Examples with FilterBasedLdapUserSearch org.springframework.security.ldap.search.FilterBasedLdapUserSearch used on opensource projects

Search in sources :

Example 6 with FilterBasedLdapUserSearch

use of org.springframework.security.ldap.search.FilterBasedLdapUserSearch in project gocd by gocd.

the class LdapUserSearchTest method shouldNotLogWhenLastSearchBaseIsInvalidAndUserIsNotFound.

@Test
public void shouldNotLogWhenLastSearchBaseIsInvalidAndUserIsNotFound() {
    final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
    final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
    LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2")));
    doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
    doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
    RuntimeException runtimeException = new RuntimeException("Invalid search base");
    when(filter1.searchForUser("username")).thenThrow(new UsernameNotFoundException("User not found"));
    when(filter2.searchForUser("username")).thenThrow(runtimeException);
    thrown.expect(RuntimeException.class);
    spy.searchForUser("username");
    verify(logger, never()).warn(Matchers.<Object>any(), Matchers.<Throwable>any());
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) UsernameNotFoundException(org.springframework.security.userdetails.UsernameNotFoundException) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) Test(org.junit.Test)

Example 7 with FilterBasedLdapUserSearch

use of org.springframework.security.ldap.search.FilterBasedLdapUserSearch in project incubator-atlas by apache.

the class AtlasADAuthenticationProvider method getADBindAuthentication.

private Authentication getADBindAuthentication(Authentication authentication) {
    try {
        String userName = authentication.getName();
        String userPassword = "";
        if (authentication.getCredentials() != null) {
            userPassword = authentication.getCredentials().toString();
        }
        LdapContextSource ldapContextSource = new DefaultSpringSecurityContextSource(adURL);
        ldapContextSource.setUserDn(adBindDN);
        ldapContextSource.setPassword(adBindPassword);
        ldapContextSource.setReferral(adReferral);
        ldapContextSource.setCacheEnvironmentProperties(true);
        ldapContextSource.setAnonymousReadOnly(false);
        ldapContextSource.setPooled(true);
        ldapContextSource.afterPropertiesSet();
        if (adUserSearchFilter == null || adUserSearchFilter.trim().isEmpty()) {
            adUserSearchFilter = "(sAMAccountName={0})";
        }
        FilterBasedLdapUserSearch userSearch = new FilterBasedLdapUserSearch(adBase, adUserSearchFilter, ldapContextSource);
        userSearch.setSearchSubtree(true);
        BindAuthenticator bindAuthenticator = new BindAuthenticator(ldapContextSource);
        bindAuthenticator.setUserSearch(userSearch);
        bindAuthenticator.afterPropertiesSet();
        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);
        if (userName != null && userPassword != null && !userName.trim().isEmpty() && !userPassword.trim().isEmpty()) {
            final List<GrantedAuthority> grantedAuths = getAuthorities(userName);
            final UserDetails principal = new User(userName, userPassword, grantedAuths);
            final Authentication finalAuthentication = new UsernamePasswordAuthenticationToken(principal, userPassword, grantedAuths);
            authentication = ldapAuthenticationProvider.authenticate(finalAuthentication);
            if (groupsFromUGI) {
                authentication = getAuthenticationWithGrantedAuthorityFromUGI(authentication);
            }
            return authentication;
        } else {
            LOG.error("AD Authentication Failed userName or userPassword is null or empty");
            return null;
        }
    } catch (Exception e) {
        LOG.error("AD Authentication Failed:", e);
        return null;
    }
}
Also used : BindAuthenticator(org.springframework.security.ldap.authentication.BindAuthenticator) DefaultSpringSecurityContextSource(org.springframework.security.ldap.DefaultSpringSecurityContextSource) User(org.apache.atlas.web.model.User) LdapContextSource(org.springframework.ldap.core.support.LdapContextSource) GrantedAuthority(org.springframework.security.core.GrantedAuthority) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) UserDetails(org.springframework.security.core.userdetails.UserDetails) Authentication(org.springframework.security.core.Authentication) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) LdapAuthenticationProvider(org.springframework.security.ldap.authentication.LdapAuthenticationProvider) ActiveDirectoryLdapAuthenticationProvider(org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider)

Example 8 with FilterBasedLdapUserSearch

use of org.springframework.security.ldap.search.FilterBasedLdapUserSearch in project gocd by gocd.

the class LdapUserSearchTest method shouldNotLogWhenUserNameNotFoundExceptionIsThrown.

@Test
public void shouldNotLogWhenUserNameNotFoundExceptionIsThrown() {
    final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
    final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
    LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2")));
    DirContextOperations foundUser = mock(DirContextOperations.class);
    doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
    doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
    when(filter1.searchForUser("username")).thenThrow(new UsernameNotFoundException("User username not found in directory."));
    when(filter2.searchForUser("username")).thenReturn(foundUser);
    spy.searchForUser("username");
    verify(logger, never()).warn(Matchers.<Object>any(), Matchers.<Throwable>any());
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) UsernameNotFoundException(org.springframework.security.userdetails.UsernameNotFoundException) DirContextOperations(org.springframework.ldap.core.DirContextOperations) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) Test(org.junit.Test)

Example 9 with FilterBasedLdapUserSearch

use of org.springframework.security.ldap.search.FilterBasedLdapUserSearch in project gocd by gocd.

the class LdapUserSearchTest method shouldSkipInvalidSearchBaseWhenAuthenticating.

