Search in sources :

Example 1 with BaseLdapPathContextSource

use of org.springframework.ldap.core.support.BaseLdapPathContextSource in project spring-security by spring-projects.

the class PasswordComparisonAuthenticatorMockTests method ldapCompareOperationIsUsedWhenPasswordIsNotRetrieved.

@Test
public void ldapCompareOperationIsUsedWhenPasswordIsNotRetrieved() throws Exception {
    final DirContext dirCtx = mock(DirContext.class);
    final BaseLdapPathContextSource source = mock(BaseLdapPathContextSource.class);
    final BasicAttributes attrs = new BasicAttributes();
    attrs.put(new BasicAttribute("uid", "bob"));
    PasswordComparisonAuthenticator authenticator = new PasswordComparisonAuthenticator(source);
    authenticator.setUserDnPatterns(new String[] { "cn={0},ou=people" });
    // Get the mock to return an empty attribute set
    given(source.getReadOnlyContext()).willReturn(dirCtx);
    given(dirCtx.getAttributes(eq("cn=Bob,ou=people"), any(String[].class))).willReturn(attrs);
    given(dirCtx.getNameInNamespace()).willReturn("dc=springframework,dc=org");
    // Setup a single return value (i.e. success)
    final NamingEnumeration searchResults = new BasicAttributes("", null).getAll();
    given(dirCtx.search(eq("cn=Bob,ou=people"), eq("(userPassword={0})"), any(Object[].class), any(SearchControls.class))).willReturn(searchResults);
    authenticator.authenticate(new UsernamePasswordAuthenticationToken("Bob", "bobspassword"));
}
Also used : BasicAttribute(javax.naming.directory.BasicAttribute) BasicAttributes(javax.naming.directory.BasicAttributes) BaseLdapPathContextSource(org.springframework.ldap.core.support.BaseLdapPathContextSource) NamingEnumeration(javax.naming.NamingEnumeration) SearchControls(javax.naming.directory.SearchControls) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) DirContext(javax.naming.directory.DirContext) Test(org.junit.jupiter.api.Test)

Example 2 with BaseLdapPathContextSource

use of org.springframework.ldap.core.support.BaseLdapPathContextSource in project spring-security by spring-projects.

the class BindAuthenticator method bindWithDn.

private DirContextOperations bindWithDn(String userDnStr, String username, String password, Attributes attrs) {
    BaseLdapPathContextSource ctxSource = (BaseLdapPathContextSource) getContextSource();
    DistinguishedName userDn = new DistinguishedName(userDnStr);
    DistinguishedName fullDn = new DistinguishedName(userDn);
    fullDn.prepend(ctxSource.getBaseLdapPath());
    logger.trace(LogMessage.format("Attempting to bind as %s", fullDn));
    DirContext ctx = null;
    try {
        ctx = getContextSource().getContext(fullDn.toString(), password);
        // Check for password policy control
        PasswordPolicyControl ppolicy = PasswordPolicyControlExtractor.extractControl(ctx);
        if (attrs == null || attrs.size() == 0) {
            attrs = ctx.getAttributes(userDn, getUserAttributes());
        }
        DirContextAdapter result = new DirContextAdapter(attrs, userDn, ctxSource.getBaseLdapPath());
        if (ppolicy != null) {
            result.setAttributeValue(ppolicy.getID(), ppolicy);
        }
        logger.debug(LogMessage.format("Bound %s", fullDn));
        return result;
    } catch (NamingException ex) {
        // unless a subclass wishes to implement more specialized behaviour.
        if ((ex instanceof org.springframework.ldap.AuthenticationException) || (ex instanceof org.springframework.ldap.OperationNotSupportedException)) {
            handleBindException(userDnStr, username, ex);
        } else {
            throw ex;
        }
    } catch (javax.naming.NamingException ex) {
        throw LdapUtils.convertLdapException(ex);
    } finally {
        LdapUtils.closeContext(ctx);
    }
    return null;
}
Also used : DistinguishedName(org.springframework.ldap.core.DistinguishedName) BaseLdapPathContextSource(org.springframework.ldap.core.support.BaseLdapPathContextSource) PasswordPolicyControl(org.springframework.security.ldap.ppolicy.PasswordPolicyControl) DirContextAdapter(org.springframework.ldap.core.DirContextAdapter) NamingException(org.springframework.ldap.NamingException) DirContext(javax.naming.directory.DirContext)

