| 110 |
110 |
authenticated = ldapAuthenticate(identifier, password);
|
| 111 |
111 |
// if not found, try looking up a valid DN then auth again
|
| 112 |
112 |
if (!authenticated) {
|
| 113 |
|
MetaCatUtil.debugMessage("Looking up DN for: " + identifier, 35);
|
|
113 |
MetaCatUtil.logMetacat.info("Looking up DN for: " + identifier);
|
| 114 |
114 |
identifier = getIdentifyingName(identifier, ldapUrl, ldapBase);
|
| 115 |
|
MetaCatUtil.debugMessage("DN found: " + identifier, 35);
|
|
115 |
MetaCatUtil.logMetacat.info("DN found: " + identifier);
|
| 116 |
116 |
String decoded = URLDecoder.decode(identifier);
|
| 117 |
|
MetaCatUtil.debugMessage("DN decoded: " + decoded, 35);
|
|
117 |
MetaCatUtil.logMetacat.info("DN decoded: " + decoded);
|
| 118 |
118 |
identifier = decoded;
|
| 119 |
119 |
String refUrl = "";
|
| 120 |
120 |
String refBase = "";
|
| 121 |
121 |
if (identifier.startsWith("ldap")) {
|
| 122 |
122 |
refUrl = identifier.substring(0,
|
| 123 |
123 |
identifier.lastIndexOf("/") + 1);
|
| 124 |
|
MetaCatUtil.debugMessage("Ref ldapUrl: " + refUrl, 35);
|
|
124 |
MetaCatUtil.logMetacat.info("Ref ldapUrl: " + refUrl);
|
| 125 |
125 |
int position = identifier.indexOf(",");
|
| 126 |
126 |
int position2 = identifier.indexOf(",", position + 1);
|
| 127 |
127 |
refBase = identifier.substring(position2 + 1);
|
| 128 |
|
MetaCatUtil.debugMessage("Ref ldapBase: " + refBase, 35);
|
|
128 |
MetaCatUtil.logMetacat.info("Ref ldapBase: " + refBase);
|
| 129 |
129 |
identifier = identifier.substring(
|
| 130 |
130 |
identifier.lastIndexOf("/") + 1);
|
| 131 |
|
MetaCatUtil.debugMessage("Trying: " + identifier, 35);
|
|
131 |
MetaCatUtil.logMetacat.info("Trying: " + identifier);
|
| 132 |
132 |
authenticated = ldapAuthenticate(identifier, password,
|
| 133 |
133 |
refUrl, refBase);
|
| 134 |
134 |
}
|
| 135 |
135 |
else {
|
| 136 |
136 |
identifier = identifier + "," + ldapBase;
|
| 137 |
|
MetaCatUtil.debugMessage("Trying: " + identifier, 35);
|
|
137 |
MetaCatUtil.logMetacat.info("Trying: " + identifier);
|
| 138 |
138 |
authenticated = ldapAuthenticate(identifier, password);
|
| 139 |
139 |
}
|
| 140 |
140 |
//authenticated = ldapAuthenticate(identifier, password);
|
| ... | ... | |
| 142 |
142 |
|
| 143 |
143 |
}
|
| 144 |
144 |
catch (NullPointerException e) {
|
| 145 |
|
util.debugMessage("NullPointerException b' password is null", 30);
|
| 146 |
|
util.debugMessage("NullPointerException while authenticating in " +
|
| 147 |
|
"AuthLdap.authenticate: " + e, 30);
|
|
145 |
MetaCatUtil.logMetacat.info("NullPointerException b' password is null");
|
|
146 |
MetaCatUtil.logMetacat.info("NullPointerException while authenticating in " +
|
|
147 |
"AuthLdap.authenticate: " + e);
|
| 148 |
148 |
throw new ConnectException(
|
| 149 |
149 |
"NullPointerException while authenticating in " +
|
| 150 |
150 |
"AuthLdap.authenticate: " + e);
|
| 151 |
151 |
}
|
| 152 |
152 |
catch (NamingException e) {
|
| 153 |
|
util.debugMessage("Naming exception while authenticating in " +
|
| 154 |
|
"AuthLdap.authenticate: " + e, 30);
|
|
153 |
MetaCatUtil.logMetacat.info("Naming exception while authenticating in " +
|
|
154 |
"AuthLdap.authenticate: " + e);
|
| 155 |
155 |
e.printStackTrace();
|
| 156 |
156 |
}
|
| 157 |
157 |
catch (Exception e) {
|
| 158 |
|
util.debugMessage(e.getMessage(), 30);
|
|
158 |
MetaCatUtil.logMetacat.info(e.getMessage());
|
| 159 |
159 |
}
|
| 160 |
160 |
return authenticated;
|
| 161 |
161 |
}
|
| ... | ... | |
| 196 |
196 |
"com.sun.jndi.ldap.LdapCtxFactory");
|
| 197 |
197 |
env.put(Context.REFERRAL, "throw");
|
| 198 |
198 |
env.put(Context.PROVIDER_URL, directoryUrl + searchBase);
|
| 199 |
|
util.debugMessage("PROVIDER_URL set to: " + directoryUrl + searchBase, 35);
|
|
199 |
MetaCatUtil.logMetacat.info("PROVIDER_URL set to: " + directoryUrl + searchBase);
|
| 200 |
200 |
