Search in sources :

Example 1 with AttributesMapperCallbackHandler

use of org.springframework.ldap.core.AttributesMapperCallbackHandler in project gocd by gocd.

the class LdapUserSearch method search.

public List<User> search(String username, LdapConfig ldapConfig) {
    if (ldapConfig.getBasesConfig().isEmpty()) {
        throw new RuntimeException("Atleast one Search Base needs to be configured.");
    }
    OrFilter filter = new OrFilter();
    String searchString = MessageFormat.format("*{0}*", username);
    filter.or(new LikeFilter(SAM_ACCOUNT_NAME, searchString));
    filter.or(new LikeFilter(UID, searchString));
    filter.or(new LikeFilter(COMMON_NAME, searchString));
    filter.or(new LikeFilter(MAIL_ID, searchString));
    // This field is optional to search based on. Only for alias emails.
    filter.or(new LikeFilter(ALIAS_EMAIL_ID, searchString));
    //List ldapUserList = template.search(ldapConfig.searchBase(), filter.encode(), attributes);
    SearchControls controls = new SearchControls();
    controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
    controls.setCountLimit(MAX_RESULTS);
    AttributesMapperCallbackHandler handler = getAttributesMapperCallbackHandler();
    for (BaseConfig baseConfig : ldapConfig.getBasesConfig()) {
        try {
            ldapTemplate.search(baseConfig.getValue(), filter.encode(), controls, handler);
        } catch (org.springframework.ldap.LimitExceededException e) {
            throw new NotAllResultsShownException(buildUserList(handler.getList()));
        }
    }
    return buildUserList(handler.getList());
}
Also used : LikeFilter(org.springframework.ldap.filter.LikeFilter) SearchControls(javax.naming.directory.SearchControls) OrFilter(org.springframework.ldap.filter.OrFilter) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) AttributesMapperCallbackHandler(org.springframework.ldap.core.AttributesMapperCallbackHandler)

Example 2 with AttributesMapperCallbackHandler

use of org.springframework.ldap.core.AttributesMapperCallbackHandler in project gocd by gocd.

the class LdapUserSearchTest method shouldFilterForMatchingUsernamesInMultipleBases.

@Test
public void shouldFilterForMatchingUsernamesInMultipleBases() throws Exception {
    AttributesMapperCallbackHandler handler = mock(AttributesMapperCallbackHandler.class);
    doReturn(handler).when(spy).getAttributesMapperCallbackHandler();
    when(handler.getList()).thenReturn(Arrays.asList());
    spy.search("username", ldapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2"))));
    verify(handler).getList();
    verify(ldapTemplate).search(argThat(is("base1")), anyString(), any(SearchControls.class), eq(handler));
    verify(ldapTemplate).search(argThat(is("base2")), anyString(), any(SearchControls.class), eq(handler));
}
Also used : SearchControls(javax.naming.directory.SearchControls) BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) AttributesMapperCallbackHandler(org.springframework.ldap.core.AttributesMapperCallbackHandler) Test(org.junit.Test)

Example 3 with AttributesMapperCallbackHandler

use of org.springframework.ldap.core.AttributesMapperCallbackHandler in project spring-security by spring-projects.

the class LdapUserDetailsManager method getUserAuthorities.

