Search in sources :

Example 21 with AuthChainType

use of com.tremolosecurity.config.xml.AuthChainType in project OpenUnison by TremoloSecurity.

the class FormLoginAuthMech method doPost.

@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp, AuthStep as) throws ServletException, IOException {
    String userDN = null;
    MyVDConnection myvd = cfgMgr.getMyVD();
    // HttpSession session = (HttpSession) req.getAttribute(ConfigFilter.AUTOIDM_SESSION);//((HttpServletRequest) req).getSession(); //SharedSession.getSharedSession().getSession(req.getSession().getId());
    // SharedSession.getSharedSession().getSession(req.getSession().getId());
    HttpSession session = ((HttpServletRequest) req).getSession();
    UrlHolder holder = (UrlHolder) req.getAttribute(ProxyConstants.AUTOIDM_CFG);
    if (holder == null) {
        throw new ServletException("Holder is null");
    }
    RequestHolder reqHolder = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
    HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
    String uidAttr = "uid";
    if (authParams.get("uidAttr") != null) {
        uidAttr = authParams.get("uidAttr").getValues().get(0);
    }
    boolean uidIsFilter = false;
    if (authParams.get("uidIsFilter") != null) {
        uidIsFilter = authParams.get("uidIsFilter").getValues().get(0).equalsIgnoreCase("true");
    }
    String filter = "";
    if (uidIsFilter) {
        StringBuffer b = new StringBuffer();
        int lastIndex = 0;
        int index = uidAttr.indexOf('$');
        while (index >= 0) {
            b.append(uidAttr.substring(lastIndex, index));
            lastIndex = uidAttr.indexOf('}', index) + 1;
            String reqName = uidAttr.substring(index + 2, lastIndex - 1);
            b.append(req.getParameter(reqName));
            index = uidAttr.indexOf('$', index + 1);
        }
        b.append(uidAttr.substring(lastIndex));
        filter = b.toString();
    } else {
        StringBuffer b = new StringBuffer();
        String userParam = req.getParameter("user");
        b.append('(').append(uidAttr).append('=').append(userParam).append(')');
        if (userParam == null) {
            filter = "(!(objectClass=*))";
        } else {
            filter = equal(uidAttr, userParam).toString();
        }
    }
    String urlChain = holder.getUrl().getAuthChain();
    AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
    AuthMechType amt = act.getAuthMech().get(as.getId());
    String password = req.getParameter("pwd");
    if (password == null || password.trim().length() == 0) {
        as.setSuccess(false);
        holder.getConfig().getAuthManager().nextAuth(req, resp, session, false);
        return;
    }
    try {
        LDAPSearchResults res = myvd.search(AuthUtil.getChainRoot(cfgMgr, act), 2, filter, new ArrayList<String>());
        if (res.hasMore()) {
            LDAPEntry entry = res.next();
            userDN = entry.getDN();
            myvd.bind(entry.getDN(), req.getParameter("pwd"));
            Iterator<LDAPAttribute> it = entry.getAttributeSet().iterator();
            AuthInfo authInfo = new AuthInfo(entry.getDN(), (String) session.getAttribute(ProxyConstants.AUTH_MECH_NAME), act.getName(), act.getLevel());
            ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).setAuthInfo(authInfo);
            while (it.hasNext()) {
                LDAPAttribute attrib = it.next();
                Attribute attr = new Attribute(attrib.getName());
                String[] vals = attrib.getStringValueArray();
                for (int i = 0; i < vals.length; i++) {
                    attr.getValues().add(vals[i]);
                }
                authInfo.getAttribs().put(attr.getName(), attr);
            }
            as.setSuccess(true);
        } else {
            req.setAttribute(ProxyConstants.AUTH_FAILED_USER_DN, userDN);
            as.setSuccess(false);
        }
    } catch (LDAPException e) {
        if (e.getResultCode() != LDAPException.INVALID_CREDENTIALS) {
            logger.error("Could not authenticate user", e);
        }
        req.setAttribute(ProxyConstants.AUTH_FAILED_USER_DN, userDN);
        as.setSuccess(false);
    }
    String redirectToURL = req.getParameter("target");
    if (redirectToURL != null && !redirectToURL.isEmpty()) {
        reqHolder.setURL(redirectToURL);
    }
    ProxyRequest pr = (ProxyRequest) req;
    pr.removeParameter("pwd");
    pr.removeParameter("user");
    holder.getConfig().getAuthManager().nextAuth(req, resp, session, false);
}
Also used : LDAPAttribute(com.novell.ldap.LDAPAttribute) HashMap(java.util.HashMap) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) ServletException(javax.servlet.ServletException) LDAPEntry(com.novell.ldap.LDAPEntry) ProxyRequest(com.tremolosecurity.proxy.ProxyRequest) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) MyVDConnection(com.tremolosecurity.proxy.myvd.MyVDConnection) LDAPAttribute(com.novell.ldap.LDAPAttribute) TremoloHttpSession(com.tremolosecurity.proxy.TremoloHttpSession) HttpSession(javax.servlet.http.HttpSession) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) LDAPSearchResults(com.novell.ldap.LDAPSearchResults) LDAPException(com.novell.ldap.LDAPException)

