Beispiel #1
0
  @Test
  public void testgetParent() throws InvalidNameException {
    Name name = new LdapName("cn=test,ou=personnes,o=foo,c=bar");

    Name parent = LdapUtils.getDistinguishedNameParent(name);

    Assert.assertEquals(new LdapName("ou=personnes,o=foo,c=bar"), parent);

    Name c = LdapUtils.getDistinguishedNamePrefix(name, "c");

    Name o = LdapUtils.getDistinguishedNamePrefix(name, "o");

    Name ou = LdapUtils.getDistinguishedNamePrefix(name, "ou");

    Name cn = LdapUtils.getDistinguishedNamePrefix(name, "cn");

    Name x = LdapUtils.getDistinguishedNamePrefix(name, "x");

    Assert.assertEquals(new LdapName("c=bar"), c);

    Assert.assertEquals(new LdapName("o=foo,c=bar"), o);

    Assert.assertEquals(new LdapName("ou=personnes,o=foo,c=bar"), ou);

    Assert.assertEquals(name, cn);

    Assert.assertNull(x);

    Assert.assertEquals(
        new LdapName("ou=structures,o=foo,c=bar"), o.addAll(new LdapName("ou=structures")));
  }
Beispiel #2
0
  /**
   * Join two names together. These are treated as CompoundNames.
   *
   * @param name a <code>Name</code> value
   * @param prefix a <code>Name</code> value
   * @return a <code>Name</code> value
   * @exception NamingException if an error occurs
   */
  public Name composeName(Name name, Name prefix) throws NamingException {
    if (name == null) throw new NamingException("Name cannot be null");
    if (prefix == null) throw new NamingException("Prefix cannot be null");

    Name compoundName = (CompoundName) prefix.clone();
    compoundName.addAll(name);
    return compoundName;
  }
Beispiel #3
0
  /**
   * Save the NamingEntry for later use.
   *
   * <p>Saving is done by binding the NamingEntry itself, and the value it represents into JNDI. In
   * this way, we can link to the value it represents later, but also still retrieve the NamingEntry
   * itself too.
   *
   * <p>The object is bound at the jndiName passed in. This NamingEntry is bound at __/jndiName.
   *
   * <p>eg
   *
   * <p>jdbc/foo : DataSource __/jdbc/foo : NamingEntry
   *
   * @throws NamingException
   */
  protected void save(Object object) throws NamingException {
    __log.debug("SAVE {} in {}", this, _scope);
    InitialContext ic = new InitialContext();
    NameParser parser = ic.getNameParser("");
    Name prefix = NamingEntryUtil.getNameForScope(_scope);

    // bind the NamingEntry into the context
    Name namingEntryName = NamingEntryUtil.makeNamingEntryName(parser, getJndiName());
    namingEntryName.addAll(0, prefix);
    _namingEntryNameString = namingEntryName.toString();
    NamingUtil.bind(ic, _namingEntryNameString, this);

    // bind the object as well
    Name objectName = parser.parse(getJndiName());
    objectName.addAll(0, prefix);
    _objectNameString = objectName.toString();
    NamingUtil.bind(ic, _objectNameString, object);
  }
Beispiel #4
0
  public void appendRemainingName(Name name)
  {
    try
      {
	remainingName.addAll(name);
      }
    catch (InvalidNameException _)
      {
      }
  }
 public Name composeName(Name name, Name prefix) throws NamingException {
   final Name result = (Name) prefix.clone();
   result.addAll(name);
   return result;
 }
Beispiel #6
0
 public Name composeName(Name suffix, Name prefix) throws NamingException {
   if (suffix == null) throw new NamingException(L.l("suffix cannot be null"));
   else if (prefix == null) throw new NamingException(L.l("prefix cannot be null"));
   else return prefix.addAll(suffix);
 }
Beispiel #7
0
 @Override
 public Name composeName(Name name, Name prefix) throws NamingException {
   Name result = (Name) (prefix.clone());
   result.addAll(name);
   return result;
 }
  protected boolean authenticate(String username, String password) throws LoginException {

    MessageFormat userSearchMatchingFormat;
    boolean userSearchSubtreeBool;

    DirContext context = null;

    if (ActiveMQServerLogger.LOGGER.isDebugEnabled()) {
      ActiveMQServerLogger.LOGGER.debug("Create the LDAP initial context.");
    }
    try {
      context = open();
    } catch (NamingException ne) {
      FailedLoginException ex = new FailedLoginException("Error opening LDAP connection");
      ex.initCause(ne);
      throw ex;
    }

    if (!isLoginPropertySet(USER_SEARCH_MATCHING)) return false;

    userSearchMatchingFormat = new MessageFormat(getLDAPPropertyValue(USER_SEARCH_MATCHING));
    userSearchSubtreeBool =
        Boolean.valueOf(getLDAPPropertyValue(USER_SEARCH_SUBTREE)).booleanValue();

    try {

      String filter = userSearchMatchingFormat.format(new String[] {doRFC2254Encoding(username)});
      SearchControls constraints = new SearchControls();
      if (userSearchSubtreeBool) {
        constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
      } else {
        constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
      }