/**
 * @param dn the distinguished name of the entry - may be either relative to the base
 * context or a complete DN including the name of the context (either is supported).
 * @param username the user whose roles are required.
 * @return the granted authorities returned by the group search
 */
@SuppressWarnings("unchecked")
List<GrantedAuthority> getUserAuthorities(final DistinguishedName dn, final String username) {
    SearchExecutor se = (ctx) -> {
        DistinguishedName fullDn = LdapUtils.getFullDn(dn, ctx);
        SearchControls ctrls = new SearchControls();
        ctrls.setReturningAttributes(new String[] { this.groupRoleAttributeName });
        return ctx.search(this.groupSearchBase, this.groupSearchFilter, new String[] { fullDn.toUrl(), username }, ctrls);
    };
    AttributesMapperCallbackHandler roleCollector = new AttributesMapperCallbackHandler(this.roleMapper);
    this.template.search(se, roleCollector);
    return roleCollector.getList();
}
Also used : ModificationItem(javax.naming.directory.ModificationItem) Arrays(java.util.Arrays) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) UsernameNotFoundException(org.springframework.security.core.userdetails.UsernameNotFoundException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) ListIterator(java.util.ListIterator) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) ExtendedRequest(javax.naming.ldap.ExtendedRequest) LdapTemplate(org.springframework.ldap.core.LdapTemplate) ExtendedResponse(javax.naming.ldap.ExtendedResponse) SearchControls(javax.naming.directory.SearchControls) AttributesMapperCallbackHandler(org.springframework.ldap.core.AttributesMapperCallbackHandler) BasicAttribute(javax.naming.directory.BasicAttribute) LogMessage(org.springframework.core.log.LogMessage) Attribute(javax.naming.directory.Attribute) UserDetails(org.springframework.security.core.userdetails.UserDetails) Context(javax.naming.Context) DirContextAdapter(org.springframework.ldap.core.DirContextAdapter) SearchExecutor(org.springframework.ldap.core.SearchExecutor) LinkedList(java.util.LinkedList) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) NameNotFoundException(javax.naming.NameNotFoundException) LdapUtils(org.springframework.security.ldap.LdapUtils) ContextSource(org.springframework.ldap.core.ContextSource) Collection(java.util.Collection) UserDetailsManager(org.springframework.security.provisioning.UserDetailsManager) DirContext(javax.naming.directory.DirContext) IOException(java.io.IOException) DefaultLdapUsernameToDnMapper(org.springframework.security.ldap.DefaultLdapUsernameToDnMapper) GrantedAuthority(org.springframework.security.core.GrantedAuthority) List(java.util.List) AttributesMapper(org.springframework.ldap.core.AttributesMapper) Attributes(javax.naming.directory.Attributes) NamingEnumeration(javax.naming.NamingEnumeration) Log(org.apache.commons.logging.Log) LogFactory(org.apache.commons.logging.LogFactory) DistinguishedName(org.springframework.ldap.core.DistinguishedName) LdapContext(javax.naming.ldap.LdapContext) ContextExecutor(org.springframework.ldap.core.ContextExecutor) Authentication(org.springframework.security.core.Authentication) LdapUsernameToDnMapper(org.springframework.security.ldap.LdapUsernameToDnMapper) Assert(org.springframework.util.Assert) DistinguishedName(org.springframework.ldap.core.DistinguishedName) SearchControls(javax.naming.directory.SearchControls) SearchExecutor(org.springframework.ldap.core.SearchExecutor) AttributesMapperCallbackHandler(org.springframework.ldap.core.AttributesMapperCallbackHandler)

Aggregations

SearchControls (javax.naming.directory.SearchControls)3 AttributesMapperCallbackHandler (org.springframework.ldap.core.AttributesMapperCallbackHandler)3 BaseConfig (com.thoughtworks.go.config.server.security.ldap.BaseConfig)2 BasesConfig (com.thoughtworks.go.config.server.security.ldap.BasesConfig)1 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 IOException (java.io.IOException)1 Arrays (java.util.Arrays)1 Collection (java.util.Collection)1 LinkedList (java.util.LinkedList)1 List (java.util.List)1 ListIterator (java.util.ListIterator)1 Context (javax.naming.Context)1 NameNotFoundException (javax.naming.NameNotFoundException)1 NamingEnumeration (javax.naming.NamingEnumeration)1 Attribute (javax.naming.directory.Attribute)1 Attributes (javax.naming.directory.Attributes)1 BasicAttribute (javax.naming.directory.BasicAttribute)1 DirContext (javax.naming.directory.DirContext)1 ModificationItem (javax.naming.directory.ModificationItem)1 ExtendedRequest (javax.naming.ldap.ExtendedRequest)1