Search in sources :

Example 11 with BindFuture

use of org.apache.directory.ldap.client.api.future.BindFuture in project directory-ldap-api by apache.

the class LdapNetworkConnection method bindSasl.

/**
 * Process the SASL Bind. It's a dialog with the server, we will send a first BindRequest, receive
 * a response and the, if this response is a challenge, continue by sending a new BindRequest with
 * the requested informations.
 *
 * @param saslRequest The SASL request object containing all the needed parameters
 * @return A {@link BindResponse} containing the result
 * @throws LdapException if some error occurred
 */
public BindFuture bindSasl(SaslRequest saslRequest) throws LdapException {
    // First switch to anonymous state
    authenticated.set(false);
    // try to connect, if we aren't already connected.
    connect();
    // If the session has not been establish, or is closed, we get out immediately
    checkSession();
    BindRequest bindRequest = createBindRequest((String) null, null, saslRequest.getSaslMechanism(), saslRequest.getControls());
    // Update the messageId
    int newId = messageId.incrementAndGet();
    bindRequest.setMessageId(newId);
    if (LOG.isDebugEnabled()) {
        LOG.debug(I18n.msg(I18n.MSG_03205_SENDING_REQUEST, bindRequest));
    }
    // Create a future for this Bind operation
    BindFuture bindFuture = new BindFuture(this, newId);
    // Store it in the future Map
    addToFutureMap(newId, bindFuture);
    try {
        BindResponse bindResponse;
        byte[] response;
        ResultCodeEnum result;
        // Creating a map for SASL properties
        Map<String, Object> properties = new HashMap<>();
        // Quality of Protection SASL property
        if (saslRequest.getQualityOfProtection() != null) {
            properties.put(Sasl.QOP, saslRequest.getQualityOfProtection().getValue());
        }
        // Security Strength SASL property
        if (saslRequest.getSecurityStrength() != null) {
            properties.put(Sasl.STRENGTH, saslRequest.getSecurityStrength().getValue());
        }
        // Mutual Authentication SASL property
        if (saslRequest.isMutualAuthentication()) {
            properties.put(Sasl.SERVER_AUTH, "true");
        }
        // Creating a SASL Client
        SaslClient sc = Sasl.createSaslClient(new String[] { bindRequest.getSaslMechanism() }, saslRequest.getAuthorizationId(), "ldap", config.getLdapHost(), properties, new SaslCallbackHandler(saslRequest));
        // for the requested mechanism. We then produce an Exception
        if (sc == null) {
            String message = "Cannot find a SASL factory for the " + bindRequest.getSaslMechanism() + " mechanism";
            LOG.error(message);
            throw new LdapException(message);
        }
        // deal with it immediately.
        if (sc.hasInitialResponse()) {
            byte[] challengeResponse = sc.evaluateChallenge(Strings.EMPTY_BYTES);
            // Stores the challenge's response, and send it to the server
            bindRequest.setCredentials(challengeResponse);
            writeRequest(bindRequest);
            // Get the server's response, blocking
            bindResponse = bindFuture.get(timeout, TimeUnit.MILLISECONDS);
            if (bindResponse == null) {
                // We didn't received anything : this is an error
                if (LOG.isErrorEnabled()) {
                    LOG.error(I18n.err(I18n.ERR_03203_OP_FAILED_TIMEOUT, "Bind"));
                }
                throw new LdapException(TIME_OUT_ERROR);
            }
            result = bindResponse.getLdapResult().getResultCode();
        } else {
            // Copy the bindRequest without setting the credentials
            BindRequest bindRequestCopy = new BindRequestImpl();
            bindRequestCopy.setMessageId(newId);
            bindRequestCopy.setName(bindRequest.getName());
            bindRequestCopy.setSaslMechanism(bindRequest.getSaslMechanism());
            bindRequestCopy.setSimple(bindRequest.isSimple());
            bindRequestCopy.setVersion3(bindRequest.getVersion3());
            bindRequestCopy.addAllControls(bindRequest.getControls().values().toArray(new Control[0]));
            writeRequest(bindRequestCopy);
            bindResponse = bindFuture.get(timeout, TimeUnit.MILLISECONDS);
            if (bindResponse == null) {
                // We didn't received anything : this is an error
                if (LOG.isErrorEnabled()) {
                    LOG.error(I18n.err(I18n.ERR_03203_OP_FAILED_TIMEOUT, "Bind"));
                }
                throw new LdapException(TIME_OUT_ERROR);
            }
            result = bindResponse.getLdapResult().getResultCode();
        }
        while (!sc.isComplete() && ((result == ResultCodeEnum.SASL_BIND_IN_PROGRESS) || (result == ResultCodeEnum.SUCCESS))) {
            response = sc.evaluateChallenge(bindResponse.getServerSaslCreds());
            if (result == ResultCodeEnum.SUCCESS) {
                if (response != null) {
                    throw new LdapException("protocol error");
                }
            } else {
                newId = messageId.incrementAndGet();
                bindRequest.setMessageId(newId);
                bindRequest.setCredentials(response);
                addToFutureMap(newId, bindFuture);
                writeRequest(bindRequest);
                bindResponse = bindFuture.get(timeout, TimeUnit.MILLISECONDS);
                if (bindResponse == null) {
                    // We didn't received anything : this is an error
                    if (LOG.isErrorEnabled()) {
                        LOG.error(I18n.err(I18n.ERR_03203_OP_FAILED_TIMEOUT, "Bind"));
                    }
                    throw new LdapException(TIME_OUT_ERROR);
                }
                result = bindResponse.getLdapResult().getResultCode();
            }
        }
        bindFuture.set(bindResponse);
        return bindFuture;
    } catch (LdapException e) {
        throw e;
    } catch (Exception e) {
        LOG.error(e.getMessage());
        throw new LdapException(e);
    }
}
Also used : ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap) BindRequest(org.apache.directory.api.ldap.model.message.BindRequest) BindFuture(org.apache.directory.ldap.client.api.future.BindFuture) BindResponse(org.apache.directory.api.ldap.model.message.BindResponse) UnresolvedAddressException(java.nio.channels.UnresolvedAddressException) ConnectException(java.net.ConnectException) IOException(java.io.IOException) LdapInvalidDnException(org.apache.directory.api.ldap.model.exception.LdapInvalidDnException) InvalidConnectionException(org.apache.directory.ldap.client.api.exception.InvalidConnectionException) LdapOperationException(org.apache.directory.api.ldap.model.exception.LdapOperationException) LdapAuthenticationException(org.apache.directory.api.ldap.model.exception.LdapAuthenticationException) MessageEncoderException(org.apache.directory.api.ldap.codec.api.MessageEncoderException) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) DecoderException(org.apache.directory.api.asn1.DecoderException) LdapNoPermissionException(org.apache.directory.api.ldap.model.exception.LdapNoPermissionException) LdapOtherException(org.apache.directory.api.ldap.model.exception.LdapOtherException) ProtocolEncoderException(org.apache.mina.filter.codec.ProtocolEncoderException) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) ResultCodeEnum(org.apache.directory.api.ldap.model.message.ResultCodeEnum) SaslClient(javax.security.sasl.SaslClient) Control(org.apache.directory.api.ldap.model.message.Control) OpaqueControl(org.apache.directory.api.ldap.model.message.controls.OpaqueControl) SaslCallbackHandler(org.apache.directory.ldap.client.api.callback.SaslCallbackHandler) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) BindRequestImpl(org.apache.directory.api.ldap.model.message.BindRequestImpl)

Example 12 with BindFuture

use of org.apache.directory.ldap.client.api.future.BindFuture in project directory-ldap-api by apache.

the class LdapNetworkConnection method bindSaslPlain.

/**
 * SASL PLAIN Bind on a server.
 *
 * @param authzid The Authorization identity
 * @param authcid The Authentication identity
 * @param credentials The password. It can't be null
 * @return The BindResponse LdapResponse
 * @throws LdapException if some error occurred
 */
public BindResponse bindSaslPlain(String authzid, String authcid, String credentials) throws LdapException {
    if (LOG.isDebugEnabled()) {
        LOG.debug(I18n.msg(I18n.MSG_03228_SASL_PLAIN_BIND));
    }
    // Create the BindRequest
    SaslPlainRequest saslRequest = new SaslPlainRequest();
    saslRequest.setAuthorizationId(authzid);
    saslRequest.setUsername(authcid);
    saslRequest.setCredentials(credentials);
    BindFuture bindFuture = bindAsync(saslRequest);
    // Get the result from the future
    try {
        // Read the response, waiting for it if not available immediately
        // Get the response, blocking
        BindResponse bindResponse = bindFuture.get(timeout, TimeUnit.MILLISECONDS);
        if (bindResponse == null) {
            // We didn't received anything : this is an error
            if (LOG.isErrorEnabled()) {
                LOG.error(I18n.err(I18n.ERR_03203_OP_FAILED_TIMEOUT, "Bind"));
            }
            throw new LdapException(TIME_OUT_ERROR);
        }
        if (bindResponse.getLdapResult().getResultCode() == ResultCodeEnum.SUCCESS) {
            authenticated.set(true);
            // Everything is fine, return the response
            if (LOG.isDebugEnabled()) {
                LOG.debug(I18n.msg(I18n.MSG_03202_BIND_SUCCESSFUL, bindResponse));
            }
        } else {
            // We have had an error
            if (LOG.isDebugEnabled()) {
                LOG.debug(I18n.msg(I18n.MSG_03201_BIND_FAIL, bindResponse));
            }
        }
        return bindResponse;
    } catch (Exception ie) {
        // Catch all other exceptions
        LOG.error(NO_RESPONSE_ERROR, ie);
        throw new LdapException(NO_RESPONSE_ERROR, ie);
    }
}
Also used : BindFuture(org.apache.directory.ldap.client.api.future.BindFuture) BindResponse(org.apache.directory.api.ldap.model.message.BindResponse) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) UnresolvedAddressException(java.nio.channels.UnresolvedAddressException) ConnectException(java.net.ConnectException) IOException(java.io.IOException) LdapInvalidDnException(org.apache.directory.api.ldap.model.exception.LdapInvalidDnException) InvalidConnectionException(org.apache.directory.ldap.client.api.exception.InvalidConnectionException) LdapOperationException(org.apache.directory.api.ldap.model.exception.LdapOperationException) LdapAuthenticationException(org.apache.directory.api.ldap.model.exception.LdapAuthenticationException) MessageEncoderException(org.apache.directory.api.ldap.codec.api.MessageEncoderException) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) DecoderException(org.apache.directory.api.asn1.DecoderException) LdapNoPermissionException(org.apache.directory.api.ldap.model.exception.LdapNoPermissionException) LdapOtherException(org.apache.directory.api.ldap.model.exception.LdapOtherException) ProtocolEncoderException(org.apache.mina.filter.codec.ProtocolEncoderException) LdapException(org.apache.directory.api.ldap.model.exception.LdapException)

Aggregations

BindFuture (org.apache.directory.ldap.client.api.future.BindFuture)12 IOException (java.io.IOException)10 ConnectException (java.net.ConnectException)10 UnresolvedAddressException (java.nio.channels.UnresolvedAddressException)10 LdapOtherException (org.apache.directory.api.ldap.model.exception.LdapOtherException)10 InvalidConnectionException (org.apache.directory.ldap.client.api.exception.InvalidConnectionException)10 DecoderException (org.apache.directory.api.asn1.DecoderException)9 MessageEncoderException (org.apache.directory.api.ldap.codec.api.MessageEncoderException)9 CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)9 LdapAuthenticationException (org.apache.directory.api.ldap.model.exception.LdapAuthenticationException)9 LdapException (org.apache.directory.api.ldap.model.exception.LdapException)9 LdapInvalidDnException (org.apache.directory.api.ldap.model.exception.LdapInvalidDnException)9 LdapNoPermissionException (org.apache.directory.api.ldap.model.exception.LdapNoPermissionException)9 LdapOperationException (org.apache.directory.api.ldap.model.exception.LdapOperationException)9 BindResponse (org.apache.directory.api.ldap.model.message.BindResponse)9 ProtocolEncoderException (org.apache.mina.filter.codec.ProtocolEncoderException)9 Message (org.apache.directory.api.ldap.model.message.Message)2 AddFuture (org.apache.directory.ldap.client.api.future.AddFuture)2 CompareFuture (org.apache.directory.ldap.client.api.future.CompareFuture)2 DeleteFuture (org.apache.directory.ldap.client.api.future.DeleteFuture)2