      // setup attributes
      List<String> list = new ArrayList<String>();
      if (isLoginPropertySet(USER_ROLE_NAME)) {
        list.add(getLDAPPropertyValue(USER_ROLE_NAME));
      }
      String[] attribs = new String[list.size()];
      list.toArray(attribs);
      constraints.setReturningAttributes(attribs);

      if (ActiveMQServerLogger.LOGGER.isDebugEnabled()) {
        ActiveMQServerLogger.LOGGER.debug("Get the user DN.");
        ActiveMQServerLogger.LOGGER.debug("Looking for the user in LDAP with ");
        ActiveMQServerLogger.LOGGER.debug("  base DN: " + getLDAPPropertyValue(USER_BASE));
        ActiveMQServerLogger.LOGGER.debug("  filter: " + filter);
      }

      NamingEnumeration<SearchResult> results =
          context.search(getLDAPPropertyValue(USER_BASE), filter, constraints);

      if (results == null || !results.hasMore()) {
        ActiveMQServerLogger.LOGGER.warn("User " + username + " not found in LDAP.");
        throw new FailedLoginException("User " + username + " not found in LDAP.");
      }

      SearchResult result = results.next();

      if (results.hasMore()) {
        // ignore for now
      }

      String dn;
      if (result.isRelative()) {
        ActiveMQServerLogger.LOGGER.debug("LDAP returned a relative name: " + result.getName());

        NameParser parser = context.getNameParser("");
        Name contextName = parser.parse(context.getNameInNamespace());
        Name baseName = parser.parse(getLDAPPropertyValue(USER_BASE));
        Name entryName = parser.parse(result.getName());
        Name name = contextName.addAll(baseName);
        name = name.addAll(entryName);
        dn = name.toString();
      } else {
        ActiveMQServerLogger.LOGGER.debug("LDAP returned an absolute name: " + result.getName());

        try {
          URI uri = new URI(result.getName());
          String path = uri.getPath();

          if (path.startsWith("/")) {
            dn = path.substring(1);
          } else {
            dn = path;
          }
        } catch (URISyntaxException e) {
          if (context != null) {
            close(context);
          }
          FailedLoginException ex = new FailedLoginException("Error parsing absolute name as URI.");
          ex.initCause(e);
          throw ex;
        }
      }

      if (ActiveMQServerLogger.LOGGER.isDebugEnabled()) {
        ActiveMQServerLogger.LOGGER.debug("Using DN [" + dn + "] for binding.");
      }

      Attributes attrs = result.getAttributes();
      if (attrs == null) {
        throw new FailedLoginException("User found, but LDAP entry malformed: " + username);
      }
      List<String> roles = null;
      if (isLoginPropertySet(USER_ROLE_NAME)) {
        roles = addAttributeValues(getLDAPPropertyValue(USER_ROLE_NAME), attrs, roles);
      }

      // check the credentials by binding to server
      if (bindUser(context, dn, password)) {
        // if authenticated add more roles
        roles = getRoles(context, dn, username, roles);
        if (ActiveMQServerLogger.LOGGER.isDebugEnabled()) {
          ActiveMQServerLogger.LOGGER.debug("Roles " + roles + " for user " + username);
        }
        for (int i = 0; i < roles.size(); i++) {
          groups.add(new RolePrincipal(roles.get(i)));
        }
      } else {
        throw new FailedLoginException("Password does not match for user: "******"Error contacting LDAP");
      ex.initCause(e);
      throw ex;
    } catch (NamingException e) {
      if (context != null) {
        close(context);
      }
      FailedLoginException ex = new FailedLoginException("Error contacting LDAP");
      ex.initCause(e);
      throw ex;
    }

    return true;
  }
 /**
  * Composes the name of this context with a name relative to this context.
  *
  * <p>Given a name (name) relative to this context, and the name (prefix) of this context relative
  * to one of its ancestors, this method returns the composition of the two names using the syntax
  * appropriate for the naming system(s) involved. That is, if name names an object relative to
  * this context, the result is the name of the same object, but relative to the ancestor context.
  * None of the names may be null.
  *
  * @param name a name relative to this context
  * @param prefix the name of this context relative to one of its ancestors
  * @return the composition of prefix and name
  * @exception NamingException if a naming exception is encountered
  */
 @Override
 public Name composeName(Name name, Name prefix) throws NamingException {
   prefix = (Name) prefix.clone();
   return prefix.addAll(name);
 }
Beispiel #10
0
 /** {@inheritDoc} */
 public Name composeName(Name name, Name prefix) throws NamingException {
   Name newName = (Name) prefix.clone();
   return newName.addAll(name);
 }