Example 1 with InvalidSearchFilterException
use of javax.naming.directory.InvalidSearchFilterException in project jdk8u_jdk by JetBrains.
the class Filter method encodeFilter.
private static void encodeFilter(BerEncoder ber, byte[] filter, int filterStart, int filterEnd) throws IOException, NamingException {
if (dbg) {
dprint("encFilter: ", filter, filterStart, filterEnd);
dbgIndent++;
}
if ((filterEnd - filterStart) <= 0) {
throw new InvalidSearchFilterException("Empty filter");
}
int nextOffset;
int parens, balance;
boolean escape;
parens = 0;
int[] filtOffset = new int[1];
for (filtOffset[0] = filterStart; filtOffset[0] < filterEnd; ) {
switch(filter[filtOffset[0]]) {
case '(':
filtOffset[0]++;
parens++;
switch(filter[filtOffset[0]]) {
case '&':
encodeComplexFilter(ber, filter, LDAP_FILTER_AND, filtOffset, filterEnd);
// filtOffset[0] has pointed to char after right paren
parens--;
break;
case '|':
encodeComplexFilter(ber, filter, LDAP_FILTER_OR, filtOffset, filterEnd);
// filtOffset[0] has pointed to char after right paren
parens--;
break;
case '!':
encodeComplexFilter(ber, filter, LDAP_FILTER_NOT, filtOffset, filterEnd);
// filtOffset[0] has pointed to char after right paren
parens--;
break;
default:
balance = 1;
escape = false;
nextOffset = filtOffset[0];
while (nextOffset < filterEnd && balance > 0) {
if (!escape) {
if (filter[nextOffset] == '(')
balance++;
else if (filter[nextOffset] == ')')
balance--;
}
if (filter[nextOffset] == '\\' && !escape)
escape = true;
else
escape = false;
if (balance > 0)
nextOffset++;
}
if (balance != 0)
throw new InvalidSearchFilterException("Unbalanced parenthesis");
encodeSimpleFilter(ber, filter, filtOffset[0], nextOffset);
// points to the char after right paren.
filtOffset[0] = nextOffset + 1;
parens--;
break;
}
break;
case ')':
//
// End of sequence
//
ber.endSeq();
filtOffset[0]++;
parens--;
break;
case ' ':
filtOffset[0]++;
break;
default:
// assume simple type=value filter
encodeSimpleFilter(ber, filter, filtOffset[0], filterEnd);
// force break from outer
filtOffset[0] = filterEnd;
break;
}
if (parens < 0) {
throw new InvalidSearchFilterException("Unbalanced parenthesis");
}
}
if (parens != 0) {
throw new InvalidSearchFilterException("Unbalanced parenthesis");
}
if (dbg) {
dbgIndent--;
}
}
Also used :
InvalidSearchFilterException(javax.naming.directory.InvalidSearchFilterException)
Example 2 with InvalidSearchFilterException
use of javax.naming.directory.InvalidSearchFilterException in project directory-ldap-api by apache.
the class WrappedPartialResultException method wrap.
