Examples with LdapAttribute - org.ldaptive.LdapAttribute

Example 11 with LdapAttribute

use of org.ldaptive.LdapAttribute in project cas by apereo.

the class OptionalWarningLdapLdapAccountStateHandler method handleWarning.

@Override
protected void handleWarning(final AccountState.Warning warning, final AuthenticationResponse response, final LdapPasswordPolicyConfiguration configuration, final List<MessageDescriptor> messages) {
    if (StringUtils.isBlank(this.warnAttributeName)) {
        LOGGER.debug("No warning attribute name is defined");
        return;
    }
    if (StringUtils.isBlank(this.warningAttributeValue)) {
        LOGGER.debug("No warning attribute value to match is defined");
        return;
    }
    final LdapAttribute attribute = response.getLdapEntry().getAttribute(this.warnAttributeName);
    boolean matches = false;
    if (attribute != null) {
        LOGGER.debug("Found warning attribute [{}] with value [{}]", attribute.getName(), attribute.getStringValue());
        matches = this.warningAttributeValue.equals(attribute.getStringValue());
    }
    LOGGER.debug("matches=[{}], displayWarningOnMatch=[{}]", matches, this.displayWarningOnMatch);
    if (this.displayWarningOnMatch == matches) {
        super.handleWarning(warning, response, configuration, messages);
    }
}

Also used : LdapAttribute(org.ldaptive.LdapAttribute)

Example 12 with LdapAttribute

use of org.ldaptive.LdapAttribute in project cas by apereo.

the class LdaptiveResourceCRLFetcher method fetchCRLFromLdap.

/**
 * Downloads a CRL from given LDAP url.
 *
 * @param r the resource that is the ldap url.
 * @return the x 509 cRL
 * @throws IOException          the exception thrown if resources cant be fetched
 * @throws CRLException         the exception thrown if resources cant be fetched
 * @throws CertificateException if connection to ldap fails, or attribute to get the revocation list is unavailable
 */
protected X509CRL fetchCRLFromLdap(final Object r) throws CertificateException, IOException, CRLException {
    try {
        final String ldapURL = r.toString();
        LOGGER.debug("Fetching CRL from ldap [{}]", ldapURL);
        final Response<SearchResult> result = performLdapSearch(ldapURL);
        if (result.getResultCode() == ResultCode.SUCCESS) {
            final LdapEntry entry = result.getResult().getEntry();
            final LdapAttribute attribute = entry.getAttribute(this.certificateAttribute);
            if (attribute.isBinary()) {
                LOGGER.debug("Located entry [{}]. Retrieving first attribute [{}]", entry, attribute);
                return fetchX509CRLFromAttribute(attribute);
            }
            LOGGER.warn("Found certificate attribute [{}] but it is not marked as a binary attribute", this.certificateAttribute);
        }
        LOGGER.debug("Failed to execute the search [{}]", result);
        throw new CertificateException("Failed to establish a connection ldap and search.");
    } catch (final LdapException e) {
        LOGGER.error(e.getMessage(), e);
        throw new CertificateException(e.getMessage());
    }
}

Also used : LdapAttribute(org.ldaptive.LdapAttribute) SearchResult(org.ldaptive.SearchResult) LdapEntry(org.ldaptive.LdapEntry) CertificateException(java.security.cert.CertificateException) LdapException(org.ldaptive.LdapException)

Example 13 with LdapAttribute

use of org.ldaptive.LdapAttribute in project cas by apereo.

the class LdapUtils method getString.

/**
 * Reads a String value from the LdapEntry.
 *
 * @param entry     the ldap entry
 * @param attribute the attribute name
 * @param nullValue the value which should be returning in case of a null value
 * @return the string
 */
public static String getString(final LdapEntry entry, final String attribute, final String nullValue) {
    final LdapAttribute attr = entry.getAttribute(attribute);
    if (attr == null) {
        return nullValue;
    }
    final String v;
    if (attr.isBinary()) {
        final byte[] b = attr.getBinaryValue();
        v = new String(b, StandardCharsets.UTF_8);
    } else {
        v = attr.getStringValue();
    }
    if (StringUtils.isNotBlank(v)) {
        return v;
    }
    return nullValue;
}

Also used : LdapAttribute(org.ldaptive.LdapAttribute)

Example 14 with LdapAttribute

use of org.ldaptive.LdapAttribute in project cas by apereo.

the class LdapUtils method executeModifyOperation.

