Example 26 with SearchControls
use of javax.naming.directory.SearchControls in project jmeter by apache.
the class LdapClient method searchTest.
/**
* Filter the data in the ldap directory for the given search base.
*
* @param searchBase
* where the search should start
* @param searchFilter
* filter this value from the base
* @return <code>true</code> when the search yields results,
* <code>false</code> otherwise
* @throws NamingException
* when searching fails
*/
public boolean searchTest(String searchBase, String searchFilter) throws NamingException {
SearchControls searchcontrols = new SearchControls(SearchControls.SUBTREE_SCOPE, // count limit
1L, // time limit
0, // attributes (null = all)
null, // return object ?
false, // dereference links?
false);
NamingEnumeration<?> ne = dirContext.search(searchBase, searchFilter, searchcontrols);
return ne.hasMore();
}
Also used :
SearchControls(javax.naming.directory.SearchControls)
Example 27 with SearchControls
use of javax.naming.directory.SearchControls in project karaf by apache.
the class LDAPBackingEngine method listUsers.
@Override
public List<UserPrincipal> listUsers() {
DirContext context = null;
ArrayList<UserPrincipal> users = new ArrayList<>();
try {
context = cache.open();
SearchControls controls = new SearchControls();
if (options.getUserSearchSubtree()) {
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
} else {
controls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
}
String filter = options.getUserFilter();
filter = filter.replaceAll(Pattern.quote("%u"), "*");
filter = filter.replace("\\", "\\\\");
LOGGER.debug("Looking for the users in LDAP with ");
LOGGER.debug(" base DN: " + options.getUserBaseDn());
LOGGER.debug(" filter: " + filter);
NamingEnumeration namingEnumeration = context.search(options.getUserBaseDn(), filter, controls);
try {
while (namingEnumeration.hasMore()) {
SearchResult result = (SearchResult) namingEnumeration.next();
// We need to do the following because slashes are handled badly. For example, when searching
// for a user with lots of special characters like cn=admin,=+<>#;\
// SearchResult contains 2 different results:
//
// SearchResult.getName = cn=admin\,\=\+\<\>\#\;\\\\
// SearchResult.getNameInNamespace = cn=admin\,\=\+\<\>#\;\\,ou=people,dc=example,dc=com
//
// the second escapes the slashes correctly.
String userDNNamespace = result.getNameInNamespace();
// handle case where cn, ou, dc case doesn't match
int indexOfUserBaseDN = userDNNamespace.toLowerCase().indexOf("," + options.getUserBaseDn().toLowerCase());
String userDN = (indexOfUserBaseDN > 0) ? userDNNamespace.substring(0, indexOfUserBaseDN) : result.getName();
// we need to pull out the cn=, uid=, ect.. from the user name to get the actual user name
String userName = userDN;
if (userDN.contains("="))
userName = userDN.split("=")[1];
users.add(new UserPrincipal(userName));
}
} finally {
if (namingEnumeration != null) {
try {
namingEnumeration.close();
} catch (NamingException e) {
// Ignore
}
}
}
return users;
} catch (NamingException e) {
throw new RuntimeException(e);
}
}
Also used :
ArrayList(java.util.ArrayList)
SearchControls(javax.naming.directory.SearchControls)
NamingEnumeration(javax.naming.NamingEnumeration)
SearchResult(javax.naming.directory.SearchResult)
NamingException(javax.naming.NamingException)
DirContext(javax.naming.directory.DirContext)
UserPrincipal(org.apache.karaf.jaas.boot.principal.UserPrincipal)
Example 28 with SearchControls
use of javax.naming.directory.SearchControls in project karaf by apache.
the class LDAPCache method doGetUserDnAndNamespace.
