/**
* Handle a {@code Callback}
*
* @param c callback
* @throws UnsupportedCallbackException If the callback is not supported by this handler
* @throws NamingException
*/
protected void handleCallBack(Callback c) throws UnsupportedCallbackException, NamingException {
if (c instanceof VerifyPasswordCallback) {
verifyPassword((VerifyPasswordCallback) c);
return;
}
if (c instanceof PasswordCallback == false) return;
PasswordCallback passwdCallback = (PasswordCallback) c;
String bindDN = getBindDN();
String bindCredential = getBindCredential();
String tmp = options.get(PASSWORD_ATTRIBUTE_ID);
if (tmp != null && tmp.length() > 0) {
passwordAttributeID = tmp;
}
InitialLdapContext ctx;
ClassLoader currentTCCL = SecurityActions.getContextClassLoader();
try {
if (currentTCCL != null) SecurityActions.setContextClassLoader(null);
ctx = this.constructInitialLdapContext(bindDN, bindCredential);
} catch (NamingException e) {
throw new RuntimeException(e);
}
String timeLimit = (String) options.get(SEARCH_TIME_LIMIT_OPT);
if (timeLimit != null) {
try {
searchTimeLimit = Integer.parseInt(timeLimit);
} catch (NumberFormatException e) {
}
}
if (searchTimeLimit == 0) searchTimeLimit = 10000;
String baseDN = options.get(BASE_CTX_DN);
String baseFilter = options.get(BASE_FILTER_OPT);
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
constraints.setTimeLimit(searchTimeLimit);
NamingEnumeration<SearchResult> results = null;
Object[] filterArgs = {userName};
try {
if (baseDN == null) throw PicketBoxMessages.MESSAGES.invalidNullBaseContextDN();
results = ctx.search(baseDN, baseFilter, filterArgs, constraints);
if (results.hasMore() == false) {
safeClose(results);
throw PicketBoxMessages.MESSAGES.failedToFindBaseContextDN(baseDN);
}
SearchResult sr = results.next();
String name = sr.getName();
String userDN = null;
if (sr.isRelative() == true) userDN = name + "," + baseDN;
else throw PicketBoxMessages.MESSAGES.unableToFollowReferralForAuth(name);
;
safeClose(results);
// Finished Authentication. Lets look for the attributes
filterArgs = new Object[] {userName, userDN};
results = ctx.search(userDN, baseFilter, filterArgs, constraints);
try {
while (results.hasMore()) {
sr = results.next();
Attributes attributes = sr.getAttributes();
NamingEnumeration<? extends javax.naming.directory.Attribute> ne = attributes.getAll();
while (ne != null && ne.hasMoreElements()) {
javax.naming.directory.Attribute ldapAtt = ne.next();
if (passwordAttributeID.equalsIgnoreCase(ldapAtt.getID())) {
Object thePass = ldapAtt.get();
setPasswordCallbackValue(thePass, passwdCallback);
}
}
}
} finally {
safeClose(results);
safeClose(ctx);
if (currentTCCL != null) SecurityActions.setContextClassLoader(currentTCCL);
}
} catch (NamingException ne) {
PicketBoxLogger.LOGGER.error(ne);
}
}