Example 22 with AuthChainType

use of com.tremolosecurity.config.xml.AuthChainType in project OpenUnison by TremoloSecurity.

the class IWAAuth method doGet.

@Override
public void doGet(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws IOException, ServletException {
    String header = request.getHeader("Authorization");
    HttpSession session = ((HttpServletRequest) request).getSession();
    HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
    if (header == null) {
        sendFail(request, response, as);
        return;
    }
    SpnegoPrincipal principal = null;
    for (String realm : this.domains.keySet()) {
        SpnegoAuthenticator authenticator = this.domains.get(realm);
        final SpnegoHttpServletResponse spnegoResponse = new SpnegoHttpServletResponse((HttpServletResponse) response);
        try {
            principal = authenticator.authenticate(request, spnegoResponse);
            break;
        } catch (GSSException gsse) {
            logger.error("Could not authenticate IWA user", gsse);
        } catch (Throwable t) {
            logger.error("Could not authenticate IWA user", t);
        }
    }
    if (principal == null) {
        sendFail(request, response, as);
        return;
    }
    MyVDConnection myvd = cfgMgr.getMyVD();
    UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
    RequestHolder reqHolder = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
    // holder.getConfig().getAuthChains().get(urlChain);
    AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
    AuthMechType amt = act.getAuthMech().get(as.getId());
    try {
        StringBuffer b = new StringBuffer();
        b.append("(userPrincipalName=").append(principal.toString()).append(")");
        LDAPSearchResults res = myvd.search(AuthUtil.getChainRoot(cfgMgr, act), 2, equal("userPrincipalName", principal.toString()).toString(), new ArrayList<String>());
        if (res.hasMore()) {
            logger.info("Loading user attributes");
            LDAPEntry entry = res.next();
            Iterator<LDAPAttribute> it = entry.getAttributeSet().iterator();
            AuthInfo authInfo = new AuthInfo(entry.getDN(), (String) session.getAttribute(ProxyConstants.AUTH_MECH_NAME), act.getName(), act.getLevel());
            ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).setAuthInfo(authInfo);
            while (it.hasNext()) {
                LDAPAttribute attrib = it.next();
                Attribute attr = new Attribute(attrib.getName());
                String[] vals = attrib.getStringValueArray();
                for (int i = 0; i < vals.length; i++) {
                    attr.getValues().add(vals[i]);
                }
                authInfo.getAttribs().put(attr.getName(), attr);
            }
            as.setSuccess(true);
            request.getSession().removeAttribute("TREMOLO_IWA_CHECKED");
        } else {
            logger.info("user not found, failing");
            as.setSuccess(false);
        }
    } catch (LDAPException e) {
        logger.error("Could not authenticate user", e);
        as.setSuccess(false);
        sendFail(request, response, as);
        return;
    /*if (amt.getRequired().equals("required")) {
				session.setAttribute(AuthSys.AUTH_RES, false);
			}*/
    }
    holder.getConfig().getAuthManager().nextAuth(request, response, session, true);
}
Also used : LDAPAttribute(com.novell.ldap.LDAPAttribute) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) LDAPEntry(com.novell.ldap.LDAPEntry) GSSException(org.ietf.jgss.GSSException) SpnegoHttpServletResponse(net.sourceforge.spnego.SpnegoHttpServletResponse) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) MyVDConnection(com.tremolosecurity.proxy.myvd.MyVDConnection) LDAPAttribute(com.novell.ldap.LDAPAttribute) HttpSession(javax.servlet.http.HttpSession) SpnegoPrincipal(net.sourceforge.spnego.SpnegoPrincipal) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) SpnegoAuthenticator(net.sourceforge.spnego.SpnegoAuthenticator) LDAPSearchResults(com.novell.ldap.LDAPSearchResults) LDAPException(com.novell.ldap.LDAPException)

