Examples with CommunicationException javax.naming.CommunicationException used on opensource projects

Example 6 with CommunicationException

use of javax.naming.CommunicationException in project tomcat by apache.

the class JNDIRealm method authenticate.

// ---------------------------------------------------------- Realm Methods
/**
     * Return the Principal associated with the specified username and
     * credentials, if there is one; otherwise return <code>null</code>.
     *
     * If there are any errors with the JDBC connection, executing
     * the query or anything we return null (don't authenticate). This
     * event is also logged, and the connection will be closed so that
     * a subsequent request will automatically re-open it.
     *
     * @param username Username of the Principal to look up
     * @param credentials Password or other credentials to use in
     *  authenticating this username
     * @return the associated principal, or <code>null</code> if there is none.
     */
@Override
public Principal authenticate(String username, String credentials) {
    DirContext context = null;
    Principal principal = null;
    try {
        // Ensure that we have a directory context available
        context = open();
        // time before giving up.
        try {
            // Authenticate the specified username if possible
            principal = authenticate(context, username, credentials);
        } catch (NullPointerException | CommunicationException | ServiceUnavailableException e) {
            /* BZ 42449 - Catch NPE - Kludge Sun's LDAP provider
                   with broken SSL
                */
            // log the exception so we know it's there.
            containerLog.info(sm.getString("jndiRealm.exception.retry"), e);
            // close the connection so we know it will be reopened.
            if (context != null)
                close(context);
            // open a new directory context.
            context = open();
            // Try the authentication again.
            principal = authenticate(context, username, credentials);
        }
        // Release this context
        release(context);
        // Return the authenticated Principal (if any)
        return principal;
    } catch (NamingException e) {
        // Log the problem for posterity
        containerLog.error(sm.getString("jndiRealm.exception"), e);
        // Close the connection so that it gets reopened next time
        if (context != null)
            close(context);
        // Return "not authenticated" for this request
        if (containerLog.isDebugEnabled())
            containerLog.debug("Returning null principal.");
        return null;
    }
}

Example 7 with CommunicationException

use of javax.naming.CommunicationException in project Openfire by igniterealtime.

the class LdapAuthProvider method authenticate.

@Override
public void authenticate(String username, String password) throws UnauthorizedException {
    if (username == null || password == null || "".equals(password.trim())) {
        throw new UnauthorizedException();
    }
    if (username.contains("@")) {
        // Check that the specified domain matches the server's domain
        int index = username.indexOf("@");
        String domain = username.substring(index + 1);
        if (domain.equals(XMPPServer.getInstance().getServerInfo().getXMPPDomain())) {
            username = username.substring(0, index);
        } else {
            // Unknown domain. Return authentication failed.
            throw new UnauthorizedException();
        }
    }
    // Un-escape username.
    username = JID.unescapeNode(username);
    // If cache is enabled, see if the auth is in cache.
    if (authCache != null && authCache.containsKey(username)) {
        String hash = authCache.get(username);
        if (StringUtils.hash(password).equals(hash)) {
            return;
        }
    }
    String userDN;
    try {
        // The username by itself won't help us much with LDAP since we
        // need a fully qualified dn. We could make the assumption that
        // the baseDN would always be the location of user profiles. For
        // example if the baseDN was set to "ou=People, o=jivesoftare, o=com"
        // then we would be able to directly load users from that node
        // of the LDAP tree. However, it's a poor assumption that only a
        // flat structure will be used. Therefore, we search all sub-trees
        // of the baseDN for the username (assuming the user has not disabled
        // sub-tree searching). So, if the baseDN is set to
        // "o=jivesoftware, o=com" then a search will include the "People"
        // node as well all the others under the base.
        userDN = manager.findUserDN(username);
        // See if the user authenticates.
        if (!manager.checkAuthentication(userDN, password)) {
            throw new UnauthorizedException("Username and password don't match");
        }
    } catch (CommunicationException e) {
        // Log error here since it will be wrapped with an UnauthorizedException that
        // is never logged
        Log.error("Error connecting to LDAP server", e);
        throw new UnauthorizedException(e);
    } catch (Exception e) {
        throw new UnauthorizedException(e);
    }
    // If cache is enabled, add the item to cache.
    if (authCache != null) {
        authCache.put(username, StringUtils.hash(password));
    }
}

Example 8 with CommunicationException

use of javax.naming.CommunicationException in project jdk8u_jdk by JetBrains.

the class LdapPoolManager method isPoolingAllowed.

