/* remove invalid entries...without hostmask or without logins */ private CopyOnWriteArrayList<AuthenticationInfo> cleanup(List<AuthenticationInfo> input) { if (input == null || input.size() == 0) { return null; } CopyOnWriteArrayList<AuthenticationInfo> ret = new CopyOnWriteArrayList<AuthenticationInfo>(); for (AuthenticationInfo item : input) { if (StringUtils.isEmpty(item.getHostmask())) { continue; } if (StringUtils.isEmpty(item.getPassword()) && StringUtils.isEmpty(item.getPassword())) { continue; } ret.add(item); } return ret; }
public void validate(Login login, String url) { if (StringUtils.isEmpty(url)) { return; } AuthenticationInfo.Type type = null; if (url.startsWith("ftp")) { type = Type.FTP; } else if (url.startsWith("http")) { type = Type.HTTP; } else { Log.L.info("Unknown Protocoll: " + url); return; } String urlHost = Browser.getHost(url, true); for (AuthenticationInfo info : list) { if (!info.isEnabled()) { continue; } String authHost = info.getHostmask(); if (info.getType().equals(type) && !StringUtils.isEmpty(authHost)) { boolean contains = false; if (authHost.length() > urlHost.length()) { /* hostMask of AuthenticationInfo is longer */ contains = authHost.contains(urlHost); } else { /* hostMask of urlHost is longer */ contains = urlHost.contains(authHost); } if (contains) { if (StringUtils.equals(info.getUsername(), login.getUsername()) && StringUtils.equals(info.getPassword(), login.getPassword())) { info.setLastValidated(System.currentTimeMillis()); } } } } }
public List<Login> getSortedLoginsList(String url) { if (StringUtils.isEmpty(url)) { return null; } AuthenticationInfo.Type type = null; if (url.startsWith("ftp")) { type = Type.FTP; } else if (url.startsWith("http")) { type = Type.HTTP; } else { Log.L.info("Unknown Protocoll: " + url); return null; } final ArrayList<AuthenticationInfo> possibleInfos = new ArrayList<AuthenticationInfo>(); String urlHost = Browser.getHost(url, true); for (AuthenticationInfo info : list) { if (!info.isEnabled()) { continue; } final String authHost = info.getHostmask(); if (info.getType().equals(type) && !StringUtils.isEmpty(authHost)) { boolean contains = false; if (authHost.length() > urlHost.length()) { /* hostMask of AuthenticationInfo is longer */ contains = authHost.contains(urlHost); } else { /* hostMask of urlHost is longer */ contains = urlHost.contains(authHost); } if (contains) { possibleInfos.add(info); } } } try { Collections.sort( possibleInfos, new Comparator<AuthenticationInfo>() { @Override public int compare(AuthenticationInfo o1, AuthenticationInfo o2) { int ret = Integer.compare(o2.getHostmask().length(), o1.getHostmask().length()); if (ret == 0) { ret = Long.compare(o2.getLastValidated(), o1.getLastValidated()); } if (ret == 0) { ret = Long.compare(o2.getCreated(), o1.getCreated()); } return ret; } }); } catch (Throwable e) { logger.log(e); } final ArrayList<Login> ret = new ArrayList<Login>(); for (AuthenticationInfo info : possibleInfos) { ret.add(new Login(info.getUsername(), info.getPassword())); } return ret; }
/** * Process this bind operation in a local backend. * * @param wfe The local backend work-flow element. */ public void processLocalBind(LocalBackendWorkflowElement wfe) { this.backend = wfe.getBackend(); // Initialize a number of variables for use during the bind processing. clientConnection = getClientConnection(); returnAuthzID = false; executePostOpPlugins = false; sizeLimit = DirectoryServer.getSizeLimit(); timeLimit = DirectoryServer.getTimeLimit(); lookthroughLimit = DirectoryServer.getLookthroughLimit(); idleTimeLimit = DirectoryServer.getIdleTimeLimit(); bindDN = getBindDN(); saslMechanism = getSASLMechanism(); authPolicyState = null; pwPolicyErrorType = null; pwPolicyControlRequested = false; isGraceLogin = false; isFirstWarning = false; mustChangePassword = false; pwPolicyWarningType = null; pwPolicyWarningValue = -1; pluginConfigManager = DirectoryServer.getPluginConfigManager(); processBind(); // Update the user's account with any password policy changes that may be // required. try { if (authPolicyState != null) { authPolicyState.finalizeStateAfterBind(); } } catch (DirectoryException de) { logger.traceException(de); setResponseData(de); } // Invoke the post-operation bind plugins. if (executePostOpPlugins) { PluginResult.PostOperation postOpResult = pluginConfigManager.invokePostOperationBindPlugins(this); if (!postOpResult.continueProcessing()) { setResultCode(postOpResult.getResultCode()); appendErrorMessage(postOpResult.getErrorMessage()); setMatchedDN(postOpResult.getMatchedDN()); setReferralURLs(postOpResult.getReferralURLs()); } } // Update the authentication information for the user. AuthenticationInfo authInfo = getAuthenticationInfo(); if (getResultCode() == ResultCode.SUCCESS && authInfo != null) { clientConnection.setAuthenticationInfo(authInfo); clientConnection.setSizeLimit(sizeLimit); clientConnection.setTimeLimit(timeLimit); clientConnection.setIdleTimeLimit(idleTimeLimit); clientConnection.setLookthroughLimit(lookthroughLimit); clientConnection.setMustChangePassword(mustChangePassword); if (returnAuthzID) { addResponseControl(new AuthorizationIdentityResponseControl(authInfo.getAuthorizationDN())); } } // See if we need to send a password policy control to the client. If so, // then add it to the response. if (getResultCode() == ResultCode.SUCCESS) { if (pwPolicyControlRequested) { PasswordPolicyResponseControl pwpControl = new PasswordPolicyResponseControl( pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType); addResponseControl(pwpControl); } else { if (pwPolicyErrorType == PasswordPolicyErrorType.PASSWORD_EXPIRED) { addResponseControl(new PasswordExpiredControl()); } else if (pwPolicyWarningType == PasswordPolicyWarningType.TIME_BEFORE_EXPIRATION) { addResponseControl(new PasswordExpiringControl(pwPolicyWarningValue)); } else if (mustChangePassword) { addResponseControl(new PasswordExpiredControl()); } } } else { if (pwPolicyControlRequested) { PasswordPolicyResponseControl pwpControl = new PasswordPolicyResponseControl( pwPolicyWarningType, pwPolicyWarningValue, pwPolicyErrorType); addResponseControl(pwpControl); } else { if (pwPolicyErrorType == PasswordPolicyErrorType.PASSWORD_EXPIRED) { addResponseControl(new PasswordExpiredControl()); } } } }