void addGroup(Hashtable<String, String> ldapEnv, String cn, ArrayList members, String owner) { Attributes attributes = new BasicAttributes(true); attributes.put(new BasicAttribute("objectClass", "groupOfNames")); attributes.put(new BasicAttribute("cn", cn)); attributes.put( new BasicAttribute( "owner", "cn=" + owner + "," + Play.configuration.getProperty("ldap.dn"))); Iterator memberIterator = members.iterator(); BasicAttribute membersAttribute = new BasicAttribute( "member", "cn=" + owner + "," + Play.configuration.getProperty("ldap.dn")); while (memberIterator.hasNext()) { String specificMember = "cn=" + memberIterator.next() + "," + Play.configuration.getProperty("ldap.dn"); if (!membersAttribute.contains(specificMember)) membersAttribute.add(specificMember); } attributes.put(membersAttribute); DirContext ldapContext = null; try { ldapContext = new InitialDirContext(ldapEnv); ldapContext.bind( "cn=" + cn + "," + Play.configuration.getProperty("ldap.dn"), null, attributes); ldapContext.close(); } catch (Exception e) { System.err.println("Erreur lors de l'acces au serveur LDAP " + e); e.printStackTrace(); } System.out.println("fin des traitements"); }
public void addUser( Hashtable ldapEnv, String mail, String givenName, String sn, String cn, String userPassword) { Attributes attributes = new BasicAttributes(true); attributes.put(new BasicAttribute("mail", mail)); attributes.put(new BasicAttribute("objectClass", "inetOrgPerson")); // attributes.put(new BasicAttribute("objectClass","simpleSecurityObject")); attributes.put(new BasicAttribute("givenName", givenName)); attributes.put(new BasicAttribute("sn", sn)); attributes.put(new BasicAttribute("cn", cn)); attributes.put(new BasicAttribute("userPassword", userPassword)); DirContext ldapContext = null; try { ldapContext = new InitialDirContext(ldapEnv); // MonObjet objet = new MonObjet("valeur1","valeur2"); ldapContext.bind( "cn=" + cn + "," + Play.configuration.getProperty("ldap.dn"), null, attributes); ldapContext.close(); } catch (Exception e) { System.err.println("Erreur lors de l'acces au serveur LDAP " + e); e.printStackTrace(); } System.out.println("fin des traitements"); }
public Attributes getGroupInfo(Hashtable<String, String> ldapEnv, String groupName) { try { DirContext ldapContext = null; ldapContext = new InitialDirContext(ldapEnv); System.out.println("LDAP : Bind Ok = "); SearchControls controle = new SearchControls(); controle.setSearchScope(SearchControls.SUBTREE_SCOPE); String critere = "(cn=" + groupName + ")"; NamingEnumeration<SearchResult> e = ldapContext.search(Play.configuration.getProperty("ldap.dn"), critere, controle); while (e.hasMore()) { SearchResult r = e.next(); System.out.println("name: " + r.getName()); System.out.println("object: " + r.getClassName()); System.out.println("getAttributes: " + r.getAttributes()); return r.getAttributes(); } } catch (AuthenticationException error) { return null; } catch (NamingException ex) { Logger.getLogger(Ldap.class.getName()).log(Level.SEVERE, null, ex); } return null; }
/* goodG2B() - use goodsource and badsink */ public void goodG2B_sink(String data, HttpServletRequest request, HttpServletResponse response) throws Throwable { Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://localhost:389"); DirContext ctx = new InitialDirContext(env); String search = "(cn=" + data + ")"; /* POTENTIAL FLAW: unsanitized data from untrusted source */ NamingEnumeration<SearchResult> answer = ctx.search("", search, null); while (answer.hasMore()) { SearchResult sr = answer.next(); Attributes a = sr.getAttributes(); NamingEnumeration<?> attrs = a.getAll(); while (attrs.hasMore()) { Attribute attr = (Attribute) attrs.next(); NamingEnumeration<?> values = attr.getAll(); while (values.hasMore()) { response.getWriter().println(" Value: " + values.next().toString()); } } } }
