/**
* UTF-8 encodes the supplied collection of values.
*
* @param v values to encode
* @return collection of byte array values
*/
protected Collection<byte[]> convertValuesToByteArray(final Collection<String> v) {
final Collection<byte[]> c = createSortBehaviorCollection(byte[].class);
for (String value : v) {
c.add(LdapUtils.utf8Encode(value));
}
return c;
}
/**
* Used for bind and update.
*
* @param person
* @return
* @see org.projectforge.ldap.LdapDao#getModificationItems(org.projectforge.ldap.LdapObject)
*/
@Override
protected List<ModificationItem> getModificationItems(
final List<ModificationItem> list, final LdapGroup group) {
createAndAddModificationItems(list, "businessCategory", group.getBusinessCategory());
createAndAddModificationItems(list, "o", group.getOrganization());
createAndAddModificationItems(list, "description", group.getDescription());
if (CollectionUtils.isNotEmpty(group.getMembers()) == true) {
createAndAddModificationItems(list, "uniqueMember", group.getMembers());
} else {
createAndAddModificationItems(list, "uniqueMember", NONE_UNIQUE_MEMBER_ID);
}
final boolean modifyPosixAccount =
isPosixAccountsConfigured() == true
&& GroupDOConverter.isPosixAccountValuesEmpty(group) == false;
if (modifyPosixAccount == true) {
if (group.getObjectClasses() != null) {
final List<String> missedObjectClasses =
LdapUtils.getMissedObjectClasses(
getAdditionalObjectClasses(group), getObjectClass(), group.getObjectClasses());
if (CollectionUtils.isNotEmpty(missedObjectClasses) == true) {
for (final String missedObjectClass : missedObjectClasses) {
list.add(
createModificationItem(DirContext.ADD_ATTRIBUTE, "objectClass", missedObjectClass));
}
}
}
}
if (modifyPosixAccount == true) {
createAndAddModificationItems(list, "gidNumber", String.valueOf(group.getGidNumber()));
}
return list;
}
/** Hand-crafted SID. */
public void testConvertHandCraftedBinarySidToString() throws Exception {
byte[] sid = {
(byte) 0x01,
(byte) 0x05,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x05,
(byte) 0x15,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x01,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x02,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x03,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x04,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00
};
String result = LdapUtils.convertBinarySidToString(sid);
assertEquals("S-1-5-21-1-2-3-4", result);
}
/** Example SID from "http://www.pcreview.co.uk/forums/thread-1458615.php". */
public void testConvertBinarySidToString() throws Exception {
byte[] sid = {
(byte) 0x01,
(byte) 0x05,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x05,
(byte) 0x15,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0xe9,
(byte) 0x67,
(byte) 0xbb,
(byte) 0x98,
(byte) 0xd6,
(byte) 0xb7,
(byte) 0xd7,
(byte) 0xbf,
(byte) 0x82,
(byte) 0x05,
(byte) 0x1e,
(byte) 0x6c,
(byte) 0x28,
(byte) 0x06,
(byte) 0x00,
(byte) 0x00
};
String result = LdapUtils.convertBinarySidToString(sid);
assertEquals("S-1-5-21-2562418665-3218585558-1813906818-1576", result);
}
/**
* Base64 encodes the supplied collection of values.
