Search in sources :

Example 1 with NamingException

use of org.springframework.ldap.NamingException in project spring-security by spring-projects.

the class BindAuthenticator method bindWithDn.

private DirContextOperations bindWithDn(String userDnStr, String username, String password, Attributes attrs) {
    BaseLdapPathContextSource ctxSource = (BaseLdapPathContextSource) getContextSource();
    DistinguishedName userDn = new DistinguishedName(userDnStr);
    DistinguishedName fullDn = new DistinguishedName(userDn);
    fullDn.prepend(ctxSource.getBaseLdapPath());
    logger.trace(LogMessage.format("Attempting to bind as %s", fullDn));
    DirContext ctx = null;
    try {
        ctx = getContextSource().getContext(fullDn.toString(), password);
        // Check for password policy control
        PasswordPolicyControl ppolicy = PasswordPolicyControlExtractor.extractControl(ctx);
        if (attrs == null || attrs.size() == 0) {
            attrs = ctx.getAttributes(userDn, getUserAttributes());
        }
        DirContextAdapter result = new DirContextAdapter(attrs, userDn, ctxSource.getBaseLdapPath());
        if (ppolicy != null) {
            result.setAttributeValue(ppolicy.getID(), ppolicy);
        }
        logger.debug(LogMessage.format("Bound %s", fullDn));
        return result;
    } catch (NamingException ex) {
        // unless a subclass wishes to implement more specialized behaviour.
        if ((ex instanceof org.springframework.ldap.AuthenticationException) || (ex instanceof org.springframework.ldap.OperationNotSupportedException)) {
            handleBindException(userDnStr, username, ex);
        } else {
            throw ex;
        }
    } catch (javax.naming.NamingException ex) {
        throw LdapUtils.convertLdapException(ex);
    } finally {
        LdapUtils.closeContext(ctx);
    }
    return null;
}
Also used : DistinguishedName(org.springframework.ldap.core.DistinguishedName) BaseLdapPathContextSource(org.springframework.ldap.core.support.BaseLdapPathContextSource) PasswordPolicyControl(org.springframework.security.ldap.ppolicy.PasswordPolicyControl) DirContextAdapter(org.springframework.ldap.core.DirContextAdapter) NamingException(org.springframework.ldap.NamingException) DirContext(javax.naming.directory.DirContext)

Example 2 with NamingException

use of org.springframework.ldap.NamingException in project perun by CESNET.

the class GroupEventProcessor method processAdminRemoved.

public void processAdminRemoved(String msg, MessageBeans beans) {
    if (beans.getGroup() == null) {
        return;
    }
    PerunBean admined = null;
    try {
        if (beans.getVo() != null) {
            admined = beans.getVo();
            perunGroup.removeFromVoAdmins(beans.getGroup(), beans.getVo());
        } else if (beans.getParentGroup() != null) {
            admined = beans.getParentGroup();
            perunGroup.removeFromGroupAdmins(beans.getGroup(), beans.getParentGroup());
        } else if (beans.getFacility() != null) {
            admined = beans.getFacility();
            perunGroup.removeFromFacilityAdmins(beans.getGroup(), beans.getFacility());
        }
    } catch (NamingException | InternalErrorException e) {
        log.error("Error removing group {} from admins of {}", beans.getGroup().getId(), admined.getId());
    }
}
Also used : PerunBean(cz.metacentrum.perun.core.api.PerunBean) NamingException(org.springframework.ldap.NamingException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)

Example 3 with NamingException

use of org.springframework.ldap.NamingException in project perun by CESNET.

the class GroupEventProcessor method processMemberInvalidated.

