@Test
public void testgetParent() throws InvalidNameException {
Name name = new LdapName("cn=test,ou=personnes,o=foo,c=bar");
Name parent = LdapUtils.getDistinguishedNameParent(name);
Assert.assertEquals(new LdapName("ou=personnes,o=foo,c=bar"), parent);
Name c = LdapUtils.getDistinguishedNamePrefix(name, "c");
Name o = LdapUtils.getDistinguishedNamePrefix(name, "o");
Name ou = LdapUtils.getDistinguishedNamePrefix(name, "ou");
Name cn = LdapUtils.getDistinguishedNamePrefix(name, "cn");
Name x = LdapUtils.getDistinguishedNamePrefix(name, "x");
Assert.assertEquals(new LdapName("c=bar"), c);
Assert.assertEquals(new LdapName("o=foo,c=bar"), o);
Assert.assertEquals(new LdapName("ou=personnes,o=foo,c=bar"), ou);
Assert.assertEquals(name, cn);
Assert.assertNull(x);
Assert.assertEquals(
new LdapName("ou=structures,o=foo,c=bar"), o.addAll(new LdapName("ou=structures")));
}
/**
* Join two names together. These are treated as CompoundNames.
*
* @param name a <code>Name</code> value
* @param prefix a <code>Name</code> value
* @return a <code>Name</code> value
* @exception NamingException if an error occurs
*/
public Name composeName(Name name, Name prefix) throws NamingException {
if (name == null) throw new NamingException("Name cannot be null");
if (prefix == null) throw new NamingException("Prefix cannot be null");
Name compoundName = (CompoundName) prefix.clone();
compoundName.addAll(name);
return compoundName;
}
/**
* Save the NamingEntry for later use.
*
* <p>Saving is done by binding the NamingEntry itself, and the value it represents into JNDI. In
* this way, we can link to the value it represents later, but also still retrieve the NamingEntry
* itself too.
*
* <p>The object is bound at the jndiName passed in. This NamingEntry is bound at __/jndiName.
*
* <p>eg
*
* <p>jdbc/foo : DataSource __/jdbc/foo : NamingEntry
*
* @throws NamingException
*/
protected void save(Object object) throws NamingException {
__log.debug("SAVE {} in {}", this, _scope);
InitialContext ic = new InitialContext();
NameParser parser = ic.getNameParser("");
Name prefix = NamingEntryUtil.getNameForScope(_scope);
// bind the NamingEntry into the context
Name namingEntryName = NamingEntryUtil.makeNamingEntryName(parser, getJndiName());
namingEntryName.addAll(0, prefix);
_namingEntryNameString = namingEntryName.toString();
NamingUtil.bind(ic, _namingEntryNameString, this);
// bind the object as well
Name objectName = parser.parse(getJndiName());
objectName.addAll(0, prefix);
_objectNameString = objectName.toString();
NamingUtil.bind(ic, _objectNameString, object);
}
public void appendRemainingName(Name name)
{
try
{
remainingName.addAll(name);
}
catch (InvalidNameException _)
{
}
}
public Name composeName(Name name, Name prefix) throws NamingException {
final Name result = (Name) prefix.clone();
result.addAll(name);
return result;
}
public Name composeName(Name suffix, Name prefix) throws NamingException {
if (suffix == null) throw new NamingException(L.l("suffix cannot be null"));
else if (prefix == null) throw new NamingException(L.l("prefix cannot be null"));
else return prefix.addAll(suffix);
}
@Override
public Name composeName(Name name, Name prefix) throws NamingException {
Name result = (Name) (prefix.clone());
result.addAll(name);
return result;
}
protected boolean authenticate(String username, String password) throws LoginException {
MessageFormat userSearchMatchingFormat;
boolean userSearchSubtreeBool;
DirContext context = null;
if (ActiveMQServerLogger.LOGGER.isDebugEnabled()) {
ActiveMQServerLogger.LOGGER.debug("Create the LDAP initial context.");
}
try {
context = open();
} catch (NamingException ne) {
FailedLoginException ex = new FailedLoginException("Error opening LDAP connection");
ex.initCause(ne);
throw ex;
}
if (!isLoginPropertySet(USER_SEARCH_MATCHING)) return false;
userSearchMatchingFormat = new MessageFormat(getLDAPPropertyValue(USER_SEARCH_MATCHING));
userSearchSubtreeBool =
Boolean.valueOf(getLDAPPropertyValue(USER_SEARCH_SUBTREE)).booleanValue();
try {
String filter = userSearchMatchingFormat.format(new String[] {doRFC2254Encoding(username)});
SearchControls constraints = new SearchControls();
if (userSearchSubtreeBool) {
