/** * Handle a {@code Callback} * * @param c callback * @throws UnsupportedCallbackException If the callback is not supported by this handler * @throws NamingException */ protected void handleCallBack(Callback c) throws UnsupportedCallbackException, NamingException { if (c instanceof VerifyPasswordCallback) { verifyPassword((VerifyPasswordCallback) c); return; } if (c instanceof PasswordCallback == false) return; PasswordCallback passwdCallback = (PasswordCallback) c; String bindDN = getBindDN(); String bindCredential = getBindCredential(); String tmp = options.get(PASSWORD_ATTRIBUTE_ID); if (tmp != null && tmp.length() > 0) { passwordAttributeID = tmp; } InitialLdapContext ctx; ClassLoader currentTCCL = SecurityActions.getContextClassLoader(); try { if (currentTCCL != null) SecurityActions.setContextClassLoader(null); ctx = this.constructInitialLdapContext(bindDN, bindCredential); } catch (NamingException e) { throw new RuntimeException(e); } String timeLimit = (String) options.get(SEARCH_TIME_LIMIT_OPT); if (timeLimit != null) { try { searchTimeLimit = Integer.parseInt(timeLimit); } catch (NumberFormatException e) { } } if (searchTimeLimit == 0) searchTimeLimit = 10000; String baseDN = options.get(BASE_CTX_DN); String baseFilter = options.get(BASE_FILTER_OPT); SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); constraints.setTimeLimit(searchTimeLimit); NamingEnumeration<SearchResult> results = null; Object[] filterArgs = {userName}; try { if (baseDN == null) throw PicketBoxMessages.MESSAGES.invalidNullBaseContextDN(); results = ctx.search(baseDN, baseFilter, filterArgs, constraints); if (results.hasMore() == false) { safeClose(results); throw PicketBoxMessages.MESSAGES.failedToFindBaseContextDN(baseDN); } SearchResult sr = results.next(); String name = sr.getName(); String userDN = null; if (sr.isRelative() == true) userDN = name + "," + baseDN; else throw PicketBoxMessages.MESSAGES.unableToFollowReferralForAuth(name); ; safeClose(results); // Finished Authentication. Lets look for the attributes filterArgs = new Object[] {userName, userDN}; results = ctx.search(userDN, baseFilter, filterArgs, constraints); try { while (results.hasMore()) { sr = results.next(); Attributes attributes = sr.getAttributes(); NamingEnumeration<? extends javax.naming.directory.Attribute> ne = attributes.getAll(); while (ne != null && ne.hasMoreElements()) { javax.naming.directory.Attribute ldapAtt = ne.next(); if (passwordAttributeID.equalsIgnoreCase(ldapAtt.getID())) { Object thePass = ldapAtt.get(); setPasswordCallbackValue(thePass, passwdCallback); } } } } finally { safeClose(results); safeClose(ctx); if (currentTCCL != null) SecurityActions.setContextClassLoader(currentTCCL); } } catch (NamingException ne) { PicketBoxLogger.LOGGER.error(ne); } }