/* remove invalid entries...without hostmask or without logins */
private CopyOnWriteArrayList<AuthenticationInfo> cleanup(List<AuthenticationInfo> input) {
if (input == null || input.size() == 0) {
return null;
}
CopyOnWriteArrayList<AuthenticationInfo> ret = new CopyOnWriteArrayList<AuthenticationInfo>();
for (AuthenticationInfo item : input) {
if (StringUtils.isEmpty(item.getHostmask())) {
continue;
}
if (StringUtils.isEmpty(item.getPassword()) && StringUtils.isEmpty(item.getPassword())) {
continue;
}
ret.add(item);
}
return ret;
}
public void validate(Login login, String url) {
if (StringUtils.isEmpty(url)) {
return;
}
AuthenticationInfo.Type type = null;
if (url.startsWith("ftp")) {
type = Type.FTP;
} else if (url.startsWith("http")) {
type = Type.HTTP;
} else {
Log.L.info("Unknown Protocoll: " + url);
return;
}
String urlHost = Browser.getHost(url, true);
for (AuthenticationInfo info : list) {
if (!info.isEnabled()) {
continue;
}
String authHost = info.getHostmask();
if (info.getType().equals(type) && !StringUtils.isEmpty(authHost)) {
boolean contains = false;
if (authHost.length() > urlHost.length()) {
/* hostMask of AuthenticationInfo is longer */
contains = authHost.contains(urlHost);
} else {
/* hostMask of urlHost is longer */
contains = urlHost.contains(authHost);
}
if (contains) {
if (StringUtils.equals(info.getUsername(), login.getUsername())
&& StringUtils.equals(info.getPassword(), login.getPassword())) {
info.setLastValidated(System.currentTimeMillis());
}
}
}
}
}
public List<Login> getSortedLoginsList(String url) {
if (StringUtils.isEmpty(url)) {
return null;
}
AuthenticationInfo.Type type = null;
if (url.startsWith("ftp")) {
type = Type.FTP;
} else if (url.startsWith("http")) {
type = Type.HTTP;
} else {
Log.L.info("Unknown Protocoll: " + url);
return null;
}
final ArrayList<AuthenticationInfo> possibleInfos = new ArrayList<AuthenticationInfo>();
String urlHost = Browser.getHost(url, true);
for (AuthenticationInfo info : list) {
if (!info.isEnabled()) {
continue;
}
final String authHost = info.getHostmask();
if (info.getType().equals(type) && !StringUtils.isEmpty(authHost)) {
boolean contains = false;
if (authHost.length() > urlHost.length()) {
/* hostMask of AuthenticationInfo is longer */
contains = authHost.contains(urlHost);
} else {
/* hostMask of urlHost is longer */
contains = urlHost.contains(authHost);
}
if (contains) {
possibleInfos.add(info);
}
}
}
try {
Collections.sort(
possibleInfos,
new Comparator<AuthenticationInfo>() {
@Override
public int compare(AuthenticationInfo o1, AuthenticationInfo o2) {
int ret = Integer.compare(o2.getHostmask().length(), o1.getHostmask().length());
if (ret == 0) {
ret = Long.compare(o2.getLastValidated(), o1.getLastValidated());
}
if (ret == 0) {
ret = Long.compare(o2.getCreated(), o1.getCreated());
}
return ret;
}
});
} catch (Throwable e) {
logger.log(e);
}
final ArrayList<Login> ret = new ArrayList<Login>();
for (AuthenticationInfo info : possibleInfos) {
ret.add(new Login(info.getUsername(), info.getPassword()));
}
return ret;
}
/**
* Process this bind operation in a local backend.
*
* @param wfe The local backend work-flow element.
*/
public void processLocalBind(LocalBackendWorkflowElement wfe) {
this.backend = wfe.getBackend();
// Initialize a number of variables for use during the bind processing.
clientConnection = getClientConnection();
returnAuthzID = false;
executePostOpPlugins = false;
sizeLimit = DirectoryServer.getSizeLimit();
timeLimit = DirectoryServer.getTimeLimit();
lookthroughLimit = DirectoryServer.getLookthroughLimit();
idleTimeLimit = DirectoryServer.getIdleTimeLimit();
bindDN = getBindDN();
saslMechanism = getSASLMechanism();
authPolicyState = null;
pwPolicyErrorType = null;
pwPolicyControlRequested = false;
isGraceLogin = false;
isFirstWarning = false;
mustChangePassword = false;
pwPolicyWarningType = null;
pwPolicyWarningValue = -1;
pluginConfigManager = DirectoryServer.getPluginConfigManager();
processBind();
// Update the user's account with any password policy changes that may be
// required.
try {
if (authPolicyState != null) {
authPolicyState.finalizeStateAfterBind();
}
} catch (DirectoryException de) {
logger.traceException(de);
setResponseData(de);
}
// Invoke the post-operation bind plugins.
if (executePostOpPlugins) {
PluginResult.PostOperation postOpResult =
pluginConfigManager.invokePostOperationBindPlugins(this);
if (!postOpResult.continueProcessing()) {
setResultCode(postOpResult.getResultCode());
appendErrorMessage(postOpResult.getErrorMessage());
setMatchedDN(postOpResult.getMatchedDN());
setReferralURLs(postOpResult.getReferralURLs());
}
}
// Update the authentication information for the user.
AuthenticationInfo authInfo = getAuthenticationInfo();
if (getResultCode() == ResultCode.SUCCESS && authInfo != null) {
clientConnection.setAuthenticationInfo(authInfo);
clientConnection.setSizeLimit(sizeLimit);
clientConnection.setTimeLimit(timeLimit);
clientConnection.setIdleTimeLimit(idleTimeLimit);
clientConnection.setLookthroughLimit(lookthroughLimit);
clientConnection.setMustChangePassword(mustChangePassword);
if (returnAuthzID) {
addResponseControl(new AuthorizationIdentityResponseControl(authInfo.getAuthorizationDN()));
}
}
// See if we need to send a password policy control to the client. If so,
// then add it to the response.
if (getResultCode() == ResultCode.SUCCESS) {
if (pwPolicyControlRequested) {
PasswordPolicyResponseControl pwpControl =
new PasswordPolicyResponseControl(
pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType);
addResponseControl(pwpControl);
} else {
if (pwPolicyErrorType == PasswordPolicyErrorType.PASSWORD_EXPIRED) {
addResponseControl(new PasswordExpiredControl());
} else if (pwPolicyWarningType == PasswordPolicyWarningType.TIME_BEFORE_EXPIRATION) {
addResponseControl(new PasswordExpiringControl(pwPolicyWarningValue));
} else if (mustChangePassword) {
addResponseControl(new PasswordExpiredControl());
}
}
} else {
if (pwPolicyControlRequested) {
PasswordPolicyResponseControl pwpControl =
new PasswordPolicyResponseControl(
pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType);
addResponseControl(pwpControl);
} else {
if (pwPolicyErrorType == PasswordPolicyErrorType.PASSWORD_EXPIRED) {
addResponseControl(new PasswordExpiredControl());
}
}
}
}
