protected String getDnForUser(String userId) { LdapUserEntity user = (LdapUserEntity) createUserQuery(org.camunda.bpm.engine.impl.context.Context.getCommandContext()) .userId(userId) .singleResult(); if (user == null) { return ""; } else { return user.getDn(); } }
public boolean checkPassword(String userId, String password) { // prevent a null password if (password == null) { return false; } // engine can't work without users if (userId == null || userId.isEmpty()) { return false; } /* * We only allow login with no password if anonymous login is set. * RFC allows such a behavior but discourages the usage so we provide it for * user which have an ldap with anonymous login. */ if (!ldapConfiguration.isAllowAnonymousLogin() && password.equals("")) { return false; } // first search for user using manager DN LdapUserEntity user = (LdapUserEntity) findUserById(userId); close(); if (user == null) { return false; } else { try { // bind authenticate for user + supplied password openContext(user.getDn(), password); return true; } catch (LdapAuthenticationException e) { return false; } } }
protected LdapUserEntity transformUser(SearchResult result) throws NamingException { final Attributes attributes = result.getAttributes(); LdapUserEntity user = new LdapUserEntity(); user.setDn(result.getNameInNamespace()); user.setId(getStringAttributeValue(ldapConfiguration.getUserIdAttribute(), attributes)); user.setFirstName( getStringAttributeValue(ldapConfiguration.getUserFirstnameAttribute(), attributes)); user.setLastName( getStringAttributeValue(ldapConfiguration.getUserLastnameAttribute(), attributes)); user.setEmail(getStringAttributeValue(ldapConfiguration.getUserEmailAttribute(), attributes)); return user; }