private void checkAuthentication( String rootDn, ActiveDirectoryLdapAuthenticationProvider provider) throws NamingException { DirContext ctx = mock(DirContext.class); when(ctx.getNameInNamespace()).thenReturn(""); DirContextAdapter dca = new DirContextAdapter(); SearchResult sr = new SearchResult("CN=Joe Jannsen,CN=Users", dca, dca.getAttributes()); @SuppressWarnings("deprecation") DistinguishedName searchBaseDn = new DistinguishedName(rootDn); when(ctx.search( eq(searchBaseDn), any(String.class), any(Object[].class), any(SearchControls.class))) .thenReturn(new MockNamingEnumeration(sr)) .thenReturn(new MockNamingEnumeration(sr)); provider.contextFactory = createContextFactoryReturning(ctx); Authentication result = provider.authenticate(joe); assertEquals(0, result.getAuthorities().size()); dca.addAttributeValue("memberOf", "CN=Admin,CN=Users,DC=mydomain,DC=eu"); result = provider.authenticate(joe); assertEquals(1, result.getAuthorities().size()); }
public static void main(String[] args) { // set up environment to access the server Properties env = new Properties(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://" + ldapServerName + "/" + rootContext); env.put(Context.SECURITY_PRINCIPAL, rootdn); env.put(Context.SECURITY_CREDENTIALS, rootpass); try { // obtain initial directory context using the environment DirContext ctx = new InitialDirContext(env); // create some random number to add to the directory Integer i = new Integer(28420); System.out.println("Adding " + i + " to directory..."); ctx.bind("cn=myRandomInt", i); i = new Integer(98765); System.out.println("i is now: " + i); i = (Integer) ctx.lookup("cn=myRandomInt"); System.out.println("Retrieved i from directory with value: " + i); } catch (NameAlreadyBoundException nabe) { System.err.println("value has already been bound!"); } catch (Exception e) { System.err.println(e); } }
/** * Search for entry that matches the specific <code>DirectoryQuery</code> conditions. Returns a * <code>java.util.List<String></code> with the Distinguished names of the entries that match. You * can specify a match limit * * @param q DirectoryQuery * @param limit An <code>Integer</code> with the limit of matches * @return List<String> * @exception LDAPException */ public List<String> searchDN(final LDAPDirectoryQuery q, final Integer limit) throws LDAPException { List<String> results = new ArrayList<String>(); try { DirContext ctx = connection.connect(); if (ctx == null) { throw new LDAPException("directory service not available"); } SearchControls ctls = new SearchControls(); if (connection.hasCountLimit()) { ctls.setCountLimit(connection.getCountLimit()); } if (limit != null) { ctls.setCountLimit(limit.intValue()); } ctls.setSearchScope(connection.getScope()); String filter = getQueryString(ctx, q); NamingEnumeration<SearchResult> answer = ctx.search(baseDN, filter, ctls); while (answer.hasMoreElements()) { SearchResult sr = answer.nextElement(); results.add(sr.getNameInNamespace()); } } catch (NullPointerException e) { _log.log(java.util.logging.Level.ALL, "searchDN() null pointer"); throw new LDAPException("search DN null pointer"); } catch (NamingException e) { _log.log(java.util.logging.Level.ALL, "searchDN() - " + e.getMessage()); throw new LDAPException(e.getMessage()); } finally { connection.disconnect(); } return results; }
public boolean loginAdminOk(String login, String password) throws Exception { String activeDirectoryIP = configuration.getActiveDirectoryIP(); String activeDirectoryPort = configuration.getActiveDirectoryPort(); String activeDirectoryDomain = configuration.getActiveDirectoryDomain(); String activeDirectoryDC = configuration.getActiveDirectoryDC(); java.util.Properties properties = new Properties(); properties.setProperty(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); properties.setProperty( Context.PROVIDER_URL, "ldap://" + activeDirectoryIP + ":" + activeDirectoryPort + "/"); properties.setProperty(Context.SECURITY_AUTHENTICATION, "simple"); properties.setProperty(Context.SECURITY_PRINCIPAL, login + "@" + activeDirectoryDomain); properties.setProperty(Context.SECURITY_CREDENTIALS, password); properties.setProperty(Context.REFERRAL, "follow"); DirContext ctx = new InitialDirContext(properties); SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration<SearchResult> results = ctx.search(activeDirectoryDC, "(sAMAccountName=" + login + ")", constraints); if (results != null && results.hasMore()) { SearchResult sr = (SearchResult) results.next(); String dn = sr.getName(); log.info("Usuario " + dn + " autenticado correctamente"); return true; } return false; }