Example 3 with BaseLdapPathContextSource

use of org.springframework.ldap.core.support.BaseLdapPathContextSource in project gravitee-management-rest-api by gravitee-io.

the class LdapAuthenticationProviderConfigurer method build.

private LdapAuthenticationProvider build() throws Exception {
    BaseLdapPathContextSource contextSource = getContextSource();
    LdapAuthenticator ldapAuthenticator = createLdapAuthenticator(contextSource);
    LdapAuthoritiesPopulator authoritiesPopulator = getLdapAuthoritiesPopulator();
    LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProviderProxy(ldapAuthenticator, authoritiesPopulator);
    SimpleAuthorityMapper simpleAuthorityMapper = new SimpleAuthorityMapper();
    simpleAuthorityMapper.setPrefix(rolePrefix);
    simpleAuthorityMapper.afterPropertiesSet();
    ldapAuthenticationProvider.setAuthoritiesMapper(simpleAuthorityMapper);
    if (userDetailsContextMapper != null) {
        ldapAuthenticationProvider.setUserDetailsContextMapper(userDetailsContextMapper);
    }
    return ldapAuthenticationProvider;
}
Also used : BaseLdapPathContextSource(org.springframework.ldap.core.support.BaseLdapPathContextSource) SimpleAuthorityMapper(org.springframework.security.core.authority.mapping.SimpleAuthorityMapper) LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider)

Example 4 with BaseLdapPathContextSource

use of org.springframework.ldap.core.support.BaseLdapPathContextSource in project spring-security by spring-projects.

the class LdapAuthenticationProviderConfigurer method build.

private LdapAuthenticationProvider build() throws Exception {
    BaseLdapPathContextSource contextSource = getContextSource();
    LdapAuthenticator ldapAuthenticator = createLdapAuthenticator(contextSource);
    LdapAuthoritiesPopulator authoritiesPopulator = getLdapAuthoritiesPopulator();
    LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(ldapAuthenticator, authoritiesPopulator);
    ldapAuthenticationProvider.setAuthoritiesMapper(getAuthoritiesMapper());
    if (this.userDetailsContextMapper != null) {
        ldapAuthenticationProvider.setUserDetailsContextMapper(this.userDetailsContextMapper);
    }
    return ldapAuthenticationProvider;
}
Also used : LdapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator) DefaultLdapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator) BaseLdapPathContextSource(org.springframework.ldap.core.support.BaseLdapPathContextSource) LdapAuthenticator(org.springframework.security.ldap.authentication.LdapAuthenticator) AbstractLdapAuthenticator(org.springframework.security.ldap.authentication.AbstractLdapAuthenticator) LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider)

Aggregations

BaseLdapPathContextSource (org.springframework.ldap.core.support.BaseLdapPathContextSource)4 DirContext (javax.naming.directory.DirContext)2 LdapAuthenticationProvider (org.springframework.security.ldap.authentication.LdapAuthenticationProvider)2 NamingEnumeration (javax.naming.NamingEnumeration)1 BasicAttribute (javax.naming.directory.BasicAttribute)1 BasicAttributes (javax.naming.directory.BasicAttributes)1 SearchControls (javax.naming.directory.SearchControls)1 Test (org.junit.jupiter.api.Test)1 NamingException (org.springframework.ldap.NamingException)1 DirContextAdapter (org.springframework.ldap.core.DirContextAdapter)1 DistinguishedName (org.springframework.ldap.core.DistinguishedName)1 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1 SimpleAuthorityMapper (org.springframework.security.core.authority.mapping.SimpleAuthorityMapper)1 AbstractLdapAuthenticator (org.springframework.security.ldap.authentication.AbstractLdapAuthenticator)1 LdapAuthenticator (org.springframework.security.ldap.authentication.LdapAuthenticator)1 PasswordPolicyControl (org.springframework.security.ldap.ppolicy.PasswordPolicyControl)1 DefaultLdapAuthoritiesPopulator (org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator)1 LdapAuthoritiesPopulator (org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator)1