Example 11 with LdapInvalidAttributeValueException
use of org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException in project directory-ldap-api by apache.
the class LdifUtils method createJndiAttributes.
/**
* Build a new Attributes instance from a LDIF list of lines. The values can be
* either a complete Ava, or a couple of AttributeType ID and a value (a String or
* a byte[]). The following sample shows the three cases :
*
* <pre>
* Attribute attr = AttributeUtils.createAttributes(
* "objectclass: top",
* "cn", "My name",
* "jpegPhoto", new byte[]{0x01, 0x02} );
* </pre>
*
* @param avas The AttributeType and Values, using a ldif format, or a couple of
* Attribute ID/Value
* @return An Attributes instance
* @throws LdapException If the data are invalid
*/
public static Attributes createJndiAttributes(Object... avas) throws LdapException {
StringBuilder sb = new StringBuilder();
int pos = 0;
boolean valueExpected = false;
for (Object ava : avas) {
if (!valueExpected) {
if (!(ava instanceof String)) {
throw new LdapInvalidAttributeValueException(ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX, I18n.err(I18n.ERR_13233_ATTRIBUTE_ID_MUST_BE_A_STRING, pos + 1));
}
String attribute = (String) ava;
sb.append(attribute);
if (attribute.indexOf(':') != -1) {
sb.append('\n');
} else {
valueExpected = true;
}
} else {
if (ava instanceof String) {
sb.append(": ").append((String) ava).append('\n');
} else if (ava instanceof byte[]) {
sb.append(":: ");
sb.append(new String(Base64.encode((byte[]) ava)));
sb.append('\n');
} else {
throw new LdapInvalidAttributeValueException(ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX, I18n.err(I18n.ERR_13234_ATTRIBUTE_VAL_STRING_OR_BYTE, pos + 1));
}
valueExpected = false;
}
}
if (valueExpected) {
throw new LdapInvalidAttributeValueException(ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX, I18n.err(I18n.ERR_13234_ATTRIBUTE_VAL_STRING_OR_BYTE));
}
try (LdifAttributesReader reader = new LdifAttributesReader()) {
return AttributeUtils.toAttributes(reader.parseEntry(sb.toString()));
} catch (IOException ioe) {
throw new LdapLdifException(ioe.getMessage(), ioe);
}
}
Also used :
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
IOException(java.io.IOException)
Example 12 with LdapInvalidAttributeValueException
use of org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException in project directory-ldap-api by apache.
the class BinaryAnonymizer method anonymize.
/**
* Anonymize an attribute using pure random values (either chars of bytes, depending on the Attribute type)
*/
@Override
public Attribute anonymize(Map<Value, Value> valueMap, Set<Value> valueSet, Attribute attribute) {
Attribute result = new DefaultAttribute(attribute.getAttributeType());
for (Value value : attribute) {
byte[] bytesValue = value.getBytes();
byte[] newValue = computeNewValue(bytesValue);
try {
result.add(newValue);
Value anonValue = new Value(attribute.getAttributeType(), newValue);
valueMap.put((Value) value, anonValue);
valueSet.add(anonValue);
} catch (LdapInvalidAttributeValueException e) {
throw new RuntimeException(I18n.err(I18n.ERR_13436_ERROR_ANONYMIZING_VALUE, value));
}
}
return result;
}
Also used :
Attribute(org.apache.directory.api.ldap.model.entry.Attribute)
DefaultAttribute(org.apache.directory.api.ldap.model.entry.DefaultAttribute)
Value(org.apache.directory.api.ldap.model.entry.Value)
DefaultAttribute(org.apache.directory.api.ldap.model.entry.DefaultAttribute)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
Example 13 with LdapInvalidAttributeValueException
use of org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException in project directory-ldap-api by apache.
the class StringAnonymizer method anonymize.