*
* @param v values to encode
* @return collection of string values
*/
protected Collection<String> convertValuesToString(final Collection<byte[]> v) {
final Collection<String> c = createSortBehaviorCollection(String.class);
for (byte[] value : v) {
c.add(LdapUtils.base64Encode(value));
}
return c;
}
/** Example SID from "http://blogs.msdn.com/oldnewthing/archive/2004/03/15/89753.aspx". */
public void testConvertAnotherBinarySidToString() throws Exception {
byte[] sid = {
(byte) 0x01,
(byte) 0x05,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x05,
(byte) 0x15,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0xa0,
(byte) 0x65,
(byte) 0xcf,
(byte) 0x7e,
(byte) 0x78,
(byte) 0x4b,
(byte) 0x9b,
(byte) 0x5f,
(byte) 0xe7,
(byte) 0x7c,
(byte) 0x87,
(byte) 0x70,
(byte) 0x09,
(byte) 0x1c,
(byte) 0x01,
(byte) 0x00
};
String result = LdapUtils.convertBinarySidToString(sid);
assertEquals("S-1-5-21-2127521184-1604012920-1887927527-72713", result);
}
/** {@inheritDoc} */
@Override
public int hashCode() {
return LdapUtils.computeHashCode(
HASH_CODE_SEED,
attributeName != null ? attributeName.toLowerCase() : null,
attributeValues);
}
public void testLargeNumberToBytesLittleEndian() throws Exception {
byte[] result = LdapUtils.numberToBytes("2127521184", 4, false);
assertEquals(4, result.length);
assertEquals(-96, result[0]);
assertEquals(101, result[1]);
assertEquals(-49, result[2]);
assertEquals(126, result[3]);
}
public void testSmallNumberToBytesLittleEndian() throws Exception {
byte[] result = LdapUtils.numberToBytes("21", 4, false);
assertEquals(4, result.length);
assertEquals(21, result[0]);
assertEquals(0, result[1]);
assertEquals(0, result[2]);
assertEquals(0, result[3]);
}
public void testLargeNumberToBytesBigEndian() throws Exception {
byte[] result = LdapUtils.numberToBytes("1183728", 6, true);
assertEquals(6, result.length);
assertEquals(0, result[0]);
assertEquals(0, result[1]);
assertEquals(0, result[2]);
assertEquals(18, result[3]);
assertEquals(15, result[4]);
assertEquals(-16, result[5]);
}
public void testSmallNumberToBytesBigEndian() throws Exception {
byte[] result = LdapUtils.numberToBytes("5", 6, true);
assertEquals(6, result.length);
assertEquals(0, result[0]);
assertEquals(0, result[1]);
assertEquals(0, result[2]);
assertEquals(0, result[3]);
assertEquals(0, result[4]);
assertEquals(5, result[5]);
}
public void testIterateAttributeValuesWithEmptyAttribute() {
String expectedAttributeName = "someAttribute";
BasicAttribute expectedAttribute = new BasicAttribute(expectedAttributeName);
handlerControl.replay();
LdapUtils.iterateAttributeValues(expectedAttribute, handlerMock);
handlerControl.verify();
}
/**
* @see org.projectforge.ldap.LdapDao#mapToObject(java.lang.String,
* javax.naming.directory.Attributes)
*/
@Override
protected LdapGroup mapToObject(final String dn, final Attributes attributes)
throws NamingException {
final LdapGroup group = new LdapGroup();
group.setBusinessCategory(LdapUtils.getAttributeStringValue(attributes, "businessCategory"));
group.setDescription(LdapUtils.getAttributeStringValue(attributes, "description"));
group.setOrganization(LdapUtils.getAttributeStringValue(attributes, "o"));
final String[] members = LdapUtils.getAttributeStringValues(attributes, "uniqueMember");
if (members != null) {
for (final String member : members) {
group.addMember(member, ldapConfig.getBaseDN());
}
}
final boolean posixAccountsConfigured = isPosixAccountsConfigured();
if (posixAccountsConfigured == true) {
final String no = LdapUtils.getAttributeStringValue(attributes, "gidNumber");
group.setGidNumber(NumberHelper.parseInteger(no));
}
return group;
}
public void testCollectAttributeValuesThrowsExceptionWhenAttributeNotPresent() {
String expectedAttributeName = "someAttribute";
BasicAttributes attributes = new BasicAttributes();
LinkedList list = new LinkedList();
try {
LdapUtils.collectAttributeValues(attributes, expectedAttributeName, list);
fail("NoSuchAttributeException expected");
} catch (NoSuchAttributeException expected) {
assertTrue(true);
}
}
public void testIterateAttributeValues() {
String expectedAttributeName = "someAttribute";
BasicAttribute expectedAttribute = new BasicAttribute(expectedAttributeName);
expectedAttribute.add("value1");
expectedAttribute.add("value2");
handlerMock.handleAttributeValue(expectedAttributeName, "value1", 0);
handlerMock.handleAttributeValue(expectedAttributeName, "value2", 1);
handlerControl.replay();
LdapUtils.iterateAttributeValues(expectedAttribute, handlerMock);
handlerControl.verify();
}
public void testCollectAttributeValues() {
String expectedAttributeName = "someAttribute";
BasicAttribute expectedAttribute = new BasicAttribute(expectedAttributeName);
expectedAttribute.add("value1");
expectedAttribute.add("value2");
BasicAttributes attributes = new BasicAttributes();
attributes.put(expectedAttribute);
LinkedList list = new LinkedList();
LdapUtils.collectAttributeValues(attributes, expectedAttributeName, list);
assertEquals(2, list.size());
assertEquals("value1", list.get(0));
assertEquals("value2", list.get(1));
}
/**
* Escapes the supplied string value per RFC 4514 section 2.4.
