Examples with LdapException org.ldaptive.LdapException used on opensource projects

Example 6 with LdapException

use of org.ldaptive.LdapException in project cas by apereo.

the class LdaptiveResourceCRLFetcher method fetchCRLFromLdap.

/**
     * Downloads a CRL from given LDAP url.
     *
     * @param r the resource that is the ldap url.
     * @return the x 509 cRL
     * @throws IOException          the exception thrown if resources cant be fetched
     * @throws CRLException         the exception thrown if resources cant be fetched
     * @throws CertificateException if connection to ldap fails, or attribute to get the revocation list is unavailable
     */
protected X509CRL fetchCRLFromLdap(final Object r) throws CertificateException, IOException, CRLException {
    try {
        final String ldapURL = r.toString();
        LOGGER.debug("Fetching CRL from ldap [{}]", ldapURL);
        final Response<SearchResult> result = performLdapSearch(ldapURL);
        if (result.getResultCode() == ResultCode.SUCCESS) {
            final LdapEntry entry = result.getResult().getEntry();
            final LdapAttribute attribute = entry.getAttribute(this.certificateAttribute);
            if (attribute.isBinary()) {
                LOGGER.debug("Located entry [{}]. Retrieving first attribute [{}]", entry, attribute);
                return fetchX509CRLFromAttribute(attribute);
            } else {
                LOGGER.warn("Found certificate attribute [{}] but it is not marked as a binary attribute", this.certificateAttribute);
            }
        }
        LOGGER.debug("Failed to execute the search [{}]", result);
        throw new CertificateException("Failed to establish a connection ldap and search.");
    } catch (final LdapException e) {
        LOGGER.error(e.getMessage(), e);
        throw new CertificateException(e.getMessage());
    }
}

Example 7 with LdapException

use of org.ldaptive.LdapException in project cas by apereo.

the class LdapSpnegoKnownClientSystemsFilterAction method executeSearchForSpnegoAttribute.

/**
     * Searches the ldap instance for the attribute value.
     *
     * @param remoteIp the remote ip
     * @return true/false
     */
protected boolean executeSearchForSpnegoAttribute(final String remoteIp) {
    Connection connection = null;
    final String remoteHostName = getRemoteHostName(remoteIp);
    LOGGER.debug("Resolved remote hostname [{}] based on ip [{}]", remoteHostName, remoteIp);
    try {
        connection = createConnection();
        final Operation searchOperation = new SearchOperation(connection);
        this.searchRequest.getSearchFilter().setParameter(0, remoteHostName);
        LOGGER.debug("Using search filter [{}] on baseDn [{}]", this.searchRequest.getSearchFilter().format(), this.searchRequest.getBaseDn());
        final Response<SearchResult> searchResult = searchOperation.execute(this.searchRequest);
        if (searchResult.getResultCode() == ResultCode.SUCCESS) {
            return processSpnegoAttribute(searchResult);
        }
        throw new RuntimeException("Failed to establish a connection ldap. " + searchResult.getMessage());
    } catch (final LdapException e) {
        LOGGER.error(e.getMessage(), e);
        throw Throwables.propagate(e);
    } finally {
        if (connection != null) {
            connection.close();
        }
    }
}

Example 8 with LdapException

use of org.ldaptive.LdapException in project cas by apereo.

the class LdapUtils method executeAddOperation.

/**
     * Execute add operation boolean.
     *
     * @param connectionFactory the connection factory
     * @param entry             the entry
     * @return true/false
     * @throws LdapException the ldap exception
     */
public static boolean executeAddOperation(final ConnectionFactory connectionFactory, final LdapEntry entry) throws LdapException {
    try (Connection connection = createConnection(connectionFactory)) {
        final AddOperation operation = new AddOperation(connection);
        operation.execute(new AddRequest(entry.getDn(), entry.getAttributes()));
        return true;
    } catch (final LdapException e) {
        LOGGER.error(e.getMessage(), e);
    }
    return false;
}

Example 9 with LdapException

use of org.ldaptive.LdapException in project cas by apereo.

the class BaseUseAttributesAuthorizationGenerator method generate.

@Override
public CommonProfile generate(final WebContext context, final CommonProfile profile) {
    Assert.notNull(this.connectionFactory, "connectionFactory must not be null");
    Assert.notNull(this.userSearchExecutor, "userSearchExecutor must not be null");
    final String username = profile.getId();
    final SearchResult userResult;
    try {
        LOGGER.debug("Attempting to get details for user [{}].", username);
        final Response<SearchResult> response = this.userSearchExecutor.search(this.connectionFactory, Beans.newLdaptiveSearchFilter(this.userSearchExecutor.getSearchFilter().getFilter(), Beans.LDAP_SEARCH_FILTER_DEFAULT_PARAM_NAME, Arrays.asList(username)));
        LOGGER.debug("LDAP user search response: [{}]", response);
        userResult = response.getResult();
        if (userResult.size() == 0) {
            throw new RuntimeException(new AccountNotFoundException(username + " not found."));
        }
        if (userResult.size() > 1 && !this.allowMultipleResults) {
            throw new IllegalStateException("Found multiple results for user which is not allowed (allowMultipleResults=false).");
        }
        final LdapEntry userEntry = userResult.getEntry();
        return generateAuthorizationForLdapEntry(profile, userEntry);
    } catch (final LdapException e) {
        throw new RuntimeException("LDAP error fetching details for user.", e);
    }
}

Example 10 with LdapException

use of org.ldaptive.LdapException in project cas by apereo.

the class LdapUserGroupsToRolesAuthorizationGenerator method generateAuthorizationForLdapEntry.

@Override
protected CommonProfile generateAuthorizationForLdapEntry(final CommonProfile profile, final LdapEntry userEntry) {
    try {
        LOGGER.debug("Attempting to get roles for user [{}].", userEntry.getDn());
        final Response<SearchResult> response = this.groupSearchExecutor.search(this.connectionFactory, Beans.newLdaptiveSearchFilter(this.groupSearchExecutor.getSearchFilter().getFilter(), Beans.LDAP_SEARCH_FILTER_DEFAULT_PARAM_NAME, Arrays.asList(userEntry.getDn())));
        LOGGER.debug("LDAP role search response: [{}]", response);
        final SearchResult groupResult = response.getResult();
        for (final LdapEntry entry : groupResult.getEntries()) {
            final LdapAttribute groupAttribute = entry.getAttribute(this.groupAttributeName);
            if (groupAttribute == null) {
                LOGGER.warn("Role attribute not found on entry [{}]", entry);
                continue;
            }
            addProfileRolesFromAttributes(profile, groupAttribute, this.groupPrefix);
        }
    } catch (final LdapException e) {
        throw new RuntimeException("LDAP error fetching roles for user.", e);
    }
    return profile;
}