Example 16 with LdapInvalidAttributeValueException
use of org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException in project directory-fortress-core by apache.
the class UserDAO method getUser.
/**
* @param user
* @return
* @throws org.apache.directory.fortress.core.FinderException
*/
User getUser(User user, boolean isRoles) throws FinderException {
User entity = null;
LdapConnection ld = null;
String userDn = getDn(user.getUserId(), user.getContextId());
String[] uATTRS;
if (isRoles) {
// Retrieve the User's assigned RBAC and Admin Role attributes from directory.
uATTRS = defaultAtrs;
} else {
// Do not retrieve the User's assigned RBAC and Admin Role attributes from directory.
uATTRS = authnAtrs;
}
Entry findEntry = null;
try {
ld = getAdminConnection();
findEntry = read(ld, userDn, uATTRS);
} catch (LdapNoSuchObjectException e) {
String warning = "getUser COULD NOT FIND ENTRY for user [" + user.getUserId() + "]";
throw new FinderException(GlobalErrIds.USER_NOT_FOUND, warning);
} catch (LdapException e) {
String error = "getUser [" + userDn + "]= caught LDAPException=" + e.getMessage();
throw new FinderException(GlobalErrIds.USER_READ_FAILED, error, e);
} finally {
closeAdminConnection(ld);
}
try {
if (findEntry != null) {
entity = unloadLdapEntry(findEntry, 0, user.getContextId());
}
} catch (LdapInvalidAttributeValueException e) {
entity = null;
}
if (entity == null) {
String warning = "getUser userId [" + user.getUserId() + "] not found, Fortress rc=" + GlobalErrIds.USER_NOT_FOUND;
throw new FinderException(GlobalErrIds.USER_NOT_FOUND, warning);
}
return entity;
}
Also used :
LdapNoSuchObjectException(org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException)
FinderException(org.apache.directory.fortress.core.FinderException)
DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
User(org.apache.directory.fortress.core.model.User)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
Example 17 with LdapInvalidAttributeValueException
use of org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException in project structr by structr.
the class LDAPService method synchronizeUserEntry.
// ----- private methods -----
private String synchronizeUserEntry(final LdapConnection connection, final Entry entry) {
final PropertyKey<String> dnKey = StructrApp.key(LDAPUser.class, "distinguishedName");
final App app = StructrApp.getInstance();
final Dn dn = entry.getDn();
final String dnString = dn.toString();
try (final Tx tx = app.tx()) {
LDAPUser user = app.nodeQuery(LDAPUser.class).and(dnKey, dnString).getFirst();
if (user == null) {
user = app.create(LDAPUser.class, new NodeAttribute(dnKey, dnString));
user.initializeFrom(entry);
final String uuid = user.getUuid();
if (user.getEntryUuid() == null) {
try {
// try to set "our" UUID in the remote database
final Modification addUuid = new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, "entryUUID", normalizeUUID(uuid));
connection.modify(dn, addUuid);
} catch (LdapException ex) {
logger.warn("Unable to set entryUUID: {}", ex.getMessage());
}
}
}
tx.success();
return user.getUuid();
} catch (FrameworkException | LdapInvalidAttributeValueException fex) {
logger.warn("Unable to update LDAP information", fex);
}
return null;
}
Also used :
StructrApp(org.structr.core.app.StructrApp)
App(org.structr.core.app.App)
NodeAttribute(org.structr.core.graph.NodeAttribute)
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
Modification(org.apache.directory.api.ldap.model.entry.Modification)
Tx(org.structr.core.graph.Tx)
FrameworkException(org.structr.common.error.FrameworkException)
DefaultModification(org.apache.directory.api.ldap.model.entry.DefaultModification)
Dn(org.apache.directory.api.ldap.model.name.Dn)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
Example 18 with LdapInvalidAttributeValueException
use of org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException in project directory-ldap-api by apache.
the class ObjectIdentifierNormalizer method normalize.
/**
* {@inheritDoc}
*/
@Override
public String normalize(String value) throws LdapException {
if (Strings.isEmpty(value)) {
return "";
}
String trimmedValue = value.trim();
if (Strings.isEmpty(trimmedValue)) {
return "";
}
String oid = schemaManager.getRegistries().getOid(trimmedValue);
if (oid == null) {
// Not found in the schemaManager : keep it as is
if (Oid.isOid(trimmedValue)) {
// It's an numericOid
oid = trimmedValue;
} else {
// It's a descr : ALPHA ( ALPHA | DIGIT | '-' )*
for (int i = 0; i < trimmedValue.length(); i++) {
char c = trimmedValue.charAt(i);
if (i == 0) {
if (!Character.isLetter(c)) {
throw new LdapInvalidAttributeValueException(ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX, I18n.err(I18n.ERR_13724_INVALID_VALUE, value));
}
} else {
if (!(Character.isDigit(c) || Character.isLetter(c) || (c == '-') || (c == '_'))) {
throw new LdapInvalidAttributeValueException(ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX, I18n.err(I18n.ERR_13724_INVALID_VALUE, value));
}
}
}
oid = trimmedValue;
}
}
return oid;
}
Also used :
PrepareString(org.apache.directory.api.ldap.model.schema.PrepareString)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
Example 19 with LdapInvalidAttributeValueException
use of org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException in project directory-ldap-api by apache.
the class LdifReader method parseModify.
