use of javax.naming.directory.Attributes in project OpenOLAT by OpenOLAT.
the class LDAPLoginManagerImpl method bindUser.
/**
* Connect to LDAP with the User-Name and Password given as parameters
*
* Configuration: LDAP URL = ldapContext.xml (property=ldapURL) LDAP Base =
* ldapContext.xml (property=ldapBase) LDAP Attributes Map =
* ldapContext.xml (property=userAttrs)
*
* @param uid The users LDAP login name (can't be null)
* @param pwd The users LDAP password (can't be null)
*
* @return After successful bind Attributes otherwise NULL
*
* @throws NamingException
*/
@Override
public Attributes bindUser(String login, String pwd, LDAPError errors) {
// get user name, password and attributes
String ldapUrl = ldapLoginModule.getLdapUrl();
String[] userAttr = syncConfiguration.getUserAttributes();
if (login == null || pwd == null) {
if (log.isDebug())
log.debug("Error when trying to bind user, missing username or password. Username::" + login + " pwd::" + pwd);
errors.insert("Username and password must be selected");
return null;
}
LdapContext ctx = bindSystem();
if (ctx == null) {
errors.insert("LDAP connection error");
return null;
}
String userDN = ldapDao.searchUserForLogin(login, ctx);
if (userDN == null) {
log.info("Error when trying to bind user with username::" + login + " - user not found on LDAP server" + (ldapLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin() ? ", trying with OLAT login provider" : ""));
errors.insert("Username or password incorrect");
return null;
}
// Ok, so far so good, user exists. Now try to fetch attributes using the
// users credentials
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, ldapUrl);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, userDN);
env.put(Context.SECURITY_CREDENTIALS, pwd);
if (ldapLoginModule.getLdapConnectionTimeout() != null) {
env.put(TIMEOUT_KEY, ldapLoginModule.getLdapConnectionTimeout().toString());
}
if (ldapLoginModule.isSslEnabled()) {
enableSSL(env);
}
try {
Control[] connectCtls = new Control[] {};
LdapContext userBind = new InitialLdapContext(env, connectCtls);
Attributes attributes = userBind.getAttributes(userDN, userAttr);
userBind.close();
return attributes;
} catch (AuthenticationException e) {
log.info("Error when trying to bind user with username::" + login + " - invalid LDAP password");
errors.insert("Username or password incorrect");
return null;
} catch (NamingException e) {
log.error("NamingException when trying to get attributes after binding user with username::" + login, e);
errors.insert("Username or password incorrect");
return null;
}
}
use of javax.naming.directory.Attributes in project OpenOLAT by OpenOLAT.
the class LDAPLoginManagerImpl method getLDAPUser.
private LDAPUser getLDAPUser(LdapContext ctx, String member, Map<String, LDAPUser> dnToIdentityKeyMap, LDAPError errors) {
LDAPUser ldapUser = dnToIdentityKeyMap.get(member);
IdentityRef identity = ldapUser == null ? null : ldapUser.getCachedIdentity();
if (identity == null) {
String userFilter = syncConfiguration.getLdapUserFilter();
String userDN = member;
LDAPUserVisitor visitor = new LDAPUserVisitor(syncConfiguration);
ldapDao.search(visitor, userDN, userFilter, syncConfiguration.getUserAttributes(), ctx);
List<LDAPUser> ldapUserList = visitor.getLdapUserList();
if (ldapUserList.size() == 1) {
ldapUser = ldapUserList.get(0);
Attributes userAttrs = ldapUser.getAttributes();
identity = findIdentityByLdapAuthentication(userAttrs, errors);
if (identity != null) {
dnToIdentityKeyMap.put(userDN, ldapUser);
}
}
}
return ldapUser;
}
use of javax.naming.directory.Attributes in project OpenOLAT by OpenOLAT.
the class LDAPGroupVisitor method visit.
