Search in sources :

Example 31 with ZSearchResultEntry

use of com.zimbra.cs.ldap.ZSearchResultEntry in project zm-mailbox by Zimbra.

the class LdapProvisioning method ldapAuthenticate.

/*
     * search for the auth DN for the user, authneticate to the result DN
     */
private void ldapAuthenticate(String[] url, boolean wantStartTLS, String password, String searchBase, String searchFilter, String searchDn, String searchPassword) throws ServiceException {
    if (password == null || password.equals("")) {
        throw AccountServiceException.AuthFailedServiceException.AUTH_FAILED("empty password");
    }
    ExternalLdapConfig config = new ExternalLdapConfig(url, wantStartTLS, null, searchDn, searchPassword, null, "external LDAP auth");
    String resultDn = null;
    String tooMany = null;
    ZLdapContext zlc = null;
    try {
        zlc = LdapClient.getExternalContext(config, LdapUsage.LDAP_AUTH_EXTERNAL);
        ZSearchResultEnumeration ne = zlc.searchDir(searchBase, filterFactory.fromFilterString(FilterId.LDAP_AUTHENTICATE, searchFilter), ZSearchControls.SEARCH_CTLS_SUBTREE());
        while (ne.hasMore()) {
            ZSearchResultEntry sr = ne.next();
            if (resultDn == null) {
                resultDn = sr.getDN();
            } else {
                tooMany = sr.getDN();
                break;
            }
        }
        ne.close();
    } finally {
        LdapClient.closeContext(zlc);
    }
    if (tooMany != null) {
        ZimbraLog.account.warn(String.format("ldapAuthenticate searchFilter returned more then one result: (dn1=%s, dn2=%s, filter=%s)", resultDn, tooMany, searchFilter));
        throw AccountServiceException.AuthFailedServiceException.AUTH_FAILED("too many results from search filter!");
    } else if (resultDn == null) {
        throw AccountServiceException.AuthFailedServiceException.AUTH_FAILED("empty search");
    }
    if (ZimbraLog.account.isDebugEnabled())
        ZimbraLog.account.debug("search filter matched: " + resultDn);
    ldapAuthenticate(url, wantStartTLS, resultDn, password);
}
Also used : ExternalLdapConfig(com.zimbra.cs.ldap.LdapServerConfig.ExternalLdapConfig) ZLdapContext(com.zimbra.cs.ldap.ZLdapContext) ZSearchResultEnumeration(com.zimbra.cs.ldap.ZSearchResultEnumeration) ZSearchResultEntry(com.zimbra.cs.ldap.ZSearchResultEntry)

Example 32 with ZSearchResultEntry

use of com.zimbra.cs.ldap.ZSearchResultEntry in project zm-mailbox by Zimbra.

the class TestLdapHelper method hasSubordinates.

private boolean hasSubordinates(ZLdapContext zlc, String dn) throws Exception {
    boolean hasSubordinates = false;
    ZSearchResultEnumeration ne = null;
    try {
        ne = ldapHelper.searchDir(dn, filterFactory.hasSubordinates(), ZSearchControls.SEARCH_CTLS_SUBTREE(), zlc, LdapServerType.MASTER);
        hasSubordinates = ne.hasMore();
        if (hasSubordinates) {
            int numEntries = 0;
            String entryDn = null;
            while (ne.hasMore()) {
                ZSearchResultEntry sr = ne.next();
                entryDn = sr.getDN();
                numEntries++;
            }
            assertEquals(1, numEntries);
            assertEquals(dn, entryDn);
        }
    } finally {
        if (ne != null) {
            ne.close();
        }
    }
    return hasSubordinates;
}
Also used : ZSearchResultEnumeration(com.zimbra.cs.ldap.ZSearchResultEnumeration) ZSearchResultEntry(com.zimbra.cs.ldap.ZSearchResultEntry)

Example 33 with ZSearchResultEntry

use of com.zimbra.cs.ldap.ZSearchResultEntry in project zm-mailbox by Zimbra.

the class TestLdapHelper method searchForEntry.

@Test
public void searchForEntry() throws Exception {
    LdapDIT dit = prov.getDIT();
    String base = dit.configBranchBaseDN();
    ZLdapFilter filter = filterFactory.fromFilterString(FilterId.UNITTEST, "(cn=config)");
    ZSearchResultEntry sr = ldapHelper.searchForEntry(base, filter, null, false);
    assertNotNull(sr);
    assertEquals("cn=config,cn=zimbra", sr.getDN());
}
Also used : ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter) LdapDIT(com.zimbra.cs.account.ldap.LdapDIT) ZSearchResultEntry(com.zimbra.cs.ldap.ZSearchResultEntry)

Example 34 with ZSearchResultEntry

use of com.zimbra.cs.ldap.ZSearchResultEntry in project zm-mailbox by Zimbra.

the class TestLdapHelper method searchDirSizeLimitExceeded.