/**
* Wraps a LDAP exception into a NaingException
*
* @param t The original exception
* @throws NamingException The wrapping JNDI exception
*/
public static void wrap(Throwable t) throws NamingException {
if (t instanceof NamingException) {
throw (NamingException) t;
}
NamingException ne;
if ((t instanceof LdapAffectMultipleDsaException) || (t instanceof LdapAliasDereferencingException) || (t instanceof LdapLoopDetectedException) || (t instanceof LdapAliasException) || (t instanceof LdapOperationErrorException) || (t instanceof LdapOtherException)) {
ne = new NamingException(t.getLocalizedMessage());
} else if (t instanceof LdapAttributeInUseException) {
ne = new AttributeInUseException(t.getLocalizedMessage());
} else if (t instanceof LdapAuthenticationException) {
ne = new AuthenticationException(t.getLocalizedMessage());
} else if (t instanceof LdapAuthenticationNotSupportedException) {
ne = new AuthenticationNotSupportedException(t.getLocalizedMessage());
} else if (t instanceof LdapContextNotEmptyException) {
ne = new ContextNotEmptyException(t.getLocalizedMessage());
} else if (t instanceof LdapEntryAlreadyExistsException) {
ne = new NameAlreadyBoundException(t.getLocalizedMessage());
} else if (t instanceof LdapInvalidAttributeTypeException) {
ne = new InvalidAttributeIdentifierException(t.getLocalizedMessage());
} else if (t instanceof LdapInvalidAttributeValueException) {
ne = new InvalidAttributeValueException(t.getLocalizedMessage());
} else if (t instanceof LdapInvalidDnException) {
ne = new InvalidNameException(t.getLocalizedMessage());
} else if (t instanceof LdapInvalidSearchFilterException) {
ne = new InvalidSearchFilterException(t.getLocalizedMessage());
} else if (t instanceof LdapNoPermissionException) {
ne = new NoPermissionException(t.getLocalizedMessage());
} else if (t instanceof LdapNoSuchAttributeException) {
ne = new NoSuchAttributeException(t.getLocalizedMessage());
} else if (t instanceof LdapNoSuchObjectException) {
ne = new NameNotFoundException(t.getLocalizedMessage());
} else if (t instanceof LdapProtocolErrorException) {
ne = new CommunicationException(t.getLocalizedMessage());
} else if (t instanceof LdapReferralException) {
ne = new WrappedReferralException((LdapReferralException) t);
} else if (t instanceof LdapPartialResultException) {
ne = new WrappedPartialResultException((LdapPartialResultException) t);
} else if (t instanceof LdapSchemaViolationException) {
ne = new SchemaViolationException(t.getLocalizedMessage());
} else if (t instanceof LdapServiceUnavailableException) {
ne = new ServiceUnavailableException(t.getLocalizedMessage());
} else if (t instanceof LdapTimeLimitExceededException) {
ne = new TimeLimitExceededException(t.getLocalizedMessage());
} else if (t instanceof LdapUnwillingToPerformException) {
ne = new OperationNotSupportedException(t.getLocalizedMessage());
} else {
ne = new NamingException(t.getLocalizedMessage());
}
ne.setRootCause(t);
throw ne;
}
Also used :
LdapEntryAlreadyExistsException(org.apache.directory.api.ldap.model.exception.LdapEntryAlreadyExistsException)
LdapOperationErrorException(org.apache.directory.api.ldap.model.exception.LdapOperationErrorException)
LdapAttributeInUseException(org.apache.directory.api.ldap.model.exception.LdapAttributeInUseException)
AuthenticationException(javax.naming.AuthenticationException)
LdapAuthenticationException(org.apache.directory.api.ldap.model.exception.LdapAuthenticationException)
LdapAuthenticationNotSupportedException(org.apache.directory.api.ldap.model.exception.LdapAuthenticationNotSupportedException)
AuthenticationNotSupportedException(javax.naming.AuthenticationNotSupportedException)
LdapServiceUnavailableException(org.apache.directory.api.ldap.model.exception.LdapServiceUnavailableException)
LdapInvalidAttributeTypeException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeTypeException)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
LdapServiceUnavailableException(org.apache.directory.api.ldap.model.exception.LdapServiceUnavailableException)
