Example 26 with LdapName
use of javax.naming.ldap.LdapName in project gitblit by gitblit.
the class X509Utils method getMetadata.
public static X509Metadata getMetadata(X509Certificate cert) {
Map<String, String> oids = new HashMap<String, String>();
try {
String dn = cert.getSubjectDN().getName();
LdapName ldapName = new LdapName(dn);
for (int i = 0; i < ldapName.size(); i++) {
String[] val = ldapName.get(i).trim().split("=", 2);
String oid = val[0].toUpperCase().trim();
String data = val[1].trim();
oids.put(oid, data);
}
} catch (Exception e) {
throw new RuntimeException(e);
}
X509Metadata metadata = new X509Metadata(oids.get("CN"), "whocares");
metadata.oids.putAll(oids);
metadata.serialNumber = cert.getSerialNumber().toString();
metadata.notAfter = cert.getNotAfter();
metadata.notBefore = cert.getNotBefore();
metadata.emailAddress = metadata.getOID("E", null);
if (metadata.emailAddress == null) {
metadata.emailAddress = metadata.getOID("EMAILADDRESS", null);
}
return metadata;
}
Also used :
HashMap(java.util.HashMap)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
IOException(java.io.IOException)
LdapName(javax.naming.ldap.LdapName)
Example 27 with LdapName
use of javax.naming.ldap.LdapName in project gerrit by GerritCodeReview.
the class LdapGroupBackend method cnFor.
private static String cnFor(String dn) {
try {
LdapName name = new LdapName(dn);
if (!name.isEmpty()) {
String cn = name.get(name.size() - 1);
int index = cn.indexOf('=');
if (index >= 0) {
cn = cn.substring(index + 1);
}
return cn;
}
} catch (InvalidNameException e) {
logger.atWarning().withCause(e).log("Cannot parse LDAP dn for cn");
}
return dn;
}
Also used :
InvalidNameException(javax.naming.InvalidNameException)
ParameterizedString(com.google.gerrit.common.data.ParameterizedString)
LdapName(javax.naming.ldap.LdapName)
Example 28 with LdapName
use of javax.naming.ldap.LdapName in project tomee by apache.
the class TomEELDAPIdentityStore method getGroupsWithCallerDn.
private Set<String> getGroupsWithCallerDn(final LdapContext ldapContext, final String callerDn) {
if (StringUtils.isEmpty(callerDn)) {
return emptySet();
}
if (StringUtils.isEmpty(definition.groupSearchBase()) && StringUtils.isNotEmpty(definition.groupMemberOfAttribute())) {
Set<String> groups = null;
try {
final Attributes attributes = ldapContext.getAttributes(callerDn, new String[] { definition.groupMemberOfAttribute() });
final Attribute memberOfAttribute = attributes.get(definition.groupMemberOfAttribute());
groups = new HashSet<>();
if (memberOfAttribute != null) {
for (Object group : list(memberOfAttribute.getAll())) {
if (group != null) {
final LdapName dn = new LdapName(group.toString());
final Attribute attribute = dn.getRdn(dn.size() - 1).toAttributes().get(definition.groupNameAttribute());
if (attribute == null) {
throw new RuntimeException(definition.groupNameAttribute() + "does not match any group in DN: " + group.toString());
}
final String groupName = attribute.get(0).toString();
if (groupName != null) {
groups.add(groupName);
}
}
}
}
} catch (final NamingException e) {
// todo better exception handling
throw new RuntimeException(e);
}
return groups;
} else {
String filter = null;
if (StringUtils.isNotEmpty(definition.groupSearchFilter())) {
filter = format(definition.groupSearchFilter(), callerDn);
} else {
filter = format(DEFAULT_GROUP_FILTER, definition.groupMemberAttribute(), callerDn);
}
final List<SearchResult> searchResults = query(ldapContext, definition.groupSearchBase(), filter, getGroupSearchControls());
Set<String> groups = new HashSet<>();
try {
for (SearchResult searchResult : searchResults) {
Attribute attribute = searchResult.getAttributes().get(definition.groupNameAttribute());
if (attribute != null) {
for (Object group : list(attribute.getAll())) {
if (group != null) {
groups.add(group.toString());
}
}
}
}
} catch (final NamingException e) {
// todo better exception handling
throw new RuntimeException(e);
}
return groups;
}
}
Also used :
Attribute(javax.naming.directory.Attribute)
Attributes(javax.naming.directory.Attributes)
NamingException(javax.naming.NamingException)
SearchResult(javax.naming.directory.SearchResult)
LdapName(javax.naming.ldap.LdapName)
HashSet(java.util.HashSet)
Example 29 with LdapName
use of javax.naming.ldap.LdapName in project midpoint by Evolveum.
the class BasicExpressionFunctions method composeDn.
/**
* Creates a valid LDAP distinguished name from the wide range of components. The method
* can be invoked in many ways, e.g.:
* <p>
* composeDn("cn","foo","o","bar")
* composeDn("cn","foo",new Rdn("o","bar"))
* composeDn(new Rdn("cn","foo"),"ou","baz",new Rdn("o","bar"))
* composeDn(new Rdn("cn","foo"),"ou","baz","o","bar")
* composeDn(new Rdn("cn","foo"),new LdapName("ou=baz,o=bar"))
* composeDn("cn","foo",new LdapName("ou=baz,o=bar"))
* <p>
* Note: the DN is not normalized. The case of the attribute names and white spaces are
* preserved.