/**
* Anonymize an attribute using pure random values (either chars of bytes, depending on the Attribute type)
*/
@Override
public Attribute anonymize(Map<Value, Value> valueMap, Set<Value> valueSet, Attribute attribute) {
AttributeType attributeType = attribute.getAttributeType();
Attribute result = new DefaultAttribute(attributeType);
for (Value value : attribute) {
if (value.isHumanReadable()) {
Value anonymized = valueMap.get(value);
if (anonymized != null) {
try {
result.add(anonymized);
} catch (LdapInvalidAttributeValueException e) {
// TODO : handle that
}
} else {
String strValue = value.getValue();
String newValue = computeNewValue(strValue);
try {
result.add(newValue);
Value anonValue = new Value(attribute.getAttributeType(), newValue);
valueMap.put((Value) value, anonValue);
valueSet.add(anonValue);
} catch (LdapInvalidAttributeValueException e) {
throw new RuntimeException(I18n.err(I18n.ERR_13436_ERROR_ANONYMIZING_VALUE, strValue));
}
}
}
}
return result;
}
Also used :
Attribute(org.apache.directory.api.ldap.model.entry.Attribute)
DefaultAttribute(org.apache.directory.api.ldap.model.entry.DefaultAttribute)
AttributeType(org.apache.directory.api.ldap.model.schema.AttributeType)
Value(org.apache.directory.api.ldap.model.entry.Value)
DefaultAttribute(org.apache.directory.api.ldap.model.entry.DefaultAttribute)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
Example 14 with LdapInvalidAttributeValueException
use of org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException in project directory-ldap-api by apache.
the class Rdn method addAVA.
/**
* Add an Ava to the current Rdn
*
* @param upType The user provided type of the added Rdn.
* @param type The normalized provided type of the added Rdn.
* @param upValue The user provided value of the added Rdn
* @param value The normalized provided value of the added Rdn
* @throws LdapInvalidDnException
* If the Rdn is invalid
*/
private void addAVA(SchemaManager schemaManager, String type, Value value) throws LdapInvalidDnException {
// First, let's normalize the type
AttributeType attributeType;
String normalizedType = Strings.lowerCaseAscii(type);
this.schemaManager = schemaManager;
if (schemaManager != null) {
attributeType = schemaManager.getAttributeType(normalizedType);
if (!value.isSchemaAware()) {
if (attributeType != null) {
try {
value = new Value(attributeType, value);
} catch (LdapInvalidAttributeValueException liave) {
throw new LdapInvalidDnException(liave.getMessage(), liave);
}
}
} else {
if (attributeType != null) {
normalizedType = attributeType.getOid();
}
}
}
Ava newAva = new Ava(schemaManager, type, normalizedType, value);
switch(nbAvas) {
case 0:
// This is the first Ava. Just stores it.
ava = newAva;
nbAvas = 1;
avaType = normalizedType;
hashCode();
return;
case 1:
// before adding a new one, if it's not already present
if (ava.equals(newAva)) {
return;
}
// First, create the List and the HashMap
avas = new ArrayList<>();
avaTypes = new HashMap<>();
List<Ava> avaList = new ArrayList<>();
// and store the existing Ava into it.
avas.add(ava);
avaList.add(ava);
avaTypes.put(avaType, avaList);
nbAvas++;
ava = null;
default:
// add a new Ava, if it's not already present
avaList = avaTypes.get(newAva.getNormType());
if (avaList == null) {
// Not present, we can add it
avaList = new ArrayList<>();
avaList.add(newAva);
avaTypes.put(newAva.getNormType(), avaList);
avas.add(newAva);
nbAvas++;
} else {
// We have at least one Ava with the same type, check if it's the same value
if (!avaList.contains(newAva)) {
// Ok, we can add it
avaList.add(newAva);
avas.add(newAva);
nbAvas++;
}
}
}
}
Also used :
AttributeType(org.apache.directory.api.ldap.model.schema.AttributeType)
Value(org.apache.directory.api.ldap.model.entry.Value)
ArrayList(java.util.ArrayList)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
LdapInvalidDnException(org.apache.directory.api.ldap.model.exception.LdapInvalidDnException)
Example 15 with LdapInvalidAttributeValueException
use of org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException in project directory-fortress-core by apache.
the class UserDAO method changePassword.