protected String[] doGetUserDnAndNamespace(String user) throws NamingException {
DirContext context = open();
SearchControls controls = new SearchControls();
if (options.getUserSearchSubtree()) {
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
} else {
controls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
}
String filter = options.getUserFilter();
filter = filter.replaceAll(Pattern.quote("%u"), Matcher.quoteReplacement(user));
filter = filter.replace("\\", "\\\\");
LOGGER.debug("Looking for the user in LDAP with ");
LOGGER.debug(" base DN: " + options.getUserBaseDn());
LOGGER.debug(" filter: " + filter);
NamingEnumeration namingEnumeration = context.search(options.getUserBaseDn(), filter, controls);
try {
if (!namingEnumeration.hasMore()) {
LOGGER.warn("User " + user + " not found in LDAP.");
return null;
}
LOGGER.debug("Found the user DN.");
SearchResult result = (SearchResult) namingEnumeration.next();
// We need to do the following because slashes are handled badly. For example, when searching
// for a user with lots of special characters like cn=admin,=+<>#;\
// SearchResult contains 2 different results:
//
// SearchResult.getName = cn=admin\,\=\+\<\>\#\;\\\\
// SearchResult.getNameInNamespace = cn=admin\,\=\+\<\>#\;\\,ou=people,dc=example,dc=com
//
// the second escapes the slashes correctly.
String userDNNamespace = result.getNameInNamespace();
// handle case where cn, ou, dc case doesn't match
int indexOfUserBaseDN = userDNNamespace.toLowerCase().indexOf("," + options.getUserBaseDn().toLowerCase());
String userDN = (indexOfUserBaseDN > 0) ? userDNNamespace.substring(0, indexOfUserBaseDN) : result.getName();
return new String[] { userDN, userDNNamespace };
} finally {
if (namingEnumeration != null) {
try {
namingEnumeration.close();
} catch (NamingException e) {
// Ignore
}
}
}
}
Also used :
SearchControls(javax.naming.directory.SearchControls)
NamingEnumeration(javax.naming.NamingEnumeration)
SearchResult(javax.naming.directory.SearchResult)
NamingException(javax.naming.NamingException)
InitialDirContext(javax.naming.directory.InitialDirContext)
EventDirContext(javax.naming.event.EventDirContext)
DirContext(javax.naming.directory.DirContext)
Example 29 with SearchControls
use of javax.naming.directory.SearchControls in project karaf by apache.
the class LDAPCache method doGetUserRoles.
private String[] doGetUserRoles(String user, String userDn, String userDnNamespace) throws NamingException {
DirContext context = open();
SearchControls controls = new SearchControls();
if (options.getRoleSearchSubtree()) {
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
} else {
controls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
}
String filter = options.getRoleFilter();
if (filter != null) {
filter = filter.replaceAll(Pattern.quote("%u"), Matcher.quoteReplacement(user));
filter = filter.replaceAll(Pattern.quote("%dn"), Matcher.quoteReplacement(userDn));
filter = filter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement(userDnNamespace));
filter = filter.replace("\\", "\\\\");
LOGGER.debug("Looking for the user roles in LDAP with ");
LOGGER.debug(" base DN: " + options.getRoleBaseDn());
LOGGER.debug(" filter: " + filter);
NamingEnumeration namingEnumeration = context.search(options.getRoleBaseDn(), filter, controls);
try {
List<String> rolesList = new ArrayList<>();
while (namingEnumeration.hasMore()) {
SearchResult result = (SearchResult) namingEnumeration.next();
Attributes attributes = result.getAttributes();
Attribute roles1 = attributes.get(options.getRoleNameAttribute());
if (roles1 != null) {
for (int i = 0; i < roles1.size(); i++) {
String role = (String) roles1.get(i);
if (role != null) {
LOGGER.debug("User {} is a member of role {}", user, role);
// handle role mapping
Set<String> roleMappings = tryMappingRole(role);
if (roleMappings.isEmpty()) {
rolesList.add(role);
} else {
for (String roleMapped : roleMappings) {
rolesList.add(roleMapped);
}
}
}
}
}
}
return rolesList.toArray(new String[rolesList.size()]);
} finally {
if (namingEnumeration != null) {
try {
namingEnumeration.close();
} catch (NamingException e) {
// Ignore
}
}
}
} else {
LOGGER.debug("The user role filter is null so no roles are retrieved");
return new String[] {};
}
}
Also used :
Attribute(javax.naming.directory.Attribute)
ArrayList(java.util.ArrayList)
Attributes(javax.naming.directory.Attributes)
SearchControls(javax.naming.directory.SearchControls)
NamingEnumeration(javax.naming.NamingEnumeration)
SearchResult(javax.naming.directory.SearchResult)
NamingException(javax.naming.NamingException)
InitialDirContext(javax.naming.directory.InitialDirContext)
EventDirContext(javax.naming.event.EventDirContext)
DirContext(javax.naming.directory.DirContext)
Example 30 with SearchControls
use of javax.naming.directory.SearchControls in project wildfly by wildfly.