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
} else {
constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
}
// setup attributes
List<String> list = new ArrayList<String>();
if (isLoginPropertySet(USER_ROLE_NAME)) {
list.add(getLDAPPropertyValue(USER_ROLE_NAME));
}
String[] attribs = new String[list.size()];
list.toArray(attribs);
constraints.setReturningAttributes(attribs);
if (ActiveMQServerLogger.LOGGER.isDebugEnabled()) {
ActiveMQServerLogger.LOGGER.debug("Get the user DN.");
ActiveMQServerLogger.LOGGER.debug("Looking for the user in LDAP with ");
ActiveMQServerLogger.LOGGER.debug(" base DN: " + getLDAPPropertyValue(USER_BASE));
ActiveMQServerLogger.LOGGER.debug(" filter: " + filter);
}
NamingEnumeration<SearchResult> results =
context.search(getLDAPPropertyValue(USER_BASE), filter, constraints);
if (results == null || !results.hasMore()) {
ActiveMQServerLogger.LOGGER.warn("User " + username + " not found in LDAP.");
throw new FailedLoginException("User " + username + " not found in LDAP.");
}
SearchResult result = results.next();
if (results.hasMore()) {
// ignore for now
}
String dn;
if (result.isRelative()) {
ActiveMQServerLogger.LOGGER.debug("LDAP returned a relative name: " + result.getName());
NameParser parser = context.getNameParser("");
Name contextName = parser.parse(context.getNameInNamespace());
Name baseName = parser.parse(getLDAPPropertyValue(USER_BASE));
Name entryName = parser.parse(result.getName());
Name name = contextName.addAll(baseName);
name = name.addAll(entryName);
dn = name.toString();
} else {
ActiveMQServerLogger.LOGGER.debug("LDAP returned an absolute name: " + result.getName());
try {
URI uri = new URI(result.getName());
String path = uri.getPath();
if (path.startsWith("/")) {
dn = path.substring(1);
} else {
dn = path;
}
} catch (URISyntaxException e) {
if (context != null) {
close(context);
}
FailedLoginException ex = new FailedLoginException("Error parsing absolute name as URI.");
ex.initCause(e);
throw ex;
}
}
if (ActiveMQServerLogger.LOGGER.isDebugEnabled()) {
ActiveMQServerLogger.LOGGER.debug("Using DN [" + dn + "] for binding.");
}
Attributes attrs = result.getAttributes();
if (attrs == null) {
throw new FailedLoginException("User found, but LDAP entry malformed: " + username);
}
List<String> roles = null;
if (isLoginPropertySet(USER_ROLE_NAME)) {
roles = addAttributeValues(getLDAPPropertyValue(USER_ROLE_NAME), attrs, roles);
}
// check the credentials by binding to server
if (bindUser(context, dn, password)) {
// if authenticated add more roles
roles = getRoles(context, dn, username, roles);
if (ActiveMQServerLogger.LOGGER.isDebugEnabled()) {
ActiveMQServerLogger.LOGGER.debug("Roles " + roles + " for user " + username);
}
for (int i = 0; i < roles.size(); i++) {
groups.add(new RolePrincipal(roles.get(i)));
}
} else {
throw new FailedLoginException("Password does not match for user: "******"Error contacting LDAP");
ex.initCause(e);
throw ex;
} catch (NamingException e) {
if (context != null) {
close(context);
}
FailedLoginException ex = new FailedLoginException("Error contacting LDAP");
ex.initCause(e);
throw ex;
}
return true;
}
/**
* Composes the name of this context with a name relative to this context.
*
* <p>Given a name (name) relative to this context, and the name (prefix) of this context relative
* to one of its ancestors, this method returns the composition of the two names using the syntax
* appropriate for the naming system(s) involved. That is, if name names an object relative to
* this context, the result is the name of the same object, but relative to the ancestor context.
* None of the names may be null.
*
* @param name a name relative to this context
* @param prefix the name of this context relative to one of its ancestors
* @return the composition of prefix and name
* @exception NamingException if a naming exception is encountered
*/
@Override
public Name composeName(Name name, Name prefix) throws NamingException {
prefix = (Name) prefix.clone();
return prefix.addAll(name);
}
/** {@inheritDoc} */
public Name composeName(Name name, Name prefix) throws NamingException {
Name newName = (Name) prefix.clone();
return newName.addAll(name);
}