Example 1 with Response
use of org.apache.directory.api.ldap.model.message.Response in project jackrabbit-oak by apache.
the class LdapIdentityProvider method getDeclaredGroupRefs.
// -----------------------------------------------------------< internal >---
/**
* Collects the declared (direct) groups of an identity
* @param ref reference to the identity
* @return map of identities where the key is the DN of the LDAP entity
*/
Map<String, ExternalIdentityRef> getDeclaredGroupRefs(ExternalIdentityRef ref) throws ExternalIdentityException {
if (!isMyRef(ref)) {
return Collections.emptyMap();
}
String searchFilter = config.getMemberOfSearchFilter(ref.getId());
LdapConnection connection = null;
SearchCursor searchCursor = null;
try {
// Create the SearchRequest object
SearchRequest req = new SearchRequestImpl();
req.setScope(SearchScope.SUBTREE);
String idAttribute = config.getGroupConfig().getIdAttribute();
req.addAttributes(idAttribute == null ? SchemaConstants.NO_ATTRIBUTE : idAttribute);
req.setTimeLimit((int) config.getSearchTimeout());
req.setBase(new Dn(config.getGroupConfig().getBaseDN()));
req.setFilter(searchFilter);
if (log.isDebugEnabled()) {
log.debug("getDeclaredGroupRefs: using SearchRequest {}.", req);
}
Map<String, ExternalIdentityRef> groups = new HashMap<String, ExternalIdentityRef>();
DebugTimer timer = new DebugTimer();
connection = connect();
timer.mark("connect");
searchCursor = connection.search(req);
timer.mark("search");
while (searchCursor.next()) {
Response response = searchCursor.get();
if (response instanceof SearchResultEntry) {
Entry resultEntry = ((SearchResultEntry) response).getEntry();
ExternalIdentityRef groupRef = new ExternalIdentityRef(resultEntry.getDn().toString(), this.getName());
groups.put(groupRef.getId(), groupRef);
}
}
timer.mark("iterate");
if (log.isDebugEnabled()) {
log.debug("getDeclaredGroupRefs: search below {} with {} found {} entries. {}", config.getGroupConfig().getBaseDN(), searchFilter, groups.size(), timer.getString());
}
return groups;
} catch (Exception e) {
log.error("Error during ldap membership search.", e);
throw new ExternalIdentityException("Error during ldap membership search.", e);
} finally {
if (searchCursor != null) {
try {
searchCursor.close();
} catch (IOException e) {
log.warn("Failed to close search cursor.", e);
}
}
disconnect(connection);
}
}
Also used :
SearchRequest(org.apache.directory.api.ldap.model.message.SearchRequest)
ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)
HashMap(java.util.HashMap)
SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor)
SearchRequestImpl(org.apache.directory.api.ldap.model.message.SearchRequestImpl)
Dn(org.apache.directory.api.ldap.model.name.Dn)
IOException(java.io.IOException)
LoginException(javax.security.auth.login.LoginException)
LdapInvalidAttributeValueException(org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException)
LdapAuthenticationException(org.apache.directory.api.ldap.model.exception.LdapAuthenticationException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
CursorException(org.apache.directory.api.ldap.model.cursor.CursorException)
NoSuchElementException(java.util.NoSuchElementException)
IOException(java.io.IOException)
ExternalIdentityException(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
DebugTimer(org.apache.jackrabbit.oak.commons.DebugTimer)
Response(org.apache.directory.api.ldap.model.message.Response)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
SearchResultEntry(org.apache.directory.api.ldap.model.message.SearchResultEntry)
ExternalIdentityException(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException)
LdapConnection(org.apache.directory.ldap.client.api.LdapConnection)
SearchResultEntry(org.apache.directory.api.ldap.model.message.SearchResultEntry)
Example 2 with Response
use of org.apache.directory.api.ldap.model.message.Response in project directory-ldap-api by apache.
the class Dsmlv2Engine method processRequest.