Example 23 with AuthChainType

use of com.tremolosecurity.config.xml.AuthChainType in project OpenUnison by TremoloSecurity.

the class SendMessageThread method doGet.

@Override
public void doGet(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws IOException, ServletException {
    if (!this.enabled) {
        throw new ServletException("Operation Not Supported");
    }
    // SharedSession.getSharedSession().getSession(req.getSession().getId());
    HttpSession session = ((HttpServletRequest) request).getSession();
    UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
    if (holder == null) {
        String finalURL = this.getFinalURL(request, response);
        try {
            holder = cfgMgr.findURL(finalURL);
            request.setAttribute(ProxyConstants.AUTOIDM_CFG, holder);
        } catch (Exception e) {
            throw new ServletException("Could not run authentication", e);
        }
    }
    RequestHolder reqHolder = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
    HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
    if (request.getParameter("email") != null) {
        AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
        String splashRedirect = authParams.get("splashRedirect").getValues().get(0);
        String noUserSplash = authParams.get("noUserSplash").getValues().get(0);
        generateResetKey(request, response, splashRedirect, noUserSplash, as, act, this.lookupAttributeName);
        return;
    } else if (request.getParameter("key") == null) {
        String emailCollectionRedir = authParams.get("emailCollectionRedir").getValues().get(0);
        response.sendRedirect(emailCollectionRedir);
        return;
    } else {
        String key = request.getParameter("key");
        org.hibernate.Session con = null;
        try {
            con = this.sessionFactory.openSession();
            String urlChain = holder.getUrl().getAuthChain();
            AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
            if (as == null || ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getAuthSteps().size() == 0) {
                // like saml2 idp initiated, this is a special use case
                ArrayList<AuthStep> auths = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getAuthSteps();
                int id = 0;
                for (AuthMechType amt : act.getAuthMech()) {
                    AuthStep asx = new AuthStep();
                    asx.setId(id);
                    asx.setExecuted(false);
                    asx.setRequired(amt.getRequired().equals("required"));
                    asx.setSuccess(false);
                    auths.add(asx);
                    id++;
                }
                as = auths.get(0);
            }
            AuthMechType amt = act.getAuthMech().get(as.getId());
            finishLogin(request, response, session, act, as.getId(), amt, minValidKey, key, con, reqHolder, as);
        } catch (SQLException e) {
            throw new ServletException("Could not complete login", e);
        } finally {
            if (con != null) {
                con.close();
            }
        }
    }
}
Also used : LDAPAttribute(com.novell.ldap.LDAPAttribute) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) SQLException(java.sql.SQLException) HttpSession(javax.servlet.http.HttpSession) ArrayList(java.util.ArrayList) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) AuthStep(com.tremolosecurity.proxy.auth.util.AuthStep) ServletException(javax.servlet.ServletException) MessagingException(javax.mail.MessagingException) LDAPException(com.novell.ldap.LDAPException) SQLException(java.sql.SQLException) MalformedURLException(java.net.MalformedURLException) IOException(java.io.IOException) ServletException(javax.servlet.ServletException) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) HttpSession(javax.servlet.http.HttpSession) Session(javax.mail.Session)

Example 24 with AuthChainType

use of com.tremolosecurity.config.xml.AuthChainType in project OpenUnison by TremoloSecurity.

the class PersistentCookie method doWork.

