Example 1 with Attribute
use of net.sourceforge.myvd.types.Attribute in project OpenUnison by TremoloSecurity.
the class MongoInsert method getRDN.
Attribute getRDN(String dn) {
if (dn.toLowerCase().startsWith("ou=")) {
return null;
} else {
int start = dn.indexOf('=');
String attr = dn.substring(0, start);
String val = dn.substring(start + 1, dn.indexOf(',', start + 1));
Attribute rdn = new Attribute(attr, val);
return rdn;
}
}
Also used :
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(net.sourceforge.myvd.types.Attribute)
Example 2 with Attribute
use of net.sourceforge.myvd.types.Attribute in project OpenUnison by TremoloSecurity.
the class AmazonSimpleDB method searchAmazonSimpleDB.
private Iterator<Item> searchAmazonSimpleDB(boolean users, Filter filter, ArrayList<Attribute> attributes) {
StringBuffer sqlWhere = new StringBuffer();
ArrayList<Object> vals = new ArrayList<Object>();
this.stringFilter(filter.getRoot(), sqlWhere, vals);
StringBuffer SQL = new StringBuffer();
SQL.append("SELECT ");
if (attributes.size() == 0) {
SQL.append("* ");
} else if (attributes.size() == 1 && attributes.get(0).equals("*")) {
SQL.append("* ");
} else if (attributes.size() == 1 && attributes.get(0).getAttribute().getName().equals("1.1")) {
SQL.append("uid ");
} else {
for (Attribute attr : attributes) {
SQL.append(attr.getAttribute().getName()).append(',');
}
SQL.setLength(SQL.length() - 1);
}
SQL.append(" FROM ").append('`');
if (users) {
SQL.append(this.userDomain);
} else {
SQL.append(this.groupDomain);
}
SQL.append("` WHERE ").append(sqlWhere);
if (logger.isDebugEnabled()) {
logger.debug("SQL : " + SQL.toString());
}
SelectResult res = this.sdb.select(new SelectRequest(SQL.toString()));
return res.getItems().iterator();
}
Also used :
SelectResult(com.amazonaws.services.simpledb.model.SelectResult)
Attribute(net.sourceforge.myvd.types.Attribute)
ArrayList(java.util.ArrayList)
SelectRequest(com.amazonaws.services.simpledb.model.SelectRequest)
Example 3 with Attribute
use of net.sourceforge.myvd.types.Attribute in project OpenUnison by TremoloSecurity.
the class AddGroupsFromProvisioningTarget method postSearchEntry.
public void postSearchEntry(PostSearchEntryInterceptorChain chain, Entry entry, DistinguishedName base, Int scope, Filter filter, ArrayList<Attribute> attributes, Bool typesOnly, LDAPSearchConstraints constraints) throws LDAPException {
chain.nextPostSearchEntry(entry, base, scope, filter, attributes, typesOnly, constraints);
if (logger.isDebugEnabled()) {
logger.debug("in post search entry");
}
boolean addAttr = false;
if (attributes == null || attributes.size() == 0 || attributes.get(0).getAttribute().getName().equalsIgnoreCase("*")) {
addAttr = true;
}
if (addAttr) {
for (Attribute attr : attributes) {
if (attr.getAttribute().getName().equalsIgnoreCase(this.attributeName)) {
addAttr = true;
break;
}
}
}
if (logger.isDebugEnabled()) {
logger.debug("Adding attribute : '" + addAttr + "'");
}
if (addAttr) {
// LDAPAttribute attr = new LDAPAttribute(this.attributeName);
try {
StringBuffer b = new StringBuffer();
LDAPAttribute userID = entry.getEntry().getAttribute(this.uidAttribute);
if (logger.isDebugEnabled()) {