/** * Connect to the DirContext, and retrieve the bound object, as well as its attributes. If no * object is bound with the name specified in the URL, then an IOException is thrown. * * @throws IOException Object not found */ @Override public void connect() throws IOException { if (!connected) { try { date = System.currentTimeMillis(); String path = URL_DECODER.convert(getURL().getFile(), false); if (context instanceof ProxyDirContext) { ProxyDirContext proxyDirContext = (ProxyDirContext) context; String hostName = proxyDirContext.getHostName(); String contextPath = proxyDirContext.getContextPath(); if (hostName != null) { if (!path.startsWith("/" + hostName + "/")) return; path = path.substring(hostName.length() + 1); } if (contextPath != null) { if (!path.startsWith(contextPath + "/")) { return; } path = path.substring(contextPath.length()); } } object = context.lookup(path); attributes = context.getAttributes(path); if (object instanceof Resource) resource = (Resource) object; if (object instanceof DirContext) collection = (DirContext) object; } catch (NamingException e) { // Object not found } connected = true; } }
public UserDTO doLdapAuthentication(UserDTO dto) throws Exception { log.info("INSIDE LDAP AUTHENTICATION 2"); UserDTO ldapDTO = null; String url = "ldap://172.18.20.0:10389"; Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, url); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system"); env.put(Context.SECURITY_CREDENTIALS, "secret"); try { ldapDTO = new UserDTO(); DirContext ctx = new InitialDirContext(env); Attributes attrs = ctx.getAttributes("cn=" + dto.getUsername() + ",ou=users,ou=system"); Attribute userPassword = attrs.get("userPassword"); String ldapPasswordFromDB = new String((byte[]) userPassword.get()); String md5EncryptedPassword = encryptLdapPassword("md5", dto.getPassword()); if (md5EncryptedPassword.equalsIgnoreCase(ldapPasswordFromDB)) { ldapDTO.setEmployeeId((String) (attrs.get("employeeNumber").get())); ldapDTO.setEmployeeType((String) (attrs.get("employeeType").get())); ldapDTO.setUsername((String) (attrs.get("cn").get())); } ctx.close(); } catch (Exception e) { e.printStackTrace(); } return ldapDTO; }
@Override public LdapEntry[] groupSearch(DirContext dirContext, LdapEntry entry) throws IOException, NamingException { Set<LdapEntry> foundEntries = new HashSet<LdapEntry>(); // Load the list of group. Attributes groups = dirContext.getAttributes(entry.getDistinguishedName(), new String[] {groupAttribute}); Attribute groupRef = groups.get(groupAttribute); if (groupRef != null && groupRef.size() > 0) { NamingEnumeration<String> groupRefValues = (NamingEnumeration<String>) groupRef.getAll(); while (groupRefValues.hasMore()) { String distingushedName = groupRefValues.next(); SECURITY_LOGGER.tracef("Group found with distinguishedName=%s", distingushedName); String simpleName = null; if (groupNameAttribute != null) { // Load the Name Attributes groupNameAttrs = dirContext.getAttributes(distingushedName, new String[] {groupNameAttribute}); Attribute groupNameAttr = groupNameAttrs.get(groupNameAttribute); simpleName = (String) groupNameAttr.get(); SECURITY_LOGGER.tracef( "simpleName %s loaded for group with distinguishedName=%s", simpleName, distingushedName); } else { SECURITY_LOGGER.trace("No groupNameAttribute to load simpleName"); } foundEntries.add(new LdapEntry(simpleName, distingushedName)); } } else { SECURITY_LOGGER.tracef("No groups found for %s", entry); } return foundEntries.toArray(new LdapEntry[foundEntries.size()]); }
