Search in sources :

Example 26 with SearchResultEntry

use of org.forgerock.opendj.ldap.responses.SearchResultEntry in project OpenAM by OpenRock.

the class EmbeddedOpenDS method getReplicationPort.

/**
     * Get replication port
     *
     * @param username
     * @param password
     * @param hostname
     * @param port
     * @return port number if replication is setup, null if not or on error.
     */
public static String getReplicationPort(String username, String password, String hostname, String port) {
    final String replDN = "cn=replication server,cn=Multimaster Synchronization,cn=Synchronization Providers,cn=config";
    final String[] attrs = { "ds-cfg-replication-port" };
    String replPort = null;
    Connection ld = null;
    username = "cn=Directory Manager";
    try (Connection conn = getLDAPConnection(hostname, port, username, password)) {
        // We'll use Directory Manager
        if (conn != null) {
            SearchResultEntry le = conn.searchSingleEntry(LDAPRequests.newSingleEntrySearchRequest(replDN, attrs));
            if (le != null) {
                Attribute la = le.getAttribute(attrs[0]);
                if (la != null) {
                    replPort = la.firstValueAsString();
                }
            }
        }
    } catch (Exception ex) {
        Debug.getInstance(SetupConstants.DEBUG_NAME).error("EmbeddedOpenDS.getReplicationPort(). Error getting replication port:", ex);
    }
    return replPort;
}
Also used : Attribute(org.forgerock.opendj.ldap.Attribute) Connection(org.forgerock.opendj.ldap.Connection) ByteString(org.forgerock.opendj.ldap.ByteString) FileNotFoundException(java.io.FileNotFoundException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) LdapException(org.forgerock.opendj.ldap.LdapException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IOException(java.io.IOException) SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)

Example 27 with SearchResultEntry

use of org.forgerock.opendj.ldap.responses.SearchResultEntry in project OpenAM by OpenRock.

the class SMSRepositoryMig method migrate.

private static void migrate(ConnectionFactory factory, String host, int port, String binddn, String pw, String basedn, String flatfiledir) throws Exception {
    // check args
    if (port < 0 || binddn == null || binddn.length() == 0 || pw == null || pw.length() == 0 || basedn == null || basedn.length() == 0 || flatfiledir == null || flatfiledir.length() == 0) {
        throw new IllegalArgumentException("SMSRepositoryMig: One or more invalid " + "arguments in constructor");
    }
    // Create the SMSFlatFileObject
    SMSFlatFileObject smsFlatFileObject = new SMSFlatFileObject();
    try (Connection conn = factory.getConnection()) {
        // Loop through LDAP attributes, create SMS object for each.
        ConnectionEntryReader res = conn.search(LDAPRequests.newSearchRequest("ou=services," + basedn, SearchScope.BASE_OBJECT, "(objectclass=*)", "*"));
        while (res.hasNext()) {
            if (res.isReference()) {
                //ignore
                res.readReference();
                System.out.println("ERROR: LDAP Referral not supported.");
                System.out.println("LDAPReferralException received");
            } else {
                SearchResultEntry entry;
                try {
                    entry = res.readEntry();
                    createSMSEntry(smsFlatFileObject, entry.getName().toString(), entry.getAllAttributes());
                } catch (LdapException e) {
                    System.out.println("ERROR: LDAP Exception encountered: " + e.toString());
                    e.printStackTrace();
                }
            }
        }
    }
}
Also used : ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader) Connection(org.forgerock.opendj.ldap.Connection) LdapException(org.forgerock.opendj.ldap.LdapException) SMSFlatFileObject(com.sun.identity.sm.flatfile.SMSFlatFileObject) SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)

Example 28 with SearchResultEntry

use of org.forgerock.opendj.ldap.responses.SearchResultEntry in project OpenAM by OpenRock.

the class SearchResultIterator method hasNext.

public boolean hasNext() {
    try {
        if (results.hasNext()) {
            if (current == null) {
                if (results.isReference()) {
                    debug.warning("SearchResultIterator: ignoring reference: {}", results.readReference());
                    return hasNext();
                }
                SearchResultEntry entry = results.readEntry();
                String dn = entry.getName().toString();
                if (hasExcludeDNs && excludeDNs.contains(dn)) {
                    return hasNext();
                }
                current = new SMSDataEntry(dn, SMSUtils.convertEntryToAttributesMap(entry));
            }
            return true;
        }
    } catch (LdapException e) {
        ResultCode errorCode = e.getResult().getResultCode();
        if (errorCode.equals(ResultCode.SIZE_LIMIT_EXCEEDED)) {
            debug.message("SearchResultIterator: size limit exceeded");
        } else {
            debug.error("SearchResultIterator.hasNext", e);
        }
    } catch (SearchResultReferenceIOException e) {
        debug.error("SearchResultIterator.hasNext: reference should be already handled", e);
        return hasNext();
    }
    conn.close();
    return false;
}
Also used : SMSDataEntry(com.sun.identity.sm.SMSDataEntry) SearchResultReferenceIOException(org.forgerock.opendj.ldap.SearchResultReferenceIOException) LdapException(org.forgerock.opendj.ldap.LdapException) ResultCode(org.forgerock.opendj.ldap.ResultCode) SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)

Example 29 with SearchResultEntry

use of org.forgerock.opendj.ldap.responses.SearchResultEntry in project OpenAM by OpenRock.

the class AMCertStore method getCertificate.

/**
     * Return matched certificate from ldap certificate store 
     */
public X509Certificate getCertificate() {
    /*
         * Lookup the certificate in the LDAP certificate
         * directory and compare the values.
         */
    try (Connection ldc = getConnection()) {
        if (ldc == null) {
            return null;
        }
        ConnectionEntryReader results = getSearchResults(ldc, USERCERTIFICATE, USERCERTIFICATE_BINARY, CACERTIFICATE, CACERTIFICATE_BINARY);
        while (results != null && results.hasNext()) {
            // "Found search results for: " + cn , 2);
            if (results.isEntry()) {
                SearchResultEntry entry = results.readEntry();
                /*
                     * Retrieve the certificate from the store
                     */
                Attribute certAttribute = entry.getAttribute(USERCERTIFICATE);
                if (certAttribute == null) {
                    certAttribute = entry.getAttribute(USERCERTIFICATE_BINARY);
                    if (certAttribute == null) {
                        // an end-entity certificate can be a CA certificate
                        certAttribute = entry.getAttribute(CACERTIFICATE);
                        if (certAttribute == null) {
                            certAttribute = entry.getAttribute(CACERTIFICATE_BINARY);
                        }
                        if (certAttribute == null) {
                            debug.message("AMCertStore.getCertificate: Certificate - get usercertificate is null ");
                            continue;
                        }
                    }
                }
                for (ByteString value : certAttribute) {
                    byte[] bytes = value.toByteArray();
                    ByteArrayInputStream bis = new ByteArrayInputStream(bytes);
                    X509Certificate c = null;
                    try {
                        c = (X509Certificate) cf.generateCertificate(bis);
                    } catch (CertificateParsingException e) {
                        debug.error("AMCertStore.getCertificate : " + "Error in Certificate parsing : ", e);
                    }
                    if (c != null) {
                        return c;
                    }
                }
            // inner while
            } else {
                SearchResultReference reference = results.readReference();
                debug.warning("Got an LDAP reference - only expected entries. Ignoring: {}", reference);
            }
        }
    // outer while  
    } catch (Exception e) {
        debug.error("AMCertStore.getCertificate : " + "Certificate - Error finding registered certificate = ", e);
    }
    return null;
}
Also used : ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader) CertificateParsingException(java.security.cert.CertificateParsingException) Attribute(org.forgerock.opendj.ldap.Attribute) ByteArrayInputStream(java.io.ByteArrayInputStream) ByteString(org.forgerock.opendj.ldap.ByteString) Connection(org.forgerock.opendj.ldap.Connection) SearchResultReference(org.forgerock.opendj.ldap.responses.SearchResultReference) X509Certificate(java.security.cert.X509Certificate) CertificateParsingException(java.security.cert.CertificateParsingException) LdapException(org.forgerock.opendj.ldap.LdapException) GeneralSecurityException(java.security.GeneralSecurityException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)

Example 30 with SearchResultEntry

use of org.forgerock.opendj.ldap.responses.SearchResultEntry in project OpenAM by OpenRock.

the class LocalLdapAuthModule method getDN.

