Examples with InitialLdapContext javax.naming.ldap.InitialLdapContext used on opensource projects

Example 51 with InitialLdapContext

use of javax.naming.ldap.InitialLdapContext in project eap-additional-testsuite by jboss-set.

the class OtpSaslTestCase method assertSequenceAndHash.

/**
 * Check correct user attribute values in the LDAP when using OTP algorithm.
 */
private void assertSequenceAndHash(Integer expectedSequence, byte[] expectedHash) throws NamingException {
    final Properties env = new Properties();
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, LDAP_URL);
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
    env.put(Context.SECURITY_CREDENTIALS, "secret");
    final LdapContext ctx = new InitialLdapContext(env, null);
    NamingEnumeration<?> namingEnum = ctx.search("dc=wildfly,dc=org", new BasicAttributes("cn", "jduke"));
    if (namingEnum.hasMore()) {
        SearchResult sr = (SearchResult) namingEnum.next();
        Attributes attrs = sr.getAttributes();
        assertEquals("Unexpected sequence number in LDAP attribute", expectedSequence, new Integer(attrs.get("telephoneNumber").get().toString()));
        assertEquals("Unexpected hash value in LDAP attribute", Base64.getEncoder().encodeToString(expectedHash), attrs.get("title").get().toString());
    } else {
        fail("User not found in LDAP");
    }
    namingEnum.close();
    ctx.close();
}

Example 52 with InitialLdapContext

use of javax.naming.ldap.InitialLdapContext in project bw-calendar-engine by Bedework.

the class UserGroupsLdapImpl method getGroupMembers.

/* Find members for given group
   *
   */
private void getGroupMembers(final DirConfigProperties dirProps, final BwGroup group) throws CalFacadeException {
    LdapConfigProperties props = (LdapConfigProperties) dirProps;
    InitialLdapContext ctx = null;
    try {
        ctx = createLdapInitContext(props);
        BasicAttributes matchAttrs = new BasicAttributes(true);
        matchAttrs.put(props.getGroupIdAttr(), group.getAccount());
        String[] memberAttr = { props.getGroupMemberAttr() };
        ArrayList<String> mbrs = null;
        boolean beenHere = false;
        NamingEnumeration response = ctx.search(props.getGroupContextDn(), matchAttrs, memberAttr);
        while (response.hasMore()) {
            SearchResult sr = (SearchResult) response.next();
            Attributes attrs = sr.getAttributes();
            if (beenHere) {
                throw new CalFacadeException("org.bedework.ldap.groups.multiple.result");
            }
            beenHere = true;
            Attribute membersAttr = attrs.get(props.getGroupMemberAttr());
            mbrs = new ArrayList<String>();
            for (int m = 0; m < membersAttr.size(); m++) {
                mbrs.add(membersAttr.get(m).toString());
            }
        }
        // LDAP We need a way to search recursively for groups.
        /* Search for each user in the group */
        String memberContext = props.getGroupMemberContextDn();
        String memberSearchAttr = props.getGroupMemberSearchAttr();
        String[] idAttr = { props.getGroupMemberUserIdAttr(), props.getGroupMemberGroupIdAttr(), "objectclass" };
        for (String mbr : mbrs) {
            if (memberContext != null) {
                matchAttrs = new BasicAttributes(true);
                matchAttrs.put(memberSearchAttr, mbr);
                response = ctx.search(memberContext, matchAttrs, idAttr);
            } else {
                response = ctx.search(memberContext, null, idAttr);
            }
            if (response.hasMore()) {
                SearchResult sr = (SearchResult) response.next();
                Attributes attrs = sr.getAttributes();
                Attribute ocsAttr = attrs.get("objectclass");
                String userOc = props.getUserObjectClass();
                String groupOc = props.getGroupObjectClass();
                boolean isGroup = false;
                for (int oci = 0; oci < ocsAttr.size(); oci++) {
                    String oc = ocsAttr.get(oci).toString();
                    if (userOc.equals(oc)) {
                        break;
                    }
                    if (groupOc.equals(oc)) {
                        isGroup = true;
                        break;
                    }
                }
                BwPrincipal p = null;
                Attribute attr;
                if (isGroup) {
                    p = BwPrincipal.makeGroupPrincipal();
                    attr = attrs.get(props.getGroupMemberGroupIdAttr());
                } else {
                    p = BwPrincipal.makeUserPrincipal();
                    attr = attrs.get(props.getGroupMemberUserIdAttr());
                }
                if (attr.size() != 1) {
                    throw new CalFacadeException("org.bedework.ldap.groups.multiple.result");
                }
                p.setAccount(attr.get(0).toString());
                p.setPrincipalRef(makePrincipalUri(p.getAccount(), p.getKind()));
                group.addGroupMember(p);
            }
        }
    } catch (Throwable t) {
        if (debug) {
            error(t);
        }
        throw new CalFacadeException(t);
    } finally {
        // Close the context to release the connection
        if (ctx != null) {
            closeContext(ctx);
        }
    }
    for (BwGroup g : group.getGroups()) {
        getGroupMembers(props, g);
    }
}

