static boolean checkMatchingSearchResult(
      NamingEnumeration<SearchResult> result, String attrName, Object expValue)
      throws NamingException {
    while ((result != null) && result.hasMore()) {
      SearchResult sr = result.nextElement();
      Attributes attrs = sr.getAttributes();

      NamingEnumeration<? extends Attribute> attrVals = attrs.getAll();
      try {
        while ((attrVals != null) && attrVals.hasMore()) {
          Attribute a = attrVals.next();
          String attrID = a.getID();
          if (!attrName.equalsIgnoreCase(attrID)) {
            continue;
          }

          Object attrVal = a.get();
          if (expValue.equals(attrVal)) {
            return true;
          }
        }
      } finally {
        if (attrVals != null) {
          attrVals.close();
        }
      }
    }

    return false;
  }
Esempio n. 2
0
  private Object getResults(Attribute attr, Object obj) {
    try {
      String name = attr.getID().toString();
      String Value = attr.get().toString();
      Class class1 = obj.getClass();
      String methodName =
          "set" + name.substring(0, 1).toUpperCase() + name.substring(1, name.length());
      String[] methodnameIgnot = {"-"};
      for (String ignore : methodnameIgnot) {
        methodName = methodName.replaceAll(ignore, "");
      }
      Method method = class1.getMethod(methodName, String.class);

      String value = (String) method.invoke(obj, Value);

    } catch (NamingException e) {
      e.printStackTrace();
    } catch (SecurityException e) {
      e.printStackTrace();
    } catch (NoSuchMethodException e) {
      e.printStackTrace();
    } catch (IllegalArgumentException e) {
      e.printStackTrace();
    } catch (IllegalAccessException e) {
      e.printStackTrace();
    } catch (InvocationTargetException e) {
      e.printStackTrace();
    }
    return obj;
  }
 /**
  * Seeds the bound instance's local ads-truststore with a set of instance key-pair public key
  * certificates. The result is the instance will trust any instance posessing the private key
  * corresponding to one of the public-key certificates. This trust is necessary at least to
  * initialize replication, which uses the trusted certificate entries in the ads-truststore for
  * server authentication.
  *
  * @param ctx The bound instance.
  * @param keyEntryMap The set of valid (i.e., not tagged as compromised) instance key-pair
  *     public-key certificate entries in ADS represented as a map from keyID to public-key
  *     certificate (binary).
  * @throws NamingException in case an error occurs while updating the instance's ads-truststore
  *     via LDAP.
  */
 public static void seedAdsTrustStore(InitialLdapContext ctx, Map<String, byte[]> keyEntryMap)
     throws NamingException {
   /* TODO: this DN is declared in some core constants file. Create a
   constants file for the installer and import it into the core. */
   final Attribute oc = new BasicAttribute("objectclass");
   oc.add("top");
   oc.add("ds-cfg-instance-key");
   for (Map.Entry<String, byte[]> keyEntry : keyEntryMap.entrySet()) {
     final BasicAttributes keyAttrs = new BasicAttributes();
     keyAttrs.put(oc);
     final Attribute rdnAttr =
         new BasicAttribute(
             ADSContext.ServerProperty.INSTANCE_KEY_ID.getAttributeName(), keyEntry.getKey());
     keyAttrs.put(rdnAttr);
     keyAttrs.put(
         new BasicAttribute(
             ADSContext.ServerProperty.INSTANCE_PUBLIC_KEY_CERTIFICATE.getAttributeName()
                 + ";binary",
             keyEntry.getValue()));
     final LdapName keyDn =
         new LdapName(
             (new StringBuilder(rdnAttr.getID()))
                 .append("=")
                 .append(Rdn.escapeValue(rdnAttr.get()))
                 .append(",")
                 .append(TRUSTSTORE_DN)
                 .toString());
     try {
       ctx.createSubcontext(keyDn, keyAttrs).close();
     } catch (NameAlreadyBoundException x) {
       ctx.destroySubcontext(keyDn);
       ctx.createSubcontext(keyDn, keyAttrs).close();
     }
   }
 }
  protected Map<String, ArrayList<String>> convertAttributes(
      NamingEnumeration<? extends Attribute> attributesEnumeration) {
    Map<String, ArrayList<String>> userInfo = new HashMap<String, ArrayList<String>>();
    try {
      while (attributesEnumeration.hasMore()) {
        Attribute attr = attributesEnumeration.next();
        String id = attr.getID();

        ArrayList<String> values = userInfo.get(id);
        if (values == null) {
          values = new ArrayList<String>();
          userInfo.put(id, values);
        }