/**
* Parse a modify change type.
*
* The grammar is :
* <pre>
* <changerecord> ::= "changetype:" FILL "modify" SEP <mod-spec> <mod-specs-e>
* <mod-spec> ::= "add:" <mod-val> | "delete:" <mod-val-del> | "replace:" <mod-val>
* <mod-specs-e> ::= <mod-spec>
* <mod-specs-e> | e
* <mod-val> ::= FILL ATTRIBUTE-DESCRIPTION SEP ATTRVAL-SPEC <attrval-specs-e> "-" SEP
* <mod-val-del> ::= FILL ATTRIBUTE-DESCRIPTION SEP <attrval-specs-e> "-" SEP
* <attrval-specs-e> ::= ATTRVAL-SPEC <attrval-specs> | e
* </pre>
*
* @param entry The entry to feed
* @param iter The lines
* @exception LdapLdifException If the modify operation is invalid
*/
private void parseModify(LdifEntry entry, Iterator<String> iter) throws LdapLdifException {
int state = MOD_SPEC;
String modified = null;
ModificationOperation modificationType = ModificationOperation.ADD_ATTRIBUTE;
Attribute attribute = null;
// The following flag is used to deal with empty modifications
boolean isEmptyValue = true;
while (iter.hasNext()) {
String line = iter.next();
String lowerLine = Strings.toLowerCaseAscii(line);
if (lowerLine.startsWith("-")) {
if ((state != ATTRVAL_SPEC_OR_SEP) && (state != ATTRVAL_SPEC)) {
String msg = I18n.err(I18n.ERR_13413_BAD_MODIFY_SEPARATOR, lineNumber);
LOG.error(msg);
throw new LdapLdifException(msg);
} else {
if (isEmptyValue) {
if (state == ATTRVAL_SPEC_OR_SEP) {
entry.addModification(modificationType, modified);
} else {
// Update the entry with a null value
entry.addModification(modificationType, modified, null);
}
} else {
// Update the entry with the attribute
entry.addModification(modificationType, attribute);
}
state = MOD_SPEC;
isEmptyValue = true;
}
} else if (lowerLine.startsWith("add:")) {
if ((state != MOD_SPEC) && (state != ATTRVAL_SPEC)) {
String msg = I18n.err(I18n.ERR_13414_BAD_MODIFY_SEPARATOR_2, lineNumber);
LOG.error(msg);
throw new LdapLdifException(msg);
}
modified = Strings.trim(line.substring("add:".length()));
modificationType = ModificationOperation.ADD_ATTRIBUTE;
attribute = new DefaultAttribute(modified);
state = ATTRVAL_SPEC;
} else if (lowerLine.startsWith("delete:")) {
if ((state != MOD_SPEC) && (state != ATTRVAL_SPEC)) {
String msg = I18n.err(I18n.ERR_13414_BAD_MODIFY_SEPARATOR_2, lineNumber);
LOG.error(msg);
throw new LdapLdifException(msg);
}
modified = Strings.trim(line.substring("delete:".length()));
modificationType = ModificationOperation.REMOVE_ATTRIBUTE;
attribute = new DefaultAttribute(modified);
isEmptyValue = false;
state = ATTRVAL_SPEC_OR_SEP;
} else if (lowerLine.startsWith("replace:")) {
if ((state != MOD_SPEC) && (state != ATTRVAL_SPEC)) {
String msg = I18n.err(I18n.ERR_13414_BAD_MODIFY_SEPARATOR_2, lineNumber);
LOG.error(msg);
throw new LdapLdifException(msg);
}
modified = Strings.trim(line.substring("replace:".length()));
modificationType = ModificationOperation.REPLACE_ATTRIBUTE;
if (schemaManager != null) {
AttributeType attributeType = schemaManager.getAttributeType(modified);
attribute = new DefaultAttribute(modified, attributeType);
} else {
attribute = new DefaultAttribute(modified);
}
state = ATTRVAL_SPEC_OR_SEP;
} else {
if ((state != ATTRVAL_SPEC) && (state != ATTRVAL_SPEC_OR_SEP)) {
String msg = I18n.err(I18n.ERR_13413_BAD_MODIFY_SEPARATOR, lineNumber);
LOG.error(msg);
throw new LdapLdifException(msg);
}
// A standard AttributeType/AttributeValue pair
int colonIndex = line.indexOf(':');
String attributeType = line.substring(0, colonIndex);
if (!attributeType.equalsIgnoreCase(modified)) {
LOG.error(I18n.err(I18n.ERR_13415_MOD_ATTR_AND_VALUE_SPEC_NOT_EQUAL, lineNumber));
throw new LdapLdifException(I18n.err(I18n.ERR_13454_BAD_MODIFY_ATTRIBUTE));
}
// We should *not* have a Dn twice
if ("dn".equalsIgnoreCase(attributeType)) {
LOG.error(I18n.err(I18n.ERR_13400_ENTRY_WITH_TWO_DNS, lineNumber));
throw new LdapLdifException(I18n.err(I18n.ERR_13439_LDIF_ENTRY_WITH_TWO_DNS));
}
Object attributeValue = parseValue(attributeType, line, colonIndex);
try {
