Examples with MyVDConnection com.tremolosecurity.proxy.myvd.MyVDConnection used on opensource projects

Search in sources :

Example 11 with MyVDConnection

use of com.tremolosecurity.proxy.myvd.MyVDConnection in project OpenUnison by TremoloSecurity.

the class UserOnlyAuthMech method doPost.

@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp, AuthStep as) throws ServletException, IOException {
    MyVDConnection myvd = cfgMgr.getMyVD();
    // HttpSession session = (HttpSession) req.getAttribute(ConfigFilter.AUTOIDM_SESSION);//((HttpServletRequest) req).getSession(); //SharedSession.getSharedSession().getSession(req.getSession().getId());
    // SharedSession.getSharedSession().getSession(req.getSession().getId());
    HttpSession session = ((HttpServletRequest) req).getSession();
    UrlHolder holder = (UrlHolder) req.getAttribute(ProxyConstants.AUTOIDM_CFG);
    RequestHolder reqHolder = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
    HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
    String uidAttr = "uid";
    if (authParams.get("uidAttr") != null) {
        uidAttr = authParams.get("uidAttr").getValues().get(0);
    }
    boolean uidIsFilter = false;
    if (authParams.get("uidIsFilter") != null) {
        uidIsFilter = authParams.get("uidIsFilter").getValues().get(0).equalsIgnoreCase("true");
    }
    String noUserJSP = authParams.get("noUserJSP").getValues().get(0);
    String filter = "";
    if (uidIsFilter) {
        StringBuffer b = new StringBuffer();
        int lastIndex = 0;
        int index = uidAttr.indexOf('$');
        while (index >= 0) {
            b.append(uidAttr.substring(lastIndex, index));
            lastIndex = uidAttr.indexOf('}', index) + 1;
            String reqName = uidAttr.substring(index + 2, lastIndex - 1);
            b.append(req.getParameter(reqName));
            index = uidAttr.indexOf('$', index + 1);
        }
        b.append(uidAttr.substring(lastIndex));
        filter = b.toString();
    } else {
        StringBuffer b = new StringBuffer();
        b.append("(").append(uidAttr).append("=").append(req.getParameter("user")).append(")");
        filter = b.toString();
    }
    String urlChain = holder.getUrl().getAuthChain();
    AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
    AuthMechType amt = act.getAuthMech().get(as.getId());
    try {
        LDAPSearchResults res = myvd.search(AuthUtil.getChainRoot(cfgMgr, act), 2, filter, new ArrayList<String>());
        if (res.hasMore()) {
            LDAPEntry entry = res.next();
            Iterator<LDAPAttribute> it = entry.getAttributeSet().iterator();
            AuthInfo authInfo = new AuthInfo(entry.getDN(), (String) session.getAttribute(ProxyConstants.AUTH_MECH_NAME), act.getName(), act.getLevel());
            ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).setAuthInfo(authInfo);
            while (it.hasNext()) {
                LDAPAttribute attrib = it.next();
                Attribute attr = new Attribute(attrib.getName());
                String[] vals = attrib.getStringValueArray();
                for (int i = 0; i < vals.length; i++) {
                    attr.getValues().add(vals[i]);
                }
                authInfo.getAttribs().put(attr.getName(), attr);
            }
            as.setSuccess(true);
        } else {
            as.setSuccess(false);
            resp.sendRedirect(noUserJSP);
            return;
        }
    } catch (LDAPException e) {
        logger.error("Could not find user", e);
        as.setSuccess(false);
        resp.sendRedirect(noUserJSP);
        return;
    }
    String redirectToURL = req.getParameter("target");
    if (redirectToURL != null && !redirectToURL.isEmpty()) {
        reqHolder.setURL(redirectToURL);
    }
    holder.getConfig().getAuthManager().nextAuth(req, resp, session, false);
}
Also used : LDAPAttribute(com.novell.ldap.LDAPAttribute) LDAPAttribute(com.novell.ldap.LDAPAttribute) HashMap(java.util.HashMap) TremoloHttpSession(com.tremolosecurity.proxy.TremoloHttpSession) HttpSession(javax.servlet.http.HttpSession) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) LDAPEntry(com.novell.ldap.LDAPEntry) LDAPSearchResults(com.novell.ldap.LDAPSearchResults) LDAPException(com.novell.ldap.LDAPException) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) MyVDConnection(com.tremolosecurity.proxy.myvd.MyVDConnection)

Example 12 with MyVDConnection

use of com.tremolosecurity.proxy.myvd.MyVDConnection in project OpenUnison by TremoloSecurity.

the class ForRemoval method loadMyVD.