        // --- loop on all attribute's values
        NamingEnumeration<?> valueEnum = attr.getAll();

        while (valueEnum.hasMore()) {
          Object value = valueEnum.next();
          // Only retrieve String attribute
          if (value instanceof String) {
            values.add((String) value);
          }
        }
      }
    } catch (NamingException e) {
      e.printStackTrace();
    }
    return userInfo;
  }
Esempio n. 5
0
 public static int verifyMaliciousPassword(String login, String mail) {
   String mailAdresse = "";
   Ldap adminConnection = new Ldap();
   adminConnection.SetEnv(
       Play.configuration.getProperty("ldap.host"),
       Play.configuration.getProperty("ldap.admin.dn"),
       Play.configuration.getProperty("ldap.admin.password"));
   Attributes f = adminConnection.getUserInfo(adminConnection.getLdapEnv(), login);
   try {
     NamingEnumeration e = f.getAll();
     while (e.hasMore()) {
       javax.naming.directory.Attribute a = (javax.naming.directory.Attribute) e.next();
       String attributeName = a.getID();
       String attributeValue = "";
       Enumeration values = a.getAll();
       while (values.hasMoreElements()) {
         attributeValue = values.nextElement().toString();
       }
       if (attributeName.equals("mail")) {
         mailAdresse = attributeValue;
       }
     }
   } catch (javax.naming.NamingException e) {
     System.out.println(e.getMessage());
     return 0;
   } finally {
     if (mailAdresse.equals("")) {
       return Invitation.USER_NOTEXIST;
     } else if (mailAdresse.equals(mail)) {
       return Invitation.ADDRESSES_MATCHE;
     } else {
       return Invitation.ADDRESSES_NOTMATCHE;
     }
   }
 }
  public Map<String, String> getAttributes(User user) throws DataSourceException, ConfigException {
    try {
      String s =
          "(&(objectClass="
              + source.getUsersObjectClassValue()
              + ")("
              + source.getUsersIdKey()
              + "="
              + user.getUid()
              + "))";
      List<SearchResult> r = this.search(s, SecurityEntityType.USER);
      if (!r.isEmpty()) {
        Attributes attrs = r.get(0).getAttributes();
        Map<String, String> items = new HashMap<String, String>();
        NamingEnumeration<? extends Attribute> lst = attrs.getAll();
        while (lst.hasMoreElements()) {
          Attribute attr = lst.nextElement();
          if (attr.get() != null) {
            items.put(attr.getID(), attr.get().toString());
          }
        }

        return items;
      } else {
        return null;
      }
    } catch (javax.naming.AuthenticationException e) {
      throw new ConfigException(e, "LDAP connection failed, please check your settings");
    } catch (NamingException e) {
      throw new DataSourceException(e, "LDAP Exception : " + e.getMessage());
    }
  }
 /**
  * Gets an <code>LDAPDirectoryEntry</code> object that represent an entry on directory. You can
  * provide a list of attributes to be ignored when load the entry data. Look for attribute matches
  * using a map of values
  *
  * @param DN Distinguished Name of the entry
  * @param ignore_attributes You can indicate here a list of attribute to be ignored when load all
  *     entry data. this is useful if you have some big data in some attributes and do you want to
  *     ignore that
  * @param attribute_matches Map with attribute names and values to match
  * @return LDAPDirectoryEntry
  * @exception LDAPException
  */
 public LDAPDirectoryEntry getEntry(
     final String DN,
     final List<String> ignore_attributes,
     final Map<String, String> attribute_matches)
     throws LDAPException {
   LDAPDirectoryEntry _e = null;
   try {
     _e = new LDAPDirectoryEntry(DN);
     DirContext ctx = connection.connect();
     if (ctx == null) {
       throw new LDAPException("directory service not available");
     }
     Attributes atts = ctx.getAttributes(DN);
     if (atts == null) {
       return null;
     }
     @SuppressWarnings("unchecked")
     NamingEnumeration<Attribute> ne = (NamingEnumeration<Attribute>) atts.getAll();
     while (ne.hasMore()) {
       Attribute att = ne.next();
       if (ignore_attributes == null || !ignore_attributes.contains(att.getID())) {
         List<Object> _values = new ArrayList<Object>();
         @SuppressWarnings("unchecked")
         NamingEnumeration<Object> nea = (NamingEnumeration<Object>) att.getAll();
         while (nea.hasMore()) {
           Object _value = nea.next();
           if (attribute_matches == null || !attribute_matches.containsKey(att.getID())) {
             _values.add(_value);
           } else if (attribute_matches.get(att.getID()) != null
               && String.valueOf(_value).contains(attribute_matches.get(att.getID()))) {
             _values.add(_value);
           }
         }
         _e.setAttribute(att.getID(), _values.toArray());
       }
     }
   } catch (NullPointerException e) {
     _log.log(java.util.logging.Level.ALL, "getEntry() null pointer");
     throw new LDAPException("get entry null pointer");
   } catch (NamingException e) {
     _log.log(java.util.logging.Level.ALL, "getEntry() - " + e.getMessage());
     throw new LDAPException(e.getMessage());
   } finally {
     connection.disconnect();
   }
   return _e;
 }
  /**
   * Search for entry that matches the specific <code>DirectoryQuery</code> conditions
   *
   * @param q DirectoryQuery
   * @return List<DirectoryEntry>
   * @exception LDAPException
   */
  public List<Identity> search(final LDAPDirectoryQuery q) throws LDAPException {
    List<Identity> results = new ArrayList<Identity>();
    try {
      DirContext ctx = connection.connect();
      if (ctx == null) {
        throw new LDAPException("directory service not available");
      }
      SearchControls ctls = new SearchControls();
      List<String> _aux = new ArrayList<String>();
      _aux.add("modifyTimestamp");
      _aux.add("*");
      ctls.setReturningAttributes(_aux.toArray(new String[_aux.size()]));
      if (connection.hasCountLimit()) {
        ctls.setCountLimit(connection.getCountLimit());
      }
      ctls.setSearchScope(connection.getScope());