private LdapUser looukupByFilter(String filter) { SearchControls sc = new SearchControls(); sc.setSearchScope(SearchControls.SUBTREE_SCOPE); DirContext ctxt; try { ctxt = connect(); NamingEnumeration<SearchResult> results = ctxt.search(basedn, filter, sc); if (results.hasMore()) { SearchResult result = results.next(); Attributes attrs = result.getAttributes(); String firstName = attrs.get("givenName").get().toString(); String lastName = attrs.get("sn").get().toString(); String cn = attrs.get("cn").get().toString(); String dn = result.getNameInNamespace(); String forwardAddress = attrs.get("forward").get().toString(); String mailAdress = attrs.get("mail").get().toString(); Attribute addrAttr = attrs.get("privateMail"); if (addrAttr == null) { addrAttr = attrs.get("forward"); } String privateMailAdress = addrAttr.get().toString(); LdapUser user = new LdapUser( dn, firstName, lastName, forwardAddress, mailAdress, privateMailAdress, cn); return user; } } catch (NamingException e) { log.fatal(e); throw new RuntimeException(e); } return null; }
/** Search criteria based on sn(surname) */ private void searchUsingSubTree() { System.out.println("Inside searchUsingSubTree"); DirContext ctx = LDAPConstants.getLdapContext(); String baseDN = "OU=Staff,OU=Accounts,O=ibo,DC=adld,DC=ibo,DC=org"; SearchControls sc = new SearchControls(); String[] attributeFilter = {"cn", "givenName"}; sc.setReturningAttributes(attributeFilter); sc.setSearchScope(SearchControls.SUBTREE_SCOPE); String filter = "sn=X*"; // String filter = "(&(sn=R*)(givenName=Sinduja))"; //Examples for search Filters // String filter = "(|(sn=R*)(givenName=Sinduja))"; NamingEnumeration results = null; try { results = ctx.search(baseDN, filter, sc); while (results.hasMore()) { SearchResult sr = (SearchResult) results.next(); Attributes attrs = sr.getAttributes(); Attribute attr = attrs.get("cn"); System.out.print("cn : " + attr.get() + "\n"); attr = attrs.get("givenName"); System.out.print("givenName: " + attr.get() + "\n"); ctx.close(); } } catch (NamingException e) { // TODO Auto-generated catch block e.printStackTrace(); } }
/** * Infer the root DN. * * @return null if not found. */ private String inferRootDN(String server) { try { Hashtable<String, String> props = new Hashtable<String, String>(); if (managerDN != null) { props.put(Context.SECURITY_PRINCIPAL, managerDN); props.put(Context.SECURITY_CREDENTIALS, getManagerPassword()); } props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); props.put(Context.PROVIDER_URL, toProviderUrl(fixNull(getServerUrl()), "")); DirContext ctx = new InitialDirContext(props); Attributes atts = ctx.getAttributes(""); Attribute a = atts.get("defaultNamingContext"); if (a != null && a.get() != null) { // this entry is available on Active Directory. See // http://msdn2.microsoft.com/en-us/library/ms684291(VS.85).aspx return a.get().toString(); } a = atts.get("namingcontexts"); if (a == null) { LOGGER.warning("namingcontexts attribute not found in root DSE of " + server); return null; } return a.get().toString(); } catch (NamingException e) { LOGGER.log(Level.WARNING, "Failed to connect to LDAP to infer Root DN for " + server, e); return null; } }
private void searchUsingObject() { System.out.println("Inside searchUsingObject"); DirContext ctx = LDAPConstants.getLdapContext(); // String baseDN = "CN=sindujar,OU=Staff,OU=Accounts,O=ibo,DC=adld,DC=ibo,DC=org"; //To serach // for a particular user String baseDN = "OU=Staff,OU=Accounts,O=ibo,DC=adld,DC=ibo,DC=org"; SearchControls sc = new SearchControls(); sc.setSearchScope(SearchControls.SUBTREE_SCOPE); String filter = "objectclass=*"; // String filter = "(&(sn=R*)(givenName=Sinduja))"; //Examples for search Filters // String filter = "(|(sn=R*)(givenName=Sinduja))"; NamingEnumeration results = null; try { results = ctx.search(baseDN, filter, sc); while (results.hasMore()) { SearchResult sr = (SearchResult) results.next(); System.out.println(sr.toString() + "\n"); ctx.close(); } } catch (NamingException e) { // TODO Auto-generated catch block e.printStackTrace(); } }
/** * Return the URL to the resource that is mapped to a specified path. The path must begin with a * "/" and is interpreted as relative to the current context root. * * @param path The path to the desired resource * @exception MalformedURLException if the path is not given in the correct form */ public URL getResource(String path) throws MalformedURLException { DirContext resources = context.getResources(); if (resources != null) { String fullPath = context.getName() + path; // this is the problem. Host must not be null String hostName = context.getParent().getName(); try { resources.lookup(path); if (System.getSecurityManager() != null) { try { PrivilegedGetResource dp = new PrivilegedGetResource(hostName, fullPath, resources); return (URL) AccessController.doPrivileged(dp); } catch (PrivilegedActionException pe) { throw pe.getException(); } } else { return new URL( "jndi", null, 0, getJNDIUri(hostName, fullPath), new DirContextURLStreamHandler(resources)); } } catch (Exception e) { // e.printStackTrace(); } } return (null); }