ServiceUnavailableException(javax.naming.ServiceUnavailableException)
LdapTimeLimitExceededException(org.apache.directory.api.ldap.model.exception.LdapTimeLimitExceededException)
LdapAliasException(org.apache.directory.api.ldap.model.exception.LdapAliasException)
LdapNoSuchObjectException(org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException)
LdapPartialResultException(org.apache.directory.api.ldap.model.exception.LdapPartialResultException)
LdapSchemaViolationException(org.apache.directory.api.ldap.model.exception.LdapSchemaViolationException)
LdapAuthenticationNotSupportedException(org.apache.directory.api.ldap.model.exception.LdapAuthenticationNotSupportedException)
NameAlreadyBoundException(javax.naming.NameAlreadyBoundException)
LdapLoopDetectedException(org.apache.directory.api.ldap.model.exception.LdapLoopDetectedException)
InvalidNameException(javax.naming.InvalidNameException)
LdapProtocolErrorException(org.apache.directory.api.ldap.model.exception.LdapProtocolErrorException)
LdapReferralException(org.apache.directory.api.ldap.model.exception.LdapReferralException)
NamingException(javax.naming.NamingException)
SchemaViolationException(javax.naming.directory.SchemaViolationException)
LdapSchemaViolationException(org.apache.directory.api.ldap.model.exception.LdapSchemaViolationException)
LdapNoPermissionException(org.apache.directory.api.ldap.model.exception.LdapNoPermissionException)
LdapOtherException(org.apache.directory.api.ldap.model.exception.LdapOtherException)
LdapInvalidDnException(org.apache.directory.api.ldap.model.exception.LdapInvalidDnException)
OperationNotSupportedException(javax.naming.OperationNotSupportedException)
LdapAliasDereferencingException(org.apache.directory.api.ldap.model.exception.LdapAliasDereferencingException)
InvalidAttributeIdentifierException(javax.naming.directory.InvalidAttributeIdentifierException)
CommunicationException(javax.naming.CommunicationException)
InvalidSearchFilterException(javax.naming.directory.InvalidSearchFilterException)
LdapInvalidSearchFilterException(org.apache.directory.api.ldap.model.exception.LdapInvalidSearchFilterException)
NameNotFoundException(javax.naming.NameNotFoundException)
LdapUnwillingToPerformException(org.apache.directory.api.ldap.model.exception.LdapUnwillingToPerformException)
LdapAffectMultipleDsaException(org.apache.directory.api.ldap.model.exception.LdapAffectMultipleDsaException)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
InvalidAttributeValueException(javax.naming.directory.InvalidAttributeValueException)
LdapContextNotEmptyException(org.apache.directory.api.ldap.model.exception.LdapContextNotEmptyException)
NoSuchAttributeException(javax.naming.directory.NoSuchAttributeException)
LdapNoSuchAttributeException(org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException)
LdapAuthenticationException(org.apache.directory.api.ldap.model.exception.LdapAuthenticationException)
ContextNotEmptyException(javax.naming.ContextNotEmptyException)
LdapContextNotEmptyException(org.apache.directory.api.ldap.model.exception.LdapContextNotEmptyException)
NoPermissionException(javax.naming.NoPermissionException)
LdapNoPermissionException(org.apache.directory.api.ldap.model.exception.LdapNoPermissionException)
LdapTimeLimitExceededException(org.apache.directory.api.ldap.model.exception.LdapTimeLimitExceededException)
TimeLimitExceededException(javax.naming.TimeLimitExceededException)
AttributeInUseException(javax.naming.directory.AttributeInUseException)
LdapAttributeInUseException(org.apache.directory.api.ldap.model.exception.LdapAttributeInUseException)
LdapInvalidSearchFilterException(org.apache.directory.api.ldap.model.exception.LdapInvalidSearchFilterException)
LdapNoSuchAttributeException(org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException)
Example 3 with InvalidSearchFilterException
use of javax.naming.directory.InvalidSearchFilterException in project jdk8u_jdk by JetBrains.
the class Filter method encodeSimpleFilter.