      String filter = getQueryString(ctx, q);
      NamingEnumeration<SearchResult> answer = ctx.search(baseDN, filter, ctls);
      while (answer.hasMoreElements()) {
        SearchResult sr = answer.nextElement();
        LDAPDirectoryEntry _e = null;
        if (sr.getName().isEmpty()) {
          _e = new LDAPDirectoryEntry(baseDN);
        } else {
          _e = new LDAPDirectoryEntry(sr.getNameInNamespace());
          /*
           * _e = new LDAPEntry(sr.getName() + "," + this.baseDN); if(_e.getID().matches(
           * "^(ldap|ldaps)\\://[a-zA-Z0-9\\-\\.]+\\.[a-zA-Z0-9\\-]+(:[a-zA-Z0-9]*)?/?([a-zA-Z0-9\\-\\._\\?\\,\\'/\\\\\\+&amp;%\\$#\\=~])*[^\\.\\,\\)\\(\\s]$"
           * )) { URL _url = new URL(_e.getID()); _e.setID(_url.getPath()); }
           */
        }
        @SuppressWarnings("unchecked")
        NamingEnumeration<Attribute> ne =
            (NamingEnumeration<Attribute>) sr.getAttributes().getAll();
        while (ne.hasMore()) {
          Attribute att = ne.next();
          Object[] attrs = new Object[att.size()];
          @SuppressWarnings("unchecked")
          NamingEnumeration<Object> nea = (NamingEnumeration<Object>) att.getAll();
          for (int i = 0; nea.hasMore(); i++) {
            attrs[i] = nea.next();
          }
          _e.setAttribute(att.getID(), attrs);
        }
        results.add(_e);
      }
    } catch (NullPointerException e) {
      _log.log(java.util.logging.Level.ALL, "search() null pointer");
      throw new LDAPException("search null pointer");
    } catch (NamingException e) {
      _log.log(java.util.logging.Level.ALL, "search() - " + e.getMessage());
      throw new LDAPException(e.getMessage());
    } finally {
      connection.disconnect();
    }
    return results;
  }
  /**
   * Search for entry that matches the specific <code>DirectoryQuery</code> conditions. Results will
   * be order using the values of a specific attribute
   *
   * @param q DirectoryQuery
   * @param attribute Name of the attribute that determines the order
   * @return java.util.List<DirectoryEntry>
   * @exception LDAPException
   */
  public List<Identity> sortedSearch(final LDAPDirectoryQuery q, final String attribute)
      throws LDAPException {
    TreeMap<String, Identity> results =
        new TreeMap<String, Identity>(Collator.getInstance(new Locale("es")));
    try {
      LdapContext ctx = connection.connect();
      if (ctx == null) {
        throw new LDAPException("Directory service not available");
      }
      SearchControls ctls = new SearchControls();
      if (connection.hasCountLimit()) {
        ctls.setCountLimit(connection.getCountLimit());
      }
      ctls.setSearchScope(connection.getScope());
      ctx.setRequestControls(new Control[] {new SortControl(attribute, Control.NONCRITICAL)});