public void processMemberInvalidated(String msg, MessageBeans beans) {
    if (beans.getMember() == null) {
        return;
    }
    List<Group> memberGroups = new ArrayList<Group>();
    Perun perun = ldapcManager.getPerunBl();
    try {
        log.debug("Getting list of groups for member {}", beans.getMember().getId());
        // memberGroups = Rpc.GroupsManager.getAllMemberGroups(ldapcManager.getRpcCaller(), beans.getMember());
        memberGroups = perun.getGroupsManager().getAllMemberGroups(ldapcManager.getPerunSession(), beans.getMember());
        for (Group g : memberGroups) {
            log.debug("Removing invalidated member {} from group {}", beans.getMember(), g);
            perunGroup.removeMemberFromGroup(beans.getMember(), g);
        }
    } catch (MemberNotExistsException e) {
    // IMPORTANT this is not problem, if member not exist, we expected that will be deleted in some message after that, in DB is deleted
    } catch (PrivilegeException e) {
        log.warn("There are no privilegies for getting member's groups", e);
    } catch (NamingException | InternalErrorException e) {
        log.error("Error removing validated member from group", e);
    }
}
Also used : Perun(cz.metacentrum.perun.core.api.Perun) Group(cz.metacentrum.perun.core.api.Group) MemberNotExistsException(cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException) ArrayList(java.util.ArrayList) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) NamingException(org.springframework.ldap.NamingException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)

Example 4 with NamingException

use of org.springframework.ldap.NamingException in project perun by CESNET.

the class GroupEventProcessor method processAdminAdded.

public void processAdminAdded(String msg, MessageBeans beans) {
    if (beans.getGroup() == null) {
        return;
    }
    PerunBean admined = null;
    try {
        if (beans.getVo() != null) {
            admined = beans.getVo();
            perunGroup.addAsVoAdmin(beans.getGroup(), beans.getVo());
        } else if (beans.getParentGroup() != null) {
            admined = beans.getParentGroup();
            perunGroup.addAsGroupAdmin(beans.getGroup(), beans.getParentGroup());
        } else if (beans.getFacility() != null) {
            admined = beans.getFacility();
            perunGroup.addAsFacilityAdmin(beans.getGroup(), beans.getFacility());
        }
    } catch (NamingException | InternalErrorException e) {
        log.error("Error adding group {} as admin of {}", beans.getGroup().getId(), admined.getId());
    }
}
Also used : PerunBean(cz.metacentrum.perun.core.api.PerunBean) NamingException(org.springframework.ldap.NamingException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)

Example 5 with NamingException

use of org.springframework.ldap.NamingException in project perun by CESNET.

the class FacilityAttributeProcessor method processVirtualAttributeChanged.

public void processVirtualAttributeChanged(String msg, MessageBeans beans) {
    PerunBl perun = (PerunBl) ldapcManager.getPerunBl();
    if (beans.getAttribute() == null || beans.getFacility() == null) {
        return;
    }
    try {
        Attribute virtAttr = perun.getAttributesManagerBl().getAttribute(ldapcManager.getPerunSession(), beans.getFacility(), beans.getAttribute().getName());
        log.debug("Changing virtual attribute {} for facility {}", virtAttr, beans.getFacility());
        perunFacility.modifyEntry(beans.getFacility(), virtAttr);
    } catch (InternalErrorException | AttributeNotExistsException | WrongAttributeAssignmentException | NamingException e) {
        log.error("Error changing virtual attribute:", e);
    }
}
Also used : Attribute(cz.metacentrum.perun.core.api.Attribute) WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException) AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException) PerunBl(cz.metacentrum.perun.core.bl.PerunBl) NamingException(org.springframework.ldap.NamingException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)

Aggregations

NamingException (org.springframework.ldap.NamingException)10 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)8 PerunBean (cz.metacentrum.perun.core.api.PerunBean)4 Attribute (cz.metacentrum.perun.core.api.Attribute)2 Group (cz.metacentrum.perun.core.api.Group)2 Perun (cz.metacentrum.perun.core.api.Perun)2 AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)2 MemberNotExistsException (cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException)2 PrivilegeException (cz.metacentrum.perun.core.api.exceptions.PrivilegeException)2 WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)2 PerunBl (cz.metacentrum.perun.core.bl.PerunBl)2 ArrayList (java.util.ArrayList)2 DirContext (javax.naming.directory.DirContext)1 InvalidAttributeValueException (org.springframework.ldap.InvalidAttributeValueException)1 DirContextAdapter (org.springframework.ldap.core.DirContextAdapter)1 DistinguishedName (org.springframework.ldap.core.DistinguishedName)1 BaseLdapPathContextSource (org.springframework.ldap.core.support.BaseLdapPathContextSource)1 LdapQuery (org.springframework.ldap.query.LdapQuery)1 PasswordPolicyControl (org.springframework.security.ldap.ppolicy.PasswordPolicyControl)1