Example 6 with EntryCursor
use of org.apache.directory.api.ldap.model.cursor.EntryCursor in project SEPA by arces-wot.
the class SyncLdap method sync.
public JsonObject sync() throws SEPASecurityException {
JsonObject ret = new JsonObject();
try {
bind();
logger.log(Level.getLevel("ldap"), "[LDAP] Sync LDAP " + ldap.getConfig().getLdapHost() + ":" + ldap.getConfig().getLdapPort() + " Base DN: " + usersUid);
EntryCursor cursor = ldap.search(usersUid, "(objectclass=inetOrgPerson)", SearchScope.ONELEVEL);
for (org.apache.directory.api.ldap.model.entry.Entry entry : cursor) {
logger.log(Level.getLevel("ldap"), entry.toString("--"));
if (entry.get("uid") == null) {
logger.log(Level.getLevel("ldap"), "Missing *uid*");
continue;
}
if (entry.get("description") == null) {
logger.log(Level.getLevel("ldap"), "Missing *description* " + entry.get("uid"));
continue;
}
String uid = entry.get("uid").getString();
String description = entry.get("description").getString();
ret.add(uid, new JsonParser().parse(description).getAsJsonObject());
}
} catch (LdapException | SEPASecurityException e) {
logger.error("[LDAP] LdapException|CursorException : " + e.getMessage());
} finally {
unbind();
}
return ret;
}
Also used :
EntryCursor(org.apache.directory.api.ldap.model.cursor.EntryCursor)
JsonObject(com.google.gson.JsonObject)
SEPASecurityException(it.unibo.arces.wot.sepa.commons.exceptions.SEPASecurityException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
JsonParser(com.google.gson.JsonParser)
Example 7 with EntryCursor
use of org.apache.directory.api.ldap.model.cursor.EntryCursor in project ldapchai by ldapchai.
the class ApacheLdapProviderImpl method readStringAttribute.
public String readStringAttribute(final String entryDN, final String attribute) throws ChaiOperationException, ChaiUnavailableException, IllegalStateException {
activityPreCheck();
getInputValidator().readStringAttribute(entryDN, attribute);
try {
final EntryCursor entries = connection.search(entryDN, ChaiConstant.FILTER_OBJECTCLASS_ANY, org.apache.directory.api.ldap.model.message.SearchScope.OBJECT, attribute);
final Entry entry = entries.iterator().next();
final Attribute attr = entry.get(attribute);
return attr == null ? null : attr.getString();
} catch (LdapException e) {
throw ChaiOperationException.forErrorMessage(e.getMessage());
}
}
Also used :
EntryCursor(org.apache.directory.api.ldap.model.cursor.EntryCursor)
DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
DefaultAttribute(org.apache.directory.api.ldap.model.entry.DefaultAttribute)
Attribute(org.apache.directory.api.ldap.model.entry.Attribute)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
Example 8 with EntryCursor
use of org.apache.directory.api.ldap.model.cursor.EntryCursor in project openmeetings by apache.
the class LdapLoginManager method login.