private void doWork(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws IOException, ServletException {
    as.setExecuted(true);
    MyVDConnection myvd = cfgMgr.getMyVD();
    // HttpSession session = (HttpSession) req.getAttribute(ConfigFilter.AUTOIDM_SESSION);//((HttpServletRequest) req).getSession(); //SharedSession.getSharedSession().getSession(req.getSession().getId());
    // SharedSession.getSharedSession().getSession(req.getSession().getId());
    HttpSession session = ((HttpServletRequest) request).getSession();
    UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
    if (holder == null) {
        throw new ServletException("Holder is null");
    }
    RequestHolder reqHolder = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
    String urlChain = holder.getUrl().getAuthChain();
    AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
    HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
    Attribute attr = authParams.get("cookieName");
    if (attr == null) {
        throw new ServletException("No cookie name specified");
    }
    String cookieName = attr.getValues().get(0);
    boolean useSSLSessionID;
    attr = authParams.get("useSSLSessionID");
    if (attr == null) {
        useSSLSessionID = false;
    } else {
        useSSLSessionID = attr.getValues().get(0).equalsIgnoreCase("true");
    }
    attr = authParams.get("millisToLive");
    if (attr == null) {
        throw new ServletException("No milliseconds to live specified");
    }
    long millisToLive = Long.parseLong(attr.getValues().get(0));
    attr = authParams.get("keyAlias");
    if (attr == null) {
        throw new ServletException("No key name specified");
    }
    String keyAlias = attr.getValues().get(0);
    Cookie authCookie = null;
    if (request.getCookies() == null) {
        as.setSuccess(false);
        holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
        return;
    }
    for (Cookie cookie : request.getCookies()) {
        if (cookie.getName().equalsIgnoreCase(cookieName)) {
            authCookie = cookie;
            break;
        }
    }
    if (authCookie == null) {
        as.setSuccess(false);
        holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
        return;
    }
    com.tremolosecurity.lastmile.LastMile lastmile = new com.tremolosecurity.lastmile.LastMile();
    SecretKey key = this.cfgMgr.getSecretKey(keyAlias);
    if (key == null) {
        throw new ServletException("Secret key '" + keyAlias + "' does not exist");
    }
    try {
        String cookieVal = authCookie.getValue();
        if (cookieVal.startsWith("\"")) {
            cookieVal = cookieVal.substring(1, cookieVal.length() - 1);
        }
        lastmile.loadLastMielToken(cookieVal, key);
    } catch (Exception e) {
        logger.warn("Could not decrypt cookie", e);
        as.setSuccess(false);
        holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
        return;
    }
    if (!lastmile.isValid()) {
        logger.warn("Cookie no longer valid");
        as.setSuccess(false);
        holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
        return;
    }
    boolean found = false;
    boolean validip = false;
    boolean validSslSessionId = !useSSLSessionID;
    String dn = null;
    for (Attribute attrib : lastmile.getAttributes()) {
        if (attrib.getName().equalsIgnoreCase("CLIENT_IP")) {
            validip = attrib.getValues().get(0).equals(request.getRemoteAddr());
        } else if (attrib.getName().equalsIgnoreCase("DN")) {
            dn = attrib.getValues().get(0);
        } else if (attrib.getName().equalsIgnoreCase("SSL_SESSION_ID")) {
            Object sessionID = request.getAttribute("javax.servlet.request.ssl_session_id");
            if (sessionID instanceof byte[]) {
                sessionID = new String(Base64.encodeBase64((byte[]) sessionID));
            }
            validSslSessionId = attrib.getValues().get(0).equals(sessionID);
        }
    }
    if (dn != null && validip && validSslSessionId) {
        try {
            LDAPSearchResults res = myvd.search(dn, 0, "(objectClass=*)", new ArrayList<String>());
            if (res.hasMore()) {
                LDAPEntry entry = res.next();
                Iterator<LDAPAttribute> it = entry.getAttributeSet().iterator();
                AuthInfo authInfo = new AuthInfo(entry.getDN(), (String) session.getAttribute(ProxyConstants.AUTH_MECH_NAME), act.getName(), act.getLevel());
                ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).setAuthInfo(authInfo);
                while (it.hasNext()) {
                    LDAPAttribute ldapattr = it.next();
                    attr = new Attribute(ldapattr.getName());
                    String[] vals = ldapattr.getStringValueArray();
                    for (int i = 0; i < vals.length; i++) {
                        attr.getValues().add(vals[i]);
                    }
                    authInfo.getAttribs().put(attr.getName(), attr);
                }
                as.setSuccess(true);
            } else {
                as.setSuccess(false);
            }
        } catch (LDAPException e) {
            if (e.getResultCode() != LDAPException.INVALID_CREDENTIALS) {
                logger.error("Could not authenticate user", e);
            }
            as.setSuccess(false);
        }
    } else {
        as.setSuccess(false);
    }
    holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
}
Also used : LDAPAttribute(com.novell.ldap.LDAPAttribute) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) RequestHolder(com.tremolosecurity.proxy.auth.RequestHolder) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) ServletException(javax.servlet.ServletException) LDAPEntry(com.novell.ldap.LDAPEntry) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) MyVDConnection(com.tremolosecurity.proxy.myvd.MyVDConnection) Cookie(javax.servlet.http.Cookie) LDAPAttribute(com.novell.ldap.LDAPAttribute) AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo) HttpSession(javax.servlet.http.HttpSession) AuthController(com.tremolosecurity.proxy.auth.AuthController) LDAPException(com.novell.ldap.LDAPException) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) SecretKey(javax.crypto.SecretKey) LDAPSearchResults(com.novell.ldap.LDAPSearchResults) LDAPException(com.novell.ldap.LDAPException)

