        NamingEnumeration em = ctx.search(grpbase, filter, ctls);
        SearchResult sr = null;
        Attributes attrs = null;
        Attribute grp = null;
        String group = null;
        while (em.hasMore()) {
            sr = (SearchResult) em.next();
            if (!sr.isRelative()) {
                throw new NamingException(Globals.getBrokerResources().getKString(BrokerResources.X_LDAP_SEARCH_RESULT_NOT_RELATIVE, sr.getName()));
            }
            attrs = sr.getAttributes();
            if (attrs != null) {
                grp = attrs.get(gidattr);
                if (grp != null) {
                    group = (String) grp.get(0);
                    if (group != null && !group.equals("")) {
                        if (DEBUG) {
                            logger.log(Logger.INFO, "found group:" + group + ":");
                        }
                        final Subject tempSubject = subject;
                        final String tempGroup = group;
                        java.security.AccessController.doPrivileged(new PrivilegedAction<Object>() {

                            @Override
                            public Object run() {
                                tempSubject.getPrincipals().add(new MQGroup(tempGroup));
                                return null;
                            }
                        });
                    /*
                             * // subject.getPrincipals().add(new MQGroup(group));
                             */
                    }
                }
            }
        }
    } catch (Exception e) {
        if (e instanceof NamingException) {
            throw (NamingException) e;
        }
        NamingException ne = new NamingException(e.toString());
        ne.initCause(e);
        throw ne;
    } finally {
        if (ctx != null) {
            ctx.close();
        }
    }
}
Also used : Attribute(javax.naming.directory.Attribute) Attributes(javax.naming.directory.Attributes) NamingEnumeration(javax.naming.NamingEnumeration) SearchResult(javax.naming.directory.SearchResult) InitialDirContext(javax.naming.directory.InitialDirContext) DirContext(javax.naming.directory.DirContext) InitialDirContext(javax.naming.directory.InitialDirContext) MQGroup(com.sun.messaging.jmq.auth.jaas.MQGroup) Subject(javax.security.auth.Subject) LoginException(javax.security.auth.login.LoginException) NamingException(javax.naming.NamingException) FailedLoginException(com.sun.messaging.jmq.auth.api.FailedLoginException) SearchControls(javax.naming.directory.SearchControls) NamingException(javax.naming.NamingException)

Example 2 with MQGroup

use of com.sun.messaging.jmq.auth.jaas.MQGroup in project openmq by eclipse-ee4j.

the class JMQFileUserRepository method getSubject.

private Subject getSubject(String user, HashMap userRTable) {
    Subject subject = null;
    final String rolestr = (String) userRTable.get(user);
    final String tempUser = user;
    subject = (Subject) java.security.AccessController.doPrivileged(new PrivilegedAction<Object>() {

        @Override
        public Object run() {
            Subject tempSubject = new Subject();
            tempSubject.getPrincipals().add(new MQUser(tempUser));
            if (rolestr != null && !rolestr.trim().equals("")) {
                tempSubject.getPrincipals().add(new MQGroup(rolestr));
            }
            if (rolestr != null && rolestr.equals(ADMINGROUP)) {
                tempSubject.getPrincipals().add(new MQAdminGroup(ADMINGROUP));
            }
            return tempSubject;
        }
    });
    return subject;
}
Also used : MQAdminGroup(com.sun.messaging.jmq.auth.jaas.MQAdminGroup) MQUser(com.sun.messaging.jmq.auth.jaas.MQUser) MQGroup(com.sun.messaging.jmq.auth.jaas.MQGroup) Subject(javax.security.auth.Subject)

Aggregations

MQGroup (com.sun.messaging.jmq.auth.jaas.MQGroup)2 Subject (javax.security.auth.Subject)2 FailedLoginException (com.sun.messaging.jmq.auth.api.FailedLoginException)1 MQAdminGroup (com.sun.messaging.jmq.auth.jaas.MQAdminGroup)1 MQUser (com.sun.messaging.jmq.auth.jaas.MQUser)1 NamingEnumeration (javax.naming.NamingEnumeration)1 NamingException (javax.naming.NamingException)1 Attribute (javax.naming.directory.Attribute)1 Attributes (javax.naming.directory.Attributes)1 DirContext (javax.naming.directory.DirContext)1 InitialDirContext (javax.naming.directory.InitialDirContext)1 SearchControls (javax.naming.directory.SearchControls)1 SearchResult (javax.naming.directory.SearchResult)1 LoginException (javax.security.auth.login.LoginException)1