Examples with LdapUserSearch - org.springframework.security.ldap.search.LdapUserSearch

Example 1 with LdapUserSearch

use of org.springframework.security.ldap.search.LdapUserSearch in project pentaho-platform by pentaho.

the class DefaultLdapUserRoleListServiceTest method testGetAuthoritiesForUser2.

/**
 * Get the roles of user <code>suzy</code> by returning the <code>cn</code> attribute of each object that matches base
 * of <code>ou=roles</code> and filter of <code>(roleOccupant={0})</code>.
 *
 * <p>
 * Note that the UserDetailsService used by Spring Security is re-used here.
 * </p>
 */
@Test
public void testGetAuthoritiesForUser2() {
    // $NON-NLS-1$
    DefaultLdapAuthoritiesPopulator populator = new DefaultLdapAuthoritiesPopulator(getContextSource(), "ou=roles");
    // $NON-NLS-1$
    populator.setGroupRoleAttribute("cn");
    // $NON-NLS-1$
    populator.setGroupSearchFilter("(roleOccupant={0})");
    // $NON-NLS-1$//$NON-NLS-2$
    LdapUserSearch userSearch = getUserSearch("ou=users", "(uid={0})");
    LdapUserDetailsService service = new LdapUserDetailsService(userSearch, populator);
    DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
    userRoleListService.setUserDetailsService(service);
    // $NON-NLS-1$
    List res = userRoleListService.getRolesForUser(null, "suzy");
    // $NON-NLS-1$
    assertTrue(res.contains("ROLE_IS"));
    if (logger.isDebugEnabled()) {
        // $NON-NLS-1$
        logger.debug("results of getAuthoritiesForUser2(): " + res);
    }
}

Also used : LdapUserDetailsService(org.springframework.security.ldap.userdetails.LdapUserDetailsService) DefaultLdapUserRoleListService(org.pentaho.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListService) DefaultLdapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator) ArrayList(java.util.ArrayList) SearchResultToAttrValueList(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList) List(java.util.List) LdapUserSearch(org.springframework.security.ldap.search.LdapUserSearch) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) Test(org.junit.Test)

Example 2 with LdapUserSearch

use of org.springframework.security.ldap.search.LdapUserSearch in project pentaho-platform by pentaho.

the class DefaultLdapUserRoleListServiceTest method testGetAuthoritiesForUser1.

/**
 * Get the roles of user <code>suzy</code> by extracting the <code>cn</code> token from the <code>uniqueMember</code>
 * attribute of the object that matches base of <code>ou=users</code> and filter of <code>(uid={0})</code>.
 *
 * <p>
 * Note that the UserDetailsService used by Spring Security is re-used here.
 * </p>
 *
 * @throws Exception
 */
@Test
public void testGetAuthoritiesForUser1() throws Exception {
    // $NON-NLS-1$//$NON-NLS-2$
    LdapUserSearch userSearch = getUserSearch("ou=users", "(uid={0})");
    LdapUserDetailsService service = new LdapUserDetailsService(userSearch, new NoOpLdapAuthoritiesPopulator());
    RolePreprocessingMapper mapper = new RolePreprocessingMapper();
    // $NON-NLS-1$
    mapper.setRoleAttributes(new String[] { "uniqueMember" });
    // $NON-NLS-1$
    mapper.setTokenName("cn");
    service.setUserDetailsMapper(mapper);
    DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
    userRoleListService.setUserDetailsService(service);
    // $NON-NLS-1$
    List res = userRoleListService.getRolesForUser(null, "suzy");
    // $NON-NLS-1$
    assertTrue(res.contains("ROLE_A"));
    if (logger.isDebugEnabled()) {
        // $NON-NLS-1$
        logger.debug("results of getAuthoritiesForUser1(): " + res);
    }
}