/**
* @param entity
* @param newPassword
* @return
* @throws UpdateException
* @throws SecurityException
* @throws PasswordException
*/
boolean changePassword(User entity, String newPassword) throws SecurityException {
boolean rc = true;
LdapConnection ld = null;
List<Modification> mods;
String userDn = getDn(entity.getUserId(), entity.getContextId());
try {
// Perform this operation as the end user to allow password policy checking:
ld = getUserConnection();
bind(ld, userDn, entity.getPassword());
mods = new ArrayList<Modification>();
mods.add(new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE, SchemaConstants.USER_PASSWORD_AT, newPassword));
// This modify changes the password and checks password policies (if enabled)
modify(ld, userDn, mods);
// This modify update audit attributes on the User entry (if enabled):
if (Config.getInstance().isOpenldap() && !Config.getInstance().isAuditDisabled()) {
mods = new ArrayList<>();
modify(ld, userDn, mods, entity);
}
} catch (LdapInvalidAttributeValueException e) {
String warning = User.class.getName() + ".changePassword user [" + entity.getUserId() + "] ";
warning += " constraint violation, ldap rc=" + e.getMessage() + " Fortress rc=" + GlobalErrIds.PSWD_CONST_VIOLATION;
throw new PasswordException(GlobalErrIds.PSWD_CONST_VIOLATION, warning);
} catch (LdapNoPermissionException e) {
String warning = User.class.getName() + ".changePassword user [" + entity.getUserId() + "] ";
warning += " user not authorized to change password, ldap rc=" + e.getMessage() + " Fortress rc=" + GlobalErrIds.USER_PW_MOD_NOT_ALLOWED;
throw new UpdateException(GlobalErrIds.USER_PW_MOD_NOT_ALLOWED, warning);
} catch (LdapException e) {
String warning = User.class.getName() + ".changePassword user [" + entity.getUserId() + "] ";
warning += " caught LDAPException rc=" + e.getMessage();
throw new UpdateException(GlobalErrIds.USER_PW_CHANGE_FAILED, warning, e);
} finally {
closeUserConnection(ld);
}
// apacheds does not remove the pwdreset flag automatically when password is changed:
if (Config.getInstance().isApacheds()) {
deleteResetFlag(entity);
}
return rc;
}
Also used :
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
Modification(org.apache.directory.api.ldap.model.entry.Modification)
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
PasswordException(org.apache.directory.fortress.core.PasswordException)
UpdateException(org.apache.directory.fortress.core.UpdateException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapNoPermissionException(org.apache.directory.api.ldap.model.exception.LdapNoPermissionException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Aggregations
LdapInvalidAttributeValueException (org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)28
Attribute (org.apache.directory.api.ldap.model.entry.Attribute)12
DefaultAttribute (org.apache.directory.api.ldap.model.entry.DefaultAttribute)9
AttributeType (org.apache.directory.api.ldap.model.schema.AttributeType)7
Test (org.junit.Test)7
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)6
Value (org.apache.directory.api.ldap.model.entry.Value)5
IOException (java.io.IOException)4
ArrayList (java.util.ArrayList)3
DefaultModification (org.apache.directory.api.ldap.model.entry.DefaultModification)3
Modification (org.apache.directory.api.ldap.model.entry.Modification)3
PrepareString (org.apache.directory.api.ldap.model.schema.PrepareString)3
Nonnull (javax.annotation.Nonnull)2
ModificationOperation (org.apache.directory.api.ldap.model.entry.ModificationOperation)2
LdapInvalidDnException (org.apache.directory.api.ldap.model.exception.LdapInvalidDnException)2
LdapNoPermissionException (org.apache.directory.api.ldap.model.exception.LdapNoPermissionException)2
LdapNoSuchObjectException (org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException)2
LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)2
ExternalIdentityRef (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)2
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
