Example 1 with ILdapComponent
use of io.apiman.gateway.engine.components.ILdapComponent in project apiman by apiman.
the class LDAPIdentityValidator method doValidate.
private void doValidate(final String username, final String password, final ApiRequest request, final IPolicyContext context, final LDAPIdentitySource config, final IAsyncResultHandler<Boolean> handler) {
final ILdapComponent ldapComponent = context.getComponent(ILdapComponent.class);
String bindDn = formatDn(config.getDnPattern(), username, request);
String bindDnPwd = password;
int port = config.getUri().getPort();
String scheme = config.getUri().getScheme();
if (port == -1) {
if ("ldap".equalsIgnoreCase(scheme)) {
// $NON-NLS-1$
port = 389;
}
if ("ldaps".equalsIgnoreCase(scheme)) {
// $NON-NLS-1$
port = 636;
}
}
final LdapConfigBean ldapConfigBean = new LdapConfigBean();
ldapConfigBean.setBindDn(bindDn);
ldapConfigBean.setBindPassword(bindDnPwd);
ldapConfigBean.setHost(config.getUri().getHost());
ldapConfigBean.setPort(port);
ldapConfigBean.setScheme(scheme);
// Bind as one account, search for other.
if (config.getBindAs() == LDAPBindAsType.ServiceAccount) {
ldapConfigBean.setBindDn(formatDn(config.getDnPattern(), config.getCredentials().getUsername(), request));
ldapConfigBean.setBindPassword(config.getCredentials().getPassword());
ldapComponent.connect(ldapConfigBean, successHandler(handler, new IAsyncHandler<ILdapClientConnection>() {
@Override
public void handle(final ILdapClientConnection connection) {
String searchBaseDN = formatDn(config.getUserSearch().getBaseDn(), username, request);
String searchExpr = formatDn(config.getUserSearch().getExpression(), username, request);
connection.search(searchBaseDN, searchExpr, LdapSearchScope.SUBTREE).setLdapErrorHandler(new IAsyncHandler<LdapException>() {
// At the moment it's just generic, but in future we can make better use of it.
@Override
public void handle(LdapException exception) {
handler.handle(AsyncResultImpl.<Boolean>create(exception));
}
}).search(successHandler(handler, new IAsyncHandler<List<ILdapSearchEntry>>() {
@Override
public void handle(List<ILdapSearchEntry> searchEntries) {
handleLdapSearch(connection, searchEntries, config, ldapConfigBean, ldapComponent, context, username, password, handler);
}
}));
}
}));
} else {
bind(config, ldapConfigBean, ldapComponent, context, new IAsyncResultHandler<ILdapResult>() {
@Override
public void handle(IAsyncResult<ILdapResult> result) {
if (result.isSuccess()) {
if (LdapResultCode.isSuccess(result.getResult().getResultCode())) {
handler.handle(AsyncResultImpl.create(Boolean.TRUE));
} else {
// An auth failure
handler.handle(AsyncResultImpl.create(Boolean.FALSE));
}
} else {
// Unexpected exception
handler.handle(AsyncResultImpl.<Boolean>create(result.getError()));
}
}
});
}
}
Also used :
LdapConfigBean(io.apiman.gateway.engine.components.ldap.LdapConfigBean)
ILdapSearchEntry(io.apiman.gateway.engine.components.ldap.ILdapSearchEntry)
ILdapResult(io.apiman.gateway.engine.components.ldap.ILdapResult)
ILdapClientConnection(io.apiman.gateway.engine.components.ldap.ILdapClientConnection)
List(java.util.List)
IAsyncHandler(io.apiman.gateway.engine.async.IAsyncHandler)
LdapException(io.apiman.gateway.engine.components.ldap.result.LdapException)
ILdapComponent(io.apiman.gateway.engine.components.ILdapComponent)
Aggregations
IAsyncHandler (io.apiman.gateway.engine.async.IAsyncHandler)1
ILdapComponent (io.apiman.gateway.engine.components.ILdapComponent)1
ILdapClientConnection (io.apiman.gateway.engine.components.ldap.ILdapClientConnection)1
ILdapResult (io.apiman.gateway.engine.components.ldap.ILdapResult)1
ILdapSearchEntry (io.apiman.gateway.engine.components.ldap.ILdapSearchEntry)1
LdapConfigBean (io.apiman.gateway.engine.components.ldap.LdapConfigBean)1
LdapException (io.apiman.gateway.engine.components.ldap.result.LdapException)1
List (java.util.List)1
