Example 11 with LdapName
use of javax.naming.ldap.LdapName in project nifi by apache.
the class CertificateUtils method compareDNs.
/**
* Returns true if the two provided DNs are equivalent, regardless of the order of the elements. Returns false if one or both are invalid DNs.
*
* Example:
*
* CN=test1, O=testOrg, C=US compared to CN=test1, O=testOrg, C=US -> true
* CN=test1, O=testOrg, C=US compared to O=testOrg, CN=test1, C=US -> true
* CN=test1, O=testOrg, C=US compared to CN=test2, O=testOrg, C=US -> false
* CN=test1, O=testOrg, C=US compared to O=testOrg, CN=test2, C=US -> false
* CN=test1, O=testOrg, C=US compared to -> false
* compared to -> true
*
* @param dn1 the first DN to compare
* @param dn2 the second DN to compare
* @return true if the DNs are equivalent, false otherwise
*/
public static boolean compareDNs(String dn1, String dn2) {
if (dn1 == null) {
dn1 = "";
}
if (dn2 == null) {
dn2 = "";
}
if (StringUtils.isEmpty(dn1) || StringUtils.isEmpty(dn2)) {
return dn1.equals(dn2);
}
try {
List<Rdn> rdn1 = new LdapName(dn1).getRdns();
List<Rdn> rdn2 = new LdapName(dn2).getRdns();
return rdn1.size() == rdn2.size() && rdn1.containsAll(rdn2);
} catch (InvalidNameException e) {
logger.warn("Cannot compare DNs: {} and {} because one or both is not a valid DN", dn1, dn2);
return false;
}
}
Also used :
InvalidNameException(javax.naming.InvalidNameException)
Rdn(javax.naming.ldap.Rdn)
LdapName(javax.naming.ldap.LdapName)
Example 12 with LdapName
use of javax.naming.ldap.LdapName in project jdk8u_jdk by JetBrains.
the class LdapCtx method composeName.
public Name composeName(Name name, Name prefix) throws NamingException {
Name result;
// Handle compound names. A pair of LdapNames is an easy case.
if ((name instanceof LdapName) && (prefix instanceof LdapName)) {
result = (Name) (prefix.clone());
result.addAll(name);
return new CompositeName().add(result.toString());
}
if (!(name instanceof CompositeName)) {
name = new CompositeName().add(name.toString());
}
if (!(prefix instanceof CompositeName)) {
prefix = new CompositeName().add(prefix.toString());
}
int prefixLast = prefix.size() - 1;
if (name.isEmpty() || prefix.isEmpty() || name.get(0).equals("") || prefix.get(prefixLast).equals("")) {
return super.composeName(name, prefix);
}
result = (Name) (prefix.clone());
result.addAll(name);
if (parentIsLdapCtx) {
String ldapComp = concatNames(result.get(prefixLast + 1), result.get(prefixLast));
result.remove(prefixLast + 1);
result.remove(prefixLast);
result.add(prefixLast, ldapComp);
}
return result;
}Example 13 with LdapName
use of javax.naming.ldap.LdapName in project Lucee by lucee.
the class AbsDefaultHostnameVerifier method extractCN.
static String extractCN(final String subjectPrincipal) throws SSLException {
if (subjectPrincipal == null) {
return null;
}
try {
final LdapName subjectDN = new LdapName(subjectPrincipal);
final List<Rdn> rdns = subjectDN.getRdns();
for (int i = rdns.size() - 1; i >= 0; i--) {
final Rdn rds = rdns.get(i);
final Attributes attributes = rds.toAttributes();
final Attribute cn = attributes.get("cn");
if (cn != null) {
try {
final Object value = cn.get();
if (value != null) {
return value.toString();
}
} catch (NoSuchElementException ignore) {
} catch (NamingException ignore) {
}
}
}
return null;
} catch (InvalidNameException e) {
throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name");
}
}
Also used :
InvalidNameException(javax.naming.InvalidNameException)
Attribute(javax.naming.directory.Attribute)
Attributes(javax.naming.directory.Attributes)
NamingException(javax.naming.NamingException)
Rdn(javax.naming.ldap.Rdn)
SSLException(javax.net.ssl.SSLException)
NoSuchElementException(java.util.NoSuchElementException)
LdapName(javax.naming.ldap.LdapName)
Example 14 with LdapName
use of javax.naming.ldap.LdapName in project cxf by apache.
