private ConnectorObject getObjectToAuthenticate() {
    final String uidAttribute = freeIPAConfiguration.getUidAttribute();
    Map<String, ConnectorObject> entryDN2Object = new HashMap<String, ConnectorObject>();

    final Attribute attr = AttributeBuilder.build(uidAttribute, username);

    for (ConnectorObject object :
        LdapSearches.findObjects(
            freeIPAConnection,
            objectClass,
            LDAPConstants.USERS_DN_BASE_SUFFIX + "," + freeIPAConfiguration.getRootSuffix(),
            attr,
            "entryDN")) {
      String entryDN = object.getAttributeByName("entryDN").getValue().get(0).toString();
      entryDN2Object.put(entryDN, object);
    }

    // If we found more than one authentication candidates, no need to continue
    if (entryDN2Object.size() > 1) {
      throw new ConnectorSecurityException(
          freeIPAConnection.format("moreThanOneEntryMatched", null, username));
    }

    return !entryDN2Object.isEmpty() ? entryDN2Object.values().iterator().next() : null;
  }
Ejemplo n.º 2
0
 private List<String> getBaseDNs() {
   List<String> result;
   QualifiedUid container = options.getContainer();
   if (container != null) {
     result =
         singletonList(
             LdapSearches.findEntryDN(conn, container.getObjectClass(), container.getUid()));
   } else {
     result = Arrays.asList(baseDNs);
   }
   assert result != null;
   return result;
 }