/**
* Processes a single request
*
* @param request the request to process
* @param respWriter The writer used to store the DSML response
* @exception Exception If we had an error while processing the request
*/
protected void processRequest(DsmlDecorator<? extends Request> request, BufferedWriter respWriter) throws Exception {
ResultCodeEnum resultCode = null;
switch(request.getDecorated().getType()) {
case ABANDON_REQUEST:
connection.abandon((AbandonRequest) request);
return;
case ADD_REQUEST:
AddResponse response = connection.add((AddRequest) request);
resultCode = response.getLdapResult().getResultCode();
AddResponseDsml addResponseDsml = new AddResponseDsml(connection.getCodecService(), response);
writeResponse(respWriter, addResponseDsml);
break;
case BIND_REQUEST:
BindResponse bindResponse = connection.bind((BindRequest) request);
resultCode = bindResponse.getLdapResult().getResultCode();
BindResponseDsml authResponseDsml = new BindResponseDsml(connection.getCodecService(), bindResponse);
writeResponse(respWriter, authResponseDsml);
break;
case COMPARE_REQUEST:
CompareResponse compareResponse = connection.compare((CompareRequest) request);
resultCode = compareResponse.getLdapResult().getResultCode();
CompareResponseDsml compareResponseDsml = new CompareResponseDsml(connection.getCodecService(), compareResponse);
writeResponse(respWriter, compareResponseDsml);
break;
case DEL_REQUEST:
DeleteResponse delResponse = connection.delete((DeleteRequest) request);
resultCode = delResponse.getLdapResult().getResultCode();
DelResponseDsml delResponseDsml = new DelResponseDsml(connection.getCodecService(), delResponse);
writeResponse(respWriter, delResponseDsml);
break;
case EXTENDED_REQUEST:
ExtendedResponse extendedResponse = connection.extended((ExtendedRequest) request);
resultCode = extendedResponse.getLdapResult().getResultCode();
ExtendedResponseDsml extendedResponseDsml = new ExtendedResponseDsml(connection.getCodecService(), extendedResponse);
writeResponse(respWriter, extendedResponseDsml);
break;
case MODIFY_REQUEST:
ModifyResponse modifyResponse = connection.modify((ModifyRequest) request);
resultCode = modifyResponse.getLdapResult().getResultCode();
ModifyResponseDsml modifyResponseDsml = new ModifyResponseDsml(connection.getCodecService(), modifyResponse);
writeResponse(respWriter, modifyResponseDsml);
break;
case MODIFYDN_REQUEST:
ModifyDnResponse modifyDnResponse = connection.modifyDn((ModifyDnRequest) request);
resultCode = modifyDnResponse.getLdapResult().getResultCode();
ModDNResponseDsml modDNResponseDsml = new ModDNResponseDsml(connection.getCodecService(), modifyDnResponse);
writeResponse(respWriter, modDNResponseDsml);
break;
case SEARCH_REQUEST:
SearchCursor searchResponses = connection.search((SearchRequest) request);
SearchResponseDsml searchResponseDsml = new SearchResponseDsml(connection.getCodecService());
if (respWriter != null) {
StringBuilder sb = new StringBuilder();
sb.append("<searchResponse");
if (request.getDecorated().getMessageId() > 0) {
sb.append(" requestID=\"");
sb.append(request.getDecorated().getMessageId());
sb.append('"');
}
sb.append('>');
respWriter.write(sb.toString());
}
while (searchResponses.next()) {
Response searchResponse = searchResponses.get();
if (searchResponse.getType() == MessageTypeEnum.SEARCH_RESULT_ENTRY) {
SearchResultEntry searchResultEntry = (SearchResultEntry) searchResponse;
SearchResultEntryDsml searchResultEntryDsml = new SearchResultEntryDsml(connection.getCodecService(), searchResultEntry);
searchResponseDsml = new SearchResponseDsml(connection.getCodecService(), searchResultEntryDsml);
if (respWriter != null) {
writeResponse(respWriter, searchResultEntryDsml);
} else {
searchResponseDsml.addResponse(searchResultEntryDsml);
}
} else if (searchResponse.getType() == MessageTypeEnum.SEARCH_RESULT_REFERENCE) {
SearchResultReference searchResultReference = (SearchResultReference) searchResponse;