/**
* Ldap Login
*
* Connection Data is retrieved from ConfigurationFile
*
* @param _login - user login
* @param passwd - user password
* @param domainId - user domain id
* @return - {@link User} with this credentials or <code>null</code>
* @throws OmException - in case of any error
*/
public User login(String _login, String passwd, Long domainId) throws OmException {
log.debug("LdapLoginmanager.doLdapLogin");
if (!userDao.validLogin(_login)) {
log.error("Invalid login provided");
return null;
}
User u = null;
try (LdapWorker w = new LdapWorker(domainId)) {
String login = w.options.useLowerCase ? _login.toLowerCase() : _login;
boolean authenticated = true;
Dn userDn = null;
Entry entry = null;
switch(w.options.type) {
case SEARCHANDBIND:
{
bindAdmin(w.conn, w.options);
Dn baseDn = new Dn(w.options.searchBase);
String searchQ = String.format(w.options.searchQuery, login);
try (EntryCursor cursor = new EntryCursorImpl(w.conn.search(new SearchRequestImpl().setBase(baseDn).setFilter(searchQ).setScope(w.options.scope).addAttributes("*").setDerefAliases(w.options.derefMode)))) {
while (cursor.next()) {
try {
Entry e = cursor.get();
if (userDn != null) {
log.error("more than 1 user found in LDAP");
throw UNKNOWN;
}
userDn = e.getDn();
if (w.options.useAdminForAttrs) {
entry = e;
}
} catch (CursorLdapReferralException cle) {
log.warn("Referral LDAP entry found, ignore it");
}
}
}
if (userDn == null) {
log.error("NONE users found in LDAP");
throw BAD_CREDENTIALS;
}
w.conn.bind(userDn, passwd);
}
break;
case SIMPLEBIND:
userDn = new Dn(String.format(w.options.userDn, login));
w.conn.bind(userDn, passwd);
break;
case NONE:
default:
authenticated = false;
break;
}
u = authenticated ? userDao.getByLogin(login, Type.ldap, domainId) : userDao.login(login, passwd);
log.debug("getByLogin:: authenticated ? {}, login = '{}', domain = {}, user = {}", authenticated, login, domainId, u);
if (u == null && Provisionning.AUTOCREATE != w.options.prov) {
log.error("User not found in OM DB and Provisionning.AUTOCREATE was not set");
throw BAD_CREDENTIALS;
}
if (authenticated && entry == null) {
if (w.options.useAdminForAttrs) {
bindAdmin(w.conn, w.options);
}
entry = w.conn.lookup(userDn);
}
switch(w.options.prov) {
case AUTOUPDATE:
case AUTOCREATE:
u = w.getUser(entry, u);
if (w.options.syncPasswd) {
u.updatePassword(cfgDao, passwd);
}
u = userDao.update(u, null);
break;
case NONE:
default:
break;
}
} catch (LdapAuthenticationException ae) {
log.error("Not authenticated.", ae);
throw BAD_CREDENTIALS;
} catch (OmException e) {
throw e;
} catch (Exception e) {
log.error("Unexpected exception.", e);
throw new OmException(e);
}
return u;
}
Also used :
EntryCursor(org.apache.directory.api.ldap.model.cursor.EntryCursor)
EntryCursorImpl(org.apache.directory.ldap.client.api.EntryCursorImpl)
User(org.apache.openmeetings.db.entity.user.User)
GroupUser(org.apache.openmeetings.db.entity.user.GroupUser)
SearchRequestImpl(org.apache.directory.api.ldap.model.message.SearchRequestImpl)
Dn(org.apache.directory.api.ldap.model.name.Dn)
OmException(org.apache.openmeetings.util.OmException)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
CursorLdapReferralException(org.apache.directory.api.ldap.model.cursor.CursorLdapReferralException)
LdapAuthenticationException(org.apache.directory.api.ldap.model.exception.LdapAuthenticationException)
OmException(org.apache.openmeetings.util.OmException)
CursorException(org.apache.directory.api.ldap.model.cursor.CursorException)
IOException(java.io.IOException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
LdapAuthenticationException(org.apache.directory.api.ldap.model.exception.LdapAuthenticationException)
CursorLdapReferralException(org.apache.directory.api.ldap.model.cursor.CursorLdapReferralException)
Example 9 with EntryCursor
use of org.apache.directory.api.ldap.model.cursor.EntryCursor in project structr by structr.
the class LDAPService method doUpdate.
