Search in sources :

Example 1 with BindResponse

use of org.apache.directory.api.ldap.model.message.BindResponse in project graylog2-server by Graylog2.

the class LdapConnector method authenticate.

public boolean authenticate(LdapNetworkConnection connection, String principal, String credentials) throws LdapException {
    checkArgument(!isNullOrEmpty(principal), "Binding with empty principal is forbidden.");
    checkArgument(!isNullOrEmpty(credentials), "Binding with empty credentials is forbidden.");
    final BindRequestImpl bindRequest = new BindRequestImpl();
    bindRequest.setName(principal);
    bindRequest.setCredentials(credentials);
    LOG.trace("Re-binding with DN {} using password", principal);
    final BindResponse bind = connection.bind(bindRequest);
    if (!bind.getLdapResult().getResultCode().equals(ResultCodeEnum.SUCCESS)) {
        LOG.trace("Re-binding DN {} failed", principal);
        throw new RuntimeException(bind.toString());
    }
    LOG.trace("Binding DN {} did not throw, connection authenticated: {}", principal, connection.isAuthenticated());
    return connection.isAuthenticated();
}
Also used : BindResponse(org.apache.directory.api.ldap.model.message.BindResponse) BindRequestImpl(org.apache.directory.api.ldap.model.message.BindRequestImpl)

Example 2 with BindResponse

use of org.apache.directory.api.ldap.model.message.BindResponse in project midpoint by Evolveum.

the class AbstractLdapTest method ldapConnect.

protected LdapNetworkConnection ldapConnect(UserLdapConnectionConfig config) throws LdapException, IOException {
    if (config == null) {
        config = new UserLdapConnectionConfig();
        config.setLdapHost(getLdapServerHost());
        config.setLdapPort(getLdapServerPort());
        config.setBindDn(getLdapBindDn());
        config.setBindPassword(getLdapBindPassword());
    }
    LOGGER.trace("LDAP connect to {}:{} as {}", config.getLdapHost(), config.getLdapPort(), config.getBindDn());
    if (useSsl()) {
        config.setUseSsl(true);
        TrustManager trustManager = new X509TrustManager() {

            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
            }

            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
        config.setTrustManagers(trustManager);
    }
    config.setBinaryAttributeDetector(binaryAttributeDetector);
    LdapNetworkConnection connection = new LdapNetworkConnection(config);
    boolean connected = connection.connect();
    if (!connected) {
        AssertJUnit.fail("Cannot connect to LDAP server " + config.getLdapHost() + ":" + config.getLdapPort());
    }
    LOGGER.trace("LDAP connected to {}:{}, executing bind as {}", config.getLdapHost(), config.getLdapPort(), config.getBindDn());
    BindRequest bindRequest = new BindRequestImpl();
    bindRequest.setDn(new Dn(config.getBindDn()));
    bindRequest.setCredentials(config.getBindPassword());
    bindRequest.setSimple(true);
    BindResponse bindResponse = connection.bind(bindRequest);
    if (bindResponse.getLdapResult().getResultCode() != ResultCodeEnum.SUCCESS) {
        ldapDisconnect(connection);
        throw new SecurityException("Bind as " + config.getBindDn() + " failed: " + bindResponse.getLdapResult().getDiagnosticMessage() + " (" + bindResponse.getLdapResult().getResultCode() + ")");
    }
    LOGGER.trace("LDAP connected to {}:{}, bound as {}", config.getLdapHost(), config.getLdapPort(), config.getBindDn());
    return connection;
}
Also used : X509TrustManager(javax.net.ssl.X509TrustManager) BindRequest(org.apache.directory.api.ldap.model.message.BindRequest) Dn(org.apache.directory.api.ldap.model.name.Dn) LdapNetworkConnection(org.apache.directory.ldap.client.api.LdapNetworkConnection) BindResponse(org.apache.directory.api.ldap.model.message.BindResponse) X509Certificate(java.security.cert.X509Certificate) BindRequestImpl(org.apache.directory.api.ldap.model.message.BindRequestImpl) X509TrustManager(javax.net.ssl.X509TrustManager) TrustManager(javax.net.ssl.TrustManager)

Aggregations

BindRequestImpl (org.apache.directory.api.ldap.model.message.BindRequestImpl)2 BindResponse (org.apache.directory.api.ldap.model.message.BindResponse)2 X509Certificate (java.security.cert.X509Certificate)1 TrustManager (javax.net.ssl.TrustManager)1 X509TrustManager (javax.net.ssl.X509TrustManager)1 BindRequest (org.apache.directory.api.ldap.model.message.BindRequest)1 Dn (org.apache.directory.api.ldap.model.name.Dn)1 LdapNetworkConnection (org.apache.directory.ldap.client.api.LdapNetworkConnection)1