use of com.unboundid.ldap.sdk.LDAPException in project oxTrust by GluuFederation.
the class LdifService method importLdifFileInLdap.
public ResultCode importLdifFileInLdap(Class<?> entryClass, InputStream is) throws LDAPException {
if (dataSourceTypeService.isLDAP(attributeService.getDnForAttribute(null))) {
ResultCode result = ResultCode.UNAVAILABLE;
PersistenceOperationService persistenceOperationService = persistenceManager.getOperationService();
LdapOperationService ldapOperationService = (LdapOperationService) persistenceOperationService;
LDAPConnection connection = ldapOperationService.getConnection();
try {
LdifDataUtility ldifDataUtility = LdifDataUtility.instance();
LDIFReader importLdifReader = new LDIFReader(is);
result = ldifDataUtility.importLdifFile(connection, importLdifReader);
importLdifReader.close();
} catch (Exception ex) {
log.error("Failed to import ldif file: ", ex);
} finally {
ldapOperationService.releaseConnection(connection);
}
return result;
} else {
performImport(entryClass, is);
return ResultCode.SUCCESS;
}
}
use of com.unboundid.ldap.sdk.LDAPException in project coprhd-controller by CoprHD.
the class ApiTestAuthnProviderUtils method startLdapServer.
public void startLdapServer(final String listenerName) throws LDIFException, LDAPException, IOException, FileOperationFailedException, GeneralSecurityException, DirectoryOrFileNotFoundException, InterruptedException {
if (ldapServer == null) {
ldapServer = new LDAPServer();
}
if (ldapServer.isRunning()) {
ldapServer.stop();
}
ldapServer.setListenerName(listenerName);
boolean started = false;
int iteration = RETRY_START_COUNT;
while (started != true && iteration < MAX_START_RETRIES) {
try {
ldapServer.start();
started = true;
} catch (LDAPException ex) {
_log.error("Caught bind exception {}", ex.getCause());
_log.info("Retry count {} and waiting for {}secs before next retry.", iteration, RETRY_WAIT_TIME);
iteration++;
Thread.sleep(iteration * RETRY_WAIT_TIME * MILLI_SECOND_MULTIPLIER);
}
}
}
use of com.unboundid.ldap.sdk.LDAPException in project gocd by gocd.
the class InMemoryLdapServerForTests method startServer.
private InMemoryDirectoryServer startServer(int port, String baseDn, String bindDn, String bindPassword) throws LDAPException, BindException {
InMemoryListenerConfig listenerConfig = InMemoryListenerConfig.createLDAPConfig("default", port);
InMemoryDirectoryServerConfig serverConfig = new InMemoryDirectoryServerConfig(new DN(baseDn));
/* Ignore schema so that it does not complain that some attributes (like sAMAccountName) are not valid. */
serverConfig.setSchema(null);
serverConfig.setListenerConfigs(listenerConfig);
serverConfig.addAdditionalBindCredentials(bindDn, bindPassword);
InMemoryDirectoryServer server = new InMemoryDirectoryServer(serverConfig);
try {
server.startListening();
} catch (LDAPException e) {
throw new RuntimeException(e);
}
new LDIFAddChangeRecord(baseDn, new Attribute("objectClass", "domain", "top")).processChange(server);
return server;
}
use of com.unboundid.ldap.sdk.LDAPException in project keywhiz by square.
the class LdapAuthenticator method authenticate.
@Override
public Optional<User> authenticate(BasicCredentials credentials) {
User user = null;
try {
String username = credentials.getUsername();
if (!User.isSanitizedUsername(username)) {
logger.info("Username: {} must match pattern: {}", username, User.USERNAME_PATTERN);
return Optional.empty();
}
String userDN = dnFromUsername(username);
String password = credentials.getPassword();
// Must have password for current config
if (Strings.isNullOrEmpty(password)) {
logger.info("No password for user provided");
return Optional.empty();
}
LDAPConnection authenticatedConnection = connectionFactory.getLDAPConnection(userDN, password);
authenticatedConnection.close();
Set<String> requiredRoles = config.getRequiredRoles();
if (!requiredRoles.isEmpty()) {
Set<String> roles = rolesFromDN(userDN);
boolean accessAllowed = false;
for (String requiredRole : requiredRoles) {
if (roles.contains(requiredRole)) {
accessAllowed = true;
}
}
if (!accessAllowed) {
logger.warn("User {} not in one of required LDAP roles: [{}].", username, requiredRoles);
throw new ForbiddenException();
}
}
user = User.named(username);
} catch (LDAPException le) {
// The INVALID_CREDENTIALS case is handled by returning an absent optional from this function
if (le.getResultCode() != ResultCode.INVALID_CREDENTIALS) {
logger.error("Error connecting to LDAP", le);
throw Throwables.propagate(le);
}
} catch (GeneralSecurityException gse) {
logger.error("TLS error connecting to LDAP", gse);
throw Throwables.propagate(gse);
}
return Optional.ofNullable(user);
}
use of com.unboundid.ldap.sdk.LDAPException in project oxAuth by GluuFederation.
the class InumGenerator method baseDn.
public String baseDn(IdType p_type) {
final BaseDnConfiguration baseDn = staticConfiguration.getBaseDn();
switch(p_type) {
case CLIENTS:
return baseDn.getClients();
case APPLIANCE:
return baseDn.getAppliance();
case ATTRIBUTE:
return baseDn.getAttributes();
case PEOPLE:
return baseDn.getPeople();
}
// if not able to identify baseDn by type then return organization baseDn, e.g. o=gluu
try {
// baseDn.getClients(), e.g. ou=clients,o=@!1111,o=gluu
final DN dnObj = new DN(baseDn.getClients());
final RDN[] rdns = dnObj.getRDNs();
final RDN rdn = rdns[rdns.length - 1];
return rdn.toNormalizedString();
} catch (LDAPException e) {
log.error(e.getMessage(), e);
}
log.error("Use fallback DN: o=gluu, for ID generator, please check oxAuth configuration, clientDn must be valid DN");
return "o=gluu";
}
Aggregations