Example 6 with ResultCodeEnum
use of org.apache.directory.api.ldap.model.message.ResultCodeEnum in project directory-ldap-api by apache.
the class LdapNetworkConnection method bindSasl.
/**
* Process the SASL Bind. It's a dialog with the server, we will send a first BindRequest, receive
* a response and the, if this response is a challenge, continue by sending a new BindRequest with
* the requested informations.
*
* @param saslRequest The SASL request object containing all the needed parameters
* @return A {@link BindResponse} containing the result
* @throws LdapException if some error occurred
*/
public BindFuture bindSasl(SaslRequest saslRequest) throws LdapException {
// First switch to anonymous state
authenticated.set(false);
// try to connect, if we aren't already connected.
connect();
// If the session has not been establish, or is closed, we get out immediately
checkSession();
BindRequest bindRequest = createBindRequest((String) null, null, saslRequest.getSaslMechanism(), saslRequest.getControls());
// Update the messageId
int newId = messageId.incrementAndGet();
bindRequest.setMessageId(newId);
if (LOG.isDebugEnabled()) {
LOG.debug(I18n.msg(I18n.MSG_03205_SENDING_REQUEST, bindRequest));
}
// Create a future for this Bind operation
BindFuture bindFuture = new BindFuture(this, newId);
// Store it in the future Map
addToFutureMap(newId, bindFuture);
try {
BindResponse bindResponse;
byte[] response;
ResultCodeEnum result;
// Creating a map for SASL properties
Map<String, Object> properties = new HashMap<>();
// Quality of Protection SASL property
if (saslRequest.getQualityOfProtection() != null) {
properties.put(Sasl.QOP, saslRequest.getQualityOfProtection().getValue());
}
// Security Strength SASL property
if (saslRequest.getSecurityStrength() != null) {
properties.put(Sasl.STRENGTH, saslRequest.getSecurityStrength().getValue());
}
// Mutual Authentication SASL property
if (saslRequest.isMutualAuthentication()) {
properties.put(Sasl.SERVER_AUTH, "true");
}
// Creating a SASL Client
SaslClient sc = Sasl.createSaslClient(new String[] { bindRequest.getSaslMechanism() }, saslRequest.getAuthorizationId(), "ldap", config.getLdapHost(), properties, new SaslCallbackHandler(saslRequest));
// for the requested mechanism. We then produce an Exception
if (sc == null) {
String message = "Cannot find a SASL factory for the " + bindRequest.getSaslMechanism() + " mechanism";
LOG.error(message);
throw new LdapException(message);
}
// deal with it immediately.
if (sc.hasInitialResponse()) {
byte[] challengeResponse = sc.evaluateChallenge(Strings.EMPTY_BYTES);
// Stores the challenge's response, and send it to the server
bindRequest.setCredentials(challengeResponse);
writeRequest(bindRequest);
// Get the server's response, blocking
bindResponse = bindFuture.get(timeout, TimeUnit.MILLISECONDS);
if (bindResponse == null) {
// We didn't received anything : this is an error
if (LOG.isErrorEnabled()) {
LOG.error(I18n.err(I18n.ERR_03203_OP_FAILED_TIMEOUT, "Bind"));
}
throw new LdapException(TIME_OUT_ERROR);
}
result = bindResponse.getLdapResult().getResultCode();
} else {
// Copy the bindRequest without setting the credentials
BindRequest bindRequestCopy = new BindRequestImpl();
bindRequestCopy.setMessageId(newId);
bindRequestCopy.setName(bindRequest.getName());
bindRequestCopy.setSaslMechanism(bindRequest.getSaslMechanism());
bindRequestCopy.setSimple(bindRequest.isSimple());
bindRequestCopy.setVersion3(bindRequest.getVersion3());
bindRequestCopy.addAllControls(bindRequest.getControls().values().toArray(new Control[0]));
writeRequest(bindRequestCopy);
bindResponse = bindFuture.get(timeout, TimeUnit.MILLISECONDS);
if (bindResponse == null) {
// We didn't received anything : this is an error
if (LOG.isErrorEnabled()) {
LOG.error(I18n.err(I18n.ERR_03203_OP_FAILED_TIMEOUT, "Bind"));
}
throw new LdapException(TIME_OUT_ERROR);
}
result = bindResponse.getLdapResult().getResultCode();
}
while (!sc.isComplete() && ((result == ResultCodeEnum.SASL_BIND_IN_PROGRESS) || (result == ResultCodeEnum.SUCCESS))) {