logger.debug("Looking up user : '" + userID + "'");
}
if (userID != null) {
User user = GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().getTarget(targetName).findUser(userID.getStringValue(), new HashMap<String, Object>());
if (logger.isDebugEnabled()) {
logger.debug("User returned : '" + user + "'");
}
if (user != null) {
if (logger.isDebugEnabled()) {
logger.debug("User groups : '" + user.getGroups() + "'");
}
if (user.getGroups().size() > 0) {
LDAPAttribute attr = entry.getEntry().getAttributeSet().getAttribute(this.attributeName);
if (attr == null) {
attr = new LDAPAttribute(this.attributeName);
entry.getEntry().getAttributeSet().add(attr);
}
if (this.targetRoleAttribute == null || this.targetRoleAttribute.isEmpty()) {
for (String groupName : user.getGroups()) {
b.setLength(0);
if (this.label.isEmpty()) {
b.append(groupName);
} else {
b.append(this.label).append(" - ").append(groupName);
}
attr.addValue(b.toString());
}
} else {
com.tremolosecurity.saml.Attribute targetAttr = user.getAttribs().get(this.targetRoleAttribute);
if (targetAttr != null) {
for (String val : targetAttr.getValues()) {
b.setLength(0);
b.append(this.label).append(" - ").append(val);
attr.addValue(b.toString());
}
}
}
}
}
}
} catch (Throwable t) {
logger.warn("Could not load user : '" + t.getMessage() + "'");
if (logger.isDebugEnabled()) {
logger.debug(t);
}
}
}
}
Also used :
LDAPAttribute(com.novell.ldap.LDAPAttribute)
User(com.tremolosecurity.provisioning.core.User)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(net.sourceforge.myvd.types.Attribute)
Example 4 with Attribute
use of net.sourceforge.myvd.types.Attribute in project OpenUnison by TremoloSecurity.
the class ExternalGroupMembers method search.
@Override
public void search(SearchInterceptorChain chain, DistinguishedName base, Int scope, Filter filter, ArrayList<Attribute> attributes, Bool typesOnly, Results results, LDAPSearchConstraints constraints) throws LDAPException {
boolean add = false;
for (Attribute attr : attributes) {
if (attr.getAttribute().getName().equalsIgnoreCase(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getGroupMemberAttribute())) {
add = true;
}
}
if (add) {
ArrayList<Attribute> nattrs = new ArrayList<Attribute>();
nattrs.addAll(attributes);
Attribute attr = new Attribute(this.externalGroupAttrName);
nattrs.add(attr);
attributes = nattrs;
}
Filter nfilter = null;
try {
FilterNode nroot = (FilterNode) filter.getRoot().clone();
nfilter = new Filter(nroot);
} catch (CloneNotSupportedException e) {
throw new LDAPException("Could not clone filter", LDAPException.OPERATIONS_ERROR, "Could not clone filter", e);
}
this.searchExternal(nfilter.getRoot());
chain.nextSearch(base, scope, nfilter, attributes, typesOnly, results, constraints);
}
Also used :
LDAPException(com.novell.ldap.LDAPException)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(net.sourceforge.myvd.types.Attribute)
Filter(net.sourceforge.myvd.types.Filter)
FilterNode(net.sourceforge.myvd.types.FilterNode)
ArrayList(java.util.ArrayList)
Example 5 with Attribute
use of net.sourceforge.myvd.types.Attribute in project OpenUnison by TremoloSecurity.
the class AuthLockoutInsert method bind.