@Test
public void shouldSkipInvalidSearchBaseWhenAuthenticating() {
    final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
    final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
    LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2")));
    doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
    doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
    DirContextOperations foundUser = mock(DirContextOperations.class);
    when(filter1.searchForUser("username")).thenThrow(new RuntimeException("Invalid search base"));
    when(filter2.searchForUser("username")).thenReturn(foundUser);
    assertThat(spy.searchForUser("username"), is(foundUser));
    verify(filter1).searchForUser("username");
    verify(filter2).searchForUser("username");
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) DirContextOperations(org.springframework.ldap.core.DirContextOperations) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) Test(org.junit.Test)

Example 10 with FilterBasedLdapUserSearch

use of org.springframework.security.ldap.search.FilterBasedLdapUserSearch in project gocd by gocd.

the class LdapUserSearchTest method shouldLogErrorsForAllInvalidSearchBaseWhenAuthenticating.

@Test
public void shouldLogErrorsForAllInvalidSearchBaseWhenAuthenticating() {
    final FilterBasedLdapUserSearch filter1 = mock(FilterBasedLdapUserSearch.class);
    final FilterBasedLdapUserSearch filter2 = mock(FilterBasedLdapUserSearch.class);
    final FilterBasedLdapUserSearch filter3 = mock(FilterBasedLdapUserSearch.class);
    final FilterBasedLdapUserSearch filter4 = mock(FilterBasedLdapUserSearch.class);
    LdapConfig ldapConfig = setLdapConfig(new BasesConfig(new BaseConfig("base1"), new BaseConfig("base2"), new BaseConfig("base3"), new BaseConfig("base4")));
    doReturn(filter1).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(0).getValue(), ldapConfig.searchFilter());
    doReturn(filter2).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(1).getValue(), ldapConfig.searchFilter());
    doReturn(filter3).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(2).getValue(), ldapConfig.searchFilter());
    doReturn(filter4).when(spy).getFilterBasedLdapUserSearch(ldapConfig.getBasesConfig().get(3).getValue(), ldapConfig.searchFilter());
    DirContextOperations foundUser = mock(DirContextOperations.class);
    RuntimeException runtimeException = new RuntimeException("Invalid search base");
    when(filter1.searchForUser("username")).thenThrow(runtimeException);
    when(filter2.searchForUser("username")).thenThrow(new UsernameNotFoundException("User not found"));
    when(filter3.searchForUser("username")).thenThrow(runtimeException);
    when(filter4.searchForUser("username")).thenReturn(foundUser);
    assertThat(spy.searchForUser("username"), is(foundUser));
    verify(logger, times(1)).warn("The ldap configuration for search base 'base1' is invalid", runtimeException);
    verify(logger, times(1)).warn("The ldap configuration for search base 'base3' is invalid", runtimeException);
}
Also used : LdapConfig(com.thoughtworks.go.config.LdapConfig) UsernameNotFoundException(org.springframework.security.userdetails.UsernameNotFoundException) DirContextOperations(org.springframework.ldap.core.DirContextOperations) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) BasesConfig(com.thoughtworks.go.config.server.security.ldap.BasesConfig) BaseConfig(com.thoughtworks.go.config.server.security.ldap.BaseConfig) Test(org.junit.Test)

Aggregations

FilterBasedLdapUserSearch (org.springframework.security.ldap.search.FilterBasedLdapUserSearch)14 LdapConfig (com.thoughtworks.go.config.LdapConfig)11 BaseConfig (com.thoughtworks.go.config.server.security.ldap.BaseConfig)11 Test (org.junit.Test)11 BasesConfig (com.thoughtworks.go.config.server.security.ldap.BasesConfig)10 DirContextOperations (org.springframework.ldap.core.DirContextOperations)7 UsernameNotFoundException (org.springframework.security.userdetails.UsernameNotFoundException)7 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)3 User (org.apache.atlas.web.model.User)2 LdapContextSource (org.springframework.ldap.core.support.LdapContextSource)2 Authentication (org.springframework.security.core.Authentication)2 GrantedAuthority (org.springframework.security.core.GrantedAuthority)2 UserDetails (org.springframework.security.core.userdetails.UserDetails)2 BindAuthenticator (org.springframework.security.ldap.authentication.BindAuthenticator)2 LdapAuthenticationProvider (org.springframework.security.ldap.authentication.LdapAuthenticationProvider)2 SecurityConfig (com.thoughtworks.go.config.SecurityConfig)1 BadCredentialsException (org.springframework.security.BadCredentialsException)1 AuthenticationException (org.springframework.security.core.AuthenticationException)1 DefaultSpringSecurityContextSource (org.springframework.security.ldap.DefaultSpringSecurityContextSource)1 ActiveDirectoryLdapAuthenticationProvider (org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial