Example 1 with DirContextOperations
use of org.springframework.ldap.core.DirContextOperations in project opennms by OpenNMS.
the class KerberosServiceLdapAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
KerberosServiceRequestToken auth = (KerberosServiceRequestToken) authentication;
byte[] token = auth.getToken();
LOG.debug("Try to validate Kerberos Token");
KerberosTicketValidation ticketValidation = m_kerberosTicketValidator.validateTicket(token);
LOG.debug("Succesfully validated " + ticketValidation.username());
/*
* The incoming username will be in the form of a Kerberos user principal name,
* e.g. user@EXAMPLE.ORG. We typically need to strip off the realm name before
* doing any LDAP operations with the username.
*/
String validatedUsername = trimRealmFromUsername(ticketValidation.username());
DirContextOperations ldapUserEntry = m_ldapUserSearch.searchForUser(validatedUsername);
Collection<? extends GrantedAuthority> grantedAuthorities = m_ldapAuthoritiesPopulator.getGrantedAuthorities(ldapUserEntry, validatedUsername);
UserDetails userDetails = new User(validatedUsername, "notUsed", true, true, true, true, grantedAuthorities);
m_userDetailsChecker.check(userDetails);
additionalAuthenticationChecks(userDetails, auth);
KerberosServiceRequestToken responseAuth = new KerberosServiceRequestToken(userDetails, ticketValidation, userDetails.getAuthorities(), token);
return responseAuth;
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
User(org.springframework.security.core.userdetails.User)
DirContextOperations(org.springframework.ldap.core.DirContextOperations)
KerberosTicketValidation(org.springframework.security.kerberos.authentication.KerberosTicketValidation)
KerberosServiceRequestToken(org.springframework.security.kerberos.authentication.KerberosServiceRequestToken)
Example 2 with DirContextOperations
use of org.springframework.ldap.core.DirContextOperations in project perun by CESNET.
the class LdapConnectorImpl method updateUsersLibraryIds.
public void updateUsersLibraryIds(String userId, String[] libraryIDs) {
DirContextOperations context = ldapTemplate.lookupContext(getUserDN(userId));
context.setAttributeValues("libraryIDs", libraryIDs);
ldapTemplate.modifyAttributes(context);
log.debug("Entry modified in LDAP: UserId {}.", userId);
}
Also used :
DirContextOperations(org.springframework.ldap.core.DirContextOperations)
Example 3 with DirContextOperations
use of org.springframework.ldap.core.DirContextOperations in project perun by CESNET.
the class LdapConnectorImpl method updateUsersCertSubjects.
public void updateUsersCertSubjects(String userId, String[] certSubjects) {
DirContextOperations context = ldapTemplate.lookupContext(getUserDN(userId));
context.setAttributeValues("userCertificateSubject", certSubjects);
ldapTemplate.modifyAttributes(context);
log.debug("Entry modified in LDAP: UserId {}.", userId);
}
Also used :
DirContextOperations(org.springframework.ldap.core.DirContextOperations)
Example 4 with DirContextOperations
use of org.springframework.ldap.core.DirContextOperations in project gocd by gocd.
the class LdapUserSearchTest method shouldLogErrorsDueToInvalidSearchBaseWhenAuthenticating.
@Test
public void shouldLogErrorsDueToInvalidSearchBaseWhenAuthenticating() {
final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2")));
doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
DirContextOperations foundUser = mock(DirContextOperations.class);
RuntimeException runtimeException = new RuntimeException("Invalid search base");
when(filter1.searchForUser("username")).thenThrow(runtimeException);
when(filter2.searchForUser("username")).thenReturn(foundUser);
assertThat(spy.searchForUser("username"), is(foundUser));
verify(filter1).searchForUser("username");
verify(filter2).searchForUser("username");
verify(logger).warn("The ldap configuration for search base 'base1' is invalid", runtimeException);
}
Also used :
LdapConfig(com.thoughtworks.go.config.LdapConfig)
DirContextOperations(org.springframework.ldap.core.DirContextOperations)
FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch)
BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig)
BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig)
Test(org.junit.Test)
Example 5 with DirContextOperations
use of org.springframework.ldap.core.DirContextOperations in project gocd by gocd.
the class LdapUserSearchTest method shouldReturnUserFoundInSecondSearchBase.
@Test
public void shouldReturnUserFoundInSecondSearchBase() {
final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2")));
doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
when(filter1.searchForUser("username")).thenThrow(new UsernameNotFoundException("User username not found in directory."));
DirContextOperations foundUser = mock(DirContextOperations.class);
when(filter2.searchForUser("username")).thenReturn(foundUser);
assertThat(spy.searchForUser("username"), is(foundUser));
verify(filter1).searchForUser("username");
verify(filter2).searchForUser("username");
}
Also used :
LdapConfig(com.thoughtworks.go.config.LdapConfig)
UsernameNotFoundException(org.springframework.security.userdetails.UsernameNotFoundException)
DirContextOperations(org.springframework.ldap.core.DirContextOperations)
FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch)
BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig)
BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig)
Test(org.junit.Test)
Aggregations
DirContextOperations (org.springframework.ldap.core.DirContextOperations)88
Name (javax.naming.Name)20
Test (org.junit.jupiter.api.Test)13
Test (org.junit.Test)9
UserDetails (org.springframework.security.core.userdetails.UserDetails)9
HashSet (java.util.HashSet)8
DirContextAdapter (org.springframework.ldap.core.DirContextAdapter)8
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)8
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)7
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)7
FilterBasedLdapUserSearch (org.springframework.security.ldap.search.FilterBasedLdapUserSearch)7
LdapConfig (com.thoughtworks.go.config.LdapConfig)6
BaseConfig (com.thoughtworks.go.config.server.security.ldap.BaseConfig)6
BasesConfig (com.thoughtworks.go.config.server.security.ldap.BasesConfig)6
Set (java.util.Set)6
NameNotFoundException (org.springframework.ldap.NameNotFoundException)6
ArrayList (java.util.ArrayList)5
List (java.util.List)5
GrantedAuthority (org.springframework.security.core.GrantedAuthority)5
PerunAttribute (cz.metacentrum.perun.ldapc.model.PerunAttribute)4
