use of org.ldaptive.SearchFilter in project cas by apereo.
the class SpnegoWebflowActionsConfiguration method ldapSpnegoClientAction.
@Lazy
@Bean
@RefreshScope
public Action ldapSpnegoClientAction() {
final SpnegoProperties spnegoProperties = casProperties.getAuthn().getSpnego();
final ConnectionFactory connectionFactory = Beans.newLdaptivePooledConnectionFactory(spnegoProperties.getLdap());
final SearchFilter filter = Beans.newLdaptiveSearchFilter(spnegoProperties.getLdap().getSearchFilter(), "host", Collections.emptyList());
final SearchRequest searchRequest = Beans.newLdaptiveSearchRequest(spnegoProperties.getLdap().getBaseDn(), filter);
return new LdapSpnegoKnownClientSystemsFilterAction(spnegoProperties.getIpsToCheckPattern(), spnegoProperties.getAlternativeRemoteHostAttribute(), spnegoProperties.getDnsTimeout(), connectionFactory, searchRequest, spnegoProperties.getSpnegoAttributeName());
}
use of org.ldaptive.SearchFilter in project cas by apereo.
the class LdapPasswordManagementService method change.
@Audit(action = "CHANGE_PASSWORD", actionResolverName = "CHANGE_PASSWORD_ACTION_RESOLVER", resourceResolverName = "CHANGE_PASSWORD_RESOURCE_RESOLVER")
@Override
public boolean change(final Credential credential, final PasswordChangeBean bean) {
Assert.notNull(credential, "Credential cannot be null");
Assert.notNull(bean, "PasswordChangeBean cannot be null");
try {
final PasswordManagementProperties.Ldap ldap = passwordManagementProperties.getLdap();
final UsernamePasswordCredential c = (UsernamePasswordCredential) credential;
final SearchFilter filter = Beans.newLdaptiveSearchFilter(ldap.getUserFilter(), Beans.LDAP_SEARCH_FILTER_DEFAULT_PARAM_NAME, Arrays.asList(c.getId()));
LOGGER.debug("Constructed LDAP filter [{}] to update account password", filter);
final ConnectionFactory factory = Beans.newLdaptivePooledConnectionFactory(ldap);
final Response<SearchResult> response = LdapUtils.executeSearchOperation(factory, ldap.getBaseDn(), filter);
LOGGER.debug("LDAP response to update password is [{}]", response);
if (LdapUtils.containsResultEntry(response)) {
final String dn = response.getResult().getEntry().getDn();
LOGGER.debug("Updating account password for [{}]", dn);
if (LdapUtils.executePasswordModifyOperation(dn, factory, c.getPassword(), bean.getPassword(), passwordManagementProperties.getLdap().getType())) {
LOGGER.debug("Successfully updated the account password for [{}]", dn);
return true;
}
LOGGER.error("Could not update the LDAP entry's password for [{}] and base DN [{}]", filter.format(), ldap.getBaseDn());
} else {
LOGGER.error("Could not locate an LDAP entry for [{}] and base DN [{}]", filter.format(), ldap.getBaseDn());
}
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return false;
}
Aggregations