@Override
public void visit(SearchResult searchResult) throws NamingException {
Attributes resAttributes = searchResult.getAttributes();
Attribute memberAttr = resAttributes.get("member");
Attribute cnAttr = resAttributes.get("cn");
if (memberAttr != null) {
LDAPGroup group = new LDAPGroup();
Object cn = cnAttr.get();
if (cn instanceof String) {
group.setCommonName((String) cn);
}
List<String> members = new ArrayList<String>();
try {
for (NamingEnumeration<?> memberEn = memberAttr.getAll(); memberEn.hasMoreElements(); ) {
Object member = memberEn.next();
if (member instanceof String) {
members.add((String) member);
}
}
} catch (NamingException e) {
log.error("", e);
}
group.setMembers(members);
groups.add(group);
}
}
use of javax.naming.directory.Attributes in project tdq-studio-se by Talend.
the class EMailValidationIndicator method getMX.
private List<String> getMX(String hostName) throws NamingException {
// Perform a DNS lookup for MX records in the domain
// $NON-NLS-1$
Attributes attrs = ictx.getAttributes(hostName, new String[] { "MX" });
// $NON-NLS-1$
Attribute attr = attrs.get("MX");
List<String> res = new ArrayList<String>();
// if we don't have an MX record, try the machine itself
if ((attr == null) || (attr.size() == 0)) {
// $NON-NLS-1$
attrs = ictx.getAttributes(hostName, new String[] { "A" });
// $NON-NLS-1$
attr = attrs.get("A");
if (attr == null) {
if (log.isInfoEnabled()) {
// $NON-NLS-1$ //$NON-NLS-2$
log.info(HEADER + "No match for hostname '" + hostName + "'");
}
return res;
}
}
// we have machines to try. Return them as an array list
NamingEnumeration<?> en = attr.getAll();
Map<Integer, String> map = new TreeMap<Integer, String>();
while (en.hasMore()) {
String mailhost;
String x = (String) en.next();
// $NON-NLS-1$
String[] f = x.split(" ");
Integer key = 0;
if (f.length == 1) {
mailhost = f[0];
} else if (f[1].endsWith(".")) {
// $NON-NLS-1$
mailhost = f[1].substring(0, (f[1].length() - 1));
key = Integer.valueOf(f[0]);
} else {
mailhost = f[1];
key = Integer.valueOf(f[0]);
}
map.put(key, mailhost);
}
// NOTE: We SHOULD take the preference into account to be absolutely
// correct.
Iterator<Integer> keyInterator = map.keySet().iterator();
while (keyInterator.hasNext()) {
res.add(map.get(keyInterator.next()));
}
return res;
}
use of javax.naming.directory.Attributes in project directory-ldap-api by apache.
the class LdifAttributesReaderTest method testLdifAttributesReaderDirServer.
@Test
public void testLdifAttributesReaderDirServer() throws NamingException, Exception {
String ldif = "# -------------------------------------------------------------------\n" + "#\n" + "# Licensed to the Apache Software Foundation (ASF) under one\n" + "# or more contributor license agreements. See the NOTICE file\n" + "# distributed with this work for additional information\n" + "# regarding copyright ownership. The ASF licenses this file\n" + "# to you under the Apache License, Version 2.0 (the\n" + "# \"License\"); you may not use this file except in compliance\n" + "# with the License. You may obtain a copy of the License at\n" + "# \n" + "# http://www.apache.org/licenses/LICENSE-2.0\n" + "# \n" + "# Unless required by applicable law or agreed to in writing,\n" + "# software distributed under the License is distributed on an\n" + "# \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY\n" + "# KIND, either express or implied. See the License for the\n" + "# specific language governing permissions and limitations\n" + "# under the License. \n" + "# \n" + "#\n" + "# EXAMPLE.COM is freely and reserved for testing according to this RFC:\n" + "#\n" + "# http://www.rfc-editor.org/rfc/rfc2606.txt\n" + "#\n" + "# -------------------------------------------------------------------\n" + "\n" + "objectclass: top\n" + "objectclass: organizationalunit\n" + "ou: Users";
LdifAttributesReader reader = new LdifAttributesReader();
Attributes attributes = reader.parseAttributes(ldif);
javax.naming.directory.Attribute attr = attributes.get("objectclass");
assertTrue(attr.contains("top"));
assertTrue(attr.contains("organizationalunit"));
attr = attributes.get("ou");
assertTrue(attr.contains("Users"));
reader.close();
}
Aggregations