response = sc.evaluateChallenge(bindResponse.getServerSaslCreds());
if (result == ResultCodeEnum.SUCCESS) {
if (response != null) {
throw new LdapException("protocol error");
}
} else {
newId = messageId.incrementAndGet();
bindRequest.setMessageId(newId);
bindRequest.setCredentials(response);
addToFutureMap(newId, bindFuture);
writeRequest(bindRequest);
bindResponse = bindFuture.get(timeout, TimeUnit.MILLISECONDS);
if (bindResponse == null) {
// We didn't received anything : this is an error
if (LOG.isErrorEnabled()) {
LOG.error(I18n.err(I18n.ERR_03203_OP_FAILED_TIMEOUT, "Bind"));
}
throw new LdapException(TIME_OUT_ERROR);
}
result = bindResponse.getLdapResult().getResultCode();
}
}
bindFuture.set(bindResponse);
return bindFuture;
} catch (LdapException e) {
throw e;
} catch (Exception e) {
LOG.error(e.getMessage());
throw new LdapException(e);
}
}
Also used :
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
BindRequest(org.apache.directory.api.ldap.model.message.BindRequest)
BindFuture(org.apache.directory.ldap.client.api.future.BindFuture)
BindResponse(org.apache.directory.api.ldap.model.message.BindResponse)
UnresolvedAddressException(java.nio.channels.UnresolvedAddressException)
ConnectException(java.net.ConnectException)
IOException(java.io.IOException)
LdapInvalidDnException(org.apache.directory.api.ldap.model.exception.LdapInvalidDnException)
InvalidConnectionException(org.apache.directory.ldap.client.api.exception.InvalidConnectionException)
LdapOperationException(org.apache.directory.api.ldap.model.exception.LdapOperationException)
LdapAuthenticationException(org.apache.directory.api.ldap.model.exception.LdapAuthenticationException)
MessageEncoderException(org.apache.directory.api.ldap.codec.api.MessageEncoderException)
CursorException(org.apache.directory.api.ldap.model.cursor.CursorException)
DecoderException(org.apache.directory.api.asn1.DecoderException)
LdapNoPermissionException(org.apache.directory.api.ldap.model.exception.LdapNoPermissionException)
LdapOtherException(org.apache.directory.api.ldap.model.exception.LdapOtherException)
ProtocolEncoderException(org.apache.mina.filter.codec.ProtocolEncoderException)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
ResultCodeEnum(org.apache.directory.api.ldap.model.message.ResultCodeEnum)
SaslClient(javax.security.sasl.SaslClient)
Control(org.apache.directory.api.ldap.model.message.Control)
OpaqueControl(org.apache.directory.api.ldap.model.message.controls.OpaqueControl)
SaslCallbackHandler(org.apache.directory.ldap.client.api.callback.SaslCallbackHandler)
LdapException(org.apache.directory.api.ldap.model.exception.LdapException)
BindRequestImpl(org.apache.directory.api.ldap.model.message.BindRequestImpl)
Aggregations
ResultCodeEnum (org.apache.directory.api.ldap.model.message.ResultCodeEnum)6
DecoderException (org.apache.directory.api.asn1.DecoderException)3
LdapResult (org.apache.directory.api.ldap.model.message.LdapResult)3
ResultResponse (org.apache.directory.api.ldap.model.message.ResultResponse)3
TLV (org.apache.directory.api.asn1.ber.tlv.TLV)2
LdapException (org.apache.directory.api.ldap.model.exception.LdapException)2
LdapInvalidDnException (org.apache.directory.api.ldap.model.exception.LdapInvalidDnException)2
BindResponse (org.apache.directory.api.ldap.model.message.BindResponse)2
Dn (org.apache.directory.api.ldap.model.name.Dn)2
IOException (java.io.IOException)1
ConnectException (java.net.ConnectException)1
UnresolvedAddressException (java.nio.channels.UnresolvedAddressException)1
HashMap (java.util.HashMap)1
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1
SaslClient (javax.security.sasl.SaslClient)1
BerValue (org.apache.directory.api.asn1.ber.tlv.BerValue)1
IntegerDecoderException (org.apache.directory.api.asn1.ber.tlv.IntegerDecoderException)1
AddResponseDsml (org.apache.directory.api.dsmlv2.response.AddResponseDsml)1
BindResponseDsml (org.apache.directory.api.dsmlv2.response.BindResponseDsml)1
CompareResponseDsml (org.apache.directory.api.dsmlv2.response.CompareResponseDsml)1