Example 53 with InitialLdapContext

use of javax.naming.ldap.InitialLdapContext in project gerrit by GerritCodeReview.

the class Helper method createContext.

private LdapContext createContext(Properties env) throws IOException, NamingException {
    LdapContext ctx = new InitialLdapContext(env, null);
    if (startTls) {
        StartTlsResponse tls = (StartTlsResponse) ctx.extendedOperation(new StartTlsRequest());
        SSLSocketFactory sslfactory = null;
        if (!sslVerify) {
            sslfactory = (SSLSocketFactory) BlindSSLSocketFactory.getDefault();
            tls.setHostnameVerifier(BlindHostnameVerifier.getInstance());
        }
        tls.negotiate(sslfactory);
        ctx.addToEnvironment(STARTTLS_PROPERTY, tls);
    }
    return ctx;
}

Example 54 with InitialLdapContext

use of javax.naming.ldap.InitialLdapContext in project openolat by klemens.

the class LDAPLoginManagerImpl method bindUser.

/**
 * Connect to LDAP with the User-Name and Password given as parameters
 *
 * Configuration: LDAP URL = ldapContext.xml (property=ldapURL) LDAP Base =
 * ldapContext.xml (property=ldapBase) LDAP Attributes Map =
 * ldapContext.xml (property=userAttrs)
 *
 * @param uid The users LDAP login name (can't be null)
 * @param pwd The users LDAP password (can't be null)
 *
 * @return After successful bind Attributes otherwise NULL
 *
 * @throws NamingException
 */
@Override
public Attributes bindUser(String login, String pwd, LDAPError errors) {
    // get user name, password and attributes
    String ldapUrl = ldapLoginModule.getLdapUrl();
    String[] userAttr = syncConfiguration.getUserAttributes();
    if (login == null || pwd == null) {
        if (log.isDebug())
            log.debug("Error when trying to bind user, missing username or password. Username::" + login + " pwd::" + pwd);
        errors.insert("Username and password must be selected");
        return null;
    }
    LdapContext ctx = bindSystem();
    if (ctx == null) {
        errors.insert("LDAP connection error");
        return null;
    }
    String userDN = ldapDao.searchUserForLogin(login, ctx);
    if (userDN == null) {
        log.info("Error when trying to bind user with username::" + login + " - user not found on LDAP server" + (ldapLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin() ? ", trying with OLAT login provider" : ""));
        errors.insert("Username or password incorrect");
        return null;
    }
    // Ok, so far so good, user exists. Now try to fetch attributes using the
    // users credentials
    Hashtable<String, String> env = new Hashtable<String, String>();
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, ldapUrl);
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, userDN);
    env.put(Context.SECURITY_CREDENTIALS, pwd);
    if (ldapLoginModule.getLdapConnectionTimeout() != null) {
        env.put(TIMEOUT_KEY, ldapLoginModule.getLdapConnectionTimeout().toString());
    }
    if (ldapLoginModule.isSslEnabled()) {
        enableSSL(env);
    }
    try {
        Control[] connectCtls = new Control[] {};
        LdapContext userBind = new InitialLdapContext(env, connectCtls);
        Attributes attributes = userBind.getAttributes(userDN, userAttr);
        userBind.close();
        return attributes;
    } catch (AuthenticationException e) {
        log.info("Error when trying to bind user with username::" + login + " - invalid LDAP password");
        errors.insert("Username or password incorrect");
        return null;
    } catch (NamingException e) {
        log.error("NamingException when trying to get attributes after binding user with username::" + login, e);
        errors.insert("Username or password incorrect");
        return null;
    }
}