use of org.apache.directory.ldap.client.api.future.BindFuture in project directory-ldap-api by apache.
the class LdapNetworkConnection method bindSasl.
/**
* Process the SASL Bind. It's a dialog with the server, we will send a first BindRequest, receive
* a response and the, if this response is a challenge, continue by sending a new BindRequest with
* the requested informations.
*
* @param saslRequest The SASL request object containing all the needed parameters
* @return A {@link BindResponse} containing the result
* @throws LdapException if some error occurred
*/
public BindFuture bindSasl(SaslRequest saslRequest) throws LdapException {
// First switch to anonymous state
authenticated.set(false);
// try to connect, if we aren't already connected.
connect();
// If the session has not been establish, or is closed, we get out immediately
checkSession();
BindRequest bindRequest = createBindRequest((String) null, null, saslRequest.getSaslMechanism(), saslRequest.getControls());
// Update the messageId
int newId = messageId.incrementAndGet();
bindRequest.setMessageId(newId);
if (LOG.isDebugEnabled()) {
LOG.debug(I18n.msg(I18n.MSG_03205_SENDING_REQUEST, bindRequest));
}
// Create a future for this Bind operation
BindFuture bindFuture = new BindFuture(this, newId);
// Store it in the future Map
addToFutureMap(newId, bindFuture);
try {
BindResponse bindResponse;
byte[] response;
ResultCodeEnum result;
// Creating a map for SASL properties
Map<String, Object> properties = new HashMap<>();
// Quality of Protection SASL property
if (saslRequest.getQualityOfProtection() != null) {
properties.put(Sasl.QOP, saslRequest.getQualityOfProtection().getValue());
}
// Security Strength SASL property
if (saslRequest.getSecurityStrength() != null) {
properties.put(Sasl.STRENGTH, saslRequest.getSecurityStrength().getValue());
}
// Mutual Authentication SASL property
if (saslRequest.isMutualAuthentication()) {
properties.put(Sasl.SERVER_AUTH, "true");
}
// Creating a SASL Client
SaslClient sc = Sasl.createSaslClient(new String[] { bindRequest.getSaslMechanism() }, saslRequest.getAuthorizationId(), "ldap", config.getLdapHost(), properties, new SaslCallbackHandler(saslRequest));
// for the requested mechanism. We then produce an Exception
if (sc == null) {
String message = "Cannot find a SASL factory for the " + bindRequest.getSaslMechanism() + " mechanism";
LOG.error(message);
throw new LdapException(message);
}
// deal with it immediately.
if (sc.hasInitialResponse()) {
byte[] challengeResponse = sc.evaluateChallenge(Strings.EMPTY_BYTES);
// Stores the challenge's response, and send it to the server
bindRequest.setCredentials(challengeResponse);
writeRequest(bindRequest);
// Get the server's response, blocking
bindResponse = bindFuture.get(timeout, TimeUnit.MILLISECONDS);
if (bindResponse == null) {
// We didn't received anything : this is an error
if (LOG.isErrorEnabled()) {
LOG.error(I18n.err(I18n.ERR_03203_OP_FAILED_TIMEOUT, "Bind"));
}
throw new LdapException(TIME_OUT_ERROR);
}
result = bindResponse.getLdapResult().getResultCode();
} else {
// Copy the bindRequest without setting the credentials
BindRequest bindRequestCopy = new BindRequestImpl();
bindRequestCopy.setMessageId(newId);
bindRequestCopy.setName(bindRequest.getName());
bindRequestCopy.setSaslMechanism(bindRequest.getSaslMechanism());
bindRequestCopy.setSimple(bindRequest.isSimple());
bindRequestCopy.setVersion3(bindRequest.getVersion3());
bindRequestCopy.addAllControls(bindRequest.getControls().values().toArray(new Control[0]));
writeRequest(bindRequestCopy);
bindResponse = bindFuture.get(timeout, TimeUnit.MILLISECONDS);
if (bindResponse == null) {
// We didn't received anything : this is an error
if (LOG.isErrorEnabled()) {
LOG.error(I18n.err(I18n.ERR_03203_OP_FAILED_TIMEOUT, "Bind"));
}
throw new LdapException(TIME_OUT_ERROR);
}
result = bindResponse.getLdapResult().getResultCode();
}
while (!sc.isComplete() && ((result == ResultCodeEnum.SASL_BIND_IN_PROGRESS) || (result == ResultCodeEnum.SUCCESS))) {
response = sc.evaluateChallenge(bindResponse.getServerSaslCreds());
if (result == ResultCodeEnum.SUCCESS) {
if (response != null) {
throw new LdapException("protocol error");
}
} else {
newId = messageId.incrementAndGet();
bindRequest.setMessageId(newId);
bindRequest.setCredentials(response);
addToFutureMap(newId, bindFuture);
writeRequest(bindRequest);
bindResponse = bindFuture.get(timeout, TimeUnit.MILLISECONDS);
if (bindResponse == null) {
// We didn't received anything : this is an error
if (LOG.isErrorEnabled()) {
LOG.error(I18n.err(I18n.ERR_03203_OP_FAILED_TIMEOUT, "Bind"));
}
throw new LdapException(TIME_OUT_ERROR);
}
result = bindResponse.getLdapResult().getResultCode();
}
}
bindFuture.set(bindResponse);
return bindFuture;
} catch (LdapException e) {
throw e;
} catch (Exception e) {
LOG.error(e.getMessage());
throw new LdapException(e);
}
}
use of org.apache.directory.ldap.client.api.future.BindFuture in project directory-ldap-api by apache.
the class LdapNetworkConnection method bindSaslPlain.
/**
* SASL PLAIN Bind on a server.
*
* @param authzid The Authorization identity
* @param authcid The Authentication identity
* @param credentials The password. It can't be null
* @return The BindResponse LdapResponse
* @throws LdapException if some error occurred
*/
public BindResponse bindSaslPlain(String authzid, String authcid, String credentials) throws LdapException {
if (LOG.isDebugEnabled()) {
LOG.debug(I18n.msg(I18n.MSG_03228_SASL_PLAIN_BIND));
}
// Create the BindRequest
SaslPlainRequest saslRequest = new SaslPlainRequest();
saslRequest.setAuthorizationId(authzid);
saslRequest.setUsername(authcid);
saslRequest.setCredentials(credentials);
BindFuture bindFuture = bindAsync(saslRequest);
// Get the result from the future
try {
// Read the response, waiting for it if not available immediately
// Get the response, blocking
BindResponse bindResponse = bindFuture.get(timeout, TimeUnit.MILLISECONDS);
if (bindResponse == null) {
// We didn't received anything : this is an error
if (LOG.isErrorEnabled()) {
LOG.error(I18n.err(I18n.ERR_03203_OP_FAILED_TIMEOUT, "Bind"));
}
throw new LdapException(TIME_OUT_ERROR);
}
if (bindResponse.getLdapResult().getResultCode() == ResultCodeEnum.SUCCESS) {
authenticated.set(true);
// Everything is fine, return the response
if (LOG.isDebugEnabled()) {
LOG.debug(I18n.msg(I18n.MSG_03202_BIND_SUCCESSFUL, bindResponse));
}
} else {
// We have had an error
if (LOG.isDebugEnabled()) {
LOG.debug(I18n.msg(I18n.MSG_03201_BIND_FAIL, bindResponse));
}
}
return bindResponse;
} catch (Exception ie) {
// Catch all other exceptions
LOG.error(NO_RESPONSE_ERROR, ie);
throw new LdapException(NO_RESPONSE_ERROR, ie);
}
}
Aggregations