@Test
public void searchDirSizeLimitExceeded() throws Exception {
    int SIZE_LIMIT = 5;
    String base = LdapConstants.DN_ROOT_DSE;
    ZLdapFilter filter = filterFactory.anyEntry();
    String[] returnAttrs = new String[] { "objectClass" };
    ZSearchControls searchControls = ZSearchControls.createSearchControls(ZSearchScope.SEARCH_SCOPE_SUBTREE, SIZE_LIMIT, returnAttrs);
    int numFound = 0;
    boolean caughtException = false;
    try {
        ZSearchResultEnumeration ne = ldapHelper.searchDir(base, filter, searchControls);
        while (ne.hasMore()) {
            ZSearchResultEntry sr = ne.next();
            numFound++;
        }
        ne.close();
    } catch (LdapSizeLimitExceededException e) {
        caughtException = true;
    }
    assertTrue(caughtException);
/*
        // unboundid does not return entries if LdapSizeLimitExceededException
        // is thrown,  See commons on ZLdapContext.searchDir().
        if (testConfig != TestLdap.TestConfig.UBID) {
            assertEquals(SIZE_LIMIT, numFound);
        }
        */
}
Also used : ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter) ZSearchControls(com.zimbra.cs.ldap.ZSearchControls) ZSearchResultEnumeration(com.zimbra.cs.ldap.ZSearchResultEnumeration) LdapSizeLimitExceededException(com.zimbra.cs.ldap.LdapException.LdapSizeLimitExceededException) ZSearchResultEntry(com.zimbra.cs.ldap.ZSearchResultEntry)

Example 35 with ZSearchResultEntry

use of com.zimbra.cs.ldap.ZSearchResultEntry in project zm-mailbox by Zimbra.

the class TestLdapHelper method searchDirNotFound.

@Test
public void searchDirNotFound() throws Exception {
    LdapDIT dit = prov.getDIT();
    String base = dit.configBranchBaseDN();
    ZLdapFilter filter = filterFactory.allSignatures();
    String[] returnAttrs = new String[] { "objectClass" };
    ZSearchControls searchControls = ZSearchControls.createSearchControls(ZSearchScope.SEARCH_SCOPE_SUBTREE, ZSearchControls.SIZE_UNLIMITED, returnAttrs);
    ZSearchResultEnumeration ne = ldapHelper.searchDir(base, filter, searchControls);
    int numFound = 0;
    while (ne.hasMore()) {
        ZSearchResultEntry sr = ne.next();
        numFound++;
    }
    ne.close();
    assertEquals(0, numFound);
}
Also used : ZLdapFilter(com.zimbra.cs.ldap.ZLdapFilter) ZSearchControls(com.zimbra.cs.ldap.ZSearchControls) LdapDIT(com.zimbra.cs.account.ldap.LdapDIT) ZSearchResultEnumeration(com.zimbra.cs.ldap.ZSearchResultEnumeration) ZSearchResultEntry(com.zimbra.cs.ldap.ZSearchResultEntry)

Aggregations

ZSearchResultEntry (com.zimbra.cs.ldap.ZSearchResultEntry)35 ZSearchResultEnumeration (com.zimbra.cs.ldap.ZSearchResultEnumeration)27 ServiceException (com.zimbra.common.service.ServiceException)19 AccountServiceException (com.zimbra.cs.account.AccountServiceException)18 AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)18 ZLdapFilter (com.zimbra.cs.ldap.ZLdapFilter)15 ArrayList (java.util.ArrayList)15 ZSearchControls (com.zimbra.cs.ldap.ZSearchControls)12 ZLdapContext (com.zimbra.cs.ldap.ZLdapContext)6 LdapDIT (com.zimbra.cs.account.ldap.LdapDIT)5 LdapMultipleEntriesMatchedException (com.zimbra.cs.ldap.LdapException.LdapMultipleEntriesMatchedException)3 LdapSizeLimitExceededException (com.zimbra.cs.ldap.LdapException.LdapSizeLimitExceededException)3 ZAttributes (com.zimbra.cs.ldap.ZAttributes)3 Account (com.zimbra.cs.account.Account)2 Cos (com.zimbra.cs.account.Cos)2 DynamicGroup (com.zimbra.cs.account.DynamicGroup)2 GuestAccount (com.zimbra.cs.account.GuestAccount)2 LdapAccount (com.zimbra.cs.account.ldap.entry.LdapAccount)2 LdapCos (com.zimbra.cs.account.ldap.entry.LdapCos)2 LdapDynamicGroup (com.zimbra.cs.account.ldap.entry.LdapDynamicGroup)2