private static void encodeSimpleFilter(BerEncoder ber, byte[] filter, int filtStart, int filtEnd) throws IOException, NamingException {
if (dbg) {
dprint("encSimpleFilter: ", filter, filtStart, filtEnd);
dbgIndent++;
}
String type, value;
int valueStart, valueEnd, typeStart, typeEnd;
int eq;
if ((eq = indexOf(filter, '=', filtStart, filtEnd)) == -1) {
throw new InvalidSearchFilterException("Missing 'equals'");
}
// value starts after equal sign
valueStart = eq + 1;
valueEnd = filtEnd;
// beginning of string
typeStart = filtStart;
int ftype;
switch(filter[eq - 1]) {
case '<':
ftype = LDAP_FILTER_LE;
typeEnd = eq - 1;
break;
case '>':
ftype = LDAP_FILTER_GE;
typeEnd = eq - 1;
break;
case '~':
ftype = LDAP_FILTER_APPROX;
typeEnd = eq - 1;
break;
case ':':
ftype = LDAP_FILTER_EXT;
typeEnd = eq - 1;
break;
default:
typeEnd = eq;
//initializing ftype to make the compiler happy
ftype = 0x00;
break;
}
if (dbg) {
System.err.println("type: " + typeStart + ", " + typeEnd);
System.err.println("value: " + valueStart + ", " + valueEnd);
}
// check validity of type
//
// RFC4512 defines the type as the following ABNF:
// attr = attributedescription
// attributedescription = attributetype options
// attributetype = oid
// oid = descr / numericoid
// descr = keystring
// keystring = leadkeychar *keychar
// leadkeychar = ALPHA
// keychar = ALPHA / DIGIT / HYPHEN
// numericoid = number 1*( DOT number )
// number = DIGIT / ( LDIGIT 1*DIGIT )
// options = *( SEMI option )
// option = 1*keychar
//
// And RFC4515 defines the extensible type as the following ABNF:
// attr [dnattrs] [matchingrule] / [dnattrs] matchingrule
int optionsStart = -1;
int extensibleStart = -1;
if ((filter[typeStart] >= '0' && filter[typeStart] <= '9') || (filter[typeStart] >= 'A' && filter[typeStart] <= 'Z') || (filter[typeStart] >= 'a' && filter[typeStart] <= 'z')) {
boolean isNumericOid = filter[typeStart] >= '0' && filter[typeStart] <= '9';
for (int i = typeStart + 1; i < typeEnd; i++) {
// ';' is an indicator of attribute options
if (filter[i] == ';') {
if (isNumericOid && filter[i - 1] == '.') {
throw new InvalidSearchFilterException("invalid attribute description");
}
// attribute options
optionsStart = i;
break;
}
// ':' is an indicator of extensible rules
if (filter[i] == ':' && ftype == LDAP_FILTER_EXT) {
if (isNumericOid && filter[i - 1] == '.') {
throw new InvalidSearchFilterException("invalid attribute description");
}
// extensible matching
extensibleStart = i;
break;
}
if (isNumericOid) {
// numeric object identifier
if ((filter[i] == '.' && filter[i - 1] == '.') || (filter[i] != '.' && !(filter[i] >= '0' && filter[i] <= '9'))) {
throw new InvalidSearchFilterException("invalid attribute description");
}
} else {
// tolerate the incorrect use in practice.
if (filter[i] != '-' && filter[i] != '_' && !(filter[i] >= '0' && filter[i] <= '9') && !(filter[i] >= 'A' && filter[i] <= 'Z') && !(filter[i] >= 'a' && filter[i] <= 'z')) {
throw new InvalidSearchFilterException("invalid attribute description");
}
}
}
} else if (ftype == LDAP_FILTER_EXT && filter[typeStart] == ':') {
// extensible matching
extensibleStart = typeStart;
} else {
throw new InvalidSearchFilterException("invalid attribute description");
}
// check attribute options
if (optionsStart > 0) {
for (int i = optionsStart + 1; i < typeEnd; i++) {
if (filter[i] == ';') {
if (filter[i - 1] == ';') {
throw new InvalidSearchFilterException("invalid attribute description");
}
continue;
}
// ':' is an indicator of extensible rules
if (filter[i] == ':' && ftype == LDAP_FILTER_EXT) {
if (filter[i - 1] == ';') {
throw new InvalidSearchFilterException("invalid attribute description");
}
// extensible matching
extensibleStart = i;
break;
}
// tolerate the incorrect use in practice.
if (filter[i] != '-' && filter[i] != '_' && !(filter[i] >= '0' && filter[i] <= '9') && !(filter[i] >= 'A' && filter[i] <= 'Z') && !(filter[i] >= 'a' && filter[i] <= 'z')) {
throw new InvalidSearchFilterException("invalid attribute description");
}
}
}
// check extensible matching
if (extensibleStart > 0) {
boolean isMatchingRule = false;
for (int i = extensibleStart + 1; i < typeEnd; i++) {
if (filter[i] == ':') {
throw new InvalidSearchFilterException("invalid attribute description");
} else if ((filter[i] >= '0' && filter[i] <= '9') || (filter[i] >= 'A' && filter[i] <= 'Z') || (filter[i] >= 'a' && filter[i] <= 'z')) {
boolean isNumericOid = filter[i] >= '0' && filter[i] <= '9';
i++;
for (int j = i; j < typeEnd; j++, i++) {
// allows no more than two extensible rules
if (filter[j] == ':') {
if (isMatchingRule) {
throw new InvalidSearchFilterException("invalid attribute description");
}
if (isNumericOid && filter[j - 1] == '.') {
throw new InvalidSearchFilterException("invalid attribute description");
}
isMatchingRule = true;
break;
}
if (isNumericOid) {
// numeric object identifier
if ((filter[j] == '.' && filter[j - 1] == '.') || (filter[j] != '.' && !(filter[j] >= '0' && filter[j] <= '9'))) {
throw new InvalidSearchFilterException("invalid attribute description");
}
} else {
// tolerate the incorrect use in practice.
