private ConnectorObject getObjectToAuthenticate() { final String uidAttribute = freeIPAConfiguration.getUidAttribute(); Map<String, ConnectorObject> entryDN2Object = new HashMap<String, ConnectorObject>(); final Attribute attr = AttributeBuilder.build(uidAttribute, username); for (ConnectorObject object : LdapSearches.findObjects( freeIPAConnection, objectClass, LDAPConstants.USERS_DN_BASE_SUFFIX + "," + freeIPAConfiguration.getRootSuffix(), attr, "entryDN")) { String entryDN = object.getAttributeByName("entryDN").getValue().get(0).toString(); entryDN2Object.put(entryDN, object); } // If we found more than one authentication candidates, no need to continue if (entryDN2Object.size() > 1) { throw new ConnectorSecurityException( freeIPAConnection.format("moreThanOneEntryMatched", null, username)); } return !entryDN2Object.isEmpty() ? entryDN2Object.values().iterator().next() : null; }
private List<String> getBaseDNs() { List<String> result; QualifiedUid container = options.getContainer(); if (container != null) { result = singletonList( LdapSearches.findEntryDN(conn, container.getObjectClass(), container.getUid())); } else { result = Arrays.asList(baseDNs); } assert result != null; return result; }