use of com.unboundid.ldap.sdk.LDAPException in project gitblit by gitblit.
the class LdapConnection method connect.
public boolean connect() {
try {
URI ldapUrl = new URI(settings.getRequiredString(Keys.realm.ldap.server));
String ldapHost = ldapUrl.getHost();
int ldapPort = ldapUrl.getPort();
if (ldapUrl.getScheme().equalsIgnoreCase("ldaps")) {
// SSL
SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
conn = new LDAPConnection(sslUtil.createSSLSocketFactory());
if (ldapPort == -1) {
ldapPort = 636;
}
} else if (ldapUrl.getScheme().equalsIgnoreCase("ldap") || ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
// no encryption or StartTLS
conn = new LDAPConnection();
if (ldapPort == -1) {
ldapPort = 389;
}
} else {
logger.error("Unsupported LDAP URL scheme: " + ldapUrl.getScheme());
return false;
}
conn.connect(ldapHost, ldapPort);
if (ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
ExtendedResult extendedResult = conn.processExtendedOperation(new StartTLSExtendedRequest(sslUtil.createSSLContext()));
if (extendedResult.getResultCode() != ResultCode.SUCCESS) {
throw new LDAPException(extendedResult.getResultCode());
}
}
return true;
} catch (URISyntaxException e) {
logger.error("Bad LDAP URL, should be in the form: ldap(s|+tls)://<server>:<port>", e);
} catch (GeneralSecurityException e) {
logger.error("Unable to create SSL Connection", e);
} catch (LDAPException e) {
logger.error("Error Connecting to LDAP", e);
}
return false;
}
use of com.unboundid.ldap.sdk.LDAPException in project spring-security by spring-projects.
the class UnboundIdContainer method start.
@Override
public void start() {
if (isRunning()) {
return;
}
try {
InMemoryDirectoryServerConfig config = new InMemoryDirectoryServerConfig(this.defaultPartitionSuffix);
config.addAdditionalBindCredentials("uid=admin,ou=system", "secret");
config.setListenerConfigs(InMemoryListenerConfig.createLDAPConfig("LDAP", this.port));
config.setEnforceSingleStructuralObjectClass(false);
config.setEnforceAttributeSyntaxCompliance(true);
DN dn = new DN(this.defaultPartitionSuffix);
Entry entry = new Entry(dn);
entry.addAttribute("objectClass", "top", "domain", "extensibleObject");
entry.addAttribute("dc", dn.getRDN().getAttributeValues()[0]);
InMemoryDirectoryServer directoryServer = new InMemoryDirectoryServer(config);
directoryServer.add(entry);
importLdif(directoryServer);
directoryServer.startListening();
this.port = directoryServer.getListenPort();
this.directoryServer = directoryServer;
this.running = true;
} catch (LDAPException ex) {
throw new RuntimeException("Server startup failed", ex);
}
}
use of com.unboundid.ldap.sdk.LDAPException in project graylog2-server by Graylog2.
the class UnboundLDAPConnector method search.
public ImmutableList<LDAPEntry> search(LDAPConnection connection, String searchBase, Filter filter, String uniqueIdAttribute, Set<String> attributes) throws LDAPException {
final ImmutableSet<String> allAttributes = ImmutableSet.<String>builder().add(OBJECT_CLASS_ATTRIBUTE).addAll(attributes).build();
// TODO: Use LDAPEntrySource for a more memory efficient search
final SearchRequest searchRequest = new SearchRequest(searchBase, SearchScope.SUB, filter, allAttributes.toArray(new String[0]));
searchRequest.setTimeLimitSeconds(requestTimeoutSeconds);
if (LOG.isTraceEnabled()) {
LOG.trace("Search LDAP for <{}> using search base <{}>", filter.toNormalizedString(), searchBase);
}
final SearchResult searchResult = connection.search(searchRequest);
if (searchResult.getSearchEntries().isEmpty()) {
LOG.trace("No LDAP entry found for filter <{}>", filter.toNormalizedString());
return ImmutableList.of();
}
return searchResult.getSearchEntries().stream().map(entry -> createLDAPEntry(entry, uniqueIdAttribute)).collect(ImmutableList.toImmutableList());
}
use of com.unboundid.ldap.sdk.LDAPException in project graylog2-server by Graylog2.
the class LDAPAuthServiceBackend method authenticateAndProvision.
@Override
public Optional<AuthenticationDetails> authenticateAndProvision(AuthServiceCredentials authCredentials, ProvisionerService provisionerService) {
try (final LDAPConnection connection = ldapConnector.connect(config.getLDAPConnectorConfig())) {
if (connection == null) {
return Optional.empty();
}
final Optional<LDAPUser> optionalUser = findUser(connection, authCredentials);
if (!optionalUser.isPresent()) {
LOG.debug("User <{}> not found in LDAP", authCredentials.username());
return Optional.empty();
}
final LDAPUser userEntry = optionalUser.get();
if (!authCredentials.isAuthenticated()) {
if (!isAuthenticated(connection, userEntry, authCredentials)) {
LOG.debug("Invalid credentials for user <{}> (DN: {})", authCredentials.username(), userEntry.dn());
return Optional.empty();
}
}
final UserDetails userDetails = provisionerService.provision(provisionerService.newDetails(this).authServiceType(backendType()).authServiceId(backendId()).accountIsEnabled(true).base64AuthServiceUid(userEntry.base64UniqueId()).username(userEntry.username()).fullName(userEntry.fullName()).email(userEntry.email()).defaultRoles(backend.defaultRoles()).build());
return Optional.of(AuthenticationDetails.builder().userDetails(userDetails).build());
} catch (GeneralSecurityException e) {
LOG.error("Error setting up TLS connection", e);
throw new AuthenticationServiceUnavailableException("Error setting up TLS connection", e);
} catch (LDAPException e) {
LOG.error("LDAP error", e);
throw new AuthenticationServiceUnavailableException("LDAP error", e);
}
}
use of com.unboundid.ldap.sdk.LDAPException in project zm-mailbox by Zimbra.
the class LdapConnectionPool method createConnPool.
private static LDAPConnectionPool createConnPool(LdapServerConfig config) throws LdapException {
LdapServerPool serverPool = new LdapServerPool(config);
ServerSet serverSet = serverPool.getServerSet();
BindRequest bindRequest = createBindRequest(config);
PostConnectProcessor postConnectProcessor = null;
if (serverPool.getConnectionType() == LdapConnType.STARTTLS) {
SSLContext startTLSContext = LdapSSLUtil.createSSLContext(config.sslAllowUntrustedCerts());
postConnectProcessor = new StartTLSPostConnectProcessor(startTLSContext);
}
LDAPConnectionPool connPool = null;
try {
connPool = new LDAPConnectionPool(serverSet, bindRequest, config.getConnPoolInitSize(), config.getConnPoolMaxSize(), postConnectProcessor);
connPool.setRetryFailedOperationsDueToInvalidConnections(true);
} catch (LDAPException e) {
throw UBIDLdapException.mapToLdapException(e);
}
return connPool;
}
Aggregations