if (attributeValue instanceof String) {
attribute.add((String) attributeValue);
} else {
attribute.add((byte[]) attributeValue);
}
} catch (LdapInvalidAttributeValueException liave) {
throw new LdapLdifException(liave.getMessage(), liave);
}
isEmptyValue = false;
state = ATTRVAL_SPEC_OR_SEP;
}
}
if (state != MOD_SPEC) {
String msg = I18n.err(I18n.ERR_13414_BAD_MODIFY_SEPARATOR_2, lineNumber);
LOG.error(msg);
throw new LdapLdifException(msg);
}
}
Also used :
ModificationOperation(org.apache.directory.api.ldap.model.entry.ModificationOperation)
DefaultAttribute(org.apache.directory.api.ldap.model.entry.DefaultAttribute)
Attribute(org.apache.directory.api.ldap.model.entry.Attribute)
AttributeType(org.apache.directory.api.ldap.model.schema.AttributeType)
MutableAttributeType(org.apache.directory.api.ldap.model.schema.MutableAttributeType)
DefaultAttribute(org.apache.directory.api.ldap.model.entry.DefaultAttribute)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
Example 20 with LdapInvalidAttributeValueException
use of org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException in project directory-ldap-api by apache.
the class CaseSensitiveStringAnonymizer method anonymize.
/**
* Anonymize an attribute using pure random values (either chars of bytes, depending on the Attribute type)
*/
@Override
public Attribute anonymize(Map<Value, Value> valueMap, Set<Value> valueSet, Attribute attribute) {
AttributeType attributeType = attribute.getAttributeType();
Attribute result = new DefaultAttribute(attributeType);
for (Value value : attribute) {
if (value.isHumanReadable()) {
Value anonymized = valueMap.get(value);
if (anonymized != null) {
try {
result.add(anonymized);
} catch (LdapInvalidAttributeValueException e) {
}
} else {
String strValue = value.getValue();
String newValue = computeNewValue(strValue);
try {
result.add(newValue);
Value anonValue = new Value(attribute.getAttributeType(), newValue);
valueMap.put((Value) value, anonValue);
valueSet.add(anonValue);
} catch (LdapInvalidAttributeValueException e) {
throw new RuntimeException(I18n.err(I18n.ERR_13436_ERROR_ANONYMIZING_VALUE, strValue));
}
}
}
}
return result;
}
Also used :
Attribute(org.apache.directory.api.ldap.model.entry.Attribute)
DefaultAttribute(org.apache.directory.api.ldap.model.entry.DefaultAttribute)
AttributeType(org.apache.directory.api.ldap.model.schema.AttributeType)
Value(org.apache.directory.api.ldap.model.entry.Value)
DefaultAttribute(org.apache.directory.api.ldap.model.entry.DefaultAttribute)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
Aggregations
LdapInvalidAttributeValueException (org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)28
Attribute (org.apache.directory.api.ldap.model.entry.Attribute)12
DefaultAttribute (org.apache.directory.api.ldap.model.entry.DefaultAttribute)9
AttributeType (org.apache.directory.api.ldap.model.schema.AttributeType)7
Test (org.junit.Test)7
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)6
Value (org.apache.directory.api.ldap.model.entry.Value)5
IOException (java.io.IOException)4
ArrayList (java.util.ArrayList)3
DefaultModification (org.apache.directory.api.ldap.model.entry.DefaultModification)3
Modification (org.apache.directory.api.ldap.model.entry.Modification)3
PrepareString (org.apache.directory.api.ldap.model.schema.PrepareString)3
Nonnull (javax.annotation.Nonnull)2
ModificationOperation (org.apache.directory.api.ldap.model.entry.ModificationOperation)2
LdapInvalidDnException (org.apache.directory.api.ldap.model.exception.LdapInvalidDnException)2
LdapNoPermissionException (org.apache.directory.api.ldap.model.exception.LdapNoPermissionException)2
LdapNoSuchObjectException (org.apache.directory.api.ldap.model.exception.LdapNoSuchObjectException)2
LdapConnection (org.apache.directory.ldap.client.api.LdapConnection)2
ExternalIdentityRef (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)2
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