the class LdapUrlTestServlet method runSearch.
/**
* Try to search in LDAP with search base containing URL. Also try to retrieve RequestControls from LdapContext.
*
* @param hostname
* @return
* @throws Exception
*/
public static String runSearch(final String hostname, boolean testLdapCtx) throws Exception {
final StringBuilder result = new StringBuilder();
final String ldapUrl = "ldap://" + (hostname == null ? "localhost" : hostname) + ":10389";
final Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.PROVIDER_URL, ldapUrl);
env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
env.put(Context.SECURITY_CREDENTIALS, "secret");
final SearchControls ctl = new SearchControls();
ctl.setReturningAttributes(new String[] { "cn" });
DirContext dirCtx = null;
if (testLdapCtx) {
// LdapContext must also work
LdapContext ldapCtx = new InitialLdapContext(env, null);
// next line tests if the LdapContext works
ldapCtx.getRequestControls();
dirCtx = ldapCtx;
} else {
dirCtx = new InitialDirContext(env);
}
final NamingEnumeration<SearchResult> nenum = dirCtx.search(ldapUrl + "/dc=jboss,dc=org", "(uid=jduke)", ctl);
while (nenum.hasMore()) {
SearchResult sr = nenum.next();
Attributes attrs = sr.getAttributes();
result.append("cn=").append(attrs.get("cn").get());
}
dirCtx.close();
return result.toString();
}
Also used :
Hashtable(java.util.Hashtable)
InitialLdapContext(javax.naming.ldap.InitialLdapContext)
Attributes(javax.naming.directory.Attributes)
SearchControls(javax.naming.directory.SearchControls)
SearchResult(javax.naming.directory.SearchResult)
DirContext(javax.naming.directory.DirContext)
InitialDirContext(javax.naming.directory.InitialDirContext)
InitialDirContext(javax.naming.directory.InitialDirContext)
InitialLdapContext(javax.naming.ldap.InitialLdapContext)
LdapContext(javax.naming.ldap.LdapContext)
Aggregations
SearchControls (javax.naming.directory.SearchControls)59
SearchResult (javax.naming.directory.SearchResult)46
NamingException (javax.naming.NamingException)27
ArrayList (java.util.ArrayList)23
Attributes (javax.naming.directory.Attributes)20
NamingEnumeration (javax.naming.NamingEnumeration)16
Attribute (javax.naming.directory.Attribute)15
DirContext (javax.naming.directory.DirContext)13
InitialDirContext (javax.naming.directory.InitialDirContext)8
LdapContext (javax.naming.ldap.LdapContext)8
HashMap (java.util.HashMap)5
GroupNotFoundException (org.jivesoftware.openfire.group.GroupNotFoundException)5
UserNotFoundException (org.jivesoftware.openfire.user.UserNotFoundException)5
IOException (java.io.IOException)4
HashSet (java.util.HashSet)4
LinkedHashSet (java.util.LinkedHashSet)4
Map (java.util.Map)4
PartialResultException (javax.naming.PartialResultException)4
Control (javax.naming.ldap.Control)4
PagedResultsControl (javax.naming.ldap.PagedResultsControl)4