the class DefaultHostnameVerifier method extractCN.
static String extractCN(final String subjectPrincipal) throws SSLException {
if (subjectPrincipal == null) {
return null;
}
try {
final LdapName subjectDN = new LdapName(subjectPrincipal);
final List<Rdn> rdns = subjectDN.getRdns();
for (int i = rdns.size() - 1; i >= 0; i--) {
final Rdn rds = rdns.get(i);
final Attributes attributes = rds.toAttributes();
final Attribute cn = attributes.get("cn");
if (cn != null) {
try {
final Object value = cn.get();
if (value != null) {
return value.toString();
}
} catch (NoSuchElementException ignore) {
//
} catch (NamingException ignore) {
//
}
}
}
return null;
} catch (InvalidNameException e) {
throw new SSLException(subjectPrincipal + " is not a valid X500 distinguished name");
}
}
Also used :
InvalidNameException(javax.naming.InvalidNameException)
Attribute(javax.naming.directory.Attribute)
Attributes(javax.naming.directory.Attributes)
NamingException(javax.naming.NamingException)
Rdn(javax.naming.ldap.Rdn)
SSLException(javax.net.ssl.SSLException)
NoSuchElementException(java.util.NoSuchElementException)
LdapName(javax.naming.ldap.LdapName)
Example 15 with LdapName
use of javax.naming.ldap.LdapName in project knox by apache.
the class KnoxLdapRealm method addRoleIfMember.
private void addRoleIfMember(final String userDn, final SearchResult group, final Set<String> roleNames, final Set<String> groupNames, final LdapContextFactory ldapContextFactory) throws NamingException {
NamingEnumeration<? extends Attribute> attributeEnum = null;
NamingEnumeration<?> e = null;
try {
LdapName userLdapDn = new LdapName(userDn);
Attribute attribute = group.getAttributes().get(getGroupIdAttribute());
String groupName = attribute.get().toString();
attributeEnum = group.getAttributes().getAll();
while (attributeEnum.hasMore()) {
final Attribute attr = attributeEnum.next();
if (!memberAttribute.equalsIgnoreCase(attr.getID())) {
continue;
}
e = attr.getAll();
while (e.hasMore()) {
String attrValue = e.next().toString();
if (memberAttribute.equalsIgnoreCase(MEMBER_URL)) {
boolean dynamicGroupMember = isUserMemberOfDynamicGroup(userLdapDn, // memberUrl value
attrValue, ldapContextFactory);
if (dynamicGroupMember) {
groupNames.add(groupName);
String roleName = roleNameFor(groupName);
if (roleName != null) {
roleNames.add(roleName);
} else {
roleNames.add(groupName);
}
}
} else {
if (groupObjectClass.equalsIgnoreCase(POSIX_GROUP)) {
attrValue = memberAttributeValuePrefix + attrValue + memberAttributeValueSuffix;
}
if (userLdapDn.equals(new LdapName(attrValue))) {
groupNames.add(groupName);
String roleName = roleNameFor(groupName);
if (roleName != null) {
roleNames.add(roleName);
} else {
roleNames.add(groupName);
}
break;
}
}
}
}
} finally {
try {
if (attributeEnum != null) {
attributeEnum.close();
}
} finally {
if (e != null) {
e.close();
}
}
}
}Aggregations
LdapName (javax.naming.ldap.LdapName)86
Rdn (javax.naming.ldap.Rdn)43
InvalidNameException (javax.naming.InvalidNameException)27
Attribute (javax.naming.directory.Attribute)18
NamingException (javax.naming.NamingException)16
Attributes (javax.naming.directory.Attributes)12
SearchResult (javax.naming.directory.SearchResult)10
Test (org.junit.Test)10
IOException (java.io.IOException)6
X509Certificate (java.security.cert.X509Certificate)6
ArrayList (java.util.ArrayList)6
HashMap (java.util.HashMap)6
PolyString (com.evolveum.midpoint.prism.polystring.PolyString)5
Test (org.junit.jupiter.api.Test)5
HashSet (java.util.HashSet)4
List (java.util.List)4
NoSuchElementException (java.util.NoSuchElementException)4
TreeSet (java.util.TreeSet)4
SearchControls (javax.naming.directory.SearchControls)4
SSLException (javax.net.ssl.SSLException)4