      String filter = getQueryString(ctx, q);
      NamingEnumeration<SearchResult> answer = ctx.search(baseDN, filter, ctls);
      while (answer.hasMoreElements()) {
        SearchResult sr = answer.nextElement();
        LDAPDirectoryEntry _e = new LDAPDirectoryEntry(sr.getNameInNamespace());
        @SuppressWarnings("unchecked")
        NamingEnumeration<Attribute> ne =
            (NamingEnumeration<Attribute>) sr.getAttributes().getAll();
        while (ne.hasMore()) {
          Attribute att = ne.next();
          Object[] attrs = new Object[att.size()];
          @SuppressWarnings("unchecked")
          NamingEnumeration<Object> nea = (NamingEnumeration<Object>) att.getAll();
          for (int i = 0; nea.hasMore(); i++) {
            attrs[i] = nea.next();
          }
          _e.setAttribute(att.getID(), attrs);
        }
        String _value = String.valueOf(_e.getAttribute(attribute)[0]);
        while (results.containsKey(_value)) {
          _value = _value.concat("0");
        }
        results.put(_value, _e);
      }
    } catch (NullPointerException e) {
      _log.log(java.util.logging.Level.ALL, "sortedSearch() null pointer");
      throw new LDAPException("sorted search null pointer");
    } catch (NamingException e) {
      _log.log(java.util.logging.Level.ALL, "sortedSearch() - " + e.getMessage());
      throw new LDAPException(e.getMessage());
    } catch (IOException e) {
      _log.log(java.util.logging.Level.ALL, "sortedSearch() - " + e.getMessage());
      throw new LDAPException(e.getMessage());
    } finally {
      connection.disconnect();
    }
    return new ArrayList<Identity>(results.values());
  }
Esempio n. 10
0
 public static void listerAttributs(Attributes atts) {
   try {
     for (NamingEnumeration e = atts.getAll(); e.hasMore(); ) {
       Attribute a = (Attribute) e.next();
       System.out.println(a.getID() + ":");
       Enumeration values = a.getAll();
       while (values.hasMoreElements()) {
         System.out.println("valeur : " + values.nextElement().toString());
       }
     }
   } catch (javax.naming.NamingException e) {
     System.out.println(e.getMessage());
   }
 }
Esempio n. 11
0
 /**
  * Print Attributes to System.out
  *
  * @param attrs
  */
 private static void dump(Attributes attrs) {
   if (attrs == null) {
     System.out.println("No attributes");
   } else {
     /* Print each attribute */
     try {
       for (NamingEnumeration<? extends Attribute> ae = attrs.getAll(); ae.hasMore(); ) {
         Attribute attr = ae.next();
         System.out.println("attribute: " + attr.getID());
         /* print each value */
         for (NamingEnumeration<?> e = attr.getAll();
             e.hasMore();
             System.out.println("    value: " + e.next())) ;
       }
     } catch (NamingException e) {
       e.printStackTrace();
     }
   }
 } //	dump
Esempio n. 12
0
  /**
   * Return true if the record contains all of the values of the given attribute.
   *
   * @param attr Attribute we're looking for
   * @return boolean true if we found it
   * @throws Throwable
   */
  public boolean contains(Attribute attr) throws Throwable {
    if (attr == null) {
      return false; // protect
    }

    Attribute recAttr = getAttributes().get(attr.getID());

    if (recAttr == null) {
      return false;
    }

    NamingEnumeration ne = attr.getAll();

    while (ne.hasMore()) {
      if (!recAttr.contains(ne.next())) {
        return false;
      }
    }

    return true;
  }
Esempio n. 13
0
 /**
  * Constructs an Rdn from the given attribute set. See {@link javax.naming.directory.Attributes
  * Attributes}.
  *
  * <p>The string attribute values are not interpreted as <a
  * href="http://www.ietf.org/rfc/rfc2253.txt">RFC 2253</a> formatted RDN strings. That is, the
  * values are used literally (not parsed) and assumed to be unescaped.
  *
  * @param attrSet The non-null and non-empty attributes containing type/value mappings.
  * @throws InvalidNameException If contents of <tt>attrSet</tt> cannot be used to construct a
  *     valid RDN.
  */
 public Rdn(Attributes attrSet) throws InvalidNameException {
   if (attrSet.size() == 0) {
     throw new InvalidNameException("Attributes cannot be empty");
   }
   entries = new ArrayList<>(attrSet.size());
   NamingEnumeration<? extends Attribute> attrs = attrSet.getAll();
   try {
     for (int nEntries = 0; attrs.hasMore(); nEntries++) {
       RdnEntry entry = new RdnEntry();
       Attribute attr = attrs.next();
       entry.type = attr.getID();
       entry.value = attr.get();
       entries.add(nEntries, entry);
     }
   } catch (NamingException e) {
     InvalidNameException e2 = new InvalidNameException(e.getMessage());
     e2.initCause(e);
     throw e2;
   }
   sort(); // arrange entries for comparison
 }
Esempio n. 14
0
  /**
   * LDAP属性 定义 o Organization:组织 ou Organization unit:组织单元 uid Userid:用户id cn Common name:常见名称 sn 姓
   * givenname 首名 dn Distinguished Name:区分名称
   *
   * @param username
   * @throws NamingException
   */
  public void search(String username) throws NamingException {
    System.out.println("Searching...");
    SearchControls searchCtls = new SearchControls();