*
* @param value to escape
* @return escaped value
*/
public static String escapeValue(final String value) {
final int len = value.length();
final StringBuilder sb = new StringBuilder(len);
char ch;
for (int i = 0; i < len; i++) {
ch = value.charAt(i);
switch (ch) {
case '"':
case '#':
case '+':
case ',':
case ';':
case '<':
case '=':
case '>':
case '\\':
sb.append('\\').append(ch);
break;
case ' ':
// escape first space and last space
if (i == 0 || i + 1 == len) {
sb.append('\\').append(ch);
} else {
sb.append(ch);
}
break;
case 0:
// escape null
sb.append("\\00");
break;
default:
// escape non-printable ASCII characters
// CheckStyle:MagicNumber OFF
if (ch < ' ' || ch == 127) {
sb.append(LdapUtils.hexEncode(ch));
} else {
sb.append(ch);
}
// CheckStyle:MagicNumber ON
break;
}
}
return sb.toString();
}
/**
* This implementation opens an LDAP connection using the token's {@link
* #getLdapPrincipal(org.apache.shiro.authc.AuthenticationToken) discovered principal} and
* provided {@link AuthenticationToken#getCredentials() credentials}. If the connection opens
* successfully, the authentication attempt is immediately considered successful and a new {@link
* AuthenticationInfo} instance is {@link
* #createAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken, Object, Object,
* javax.naming.ldap.LdapContext) created} and returned. If the connection cannot be opened,
* either because LDAP authentication failed or some other JNDI problem, an {@link
* NamingException} will be thrown.
*
* @param token the submitted authentication token that triggered the authentication attempt.
* @param ldapContextFactory factory used to retrieve LDAP connections.
* @return an {@link AuthenticationInfo} instance representing the authenticated user's
* information.
* @throws NamingException if any LDAP errors occur.
*/
protected AuthenticationInfo queryForAuthenticationInfo(
AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
Object principal = token.getPrincipal();
Object credentials = token.getCredentials();
log.debug("Authenticating user '{}' through LDAP", principal);
principal = getLdapPrincipal(token);
LdapContext ctx = null;
try {
ctx = ldapContextFactory.getLdapContext(principal, credentials);
// context was opened successfully, which means their credentials were valid. Return the
// AuthenticationInfo:
return createAuthenticationInfo(token, principal, credentials, ctx);
} finally {
LdapUtils.closeContext(ctx);
}
}
/** Example SID from "http://www.pcreview.co.uk/forums/thread-1458615.php". */
public void testConvertStringSidToBinary() throws Exception {
byte[] expectedSid = {
(byte) 0x01,
(byte) 0x05,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x05,
(byte) 0x15,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0xe9,
(byte) 0x67,
(byte) 0xbb,
(byte) 0x98,
(byte) 0xd6,
(byte) 0xb7,
(byte) 0xd7,
(byte) 0xbf,
(byte) 0x82,
(byte) 0x05,
(byte) 0x1e,
(byte) 0x6c,
(byte) 0x28,
(byte) 0x06,
(byte) 0x00,
(byte) 0x00
};
byte[] result =
LdapUtils.convertStringSidToBinary("S-1-5-21-2562418665-3218585558-1813906818-1576");
assertTrue("incorrect length of array", ArrayUtils.isSameLength(expectedSid, result));
for (int i = 0; i < result.length; i++) {
assertEquals("i=" + i + ",", expectedSid[i], result[i]);
}
}
/** Hand-crafted SID. */
public void testConvertHandCraftedStringSidToBinary() throws Exception {
byte[] expectedSid = {
(byte) 0x01,
(byte) 0x05,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x05,
(byte) 0x15,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x01,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x02,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x03,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00,
(byte) 0x04,
(byte) 0x00,
(byte) 0x00,
(byte) 0x00
};
byte[] result = LdapUtils.convertStringSidToBinary("S-1-5-21-1-2-3-4");
assertTrue("incorrect length of array", ArrayUtils.isSameLength(expectedSid, result));
for (int i = 0; i < result.length; i++) {
assertEquals("i=" + i + ",", expectedSid[i], result[i]);
}
}
/** {@inheritDoc} */
@Override
public int hashCode() {
return LdapUtils.computeHashCode(HASH_CODE_SEED, values);
}
/** {@inheritDoc} */
@Override
public int hashCode() {
return LdapUtils.computeHashCode(
HASH_CODE_SEED, entryDn != null ? entryDn.toLowerCase() : null, entryAttributes.values());
}