@Override
public void loadMyVD(String path, String myVdPath) throws Exception {
    String myvdConfigPath = unisonConfig.getMyvdConfig();
    if (myvdConfigPath != null) {
        Properties props = new Properties();
        InputStream in;
        if (myvdConfigPath.startsWith("WEB-INF")) {
            in = new ByteArrayInputStream(OpenUnisonConfigLoader.generateOpenUnisonConfig(ctx.getRealPath("/" + myvdConfigPath)).getBytes("UTF-8"));
        } else {
            in = new ByteArrayInputStream(OpenUnisonConfigLoader.generateOpenUnisonConfig(myvdConfigPath).getBytes("UTF-8"));
        }
        props.load(in);
        this.myvd = new ServerCore(props);
        this.myvd.startService();
        this.con = new MyVDConnection(this.myvd);
    }
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) ServerCore(net.sourceforge.myvd.server.ServerCore) Properties(java.util.Properties) MyVDConnection(com.tremolosecurity.proxy.myvd.MyVDConnection)

Example 13 with MyVDConnection

use of com.tremolosecurity.proxy.myvd.MyVDConnection in project OpenUnison by TremoloSecurity.

the class SearchService method doGet.

@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    resp.setContentType("text/json");
    try {
        String filter = "";
        String base = "";
        int scope = 0;
        if (req.getParameter("uid") != null) {
            StringBuffer sfilter = new StringBuffer();
            sfilter.append("(uid=").append(req.getParameter("uid")).append(')');
            if (logger.isDebugEnabled()) {
                logger.debug("UID Filter : '" + sfilter.toString() + "'");
            }
            filter = sfilter.toString();
            base = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getLdapRoot();
            scope = 2;
        } else if (req.getParameter("dn") != null) {
            filter = "(objectClass=*)";
            base = req.getParameter("dn");
            if (logger.isDebugEnabled()) {
                logger.debug("Base DN : '" + base + "'");
            }
            scope = 0;
        } else if (req.getParameter("filter") != null) {
            filter = req.getParameter("filter");
            if (logger.isDebugEnabled()) {
                logger.debug("Filter : '" + filter + "'");
            }
            base = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getLdapRoot();
            scope = 2;
        }
        ArrayList<String> attrs = new ArrayList<String>();
        String[] attrNames = req.getParameterValues("attr");
        boolean uidFound = false;
        if (attrNames != null) {
            for (String attrName : attrNames) {
                if (attrName.equalsIgnoreCase("uid")) {
                    uidFound = true;
                }
                attrs.add(attrName);
            }
            if (!uidFound) {
                attrs.add("uid");
            }
        }
        MyVDConnection con = GlobalEntries.getGlobalEntries().getConfigManager().getMyVD();
        LDAPSearchResults res = con.search(base, scope, filter, attrs);
        if (!res.hasMore()) {
            ProvisioningException ex = new ProvisioningException("User not found");
            ex.setPrintStackTrace(false);
            throw ex;
        }
        LDAPEntry entry = res.next();
        TremoloUser user = new TremoloUser();
        user.setDn(entry.getDN());
        int lq = entry.getDN().lastIndexOf(',');
        int fq = entry.getDN().lastIndexOf('=', lq - 1) + 1;
        user.setDirectory(entry.getDN().substring(fq, lq));
        for (Object attr : entry.getAttributeSet()) {
            LDAPAttribute attribute = (LDAPAttribute) attr;
            Attribute usrAttr = new Attribute(attribute.getName());
            if (attribute.getName().equalsIgnoreCase("uid")) {
                user.setUid(attribute.getStringValue());
                if (!uidFound && attrs.size() > 1) {
                    continue;
                }
            }
            for (String val : attribute.getStringValueArray()) {