    // Specify the search scope
    searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
    // specify the LDAP search filter
    String searchFilter = "uid=" + username;

    // Specify the Base for the search
    String searchBase = LDAP_BASE;

    // Specify the attributes to return
    String returnedAtts[] = {"cn"};
    searchCtls.setReturningAttributes(returnedAtts);

    // Search for objects using the filter
    NamingEnumeration<SearchResult> entries = ds.search(searchBase, searchFilter, searchCtls);

    // Loop through the search results
    while (entries.hasMoreElements()) {
      SearchResult entry = entries.next();
      System.out.println(">>>" + entry.getName());
      // Print out the groups
      Attributes attrs = entry.getAttributes();
      if (attrs != null) {
        for (NamingEnumeration<? extends Attribute> names = attrs.getAll(); names.hasMore(); ) {
          Attribute attr = names.next();
          System.out.println("AttributeID: " + attr.getID());

          for (NamingEnumeration<?> e = attr.getAll(); e.hasMore(); ) {
            System.out.println("Attributes:" + e.next());
          }
        }
      }
    }
    System.out.println("Search complete.");
  }
  /** {@inheritDoc} */
  @Override
  public void createEntry(LdapName dn, Attributes attributes) throws NamingException {
    Assert.assertFalse(alreadyAdded);
    Assert.assertEquals(dn, expectedDN);

    Map<String, List<String>> expected = new HashMap<String, List<String>>(this.attributes);
    NamingEnumeration<? extends Attribute> ne = attributes.getAll();
    while (ne.hasMore()) {
      Attribute attribute = ne.next();
      String attrID = attribute.getID();
      List<String> values = expected.remove(attrID);
      if (values == null) {
        Assert.fail("Unexpected attribute " + attrID);
      }
      assertAttributeEquals(attribute, values);
    }

    if (!expected.isEmpty()) {
      Assert.fail("Missing expected attributes: " + expected.keySet());
    }

    alreadyAdded = true;
  }
  /** Parse Definition Attributes for a LDAP matching rule */
  static LDAPMatchingRuleSchema parseDefAttributes(Attributes attrs) throws NamingException {
    String name = null, oid = null, desc = null, syntax = null;
    boolean obsolete = false;
    Vector applies = new Vector();

    for (Enumeration attrEnum = attrs.getAll(); attrEnum.hasMoreElements(); ) {
      Attribute attr = (Attribute) attrEnum.nextElement();
      String attrName = attr.getID();
      if (attrName.equals(NAME)) {
        name = getSchemaAttrValue(attr);
      } else if (attrName.equals(NUMERICOID)) {
        oid = getSchemaAttrValue(attr);
      } else if (attrName.equals(SYNTAX)) {
        syntax = getSchemaAttrValue(attr);
      } else if (attrName.equals(DESC)) {
        desc = getSchemaAttrValue(attr);
      } else if (attrName.equals(APPLIES)) {
        for (Enumeration valEnum = attr.getAll(); valEnum.hasMoreElements(); ) {
          applies.addElement((String) valEnum.nextElement());
        }
      } else if (attrName.equals(OBSOLETE)) {
        obsolete = parseTrueFalseValue(attr);
      } else {
        throw new NamingException(
            "Invalid schema attribute type for matching rule definition " + attrName);
      }
    }

    LDAPMatchingRuleSchema mrule =
        new LDAPMatchingRuleSchema(name, oid, desc, vectorToStringAry(applies), syntax);

    if (obsolete) {
      mrule.setQualifier(OBSOLETE, "");
    }
    return mrule;
  }
  public LDAPAuthenticationUser getUserAttributes(LdapSearch search, String[] attributes)
      throws SecurityException {
    LDAPAuthenticationUser ldapAUser = new LDAPAuthenticationUser();
    if (search.getM_srAttrs() == null) {
      throw new SecurityException(SecurityException.ERROR_CAN_NOT_FIND_USER_ATTRIBUTES_LDAP);
    } else {
      try {
        Object object = null;
        for (NamingEnumeration enum1 = search.getM_srAttrs().getAll(); enum1.hasMore(); ) {
          Attribute attrib = (Attribute) enum1.next();

          for (NamingEnumeration e = attrib.getAll(); e.hasMore(); ) {
            object = e.next();
            try {
              if (attrib.getID().equals(attributes[0])) {
                ldapAUser.setGuid(object);
              }
              if (attrib.getID().equals(attributes[1])) {
                ldapAUser.setDn((String) object);
              }