Example 25 with AuthChainType

use of com.tremolosecurity.config.xml.AuthChainType in project OpenUnison by TremoloSecurity.

the class SecretQuestionAuth method doPost.

@Override
public void doPost(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws IOException, ServletException {
    MyVDConnection myvd = cfgMgr.getMyVD();
    // HttpSession session = (HttpSession) req.getAttribute(ConfigFilter.AUTOIDM_SESSION);//((HttpServletRequest) req).getSession(); //SharedSession.getSharedSession().getSession(req.getSession().getId());
    // SharedSession.getSharedSession().getSession(req.getSession().getId());
    HttpSession session = ((HttpServletRequest) request).getSession();
    UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
    RequestHolder reqHolder = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
    HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
    String alg = authParams.get("alg").getValues().get(0);
    String salt = authParams.get("salt").getValues().get(0);
    String urlChain = holder.getUrl().getAuthChain();
    AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
    AuthMechType amt = act.getAuthMech().get(as.getId());
    ArrayList<SecretQuestion> questions = (ArrayList<SecretQuestion>) request.getSession(true).getAttribute("TREMOLO_SECRET_ANSWERS");
    if (questions == null) {
        this.doGet(request, response, as);
        return;
    }
    int i = 0;
    StringBuffer b = new StringBuffer();
    for (SecretQuestion sq : questions) {
        b.setLength(0);
        b.append("answer").append(i);
        String answer = request.getParameter(b.toString());
        if (!sq.checkAnswer(alg, answer, salt)) {
            if (amt.getRequired().equals("required")) {
                as.setSuccess(false);
                holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
                return;
            }
        }
        i++;
    }
    as.setSuccess(true);
    holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
}
Also used : Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) HttpSession(javax.servlet.http.HttpSession) ArrayList(java.util.ArrayList) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) RequestHolder(com.tremolosecurity.proxy.auth.RequestHolder) AuthController(com.tremolosecurity.proxy.auth.AuthController) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) MyVDConnection(com.tremolosecurity.proxy.myvd.MyVDConnection)

Aggregations

AuthChainType (com.tremolosecurity.config.xml.AuthChainType)52 UrlHolder (com.tremolosecurity.config.util.UrlHolder)34 AuthMechType (com.tremolosecurity.config.xml.AuthMechType)34 HttpSession (javax.servlet.http.HttpSession)33 HashMap (java.util.HashMap)32 ServletException (javax.servlet.ServletException)32 Attribute (com.tremolosecurity.saml.Attribute)28 HttpServletRequest (javax.servlet.http.HttpServletRequest)28 IOException (java.io.IOException)21 AuthController (com.tremolosecurity.proxy.auth.AuthController)19 LDAPException (com.novell.ldap.LDAPException)18 LDAPAttribute (com.novell.ldap.LDAPAttribute)17 AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)14 RequestHolder (com.tremolosecurity.proxy.auth.RequestHolder)13 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)12 MalformedURLException (java.net.MalformedURLException)10 LDAPSearchResults (com.novell.ldap.LDAPSearchResults)9 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)9 ArrayList (java.util.ArrayList)9 LDAPEntry (com.novell.ldap.LDAPEntry)8