SearchResultReferenceDsml searchResultReferenceDsml = new SearchResultReferenceDsml(connection.getCodecService(), searchResultReference);
searchResponseDsml = new SearchResponseDsml(connection.getCodecService(), searchResultReferenceDsml);
if (respWriter != null) {
writeResponse(respWriter, searchResultReferenceDsml);
} else {
searchResponseDsml.addResponse(searchResultReferenceDsml);
}
}
}
SearchResultDone srDone = searchResponses.getSearchResultDone();
if (srDone != null) {
resultCode = srDone.getLdapResult().getResultCode();
SearchResultDoneDsml srdDsml = new SearchResultDoneDsml(connection.getCodecService(), srDone);
if (respWriter != null) {
writeResponse(respWriter, srdDsml);
respWriter.write("</searchResponse>");
} else {
searchResponseDsml.addResponse(srdDsml);
batchResponse.addResponse(searchResponseDsml);
}
}
break;
case UNBIND_REQUEST:
connection.unBind();
break;
default:
throw new IllegalStateException("Unexpected request tpye " + request.getDecorated().getType());
}
if ((!continueOnError) && (resultCode != null) && (resultCode != ResultCodeEnum.SUCCESS) && (resultCode != ResultCodeEnum.COMPARE_TRUE) && (resultCode != ResultCodeEnum.COMPARE_FALSE) && (resultCode != ResultCodeEnum.REFERRAL)) {
// Turning on Exit flag
exit = true;
}
}
Also used :
DelResponseDsml(org.apache.directory.api.dsmlv2.response.DelResponseDsml)
SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor)
SearchResultReference(org.apache.directory.api.ldap.model.message.SearchResultReference)
BindResponse(org.apache.directory.api.ldap.model.message.BindResponse)
SearchResultDoneDsml(org.apache.directory.api.dsmlv2.response.SearchResultDoneDsml)
ResultCodeEnum(org.apache.directory.api.ldap.model.message.ResultCodeEnum)
ModifyResponseDsml(org.apache.directory.api.dsmlv2.response.ModifyResponseDsml)
CompareResponseDsml(org.apache.directory.api.dsmlv2.response.CompareResponseDsml)
ModifyDnResponse(org.apache.directory.api.ldap.model.message.ModifyDnResponse)
ModifyResponse(org.apache.directory.api.ldap.model.message.ModifyResponse)
CompareResponse(org.apache.directory.api.ldap.model.message.CompareResponse)
SearchResponseDsml(org.apache.directory.api.dsmlv2.response.SearchResponseDsml)
SearchResultEntryDsml(org.apache.directory.api.dsmlv2.response.SearchResultEntryDsml)
AddResponseDsml(org.apache.directory.api.dsmlv2.response.AddResponseDsml)
SearchResultReferenceDsml(org.apache.directory.api.dsmlv2.response.SearchResultReferenceDsml)
SearchResultDone(org.apache.directory.api.ldap.model.message.SearchResultDone)
AddResponse(org.apache.directory.api.ldap.model.message.AddResponse)
BindResponseDsml(org.apache.directory.api.dsmlv2.response.BindResponseDsml)
ErrorResponse(org.apache.directory.api.dsmlv2.response.ErrorResponse)
ExtendedResponse(org.apache.directory.api.ldap.model.message.ExtendedResponse)
CompareResponse(org.apache.directory.api.ldap.model.message.CompareResponse)
AddResponse(org.apache.directory.api.ldap.model.message.AddResponse)
DeleteResponse(org.apache.directory.api.ldap.model.message.DeleteResponse)
ModifyResponse(org.apache.directory.api.ldap.model.message.ModifyResponse)
Response(org.apache.directory.api.ldap.model.message.Response)
ModifyDnResponse(org.apache.directory.api.ldap.model.message.ModifyDnResponse)
BindResponse(org.apache.directory.api.ldap.model.message.BindResponse)
ExtendedResponseDsml(org.apache.directory.api.dsmlv2.response.ExtendedResponseDsml)
DeleteResponse(org.apache.directory.api.ldap.model.message.DeleteResponse)
ModDNResponseDsml(org.apache.directory.api.dsmlv2.response.ModDNResponseDsml)
ExtendedResponse(org.apache.directory.api.ldap.model.message.ExtendedResponse)
SearchResultEntry(org.apache.directory.api.ldap.model.message.SearchResultEntry)
Example 3 with Response
use of org.apache.directory.api.ldap.model.message.Response in project directory-ldap-api by apache.
the class LdapNetworkConnection method lookup.