public static void main(String[] args) { // Set up environment for creating initial context Hashtable<String, Object> env = new Hashtable<String, Object>(11); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, "ldap://localhost:389/o=JNDITutorial"); // Authenticate as S. User and password "mysecret" env.put(Context.SECURITY_AUTHENTICATION, "custom"); env.put(Context.SECURITY_PRINCIPAL, "cn=S. User, ou=NewHires, o=JNDITutorial"); env.put(Context.SECURITY_CREDENTIALS, "mysecret"); try { // Create initial context DirContext ctx = new InitialDirContext(env); System.out.println(ctx.lookup("ou=NewHires")); // do something useful with ctx // Close the context when we're done ctx.close(); } catch (NamingException e) { e.printStackTrace(); } }
/** * Clear the directory sub-tree starting with the node represented by the supplied distinguished * name. * * @param ctx The DirContext to use for cleaning the tree. * @param name the distinguished name of the root node. * @throws NamingException if anything goes wrong removing the sub-tree. */ public static void clearSubContexts(DirContext ctx, Name name) throws NamingException { NamingEnumeration enumeration = null; try { enumeration = ctx.listBindings(name); while (enumeration.hasMore()) { Binding element = (Binding) enumeration.next(); Name childName = LdapUtils.newLdapName(element.getName()); childName = LdapUtils.prepend(childName, name); try { ctx.destroySubcontext(childName); } catch (ContextNotEmptyException e) { clearSubContexts(ctx, childName); ctx.destroySubcontext(childName); } } } catch (NamingException e) { e.printStackTrace(); } finally { try { enumeration.close(); } catch (Exception e) { // Never mind this } } }
@SuppressWarnings("unchecked") @Test public void testRunning() throws Exception { Hashtable env = new Hashtable(); env.put(Context.PROVIDER_URL, "ldap://localhost:1024"); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, PRINCIPAL); env.put(Context.SECURITY_CREDENTIALS, CREDENTIALS); DirContext ctx = new InitialDirContext(env); HashSet set = new HashSet(); NamingEnumeration list = ctx.list("ou=system"); while (list.hasMore()) { NameClassPair ncp = (NameClassPair) list.next(); set.add(ncp.getName()); } assertTrue(set.contains("uid=admin")); assertTrue(set.contains("ou=users")); assertTrue(set.contains("ou=groups")); assertTrue(set.contains("ou=configuration")); assertTrue(set.contains("prefNodeName=sysPrefRoot")); }
/** * Search for entry that matches the specific <code>DirectoryQuery</code> conditions * * @param q DirectoryQuery * @return List<DirectoryEntry> * @exception LDAPException */ public List<Identity> search(final LDAPDirectoryQuery q) throws LDAPException { List<Identity> results = new ArrayList<Identity>(); try { DirContext ctx = connection.connect(); if (ctx == null) { throw new LDAPException("directory service not available"); } SearchControls ctls = new SearchControls(); List<String> _aux = new ArrayList<String>(); _aux.add("modifyTimestamp"); _aux.add("*"); ctls.setReturningAttributes(_aux.toArray(new String[_aux.size()])); if (connection.hasCountLimit()) { ctls.setCountLimit(connection.getCountLimit()); } ctls.setSearchScope(connection.getScope()); String filter = getQueryString(ctx, q); NamingEnumeration<SearchResult> answer = ctx.search(baseDN, filter, ctls); while (answer.hasMoreElements()) { SearchResult sr = answer.nextElement(); LDAPDirectoryEntry _e = null; if (sr.getName().isEmpty()) { _e = new LDAPDirectoryEntry(baseDN); } else { _e = new LDAPDirectoryEntry(sr.getNameInNamespace()); /* * _e = new LDAPEntry(sr.getName() + "," + this.baseDN); if(_e.getID().matches( * "^(ldap|ldaps)\\://[a-zA-Z0-9\\-\\.]+\\.[a-zA-Z0-9\\-]+(:[a-zA-Z0-9]*)?/?([a-zA-Z0-9\\-\\._\\?\\,\\'/\\\\\\+&%\\$#\\=~])*[^\\.