              if (attrib.getID().equals(attributes[2])) {
                String obj = (String) object;
                if (attributes[2].equals("CN")) {
                  if (obj != null && !obj.equals("")) {
                    ldapAUser.setFullName((String) object);
                  }
                } else {
                  if (ldapAUser.getFullName() == null && obj != null && !obj.equals("")) {
                    ldapAUser.setFullName((String) object);
                  }
                }
              }

              if (attrib.getID().equals(attributes[3])) {
                String obj = (String) object;
                if (attributes[3].equals("cn")) {
                  if (obj != null && !obj.equals("")) {
                    ldapAUser.setFullName((String) object);
                  }
                } else {
                  if (ldapAUser.getFullName() == null && obj != null && !obj.equals("")) {
                    ldapAUser.setFullName((String) object);
                  }
                }
              }

              if (attrib.getID().equals(attributes[4])) {
                String obj = (String) object;
                if (ldapAUser.getFullName() == null && obj != null && !obj.equals("")) {
                  ldapAUser.setFullName((String) object);
                }
              }
              if (attrib.getID().equals(attributes[5])) {
                ldapAUser.setGroups((String) object);
              }
            } catch (Exception ex) {
            }
          }
        }

      } catch (NamingException e) {
        throw new SecurityException(SecurityException.ERROR_CAN_NOT_FIND_USER_ATTRIBUTES_LDAP);
      } catch (Exception e) {
        throw new SecurityException(SecurityException.ERROR_CAN_NOT_FIND_USER_ATTRIBUTES_LDAP);
      }
    }

    return ldapAUser;
  }
Esempio n. 18
0
 public List<Users> getUsers(Users user) {
   LOG.info("Inside getUsers");
   List<Users> userList = new ArrayList<Users>();
   DirContext ctx = LDAPConstants.getLdapContext();
   String baseDN = PropertyFileReader.getProperty(IAMApplicationConstants.BASEDN_USERS);
   SearchControls sc = new SearchControls();
   sc.setSearchScope(SearchControls.SUBTREE_SCOPE);
   String retAttrs[] = {
     "whenChanged",
     "whenCreated",
     "name",
     "distinguishedName",
     "givenName",
     "cn",
     "initials",
     "displayName",
     "iboIsEmail",
     "iboCountryOfCitizenship2",
     "iboCountryOfCitizenship1",
     "iboIsIBIS",
     "iboPrefCommunicationMethod",
     "iboAuthorizedDate",
     "iboIsNetwork",
     "iboUserStatus",
     "iboIBSchoolCode",
     "iboPrefCommunicationLang",
     "iboRoles",
     "iboUserName",
     "iboSex",
     "iboStartDate",
     "iboUserGUID",
     "iboCountryOfBirth",
     "iboLanguagesSpoken",
     "iboEndDate",
     "iboAuthorizedBy",
     "iboEmailHome",
     "iboCountryCode",
     "iboMobileWork",
     "iboSchoolConnections",
     "iboEmailWork",
     "iboPhoneWork",
     "iboIBRegion",
     "iboPreferredName",
     "iboMiddlename",
     "physicalDeliveryOfficeName",
     "iboSource"
   };
   sc.setReturningAttributes(retAttrs);
   String filter = buildFilter(user);
   LOG.info("Filter--" + filter);
   NamingEnumeration results = null;
   String isIboSource = null;
   try {
     results = ctx.search(baseDN, filter, sc);
     while (results.hasMore()) {
       SearchResult sr = (SearchResult) results.next();
       Attributes attrs = sr.getAttributes();
       if (null != attrs && null != attrs.get("iboSource"))
         isIboSource = attrs.get("iboSource").toString();
       if (null != isIboSource && isIboSource.length() > 0) {
         NamingEnumeration e = attrs.getAll();
         Users ioUser = new Users();
         while (e.hasMoreElements()) {
           Attribute attr = (Attribute) e.nextElement();
           if (attr.getID().toString().length() > 0
               && attr.getID().toString().equalsIgnoreCase("ibosource")) {
             if (attr.get().toString().length() > 0) {
               if (attr.get().toString().equalsIgnoreCase("sharepoint")) {
                 LOG.trace("External");
                 ioUser.setIboUserType(LDAPConstants.IBOUSERTYPE_EXTERNAL);
               } else if (attr.get().toString().equalsIgnoreCase("UserApp")
                   || attr.get().toString().equalsIgnoreCase("OracleHR")
                   || attr.get().toString().equalsIgnoreCase("userapp Generic")) {
                 LOG.trace("Internal");
                 ioUser.setIboUserType(LDAPConstants.IBOUSERTYPE_INTERNAL);
               }
             }
           }
           ioUser = (Users) getResults(attr, ioUser);
         }
         userList.add(ioUser);
       }
     }
     ctx.close();
   } catch (NamingException e) {
     e.printStackTrace();
   }
   return userList;
 }
Esempio n. 19
0
  public void produce(String name, Attributes attrs) throws SAXException, NamingException {
    AttributeListImpl attrList;
    Attribute attr;
    NamingEnumeration enumeration;
    NamingEnumeration values;
    Object value;

    leaveSchema();
    enterDirectory();