/**
* {@inheritDoc}
*/
@Override
public Entry lookup(Dn dn, Control[] controls, String... attributes) throws LdapException {
Entry entry = null;
try {
SearchRequest searchRequest = new SearchRequestImpl();
searchRequest.setBase(dn);
searchRequest.setFilter(LdapConstants.OBJECT_CLASS_STAR);
searchRequest.setScope(SearchScope.OBJECT);
searchRequest.addAttributes(attributes);
searchRequest.setDerefAliases(AliasDerefMode.DEREF_ALWAYS);
if ((controls != null) && (controls.length > 0)) {
searchRequest.addAllControls(controls);
}
try (Cursor<Response> cursor = search(searchRequest)) {
// Read the response
if (cursor.next()) {
// cursor will always hold SearchResultEntry objects cause there is no ManageDsaITControl passed with search request
entry = ((SearchResultEntry) cursor.get()).getEntry();
}
// Pass through the SaerchResultDone, or stop
// if we have other responses
cursor.next();
}
} catch (CursorException e) {
throw new LdapException(e.getMessage(), e);
} catch (IOException ioe) {
throw new LdapException(ioe.getMessage(), ioe);
}
return entry;
}
Also used :
DeleteResponse(org.apache.directory.api.ldap.model.message.DeleteResponse)
IntermediateResponse(org.apache.directory.api.ldap.model.message.IntermediateResponse)
Response(org.apache.directory.api.ldap.model.message.Response)
ModifyDnResponse(org.apache.directory.api.ldap.model.message.ModifyDnResponse)
CompareNoDResponse(org.apache.directory.api.ldap.model.message.extended.CompareNoDResponse)
AddNoDResponse(org.apache.directory.api.ldap.model.message.extended.AddNoDResponse)
ModifyNoDResponse(org.apache.directory.api.ldap.model.message.extended.ModifyNoDResponse)
BindNoDResponse(org.apache.directory.api.ldap.model.message.extended.BindNoDResponse)
ResultCodeEnum.processResponse(org.apache.directory.api.ldap.model.message.ResultCodeEnum.processResponse)
ExtendedResponse(org.apache.directory.api.ldap.model.message.ExtendedResponse)
ExtendedNoDResponse(org.apache.directory.api.ldap.model.message.extended.ExtendedNoDResponse)
CompareResponse(org.apache.directory.api.ldap.model.message.CompareResponse)
AddResponse(org.apache.directory.api.ldap.model.message.AddResponse)
ModifyResponse(org.apache.directory.api.ldap.model.message.ModifyResponse)
ModifyDnNoDResponse(org.apache.directory.api.ldap.model.message.extended.ModifyDnNoDResponse)
DeleteNoDResponse(org.apache.directory.api.ldap.model.message.extended.DeleteNoDResponse)
BindResponse(org.apache.directory.api.ldap.model.message.BindResponse)
SearchNoDResponse(org.apache.directory.api.ldap.model.message.extended.SearchNoDResponse)
SearchRequest(org.apache.directory.api.ldap.model.message.SearchRequest)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
SearchResultEntry(org.apache.directory.api.ldap.model.message.SearchResultEntry)
DefaultEntry(org.apache.directory.api.ldap.model.entry.DefaultEntry)
CursorException(org.apache.directory.api.ldap.model.cursor.CursorException)
SearchRequestImpl(org.apache.directory.api.ldap.model.message.SearchRequestImpl)
IOException(java.io.IOException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
Example 4 with Response
use of org.apache.directory.api.ldap.model.message.Response in project jackrabbit-oak by apache.
the class LdapIdentityProvider method getEntry.