/**
     * Determines whether pooling is allowed given information on how
     * the connection will be used.
     *
     * Non-configurable rejections:
     * - nonstandard socketFactory has been specified: the pool manager
     *   cannot track input or parameters used by the socket factory and
     *   thus has no way of determining whether two connection requests
     *   are equivalent. Maybe in the future it might add a list of allowed
     *   socket factories to be configured
     * - trace enabled (except when debugging)
     * - for Digest authentication, if a callback handler has been specified:
     *  the pool manager cannot track input collected by the handler
     *  and thus has no way of determining whether two connection requests are
     *  equivalent. Maybe in the future it might add a list of allowed
     *  callback handlers.
     *
     * Configurable tests:
     * - Pooling for the requested protocol (plain or ssl) is supported
     * - Pooling for the requested authentication mechanism is supported
     *
     */
static boolean isPoolingAllowed(String socketFactory, OutputStream trace, String authMech, String protocol, Hashtable<?, ?> env) throws NamingException {
    if (trace != null && !debug || // Requesting plain protocol but it is not supported
    (protocol == null && !supportPlainProtocol) || // Requesting ssl protocol but it is not supported
    ("ssl".equalsIgnoreCase(protocol) && !supportSslProtocol)) {
        d("Pooling disallowed due to tracing or unsupported pooling of protocol");
        return false;
    }
    // pooling of custom socket factory is possible only if the
    // socket factory interface implements java.util.comparator
    String COMPARATOR = "java.util.Comparator";
    boolean foundSockCmp = false;
    if ((socketFactory != null) && !socketFactory.equals(LdapCtx.DEFAULT_SSL_FACTORY)) {
        try {
            Class<?> socketFactoryClass = Obj.helper.loadClass(socketFactory);
            Class<?>[] interfaces = socketFactoryClass.getInterfaces();
            for (int i = 0; i < interfaces.length; i++) {
                if (interfaces[i].getCanonicalName().equals(COMPARATOR)) {
                    foundSockCmp = true;
                }
            }
        } catch (Exception e) {
            CommunicationException ce = new CommunicationException("Loading the socket factory");
            ce.setRootCause(e);
            throw ce;
        }
        if (!foundSockCmp) {
            return false;
        }
    }
    // Cannot use pooling if authMech is not a supported mechs
    // Cannot use pooling if authMech contains multiple mechs
    int p = findPool(authMech);
    if (p < 0 || pools[p] == null) {
        d("authmech not found: ", authMech);
        return false;
    }
    d("using authmech: ", authMech);
    switch(p) {
        case NONE:
        case SIMPLE:
            return true;
        case DIGEST:
            // if an alternate callback handler is used
            return (env == null || env.get(SASL_CALLBACK) == null);
    }
    return false;
}

Example 9 with CommunicationException

use of javax.naming.CommunicationException in project adempiere by adempiere.

the class CConnection method queryAppsServerInfo.

//	getInitialEnvironment
/**
	 *  Query Application Server Status.
	 *  update okApps
	 *  @return true ik OK
	 */
private boolean queryAppsServerInfo() {
    log.finer(getAppsHost());
    long start = System.currentTimeMillis();
    m_okApps = false;
    m_queryAppsServer = true;
    m_appsException = null;
    // Carlos Ruiz - globalqss - speed up when jnp://MyAppsServer:1099 is set
    if (getAppsHost().equalsIgnoreCase("MyAppsServer")) {
        log.warning(getAppsHost() + " ignored");
        // false
        return m_okApps;
    }
    try {
        Status status = (Status) lookup(Status.JNDI_NAME);
        //
        updateInfoFromServer(status);
        //
        m_okApps = true;
    } catch (//	not a "real" error
    CommunicationException ce) {
        m_appsException = ce;
        String connect = (String) m_env.get(Context.PROVIDER_URL);
        if (connect == null || connect.trim().length() == 0)
            connect = getAppsHost() + ":" + getAppsPort();
        log.warning(connect + "\n - " + ce.toString() + "\n - " + m_env);
        ce.printStackTrace();
    } catch (Exception e) {
        m_appsException = e;
        String connect = (String) m_env.get(Context.PROVIDER_URL);
        if (connect == null || connect.trim().length() == 0)
            connect = getAppsHost() + ":" + getAppsPort();
        log.warning(connect + "\n - " + e.toString() + "\n - " + m_env);
        e.printStackTrace();
    }
    log.fine("Success=" + m_okApps + " - " + (System.currentTimeMillis() - start) + "ms");
    return m_okApps;
}