*/
public static String composeDn(Object... components) throws InvalidNameException {
if (components == null) {
return null;
}
if (components.length == 0) {
return null;
}
if (components.length == 1 && components[0] == null) {
return null;
}
if (components.length == 1 && (components[0] instanceof String) && StringUtils.isBlank((String) (components[0]))) {
return null;
}
LinkedList<Rdn> rdns = new LinkedList<>();
String attrName = null;
for (Object component : components) {
if (attrName != null && !(component instanceof String || component instanceof PolyString || component instanceof PolyStringType)) {
throw new InvalidNameException("Invalid input to composeDn() function: expected string after '" + attrName + "' argument, but got " + MiscUtil.getClass(component));
}
if (component instanceof Rdn) {
rdns.addFirst((Rdn) component);
} else if (component instanceof PolyString) {
component = component.toString();
} else if (component instanceof PolyStringType) {
component = component.toString();
}
if (component instanceof String) {
if (attrName == null) {
attrName = (String) component;
} else {
rdns.addFirst(new Rdn(attrName, (String) component));
attrName = null;
}
}
if (component instanceof LdapName) {
rdns.addAll(0, ((LdapName) component).getRdns());
}
}
LdapName dn = new LdapName(rdns);
return dn.toString();
}
Also used :
PolyStringType(com.evolveum.prism.xml.ns._public.types_3.PolyStringType)
InvalidNameException(javax.naming.InvalidNameException)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
Rdn(javax.naming.ldap.Rdn)
LdapName(javax.naming.ldap.LdapName)
Example 30 with LdapName
use of javax.naming.ldap.LdapName in project midpoint by Evolveum.
the class BasicExpressionFunctions method determineLdapSingleAttributeValue.
// We cannot have Collection<String> here. The generic type information will disappear at runtime and the scripts can pass
// anything that they find suitable. E.g. XPath is passing elements
public String determineLdapSingleAttributeValue(String dn, String attributeName, Collection<?> values) throws NamingException {
if (values == null || values.isEmpty()) {
return null;
}
Collection<String> stringValues = null;
// Determine item type, try to convert to strings
Object firstElement = values.iterator().next();
if (firstElement instanceof String) {
stringValues = (Collection) values;
} else if (firstElement instanceof Element) {
stringValues = new ArrayList<>(values.size());
for (Object value : values) {
Element element = (Element) value;
stringValues.add(element.getTextContent());
}
} else {
throw new IllegalArgumentException("Unexpected value type " + firstElement.getClass());
}
if (stringValues.size() == 1) {
return stringValues.iterator().next();
}
if (StringUtils.isBlank(dn)) {
throw new IllegalArgumentException("No dn argument specified, cannot determine which of " + values.size() + " values to use");
}
LdapName parsedDn = new LdapName(dn);
for (int i = 0; i < parsedDn.size(); i++) {
Rdn rdn = parsedDn.getRdn(i);
Attributes rdnAttributes = rdn.toAttributes();
NamingEnumeration<String> rdnIDs = rdnAttributes.getIDs();
while (rdnIDs.hasMore()) {
String rdnID = rdnIDs.next();
Attribute attribute = rdnAttributes.get(rdnID);
if (attributeName.equals(attribute.getID())) {
for (int j = 0; j < attribute.size(); j++) {
Object value = attribute.get(j);
if (stringValues.contains(value)) {
return (String) value;
}
}
}
}
}
// Fallback. No values in DN. Just return the first alphabetically-wise value.
return Collections.min(stringValues);
}
Also used :
ResourceAttribute(com.evolveum.midpoint.schema.processor.ResourceAttribute)
Attribute(javax.naming.directory.Attribute)
Element(org.w3c.dom.Element)
Attributes(javax.naming.directory.Attributes)
PolyString(com.evolveum.midpoint.prism.polystring.PolyString)
Rdn(javax.naming.ldap.Rdn)
LdapName(javax.naming.ldap.LdapName)
Aggregations
LdapName (javax.naming.ldap.LdapName)86
Rdn (javax.naming.ldap.Rdn)43
InvalidNameException (javax.naming.InvalidNameException)27
Attribute (javax.naming.directory.Attribute)18
NamingException (javax.naming.NamingException)16
Attributes (javax.naming.directory.Attributes)12
SearchResult (javax.naming.directory.SearchResult)10
Test (org.junit.Test)10
IOException (java.io.IOException)6
X509Certificate (java.security.cert.X509Certificate)6
ArrayList (java.util.ArrayList)6
HashMap (java.util.HashMap)6
PolyString (com.evolveum.midpoint.prism.polystring.PolyString)5
Test (org.junit.jupiter.api.Test)5
HashSet (java.util.HashSet)4
List (java.util.List)4
NoSuchElementException (java.util.NoSuchElementException)4
TreeSet (java.util.TreeSet)4
SearchControls (javax.naming.directory.SearchControls)4
SSLException (javax.net.ssl.SSLException)4