@CheckForNull
private Entry getEntry(@Nonnull LdapConnection connection, @Nonnull LdapProviderConfig.Identity idConfig, @Nonnull String id, @Nonnull String[] customAttributes) throws CursorException, LdapException {
String searchFilter = idConfig.getSearchFilter(id);
// Create the SearchRequest object
SearchRequest req = new SearchRequestImpl();
req.setScope(SearchScope.SUBTREE);
if (customAttributes.length == 0) {
req.addAttributes(SchemaConstants.ALL_USER_ATTRIBUTES);
} else {
req.addAttributes(customAttributes);
}
req.setTimeLimit((int) config.getSearchTimeout());
req.setBase(new Dn(idConfig.getBaseDN()));
req.setFilter(searchFilter);
if (log.isDebugEnabled()) {
log.debug("getEntry: using SearchRequest {}.", req);
}
// Process the request
SearchCursor searchCursor = null;
Entry resultEntry = null;
try {
searchCursor = connection.search(req);
while (searchCursor.next()) {
if (resultEntry != null) {
log.warn("search for {} returned more than one entry. discarding additional ones.", searchFilter);
} else {
// process the SearchResultEntry
Response response = searchCursor.get();
if (response instanceof SearchResultEntry) {
resultEntry = ((SearchResultEntry) response).getEntry();
}
}
}
} finally {
if (searchCursor != null) {
try {
searchCursor.close();
} catch (IOException e) {
log.warn("Failed to close search cursor.", e);
}
}
}
if (log.isDebugEnabled()) {
if (resultEntry == null) {
log.debug("getEntry: search below {} with {} found 0 entries.", idConfig.getBaseDN(), searchFilter);
} else {
log.debug("getEntry: search below {} with {} found {}", idConfig.getBaseDN(), searchFilter, resultEntry.getDn());
}
}
return resultEntry;
}
Also used :
Response(org.apache.directory.api.ldap.model.message.Response)
SearchRequest(org.apache.directory.api.ldap.model.message.SearchRequest)
Entry(org.apache.directory.api.ldap.model.entry.Entry)
SearchResultEntry(org.apache.directory.api.ldap.model.message.SearchResultEntry)
SearchRequestImpl(org.apache.directory.api.ldap.model.message.SearchRequestImpl)
SearchCursor(org.apache.directory.api.ldap.model.cursor.SearchCursor)
Dn(org.apache.directory.api.ldap.model.name.Dn)
IOException(java.io.IOException)
SearchResultEntry(org.apache.directory.api.ldap.model.message.SearchResultEntry)
CheckForNull(javax.annotation.CheckForNull)
Aggregations
Response (org.apache.directory.api.ldap.model.message.Response)4
SearchResultEntry (org.apache.directory.api.ldap.model.message.SearchResultEntry)4
IOException (java.io.IOException)3
SearchCursor (org.apache.directory.api.ldap.model.cursor.SearchCursor)3
Entry (org.apache.directory.api.ldap.model.entry.Entry)3
SearchRequest (org.apache.directory.api.ldap.model.message.SearchRequest)3
SearchRequestImpl (org.apache.directory.api.ldap.model.message.SearchRequestImpl)3
CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)2
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)2
AddResponse (org.apache.directory.api.ldap.model.message.AddResponse)2
BindResponse (org.apache.directory.api.ldap.model.message.BindResponse)2
CompareResponse (org.apache.directory.api.ldap.model.message.CompareResponse)2
DeleteResponse (org.apache.directory.api.ldap.model.message.DeleteResponse)2
ExtendedResponse (org.apache.directory.api.ldap.model.message.ExtendedResponse)2
ModifyDnResponse (org.apache.directory.api.ldap.model.message.ModifyDnResponse)2
ModifyResponse (org.apache.directory.api.ldap.model.message.ModifyResponse)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
HashMap (java.util.HashMap)1
NoSuchElementException (java.util.NoSuchElementException)1
CheckForNull (javax.annotation.CheckForNull)1