Also used : LdapUserDetailsService(org.springframework.security.ldap.userdetails.LdapUserDetailsService) DefaultLdapUserRoleListService(org.pentaho.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListService) NoOpLdapAuthoritiesPopulator(org.pentaho.platform.plugin.services.security.userrole.ldap.NoOpLdapAuthoritiesPopulator) RolePreprocessingMapper(org.pentaho.platform.plugin.services.security.userrole.ldap.RolePreprocessingMapper) ArrayList(java.util.ArrayList) SearchResultToAttrValueList(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList) List(java.util.List) LdapUserSearch(org.springframework.security.ldap.search.LdapUserSearch) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) Test(org.junit.Test)

Example 3 with LdapUserSearch

use of org.springframework.security.ldap.search.LdapUserSearch in project pentaho-platform by pentaho.

the class DefaultLdapUserRoleListServiceTest method testGetAuthoritiesForUser1ForTenant.

@Test
public void testGetAuthoritiesForUser1ForTenant() throws Exception {
    ITenant defaultTenant = new Tenant("/pentaho/tenant0", true);
    login("suzy", defaultTenant);
    // $NON-NLS-1$//$NON-NLS-2$
    LdapUserSearch userSearch = getUserSearch("ou=users", "(uid={0})");
    LdapUserDetailsService service = new LdapUserDetailsService(userSearch, new NoOpLdapAuthoritiesPopulator());
    RolePreprocessingMapper mapper = new RolePreprocessingMapper();
    // $NON-NLS-1$
    mapper.setRoleAttributes(new String[] { "uniqueMember" });
    // $NON-NLS-1$
    mapper.setTokenName("cn");
    service.setUserDetailsMapper(mapper);
    DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
    userRoleListService.setUserDetailsService(service);
    // $NON-NLS-1$
    List res = userRoleListService.getRolesForUser(defaultTenant, "suzy");
    // $NON-NLS-1$
    assertTrue(res.contains("ROLE_A"));
    if (logger.isDebugEnabled()) {
        // $NON-NLS-1$
        logger.debug("results of getAuthoritiesForUser1(): " + res);
    }
    try {
        userRoleListService.getRolesForUser(new Tenant("/pentaho", true), "suzy");
    } catch (UnsupportedOperationException uoe) {
        assertNotNull(uoe);
    }
}

Also used : LdapUserDetailsService(org.springframework.security.ldap.userdetails.LdapUserDetailsService) DefaultLdapUserRoleListService(org.pentaho.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListService) ITenant(org.pentaho.platform.api.mt.ITenant) Tenant(org.pentaho.platform.core.mt.Tenant) ITenant(org.pentaho.platform.api.mt.ITenant) NoOpLdapAuthoritiesPopulator(org.pentaho.platform.plugin.services.security.userrole.ldap.NoOpLdapAuthoritiesPopulator) RolePreprocessingMapper(org.pentaho.platform.plugin.services.security.userrole.ldap.RolePreprocessingMapper) ArrayList(java.util.ArrayList) SearchResultToAttrValueList(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList) List(java.util.List) LdapUserSearch(org.springframework.security.ldap.search.LdapUserSearch) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) Test(org.junit.Test)

Example 4 with LdapUserSearch

use of org.springframework.security.ldap.search.LdapUserSearch in project pentaho-platform by pentaho.

the class DefaultLdapUserRoleListServiceTest method testGetAuthoritiesForUser2Sorted.