/**
 * Execute modify operation boolean.
 *
 * @param currentDn         the current dn
 * @param connectionFactory the connection factory
 * @param attributes        the attributes
 * @return true/false
 */
public static boolean executeModifyOperation(final String currentDn, final ConnectionFactory connectionFactory, final Map<String, Set<String>> attributes) {
    try (Connection modifyConnection = createConnection(connectionFactory)) {
        final ModifyOperation operation = new ModifyOperation(modifyConnection);
        final List<AttributeModification> mods = attributes.entrySet().stream().map(entry -> new AttributeModification(AttributeModificationType.REPLACE, new LdapAttribute(entry.getKey(), entry.getValue().toArray(new String[] {})))).collect(Collectors.toList());
        final ModifyRequest request = new ModifyRequest(currentDn, mods.toArray(new AttributeModification[] {}));
        request.setReferralHandler(new ModifyReferralHandler());
        operation.execute(request);
        return true;
    } catch (final LdapException e) {
        LOGGER.error(e.getMessage(), e);
    }
    return false;
}

Also used : Arrays(java.util.Arrays) ConnectionFactory(org.ldaptive.ConnectionFactory) SearchOperation(org.ldaptive.SearchOperation) AddRequest(org.ldaptive.AddRequest) ExternalConfig(org.ldaptive.sasl.ExternalConfig) StringUtils(org.apache.commons.lang3.StringUtils) SearchEntryHandler(org.ldaptive.handler.SearchEntryHandler) ClassUtils(org.apache.commons.lang3.ClassUtils) ActivePassiveConnectionStrategy(org.ldaptive.ActivePassiveConnectionStrategy) FormatDnResolver(org.ldaptive.auth.FormatDnResolver) Map(java.util.Map) AbstractLdapAuthenticationProperties(org.apereo.cas.configuration.model.support.ldap.AbstractLdapAuthenticationProperties) PasswordPolicyControl(org.ldaptive.control.PasswordPolicyControl) ConnectionConfig(org.ldaptive.ConnectionConfig) BindPassivator(org.ldaptive.pool.BindPassivator) SaslConfig(org.ldaptive.sasl.SaslConfig) BindConnectionInitializer(org.ldaptive.BindConnectionInitializer) ModifyRequest(org.ldaptive.ModifyRequest) BlockingConnectionPool(org.ldaptive.pool.BlockingConnectionPool) Set(java.util.Set) PasswordModifyOperation(org.ldaptive.extended.PasswordModifyOperation) DnsSrvConnectionStrategy(org.ldaptive.DnsSrvConnectionStrategy) SearchScope(org.ldaptive.SearchScope) Response(org.ldaptive.Response) StandardCharsets(java.nio.charset.StandardCharsets) Slf4j(lombok.extern.slf4j.Slf4j) AddOperation(org.ldaptive.AddOperation) LdapAttribute(org.ldaptive.LdapAttribute) LdapEntry(org.ldaptive.LdapEntry) CramMd5Config(org.ldaptive.sasl.CramMd5Config) ObjectGuidHandler(org.ldaptive.ad.handler.ObjectGuidHandler) SearchFilter(org.ldaptive.SearchFilter) RangeEntryHandler(org.ldaptive.ad.handler.RangeEntryHandler) ArrayList(java.util.ArrayList) UtilityClass(lombok.experimental.UtilityClass) IdlePruneStrategy(org.ldaptive.pool.IdlePruneStrategy) ModifyOperation(org.ldaptive.ModifyOperation) SearchResult(org.ldaptive.SearchResult) SearchValidator(org.ldaptive.pool.SearchValidator) CompareRequest(org.ldaptive.CompareRequest) AttributeModification(org.ldaptive.AttributeModification) SearchRequest(org.ldaptive.SearchRequest) DefaultConnectionFactory(org.ldaptive.DefaultConnectionFactory) RoundRobinConnectionStrategy(org.ldaptive.RoundRobinConnectionStrategy) Mechanism(org.ldaptive.sasl.Mechanism) CaseChangeEntryHandler(org.ldaptive.handler.CaseChangeEntryHandler) KeyStoreCredentialConfig(org.ldaptive.ssl.KeyStoreCredentialConfig) LdapException(org.ldaptive.LdapException) SearchExecutor(org.ldaptive.SearchExecutor) ClosePassivator(org.ldaptive.pool.ClosePassivator) PooledSearchDnResolver(org.ldaptive.auth.PooledSearchDnResolver) UnicodePwdAttribute(org.ldaptive.ad.UnicodePwdAttribute) URL(java.net.URL) AttributeModificationType(org.ldaptive.AttributeModificationType) Beans(org.apereo.cas.configuration.support.Beans) PooledBindAuthenticationHandler(org.ldaptive.auth.PooledBindAuthenticationHandler) ConnectionPool(org.ldaptive.pool.ConnectionPool) DerefAliases(org.ldaptive.DerefAliases) SearchReferralHandler(org.ldaptive.referral.SearchReferralHandler) PasswordModifyRequest(org.ldaptive.extended.PasswordModifyRequest) DigestMd5Config(org.ldaptive.sasl.DigestMd5Config) URI(java.net.URI) DeleteRequest(org.ldaptive.DeleteRequest) PooledCompareAuthenticationHandler(org.ldaptive.auth.PooledCompareAuthenticationHandler) SslConfig(org.ldaptive.ssl.SslConfig) PoolConfig(org.ldaptive.pool.PoolConfig) PrimaryGroupIdHandler(org.ldaptive.ad.handler.PrimaryGroupIdHandler) X509CredentialConfig(org.ldaptive.ssl.X509CredentialConfig) AbstractLdapProperties(org.apereo.cas.configuration.model.support.ldap.AbstractLdapProperties) Collectors(java.util.stream.Collectors) DnAttributeEntryHandler(org.ldaptive.handler.DnAttributeEntryHandler) List(java.util.List) DeleteOperation(org.ldaptive.DeleteOperation) CompareValidator(org.ldaptive.pool.CompareValidator) BindRequest(org.ldaptive.BindRequest) IntStream(java.util.stream.IntStream) Provider(org.ldaptive.provider.Provider) ReturnAttributes(org.ldaptive.ReturnAttributes) DefaultConnectionStrategy(org.ldaptive.DefaultConnectionStrategy) HashSet(java.util.HashSet) EntryResolver(org.ldaptive.auth.EntryResolver) QualityOfProtection(org.ldaptive.sasl.QualityOfProtection) ModifyReferralHandler(org.ldaptive.referral.ModifyReferralHandler) RecursiveEntryHandler(org.ldaptive.handler.RecursiveEntryHandler) PooledSearchEntryResolver(org.ldaptive.auth.PooledSearchEntryResolver) RandomConnectionStrategy(org.ldaptive.RandomConnectionStrategy) ObjectSidHandler(org.ldaptive.ad.handler.ObjectSidHandler) ResultCode(org.ldaptive.ResultCode) FastBindOperation(org.ldaptive.ad.extended.FastBindOperation) GssApiConfig(org.ldaptive.sasl.GssApiConfig) Connection(org.ldaptive.Connection) Authenticator(org.ldaptive.auth.Authenticator) DeleteReferralHandler(org.ldaptive.referral.DeleteReferralHandler) Credential(org.ldaptive.Credential) MergeAttributeEntryHandler(org.ldaptive.handler.MergeAttributeEntryHandler) NumberUtils(org.apache.commons.lang3.math.NumberUtils) PooledConnectionFactory(org.ldaptive.pool.PooledConnectionFactory) SecurityStrength(org.ldaptive.sasl.SecurityStrength) ModifyReferralHandler(org.ldaptive.referral.ModifyReferralHandler) AttributeModification(org.ldaptive.AttributeModification) Connection(org.ldaptive.Connection) LdapAttribute(org.ldaptive.LdapAttribute) PasswordModifyOperation(org.ldaptive.extended.PasswordModifyOperation) ModifyOperation(org.ldaptive.ModifyOperation) ModifyRequest(org.ldaptive.ModifyRequest) PasswordModifyRequest(org.ldaptive.extended.PasswordModifyRequest) LdapException(org.ldaptive.LdapException)