    // dsml:entry dn
    attrList = new AttributeListImpl();
    attrList.addAttribute(XML.Entries.Attributes.DN, "CDATA", name);
    // dsml:entry
    _docHandler.startElement(prefix(XML.Entries.Elements.Entry), attrList);

    if (attrs != null) {
      attr = attrs.get("objectclass");
      if (attr != null) {
        // dsml:objectclass
        attrList = new AttributeListImpl();
        _docHandler.startElement(prefix(XML.Entries.Elements.ObjectClass), attrList);
        values = attr.getAll();
        while (values.hasMore()) {
          char[] chars;

          // dsml:oc-value
          value = values.next();
          if (value != null) chars = value.toString().toCharArray();
          else chars = new char[0];
          attrList = new AttributeListImpl();
          _docHandler.startElement(prefix(XML.Entries.Elements.OCValue), attrList);
          _docHandler.characters(chars, 0, chars.length);
          _docHandler.endElement(prefix(XML.Entries.Elements.OCValue));
        }
        _docHandler.endElement(prefix(XML.Entries.Elements.ObjectClass));
      }

      enumeration = attrs.getAll();
      while (enumeration.hasMore()) {
        // dsml:attr
        attr = (Attribute) enumeration.next();
        if (attr.getID().equals("objectclass")) continue;
        attrList = new AttributeListImpl();
        attrList.addAttribute(XML.Entries.Attributes.Name, "CDATA", attr.getID());
        _docHandler.startElement(prefix(XML.Entries.Elements.Attribute), attrList);

        values = attr.getAll();
        while (values.hasMore()) {
          char[] chars = null;
          byte[] bytes = null;

          attrList = new AttributeListImpl();

          // dsml:value
          value = values.next();
          if (value == null) {
            chars = new char[0];
          } else if (value instanceof String) {
            chars = ((String) value).toCharArray();
          } else if (value instanceof byte[]) {
            bytes = (byte[]) value;
          } else {
            chars = value.toString().toCharArray();
          }
          if (chars != null) {
            boolean encode = false;
            boolean wchar = false;
            int i = 0;
            while (i < chars.length && !wchar) {
              char c = chars[i++];
              if (c >= '\u0100') encode = wchar = true;
              else if (c >= '\u0080' || (c < ' ' && c != '\n' && c != '\t')) encode = true;
            }
            if (encode) {
              if (wchar) {
                bytes = new byte[chars.length << 1];
                int j = 0;
                // bigendian
                for (i = 0; i < chars.length; i++) {
                  bytes[j++] = (byte) (chars[i] >> 8);
                  bytes[j++] = (byte) (0xff & chars[i]);
                }
              } else {
                bytes = new byte[chars.length];
                for (i = 0; i < chars.length; i++) {
                  bytes[i] = (byte) chars[i];
                }
              }
            }
          }

          if (bytes != null) {
            chars = Base64Encoder.encode(bytes);
            attrList.addAttribute(
                XML.Entries.Attributes.Encoding,
                "NMTOKEN",
                XML.Entries.Attributes.Encodings.Base64);
          }
          _docHandler.startElement(prefix(XML.Entries.Elements.Value), attrList);
          _docHandler.characters(chars, 0, chars.length);
          _docHandler.endElement(prefix(XML.Entries.Elements.Value));
        }
        _docHandler.endElement(prefix(XML.Entries.Elements.Attribute));
      }
    }
    _docHandler.endElement(prefix(XML.Entries.Elements.Entry));
  }
  /**
   * Handle a {@code Callback}
   *
   * @param c callback
   * @throws UnsupportedCallbackException If the callback is not supported by this handler
   * @throws NamingException
   */
  protected void handleCallBack(Callback c) throws UnsupportedCallbackException, NamingException {
    if (c instanceof VerifyPasswordCallback) {
      verifyPassword((VerifyPasswordCallback) c);
      return;
    }

    if (c instanceof PasswordCallback == false) return;

    PasswordCallback passwdCallback = (PasswordCallback) c;

    String bindDN = getBindDN();

    String bindCredential = getBindCredential();

    String tmp = options.get(PASSWORD_ATTRIBUTE_ID);
    if (tmp != null && tmp.length() > 0) {
      passwordAttributeID = tmp;
    }

    InitialLdapContext ctx;
    ClassLoader currentTCCL = SecurityActions.getContextClassLoader();
    try {
      if (currentTCCL != null) SecurityActions.setContextClassLoader(null);
      ctx = this.constructInitialLdapContext(bindDN, bindCredential);
    } catch (NamingException e) {
      throw new RuntimeException(e);
    }

    String timeLimit = (String) options.get(SEARCH_TIME_LIMIT_OPT);
    if (timeLimit != null) {
      try {
        searchTimeLimit = Integer.parseInt(timeLimit);
      } catch (NumberFormatException e) {
      }
    }
    if (searchTimeLimit == 0) searchTimeLimit = 10000;

    String baseDN = options.get(BASE_CTX_DN);
    String baseFilter = options.get(BASE_FILTER_OPT);

    SearchControls constraints = new SearchControls();
    constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);

    constraints.setTimeLimit(searchTimeLimit);

    NamingEnumeration<SearchResult> results = null;

    Object[] filterArgs = {userName};
    try {
      if (baseDN == null) throw PicketBoxMessages.MESSAGES.invalidNullBaseContextDN();
      results = ctx.search(baseDN, baseFilter, filterArgs, constraints);
      if (results.hasMore() == false) {
        safeClose(results);
        throw PicketBoxMessages.MESSAGES.failedToFindBaseContextDN(baseDN);
      }
      SearchResult sr = results.next();
      String name = sr.getName();
      String userDN = null;
      if (sr.isRelative() == true) userDN = name + "," + baseDN;
      else throw PicketBoxMessages.MESSAGES.unableToFollowReferralForAuth(name);
      ;

      safeClose(results);

      // Finished Authentication.  Lets look for the attributes
      filterArgs = new Object[] {userName, userDN};
      results = ctx.search(userDN, baseFilter, filterArgs, constraints);
      try {
        while (results.hasMore()) {
          sr = results.next();
          Attributes attributes = sr.getAttributes();
          NamingEnumeration<? extends javax.naming.directory.Attribute> ne = attributes.getAll();

          while (ne != null && ne.hasMoreElements()) {
            javax.naming.directory.Attribute ldapAtt = ne.next();
            if (passwordAttributeID.equalsIgnoreCase(ldapAtt.getID())) {
              Object thePass = ldapAtt.get();
              setPasswordCallbackValue(thePass, passwdCallback);
            }
          }
        }
      } finally {
        safeClose(results);
        safeClose(ctx);
        if (currentTCCL != null) SecurityActions.setContextClassLoader(currentTCCL);
      }
    } catch (NamingException ne) {
      PicketBoxLogger.LOGGER.error(ne);
    }
  }
Esempio n. 21
0
  /**
   * This compares all but the named attributes allbut true => All must be equal except those on the
   * list
   *
   * @param that
   * @param attrIDs
   * @return boolean
   * @throws Throwable
   */
  public boolean equalsAllBut(DirRecord that, String[] attrIDs) throws Throwable {
    if (attrIDs == null) throw new Exception("DirectoryRecord: null attrID list");

    if (!dnEquals(that)) {
      return false;
    }

    int n = attrIDs.length;

    if (n == 0) return true;

    Attributes thisAttrs = getAttributes();
    Attributes thatAttrs = that.getAttributes();

    if (thisAttrs == null) {
      if (thatAttrs == null) return true;
      return false;
    }

    if (thatAttrs == null) {
      return false;
    }

    /**
     * We need to ensure that all attributes are checked. We init thatLeft to the number of
     * attributes in the source. We decrement for each checked attribute. We then decrement for each
     * ignored attribute present in that If the result is non-zero, then there are some extra
     * attributes in that so we return unequal.
     */
    int sz = thisAttrs.size();
    int thatLeft = sz;

    if ((sz == 0) && (thatAttrs.size() == 0)) {
      return true;
    }

    NamingEnumeration ne = thisAttrs.getAll();

    if (ne == null) {
      return false;
    }

    while (ne.hasMore()) {
      Attribute attr = (Attribute) ne.next();
      String id = attr.getID();
      boolean present = false;

      for (int i = 0; i < attrIDs.length; i++) {
        if (id.equalsIgnoreCase(attrIDs[i])) {
          present = true;
          break;
        }
      }
      if (present) {
        // We don't compare
        if (thatAttrs.get(id) != null) thatLeft--;
      } else {
        Attribute thatAttr = thatAttrs.get(id);
        if (thatAttr == null) {
          return false;
        }
        if (!thatAttr.contains(attr)) {
          return false;
        }
        thatLeft--;
      }
    }

    return (thatLeft == 0);
  }