/**
 * Same as above except sorted.
 */
@Test
public void testGetAuthoritiesForUser2Sorted() {
    // $NON-NLS-1$
    DefaultLdapAuthoritiesPopulator populator = new DefaultLdapAuthoritiesPopulator(getContextSource(), "ou=roles");
    // $NON-NLS-1$
    populator.setGroupRoleAttribute("cn");
    // $NON-NLS-1$
    populator.setGroupSearchFilter("(roleOccupant={0})");
    // $NON-NLS-1$//$NON-NLS-2$
    LdapUserSearch userSearch = getUserSearch("ou=users", "(uid={0})");
    LdapUserDetailsService service = new LdapUserDetailsService(userSearch, populator);
    DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService();
    userRoleListService.setUserDetailsService(service);
    userRoleListService.setRoleComparator(new DefaultRoleComparator());
    // $NON-NLS-1$
    List res = userRoleListService.getRolesForUser(null, "suzy");
    // $NON-NLS-1$
    assertTrue(res.contains("ROLE_POWER_USER"));
    if (logger.isDebugEnabled()) {
        // $NON-NLS-1$
        logger.debug("results of getAuthoritiesForUser2Sorted(): " + res);
    }
}

Also used : LdapUserDetailsService(org.springframework.security.ldap.userdetails.LdapUserDetailsService) DefaultLdapUserRoleListService(org.pentaho.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListService) DefaultRoleComparator(org.pentaho.platform.engine.security.DefaultRoleComparator) DefaultLdapAuthoritiesPopulator(org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator) ArrayList(java.util.ArrayList) SearchResultToAttrValueList(org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList) List(java.util.List) LdapUserSearch(org.springframework.security.ldap.search.LdapUserSearch) FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) Test(org.junit.Test)

Example 5 with LdapUserSearch

use of org.springframework.security.ldap.search.LdapUserSearch in project gravitee-management-rest-api by gravitee-io.

the class LdapAuthenticationProviderConfigurer method createLdapAuthenticator.

/**
 * Creates the {@link LdapAuthenticator} to use
 *
 * @param contextSource the {@link BaseLdapPathContextSource} to use
 * @return the {@link LdapAuthenticator} to use
 */
private LdapAuthenticator createLdapAuthenticator(BaseLdapPathContextSource contextSource) {
    AbstractLdapAuthenticator ldapAuthenticator = passwordEncoder == null ? createBindAuthenticator(contextSource) : createPasswordCompareAuthenticator(contextSource);
    LdapUserSearch userSearch = createUserSearch();
    if (userSearch != null) {
        ldapAuthenticator.setUserSearch(userSearch);
    }
    if (userDnPatterns != null && userDnPatterns.length > 0) {
        ldapAuthenticator.setUserDnPatterns(userDnPatterns);
    }
    return postProcess(ldapAuthenticator);
}

Also used : FilterBasedLdapUserSearch(org.springframework.security.ldap.search.FilterBasedLdapUserSearch) LdapUserSearch(org.springframework.security.ldap.search.LdapUserSearch)

Aggregations

FilterBasedLdapUserSearch (org.springframework.security.ldap.search.FilterBasedLdapUserSearch)9 LdapUserSearch (org.springframework.security.ldap.search.LdapUserSearch)9 ArrayList (java.util.ArrayList)4 List (java.util.List)4 Test (org.junit.Test)4 DefaultLdapUserRoleListService (org.pentaho.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListService)4 SearchResultToAttrValueList (org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList)4 LdapUserDetailsService (org.springframework.security.ldap.userdetails.LdapUserDetailsService)4 IOException (java.io.IOException)2 KeyManagementException (java.security.KeyManagementException)2 KeyStoreException (java.security.KeyStoreException)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 UnrecoverableKeyException (java.security.UnrecoverableKeyException)2 CertificateException (java.security.cert.CertificateException)2 HashMap (java.util.HashMap)2 SSLContext (javax.net.ssl.SSLContext)2 NoOpLdapAuthoritiesPopulator (org.pentaho.platform.plugin.services.security.userrole.ldap.NoOpLdapAuthoritiesPopulator)2 RolePreprocessingMapper (org.pentaho.platform.plugin.services.security.userrole.ldap.RolePreprocessingMapper)2 AuthenticationException (org.springframework.ldap.AuthenticationException)2 AbstractTlsDirContextAuthenticationStrategy (org.springframework.ldap.core.support.AbstractTlsDirContextAuthenticationStrategy)2