if (filter[j] != '-' && filter[j] != '_' && !(filter[j] >= '0' && filter[j] <= '9') && !(filter[j] >= 'A' && filter[j] <= 'Z') && !(filter[j] >= 'a' && filter[j] <= 'z')) {
throw new InvalidSearchFilterException("invalid attribute description");
}
}
}
} else {
throw new InvalidSearchFilterException("invalid attribute description");
}
}
}
// ensure the latest byte is not isolated
if (filter[typeEnd - 1] == '.' || filter[typeEnd - 1] == ';' || filter[typeEnd - 1] == ':') {
throw new InvalidSearchFilterException("invalid attribute description");
}
if (typeEnd == eq) {
// filter type is of "equal"
if (findUnescaped(filter, '*', valueStart, valueEnd) == -1) {
ftype = LDAP_FILTER_EQUALITY;
} else if (filter[valueStart] == '*' && valueStart == (valueEnd - 1)) {
ftype = LDAP_FILTER_PRESENT;
} else {
encodeSubstringFilter(ber, filter, typeStart, typeEnd, valueStart, valueEnd);
return;
}
}
if (ftype == LDAP_FILTER_PRESENT) {
ber.encodeOctetString(filter, ftype, typeStart, typeEnd - typeStart);
} else if (ftype == LDAP_FILTER_EXT) {
encodeExtensibleMatch(ber, filter, typeStart, typeEnd, valueStart, valueEnd);
} else {
ber.beginSeq(ftype);
ber.encodeOctetString(filter, Ber.ASN_OCTET_STR, typeStart, typeEnd - typeStart);
ber.encodeOctetString(unescapeFilterValue(filter, valueStart, valueEnd), Ber.ASN_OCTET_STR);
ber.endSeq();
}
if (dbg) {
dbgIndent--;
}
}
Also used :
InvalidSearchFilterException(javax.naming.directory.InvalidSearchFilterException)
Aggregations
InvalidSearchFilterException (javax.naming.directory.InvalidSearchFilterException)3
AuthenticationException (javax.naming.AuthenticationException)1
AuthenticationNotSupportedException (javax.naming.AuthenticationNotSupportedException)1
CommunicationException (javax.naming.CommunicationException)1
ContextNotEmptyException (javax.naming.ContextNotEmptyException)1
InvalidNameException (javax.naming.InvalidNameException)1
NameAlreadyBoundException (javax.naming.NameAlreadyBoundException)1
NameNotFoundException (javax.naming.NameNotFoundException)1
NamingException (javax.naming.NamingException)1
NoPermissionException (javax.naming.NoPermissionException)1
OperationNotSupportedException (javax.naming.OperationNotSupportedException)1
ServiceUnavailableException (javax.naming.ServiceUnavailableException)1
TimeLimitExceededException (javax.naming.TimeLimitExceededException)1
AttributeInUseException (javax.naming.directory.AttributeInUseException)1
InvalidAttributeIdentifierException (javax.naming.directory.InvalidAttributeIdentifierException)1
InvalidAttributeValueException (javax.naming.directory.InvalidAttributeValueException)1
NoSuchAttributeException (javax.naming.directory.NoSuchAttributeException)1
SchemaViolationException (javax.naming.directory.SchemaViolationException)1
LdapAffectMultipleDsaException (org.apache.directory.api.ldap.model.exception.LdapAffectMultipleDsaException)1
LdapAliasDereferencingException (org.apache.directory.api.ldap.model.exception.LdapAliasDereferencingException)1