private String getDN(String uid) throws LoginException {
    String retVal = "";
    if (uid == null) {
        throw (new LoginException(AuthI18n.authI18n.getString("com.iplanet.auth.invalid-username")));
    }
    if (LDAPUtils.isDN(uid)) {
        return uid;
    }
    String namingAttribute = UIDATTR;
    try {
        String orgName = (String) options.get(LoginContext.ORGNAME);
        if ((orgName != null) && !LDAPUtils.isDN(orgName)) {
            // Use orgname only if it a DN, else baseDN
            orgName = baseDN;
        }
        if (com.sun.identity.sm.ServiceManager.isAMSDKConfigured()) {
            namingAttribute = TemplateManager.getTemplateManager().getCreationTemplate(TEMPLATE_NAME, (orgName == null) ? null : new Guid(orgName)).getNamingAttribute();
        }
    } catch (Exception e) {
    // Ignore the exception and use the default naming attribute
    }
    StringBuilder filter = new StringBuilder();
    filter.append('(').append(namingAttribute).append('=').append(uid).append(')');
    String[] attrs = { "noAttr" };
    ConnectionEntryReader results = null;
    try {
        // Read the serverconfig.xml for LDAP information
        if (!readServerConfiguration) {
            readServerConfig();
        }
        if (conn == null) {
            debug.warning("LocalLdapAuthModule.getDN(): lda connection is null");
            throw (new LoginException("INVALID_USER_NAME"));
        } else {
            results = conn.search(LDAPRequests.newSearchRequest(baseDN, SearchScope.WHOLE_SUBTREE, filter.toString(), attrs));
        }
        if (results.hasNext()) {
            SearchResultEntry entry = results.readEntry();
            retVal = entry.getName().toString();
        }
        if (retVal == null || retVal.equals("")) {
            throw new LoginException("INVALID_USER_NAME");
        }
        return retVal;
    } catch (LdapException | SearchResultReferenceIOException ex) {
        throw new LoginException(ex.getMessage());
    } finally {
        IOUtils.closeIfNotNull(conn);
        conn = null;
    }
}
Also used : ConnectionEntryReader(org.forgerock.opendj.ldif.ConnectionEntryReader) LoginException(javax.security.auth.login.LoginException) Guid(com.iplanet.ums.Guid) SearchResultReferenceIOException(org.forgerock.opendj.ldap.SearchResultReferenceIOException) LdapException(org.forgerock.opendj.ldap.LdapException) LoginException(javax.security.auth.login.LoginException) LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException) UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException) LdapException(org.forgerock.opendj.ldap.LdapException) GeneralSecurityException(java.security.GeneralSecurityException) IOException(java.io.IOException) SearchResultReferenceIOException(org.forgerock.opendj.ldap.SearchResultReferenceIOException) SearchResultEntry(org.forgerock.opendj.ldap.responses.SearchResultEntry)

Aggregations

SearchResultEntry (org.forgerock.opendj.ldap.responses.SearchResultEntry)62 LdapException (org.forgerock.opendj.ldap.LdapException)46 ByteString (org.forgerock.opendj.ldap.ByteString)43 Connection (org.forgerock.opendj.ldap.Connection)43 ConnectionEntryReader (org.forgerock.opendj.ldif.ConnectionEntryReader)43 Attribute (org.forgerock.opendj.ldap.Attribute)30 HashSet (java.util.HashSet)25 SearchResultReferenceIOException (org.forgerock.opendj.ldap.SearchResultReferenceIOException)24 SearchRequest (org.forgerock.opendj.ldap.requests.SearchRequest)19 IOException (java.io.IOException)18 PolicyException (com.sun.identity.policy.PolicyException)15 ResultCode (org.forgerock.opendj.ldap.ResultCode)15 SSOException (com.iplanet.sso.SSOException)14 DN (org.forgerock.opendj.ldap.DN)11 InvalidNameException (com.sun.identity.policy.InvalidNameException)10 NameNotFoundException (com.sun.identity.policy.NameNotFoundException)10 LinkedAttribute (org.forgerock.opendj.ldap.LinkedAttribute)10 ArrayList (java.util.ArrayList)9 BindResult (org.forgerock.opendj.ldap.responses.BindResult)8 CaseInsensitiveHashSet (com.sun.identity.common.CaseInsensitiveHashSet)7