\\,\\)\\(\\s]$" * )) { URL _url = new URL(_e.getID()); _e.setID(_url.getPath()); } */ } @SuppressWarnings("unchecked") NamingEnumeration<Attribute> ne = (NamingEnumeration<Attribute>) sr.getAttributes().getAll(); while (ne.hasMore()) { Attribute att = ne.next(); Object[] attrs = new Object[att.size()]; @SuppressWarnings("unchecked") NamingEnumeration<Object> nea = (NamingEnumeration<Object>) att.getAll(); for (int i = 0; nea.hasMore(); i++) { attrs[i] = nea.next(); } _e.setAttribute(att.getID(), attrs); } results.add(_e); } } catch (NullPointerException e) { _log.log(java.util.logging.Level.ALL, "search() null pointer"); throw new LDAPException("search null pointer"); } catch (NamingException e) { _log.log(java.util.logging.Level.ALL, "search() - " + e.getMessage()); throw new LDAPException(e.getMessage()); } finally { connection.disconnect(); } return results; }
public FormValidation doServerCheck( @QueryParameter final String server, @QueryParameter final String managerDN, @QueryParameter final String managerPassword) { if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) return FormValidation.ok(); try { Hashtable<String, String> props = new Hashtable<String, String>(); if (managerDN != null && managerDN.trim().length() > 0 && !"undefined".equals(managerDN)) { props.put(Context.SECURITY_PRINCIPAL, managerDN); } if (managerPassword != null && managerPassword.trim().length() > 0 && !"undefined".equals(managerPassword)) { props.put(Context.SECURITY_CREDENTIALS, managerPassword); } props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); props.put(Context.PROVIDER_URL, toProviderUrl(server, "")); DirContext ctx = new InitialDirContext(props); ctx.getAttributes(""); return FormValidation.ok(); // connected } catch (NamingException e) { // trouble-shoot Matcher m = Pattern.compile( "(ldaps?://)?([^:]+)(?:\\:(\\d+))?(\\s+(ldaps?://)?([^:]+)(?:\\:(\\d+))?)*") .matcher(server.trim()); if (!m.matches()) return FormValidation.error( hudson.security.Messages.LDAPSecurityRealm_SyntaxOfServerField()); try { InetAddress adrs = InetAddress.getByName(m.group(2)); int port = m.group(1) != null ? 636 : 389; if (m.group(3) != null) port = Integer.parseInt(m.group(3)); Socket s = new Socket(adrs, port); s.close(); } catch (UnknownHostException x) { return FormValidation.error( hudson.security.Messages.LDAPSecurityRealm_UnknownHost(x.getMessage())); } catch (IOException x) { return FormValidation.error( x, hudson.security.Messages.LDAPSecurityRealm_UnableToConnect(server, x.getMessage())); } // otherwise we don't know what caused it, so fall back to the general error report // getMessage() alone doesn't offer enough return FormValidation.error( e, hudson.security.Messages.LDAPSecurityRealm_UnableToConnect(server, e)); } catch (NumberFormatException x) { // The getLdapCtxInstance method throws this if it fails to parse the port number return FormValidation.error(hudson.security.Messages.LDAPSecurityRealm_InvalidPortNumber()); } }
/** * @see net.jforum.sso.LoginAuthenticator#validateLogin(java.lang.String, java.lang.String, * java.util.Map) */ public User validateLogin(String username, String password, Map extraParams) { Hashtable environment = this.prepareEnvironment(); StringBuffer principal = new StringBuffer(256) .append(SystemGlobals.getValue(ConfigKeys.LDAP_LOGIN_PREFIX)) .append(username) .append(',') .append(SystemGlobals.getValue(ConfigKeys.LDAP_LOGIN_SUFFIX)); environment.put(Context.SECURITY_PRINCIPAL, principal.toString()); environment.put(Context.SECURITY_CREDENTIALS, password); DirContext dir = null; try { dir = new InitialDirContext(environment); String lookupPrefix = SystemGlobals.getValue(ConfigKeys.LDAP_LOOKUP_PREFIX); String lookupSuffix = SystemGlobals.getValue(ConfigKeys.LDAP_LOOKUP_SUFFIX); if (lookupPrefix == null || lookupPrefix.length() == 0) { lookupPrefix = SystemGlobals.getValue(ConfigKeys.LDAP_LOGIN_PREFIX); } if (lookupSuffix == null || lookupSuffix.length() == 0) { lookupSuffix = SystemGlobals.getValue(ConfigKeys.LDAP_LOGIN_SUFFIX); } String lookupPrincipal = lookupPrefix + username + "," + lookupSuffix; Attribute att = dir.getAttributes(lookupPrincipal) .get(SystemGlobals.getValue(ConfigKeys.LDAP_FIELD_EMAIL)); SSOUtils utils = new SSOUtils(); if (!utils.userExists(username)) { String email = att != null ? (String) att.get() : "noemail"; utils.register("ldap", email); } return utils.getUser(); } catch (AuthenticationException e) { return null; } catch (NamingException e) { return null; } finally { if (dir != null) { try { dir.close(); } catch (NamingException e) { // close jndi context } } } }