@Override
public void bind(BindInterceptorChain chain, DistinguishedName dn, Password pwd, LDAPConstraints constraints) throws LDAPException {
Results results = new Results(null, chain.getPositionInChain(this) + 1);
SearchInterceptorChain schain = chain.createSearchChain(chain.getPositionInChain(this) + 1);
schain.nextSearch(new DistinguishedName(dn.getDN()), new Int(0), new Filter("(objectClass=*)"), new ArrayList<Attribute>(), new Bool(false), results, new LDAPSearchConstraints());
results.start();
if (!results.hasMore()) {
throw new LDAPException("No such object", LDAPException.NO_SUCH_OBJECT, "Could not find dn");
}
Entry entry = results.next();
while (results.hasMore()) {
results.next();
}
try {
chain.nextBind(dn, pwd, constraints);
LDAPAttribute lastFailed = entry.getEntry().getAttributeSet().getAttribute(this.lastFailedAttribute);
LDAPAttribute numFailures = entry.getEntry().getAttributeSet().getAttribute(this.numFailedAttribute);
if (lastFailed != null && numFailures != null) {
long lastFailedTS = Long.parseLong(lastFailed.getStringValue());
int numPrevFailures = Integer.parseInt(numFailures.getStringValue());
long now = new DateTime(DateTimeZone.UTC).getMillis();
long lockedUntil = lastFailedTS + this.maxLockoutTime;
if (logger.isDebugEnabled()) {
logger.debug("Num Failed : " + numPrevFailures);
logger.debug("Last Failed : '" + lastFailedTS + "'");
logger.info("Now : '" + now + "'");
logger.info("Locked Until : '" + lockedUntil + "'");
logger.info("locked >= now? : '" + (lockedUntil >= now) + "'");
logger.info("max fails? : '" + this.maxFailedAttempts + "'");
logger.info("too many fails : '" + (numPrevFailures >= this.maxFailedAttempts) + "'");
}
if (lockedUntil >= now && numPrevFailures >= this.maxFailedAttempts) {
this.updateFailedAttrs(entry.getEntry());
throw new LDAPException("Invalid credentials", LDAPException.INVALID_CREDENTIALS, "User locked out");
}
}
this.updateSuccessAttrs(entry.getEntry());
} catch (LDAPException e) {
if (e.getResultCode() == LDAPException.INVALID_CREDENTIALS) {
this.updateFailedAttrs(entry.getEntry());
}
throw e;
}
}
Also used :
LDAPAttribute(com.novell.ldap.LDAPAttribute)
DistinguishedName(net.sourceforge.myvd.types.DistinguishedName)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
Attribute(net.sourceforge.myvd.types.Attribute)
LDAPSearchConstraints(com.novell.ldap.LDAPSearchConstraints)
Int(net.sourceforge.myvd.types.Int)
DateTime(org.joda.time.DateTime)
Entry(net.sourceforge.myvd.types.Entry)
LDAPEntry(com.novell.ldap.LDAPEntry)
LDAPException(com.novell.ldap.LDAPException)
Results(net.sourceforge.myvd.types.Results)
Filter(net.sourceforge.myvd.types.Filter)
Bool(net.sourceforge.myvd.types.Bool)
SearchInterceptorChain(net.sourceforge.myvd.chain.SearchInterceptorChain)
Aggregations
Attribute (net.sourceforge.myvd.types.Attribute)10
LDAPAttribute (com.novell.ldap.LDAPAttribute)8
ArrayList (java.util.ArrayList)6
LDAPException (com.novell.ldap.LDAPException)5
Filter (net.sourceforge.myvd.types.Filter)4
LDAPEntry (com.novell.ldap.LDAPEntry)3
Int (net.sourceforge.myvd.types.Int)3
LDAPSearchConstraints (com.novell.ldap.LDAPSearchConstraints)2
DN (com.novell.ldap.util.DN)2
SearchInterceptorChain (net.sourceforge.myvd.chain.SearchInterceptorChain)2
Bool (net.sourceforge.myvd.types.Bool)2
DistinguishedName (net.sourceforge.myvd.types.DistinguishedName)2
Entry (net.sourceforge.myvd.types.Entry)2
FilterNode (net.sourceforge.myvd.types.FilterNode)2
Results (net.sourceforge.myvd.types.Results)2
SelectRequest (com.amazonaws.services.simpledb.model.SelectRequest)1
SelectResult (com.amazonaws.services.simpledb.model.SelectResult)1
Gson (com.google.gson.Gson)1
Token (com.tremolosecurity.json.Token)1
User (com.tremolosecurity.provisioning.core.User)1