                usrAttr.getValues().add(val);
            }
            user.getAttributes().add(usrAttr);
        }
        while (res.hasMore()) res.next();
        ArrayList<String> reqAttrs = new ArrayList<String>();
        reqAttrs.add("cn");
        StringBuffer b = new StringBuffer();
        b.append("(").append(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getGroupMemberAttribute()).append(")=").append(user.getDn()).append(")");
        res = con.search(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getLdapRoot(), 2, equal(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getGroupMemberAttribute(), user.getDn()).toString(), reqAttrs);
        while (res.hasMore()) {
            entry = res.next();
            LDAPAttribute groups = entry.getAttribute("cn");
            for (String val : groups.getStringValueArray()) {
                user.getGroups().add(val);
            }
        }
        ProvisioningResult resObj = new ProvisioningResult();
        resObj.setSuccess(true);
        resObj.setUser(user);
        Gson gson = new GsonBuilder().setPrettyPrinting().create();
        // System.out.println(gson.toJson(user));
        resp.getWriter().print(gson.toJson(resObj));
    } catch (ProvisioningException pe) {
        if (pe.isPrintStackTrace()) {
            logger.error("Error searching for a user", pe);
        } else {
            logger.warn(pe.toString());
        }
        resp.setStatus(500);
        ProvisioningError pre = new ProvisioningError();
        pre.setError(pe.toString());
        ProvisioningResult resObj = new ProvisioningResult();
        resObj.setSuccess(false);
        resObj.setError(pre);
        Gson gson = new Gson();
        resp.getOutputStream().print(gson.toJson(resObj));
    } catch (Throwable t) {
        logger.error("Error searching", t);
        resp.setStatus(500);
        ProvisioningError pe = new ProvisioningError();
        pe.setError(t.toString());
        ProvisioningResult resObj = new ProvisioningResult();
        resObj.setSuccess(false);
        resObj.setError(pe);
        Gson gson = new Gson();
        resp.getOutputStream().print(gson.toJson(resObj));
    }
}
Also used : LDAPAttribute(com.novell.ldap.LDAPAttribute) Attribute(com.tremolosecurity.saml.Attribute) LDAPAttribute(com.novell.ldap.LDAPAttribute) GsonBuilder(com.google.gson.GsonBuilder) ProvisioningResult(com.tremolosecurity.provisioning.service.util.ProvisioningResult) ArrayList(java.util.ArrayList) Gson(com.google.gson.Gson) LDAPEntry(com.novell.ldap.LDAPEntry) LDAPSearchResults(com.novell.ldap.LDAPSearchResults) TremoloUser(com.tremolosecurity.provisioning.service.util.TremoloUser) ProvisioningError(com.tremolosecurity.provisioning.service.util.ProvisioningError) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) MyVDConnection(com.tremolosecurity.proxy.myvd.MyVDConnection)

Aggregations

MyVDConnection (com.tremolosecurity.proxy.myvd.MyVDConnection)13 LDAPAttribute (com.novell.ldap.LDAPAttribute)10 UrlHolder (com.tremolosecurity.config.util.UrlHolder)10 AuthChainType (com.tremolosecurity.config.xml.AuthChainType)10 HashMap (java.util.HashMap)10 HttpServletRequest (javax.servlet.http.HttpServletRequest)10 HttpSession (javax.servlet.http.HttpSession)10 LDAPException (com.novell.ldap.LDAPException)9 AuthMechType (com.tremolosecurity.config.xml.AuthMechType)9 Attribute (com.tremolosecurity.saml.Attribute)9 LDAPSearchResults (com.novell.ldap.LDAPSearchResults)8 LDAPEntry (com.novell.ldap.LDAPEntry)6 ServletException (javax.servlet.ServletException)6 ArrayList (java.util.ArrayList)5 AuthController (com.tremolosecurity.proxy.auth.AuthController)4 RequestHolder (com.tremolosecurity.proxy.auth.RequestHolder)4 IOException (java.io.IOException)4 Gson (com.google.gson.Gson)3 TremoloHttpSession (com.tremolosecurity.proxy.TremoloHttpSession)3 ConfigManager (com.tremolosecurity.config.util.ConfigManager)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial