Search in sources :

Example 6 with AuthenticationException

use of org.exist.security.AuthenticationException in project exist by eXist-db.

the class LDAPRealmTest method testAuthenticate.

/**
 * Test method for {@link org.exist.security.realm.ldap.LDAPRealm#authenticate(java.lang.String, java.lang.Object)}.
 */
@Ignore
@Test
public void testAuthenticate() {
    Account account = null;
    try {
        account = realm.authenticate("admin", "passwd");
    } catch (AuthenticationException e) {
        fail(e.getMessage());
    }
    assertNotNull(account);
}
Also used : Account(org.exist.security.Account) AuthenticationException(org.exist.security.AuthenticationException) Ignore(org.junit.Ignore) Test(org.junit.Test)

Example 7 with AuthenticationException

use of org.exist.security.AuthenticationException in project exist by eXist-db.

the class LDAPRealm method findUsernamesWhereNameStarts.

@Override
public List<String> findUsernamesWhereNameStarts(String startsWith) {
    startsWith = escapeSearchAttribute(ensureCase(startsWith));
    final List<String> usernames = new ArrayList<>();
    LdapContext ctx = null;
    try {
        ctx = getContext(getSecurityManager().getCurrentSubject());
        final LDAPSearchContext search = ensureContextFactory().getSearch();
        final SearchAttribute sa = new SearchAttribute(search.getSearchAccount().getMetadataSearchAttribute(AXSchemaType.FULLNAME), startsWith + "*");
        final String searchFilter = buildSearchFilter(search.getSearchAccount().getSearchFilterPrefix(), sa);
        final SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
        searchControls.setReturningAttributes(new String[] { search.getSearchAccount().getSearchAttribute(LDAPSearchAttributeKey.NAME) });
        final NamingEnumeration<SearchResult> results = ctx.search(search.getBase(), searchFilter, searchControls);
        while (results.hasMoreElements()) {
            final SearchResult searchResult = results.nextElement();
            final String username = ensureCase(addDomainPostfix((String) searchResult.getAttributes().get(search.getSearchAccount().getSearchAttribute(LDAPSearchAttributeKey.NAME)).get()));
            if (checkAccountRestrictionList(username)) {
                usernames.add(username);
            }
        }
    } catch (final NamingException ne) {
        LOG.error(new AuthenticationException(AuthenticationException.UNNOWN_EXCEPTION, ne.getMessage()));
    } finally {
        if (ctx != null) {
            LdapUtils.closeContext(ctx);
        }
    }
    return usernames;
}
Also used : AuthenticationException(org.exist.security.AuthenticationException) ArrayList(java.util.ArrayList) SearchControls(javax.naming.directory.SearchControls) SearchResult(javax.naming.directory.SearchResult) NamingException(javax.naming.NamingException) LdapContext(javax.naming.ldap.LdapContext)

Example 8 with AuthenticationException

use of org.exist.security.AuthenticationException in project exist by eXist-db.

the class LDAPRealm method findGroupnamesWhereGroupnameStarts.

@Override
public List<String> findGroupnamesWhereGroupnameStarts(final String startsWith) {
    final String sWith = escapeSearchAttribute(ensureCase(startsWith));
    final List<String> groupnames = new ArrayList<>();
    LdapContext ctx = null;
    try {
        ctx = getContext(getSecurityManager().getCurrentSubject());
        final LDAPSearchContext search = ensureContextFactory().getSearch();
        final SearchAttribute sa = new SearchAttribute(search.getSearchGroup().getSearchAttribute(LDAPSearchAttributeKey.NAME), sWith + "*");
        final String searchFilter = buildSearchFilter(search.getSearchGroup().getSearchFilterPrefix(), sa);
        final SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
        searchControls.setReturningAttributes(new String[] { search.getSearchGroup().getSearchAttribute(LDAPSearchAttributeKey.NAME) });
        final NamingEnumeration<SearchResult> results = ctx.search(search.getBase(), searchFilter, searchControls);
        while (results.hasMoreElements()) {
            final SearchResult searchResult = results.nextElement();
            final String groupname = ensureCase(addDomainPostfix((String) searchResult.getAttributes().get(search.getSearchGroup().getSearchAttribute(LDAPSearchAttributeKey.NAME)).get()));
            if (checkGroupRestrictionList(groupname)) {
                groupnames.add(groupname);
            }
        }
    } catch (final NamingException ne) {
        LOG.error(new AuthenticationException(AuthenticationException.UNNOWN_EXCEPTION, ne.getMessage()));
    } finally {
        if (ctx != null) {
            LdapUtils.closeContext(ctx);
        }
    }
    return groupnames;
}
Also used : AuthenticationException(org.exist.security.AuthenticationException) ArrayList(java.util.ArrayList) SearchControls(javax.naming.directory.SearchControls) SearchResult(javax.naming.directory.SearchResult) NamingException(javax.naming.NamingException) LdapContext(javax.naming.ldap.LdapContext)

Example 9 with AuthenticationException

use of org.exist.security.AuthenticationException in project exist by eXist-db.

the class LDAPRealm method findUsernamesWhereNamePartStarts.

@Override
public List<String> findUsernamesWhereNamePartStarts(final String startsWith) {
    final String sWith = escapeSearchAttribute(ensureCase(startsWith));
    final List<String> usernames = new ArrayList<>();
    LdapContext ctx = null;
    try {
        ctx = getContext(getSecurityManager().getCurrentSubject());
        final LDAPSearchContext search = ensureContextFactory().getSearch();
        final SearchAttribute firstNameSa = new SearchAttribute(search.getSearchAccount().getMetadataSearchAttribute(AXSchemaType.FIRSTNAME), sWith + "*");
        final SearchAttribute lastNameSa = new SearchAttribute(search.getSearchAccount().getMetadataSearchAttribute(AXSchemaType.LASTNAME), sWith + "*");
        final List<SearchAttribute> sas = new ArrayList<>();
        sas.add(firstNameSa);
        sas.add(lastNameSa);
        final String searchFilter = buildSearchFilterUnion(search.getSearchAccount().getSearchFilterPrefix(), sas);
        final SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
        searchControls.setReturningAttributes(new String[] { search.getSearchAccount().getSearchAttribute(LDAPSearchAttributeKey.NAME) });
        final NamingEnumeration<SearchResult> results = ctx.search(search.getBase(), searchFilter, searchControls);
        while (results.hasMoreElements()) {
            final SearchResult searchResult = results.nextElement();
            final String username = ensureCase(addDomainPostfix((String) searchResult.getAttributes().get(search.getSearchAccount().getSearchAttribute(LDAPSearchAttributeKey.NAME)).get()));
            if (checkAccountRestrictionList(username)) {
                usernames.add(username);
            }
        }
    } catch (final NamingException ne) {
        LOG.error(new AuthenticationException(AuthenticationException.UNNOWN_EXCEPTION, ne.getMessage()));
    } finally {
        if (ctx != null) {
            LdapUtils.closeContext(ctx);
        }
    }
    return usernames;
}
Also used : AuthenticationException(org.exist.security.AuthenticationException) ArrayList(java.util.ArrayList) SearchControls(javax.naming.directory.SearchControls) SearchResult(javax.naming.directory.SearchResult) NamingException(javax.naming.NamingException) LdapContext(javax.naming.ldap.LdapContext)

Example 10 with AuthenticationException

use of org.exist.security.AuthenticationException in project exist by eXist-db.

the class LDAPRealm method findAllUserNames.

@Override
public List<String> findAllUserNames() {
    final List<String> usernames = new ArrayList<>();
    LdapContext ctx = null;
    try {
        ctx = getContext(getSecurityManager().getCurrentSubject());
        final LDAPSearchContext search = ensureContextFactory().getSearch();
        final SearchAttribute sa = new SearchAttribute(null, null);
        final String searchFilter = buildSearchFilter(search.getSearchAccount().getSearchFilterPrefix(), sa);
        final SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
        searchControls.setReturningAttributes(new String[] { search.getSearchAccount().getSearchAttribute(LDAPSearchAttributeKey.NAME) });
        final NamingEnumeration<SearchResult> results = ctx.search(search.getBase(), searchFilter, searchControls);
        while (results.hasMoreElements()) {
            final SearchResult searchResult = results.nextElement();
            final String accountname = ensureCase(addDomainPostfix((String) searchResult.getAttributes().get(search.getSearchAccount().getSearchAttribute(LDAPSearchAttributeKey.NAME)).get()));
            if (checkAccountRestrictionList(accountname)) {
                usernames.add(accountname);
            }
        }
    } catch (final NamingException ne) {
        LOG.error(new AuthenticationException(AuthenticationException.UNNOWN_EXCEPTION, ne.getMessage()));
    } finally {
        if (ctx != null) {
            LdapUtils.closeContext(ctx);
        }
    }
    return usernames;
}
Also used : AuthenticationException(org.exist.security.AuthenticationException) ArrayList(java.util.ArrayList) SearchControls(javax.naming.directory.SearchControls) SearchResult(javax.naming.directory.SearchResult) NamingException(javax.naming.NamingException) LdapContext(javax.naming.ldap.LdapContext)

Aggregations

AuthenticationException (org.exist.security.AuthenticationException)33 NamingException (javax.naming.NamingException)16 Subject (org.exist.security.Subject)13 SearchResult (javax.naming.directory.SearchResult)12 LdapContext (javax.naming.ldap.LdapContext)12 SearchControls (javax.naming.directory.SearchControls)9 ArrayList (java.util.ArrayList)8 EXistException (org.exist.EXistException)8 SecurityManager (org.exist.security.SecurityManager)8 AbstractAccount (org.exist.security.AbstractAccount)6 Account (org.exist.security.Account)6 PermissionDeniedException (org.exist.security.PermissionDeniedException)5 Group (org.exist.security.Group)4 DBBroker (org.exist.storage.DBBroker)4 HttpSession (javax.servlet.http.HttpSession)3 IOException (java.io.IOException)2 PrintWriter (java.io.PrintWriter)2 URISyntaxException (java.net.URISyntaxException)2 Properties (java.util.Properties)2 ServletException (javax.servlet.ServletException)2