Example 15 with LdapAttribute

use of org.ldaptive.LdapAttribute in project cas by apereo.

the class OptionalWarningLdapLdapAccountStateHandlerTests method verifyNoWarningOnMatch.

@Test
public void verifyNoWarningOnMatch() {
    final OptionalWarningLdapLdapAccountStateHandler h = new OptionalWarningLdapLdapAccountStateHandler();
    h.setWarnAttributeName("attribute");
    h.setWarningAttributeValue("value");
    h.setDisplayWarningOnMatch(false);
    final AuthenticationResponse response = mock(AuthenticationResponse.class);
    final LdapEntry entry = mock(LdapEntry.class);
    when(response.getLdapEntry()).thenReturn(entry);
    when(entry.getAttribute(anyString())).thenReturn(new LdapAttribute("attribute", "value"));
    final List<MessageDescriptor> messages = new ArrayList<>();
    final LdapPasswordPolicyConfiguration config = new LdapPasswordPolicyConfiguration();
    config.setPasswordWarningNumberOfDays(5);
    h.handleWarning(new AccountState.DefaultWarning(ZonedDateTime.now(), 1), response, config, messages);
    assertEquals(0, messages.size());
}

Also used : MessageDescriptor(org.apereo.cas.authentication.MessageDescriptor) LdapAttribute(org.ldaptive.LdapAttribute) ArrayList(java.util.ArrayList) LdapEntry(org.ldaptive.LdapEntry) AccountState(org.ldaptive.auth.AccountState) AuthenticationResponse(org.ldaptive.auth.AuthenticationResponse) Test(org.junit.Test)

Aggregations

LdapAttribute (org.ldaptive.LdapAttribute)27 LdapEntry (org.ldaptive.LdapEntry)18 SearchResult (org.ldaptive.SearchResult)11 SearchFilter (org.ldaptive.SearchFilter)7 ArrayList (java.util.ArrayList)6 ConnectionFactory (org.ldaptive.ConnectionFactory)5 LinkedHashMap (java.util.LinkedHashMap)4 PasswordManagementProperties (org.apereo.cas.configuration.model.support.pm.PasswordManagementProperties)4 MessageDescriptor (org.apereo.cas.authentication.MessageDescriptor)3 AbstractLdapProperties (org.apereo.cas.configuration.model.support.ldap.AbstractLdapProperties)3 Test (org.junit.Test)3 BindRequest (org.ldaptive.BindRequest)3 CompareRequest (org.ldaptive.CompareRequest)3 LdapException (org.ldaptive.LdapException)3 URI (java.net.URI)2 URL (java.net.URL)2 StandardCharsets (java.nio.charset.StandardCharsets)2 Arrays (java.util.Arrays)2 HashSet (java.util.HashSet)2 List (java.util.List)2