public DirContext createSubcontext(String name, Attributes attrs) throws NamingException { ResolveResult res = getRootURLContext(name, myEnv); DirContext ctx = (DirContext) res.getResolvedObj(); try { return ctx.createSubcontext(res.getRemainingName(), attrs); } finally { ctx.close(); } }
public void rebind(String name, Object obj, Attributes attrs) throws NamingException { ResolveResult res = getRootURLContext(name, myEnv); DirContext ctx = (DirContext) res.getResolvedObj(); try { ctx.rebind(res.getRemainingName(), obj, attrs); } finally { ctx.close(); } }
@Test public void testMissingProviderUrlLdapSearches() throws NamingException { DirContext context = new TestLdapContext(new Hashtable<Object, Object>()); try { runNonLdapSearchControlsActions(context); } finally { context.close(); } }
public DirContext getSchemaClassDefinition(String name) throws NamingException { ResolveResult res = getRootURLContext(name, myEnv); DirContext ctx = (DirContext) res.getResolvedObj(); try { return ctx.getSchemaClassDefinition(res.getRemainingName()); } finally { ctx.close(); } }
public void modifyAttributes(String name, int mod_op, Attributes attrs) throws NamingException { ResolveResult res = getRootURLContext(name, myEnv); DirContext ctx = (DirContext) res.getResolvedObj(); try { ctx.modifyAttributes(res.getRemainingName(), mod_op, attrs); } finally { ctx.close(); } }
/** * Returns a list of AD Groups using the service account * * @return list of AD Groups */ public static List<String> getADGroupsByServiceAccount() { String username = MessageUtils.getMessage("ldap.service.account.username"); String password = MessageUtils.getMessage("ldap.service.account.password"); List<String> awsAllGroups = null; logger.debug("Starting....."); if (username == null || password == null) { return new ArrayList<String>(); } Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, MessageUtils.getMessage("ldap.service.account.url")); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, username); env.put(Context.SECURITY_CREDENTIALS, password); DirContext ctx = null; try { logger.debug("Getting AWS groups using service account"); ctx = new InitialDirContext(env); logger.debug("After InitialDirContext"); SearchControls controls = new SearchControls(); controls.setSearchScope(SearchControls.SUBTREE_SCOPE); String attr[] = {"samaccountname"}; controls.setReturningAttributes(attr); NamingEnumeration<SearchResult> result = ctx.search( MessageUtils.getMessage("ldap.service.account.conf.name"), MessageUtils.getMessage("ldap.service.account.conf.filter"), controls); awsAllGroups = new ArrayList<String>(); SearchResult sr = null; // Loop through the search results while (result.hasMoreElements()) { sr = (SearchResult) result.next(); awsAllGroups.add(sr.getName().substring(3)); } return awsAllGroups; } catch (AuthenticationException e) { logger.error("Service account details are not correct." + e.getMessage()); return null; } catch (NamingException e) { logger.error("Unable to connect" + e.getMessage()); return new ArrayList<String>(); } finally { if (ctx != null) { try { ctx.close(); } catch (NamingException e) { } } } }
public Attributes getAttributes(String name, String[] attrIds) throws NamingException { ResolveResult res = getRootURLContext(name, myEnv); DirContext ctx = (DirContext) res.getResolvedObj(); try { return ctx.getAttributes(res.getRemainingName(), attrIds); } finally { ctx.close(); } }
public NamingEnumeration<SearchResult> search(String name, String filter, SearchControls cons) throws NamingException { ResolveResult res = getRootURLContext(name, myEnv); DirContext ctx = (DirContext) res.getResolvedObj(); try { return ctx.search(res.getRemainingName(), filter, cons); } finally { ctx.close(); } }