public void doUpdate() throws IOException, LdapException, CursorException, FrameworkException {
final LdapConnection connection = new LdapNetworkConnection(host, port, useSsl);
final App app = StructrApp.getInstance();
if (connection != null) {
// make connection persistent
connection.setTimeOut(0);
if (connection.connect()) {
logger.info("Updating user/group information from LDAP server {}:{}..", new Object[] { host, port });
if (StringUtils.isNotBlank(binddn) && StringUtils.isNotBlank(secret)) {
connection.bind(binddn, secret);
} else if (StringUtils.isNotBlank(binddn)) {
connection.bind(binddn);
}
// step 1: fetch / update all users from LDAP server
final EntryCursor cursor = connection.search(baseDn, filter, SearchScope.valueOf(scope));
while (cursor.next()) {
final Entry entry = cursor.get();
synchronizeUserEntry(connection, entry);
}
// step 2: examine local users and refresh / remove
try (final Tx tx = app.tx()) {
for (final LDAPUser user : app.nodeQuery(LDAPUser.class).getAsList()) {
final String dn = user.getDistinguishedName();
if (dn != null) {
final Entry userEntry = connection.lookup(dn);
if (userEntry != null) {
// update user information
user.initializeFrom(userEntry);
} else {
logger.info("User {} doesn't exist in LDAP directory, deleting.", user);
app.delete(user);
}
} else {
logger.warn("User {} doesn't have an LDAP distinguished name, ignoring.", user);
}
}
tx.success();
}
cursor.close();
connection.close();
} else {
logger.info("Connection to LDAP server {} failed", host);
}
}
}
Also used :
StructrApp(org.structr.core.app.StructrApp)
App(org.structr.core.app.App)
EntryCursor(org.apache.directory.api.ldap.model.cursor.EntryCursor)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
Tx(org.structr.core.graph.Tx)
LdapNetworkConnection(org.apache.directory.ldap.client.api.LdapNetworkConnection)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 10 with EntryCursor
use of org.apache.directory.api.ldap.model.cursor.EntryCursor in project structr by structr.
the class LDAPService method fetchObjectInfo.
// ----- public methods -----
public String fetchObjectInfo(final String dn) {
final LdapConnection connection = new LdapNetworkConnection(host, port, useSsl);
final StringBuilder buf = new StringBuilder();
if (connection != null) {
try {
if (connection.connect()) {
if (StringUtils.isNotBlank(binddn) && StringUtils.isNotBlank(secret)) {
connection.bind(binddn, secret);
} else if (StringUtils.isNotBlank(binddn)) {
connection.bind(binddn);
}
final EntryCursor cursor = connection.search(dn, "(objectclass=*)", SearchScope.OBJECT);
while (cursor.next()) {
buf.append(cursor.get());
buf.append("\n");
}
cursor.close();
connection.close();
}
connection.close();
} catch (CursorException | LdapException | IOException ex) {
logger.warn("", ex);
}
}
return buf.toString();
}
Also used :
EntryCursor(org.apache.directory.api.ldap.model.cursor.EntryCursor)
CursorException(org.apache.directory.api.ldap.model.cursor.CursorException)
LdapNetworkConnection(org.apache.directory.ldap.client.api.LdapNetworkConnection)
IOException(java.io.IOException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Aggregations
EntryCursor (org.apache.directory.api.ldap.model.cursor.EntryCursor)19
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)15
Entry (org.apache.directory.api.ldap.model.entry.Entry)14
IOException (java.io.IOException)11
CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)10
Attribute (org.apache.directory.api.ldap.model.entry.Attribute)7
CursorLdapReferralException (org.apache.directory.api.ldap.model.cursor.CursorLdapReferralException)5
LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)5
LdapNetworkConnection (org.apache.directory.ldap.client.api.LdapNetworkConnection)5
DefaultEntry (org.apache.directory.api.ldap.model.entry.DefaultEntry)4
DefaultAttribute (org.apache.directory.api.ldap.model.entry.DefaultAttribute)3
LdapAuthenticationException (org.apache.directory.api.ldap.model.exception.LdapAuthenticationException)3
LdapInvalidDnException (org.apache.directory.api.ldap.model.exception.LdapInvalidDnException)3
UncheckedTimeoutException (com.google.common.util.concurrent.UncheckedTimeoutException)2
InternalServerError (io.kamax.mxisd.exception.InternalServerError)2
SEPASecurityException (it.unibo.arces.wot.sepa.commons.exceptions.SEPASecurityException)2
ArrayList (java.util.ArrayList)2
HashSet (java.util.HashSet)2
LdapInvalidAttributeValueException (org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)2
SearchRequestImpl (org.apache.directory.api.ldap.model.message.SearchRequestImpl)2