if (!ldapsUrl.equals(ldapUrl)) {
|
| 201 |
201 |
// ldap is set on default port 389
|
| 202 |
202 |
// ldaps is set on second port - 636 by default
|
| ... | ... | |
| 212 |
212 |
//Here to check the authorization
|
| 213 |
213 |
ctx = new InitialDirContext(env);
|
| 214 |
214 |
double stopTime = System.currentTimeMillis();
|
| 215 |
|
util.debugMessage("Connection time thru " + ldapsUrl + " was: " +
|
| 216 |
|
(stopTime - startTime) / 1000 + " seconds.", 35);
|
|
215 |
MetaCatUtil.logMetacat.info("Connection time thru " + ldapsUrl + " was: " +
|
|
216 |
(stopTime - startTime) / 1000 + " seconds.");
|
| 217 |
217 |
authenticated = true;
|
| 218 |
218 |
//tls.close();
|
| 219 |
219 |
ctx.close();
|
| ... | ... | |
| 228 |
228 |
}
|
| 229 |
229 |
}
|
| 230 |
230 |
catch (javax.naming.InvalidNameException ine) {
|
| 231 |
|
util.debugMessage("An invalid DN was provided!", 30);
|
|
231 |
MetaCatUtil.logMetacat.info("An invalid DN was provided!");
|
| 232 |
232 |
}
|
| 233 |
233 |
catch (javax.naming.ReferralException re) {
|
| 234 |
|
util.debugMessage("referral during authentication", 30);
|
| 235 |
|
util.debugMessage("Referral information: " + re.getReferralInfo(), 30);
|
|
234 |
MetaCatUtil.logMetacat.info("referral during authentication");
|
|
235 |
MetaCatUtil.logMetacat.info("Referral information: " + re.getReferralInfo());
|
| 236 |
236 |
try {
|
| 237 |
237 |
refExc = re;
|
| 238 |
238 |
|
| ... | ... | |
| 240 |
240 |
t.start();
|
| 241 |
241 |
Thread.sleep(5000); //this is a manual override of ldap's
|
| 242 |
242 |
//hideously long time out period.
|
| 243 |
|
util.debugMessage("Awake after 5 seconds.", 35);
|
|
243 |
MetaCatUtil.logMetacat.info("Awake after 5 seconds.");
|
| 244 |
244 |
if (referralContext == null) {
|
| 245 |
245 |
t.interrupt();
|
| 246 |
246 |
authenticated = false;
|
| ... | ... | |
| 255 |
255 |
}
|
| 256 |
256 |
}
|
| 257 |
257 |
else {
|
| 258 |
|
util.debugMessage("User not found", 30);
|
|
258 |
MetaCatUtil.logMetacat.info("User not found");
|
| 259 |
259 |
}
|
| 260 |
260 |
double totStopTime = System.currentTimeMillis();
|
| 261 |
|
util.debugMessage("total ldap authentication time: " +
|
| 262 |
|
(totStopTime - totStartTime) / 1000 + " seconds", 35);
|
|
261 |
MetaCatUtil.logMetacat.info("total ldap authentication time: " +
|
|
262 |
(totStopTime - totStartTime) / 1000 + " seconds");
|
| 263 |
263 |
return authenticated;
|
| 264 |
264 |
}
|
| 265 |
265 |
|
| ... | ... | |
| 279 |
279 |
Hashtable env = new Hashtable(11);
|
| 280 |
280 |
env.put(Context.INITIAL_CONTEXT_FACTORY,
|
| 281 |
281 |
"com.sun.jndi.ldap.LdapCtxFactory");
|
| 282 |
|
util.debugMessage("setting referrals to: " + referral, 35);
|
|
282 |
MetaCatUtil.logMetacat.info("setting referrals to: " + referral);
|
| 283 |
283 |
env.put(Context.REFERRAL, referral);
|
| 284 |
284 |
env.put(Context.PROVIDER_URL, ldapUrl + ldapBase);
|
| 285 |
285 |
// non-secure LDAP context; dn are publicly readable
|
| ... | ... | |
| 300 |
300 |
// This assumes a dn like "uid=x,o=y,dc=someinst,dc=org"
|
| 301 |
301 |
int position = user.indexOf(",");
|
| 302 |
302 |
String comp1 = user.substring(0, position);
|
| 303 |
|
MetaCatUtil.debugMessage("First comp is: " + comp1, 35);
|
|
303 |
MetaCatUtil.logMetacat.info("First comp is: " + comp1);
|
| 304 |
304 |
String comp2 = user.substring(position + 1,
|
| 305 |
305 |
user.indexOf(",", position + 1));
|
| 306 |
|
MetaCatUtil.debugMessage("Second comp is: " + comp2, 35);
|
|
306 |
MetaCatUtil.logMetacat.info("Second comp is: " + comp2);
|
| 307 |
307 |
|
| 308 |
308 |
//String filter = "(&(" + comp1 + "))";
|
| 309 |
309 |
String filter = "(&(" + comp1 + ")(" + comp2 + "))";
|
| 310 |
|
MetaCatUtil.debugMessage("Filter is: " + filter, 35);
|
| 311 |
|
MetaCatUtil.debugMessage("Provider URL is: " + ldapUrl + ldapBase, 35);
|
|
310 |
MetaCatUtil.logMetacat.info("Filter is: " + filter);
|
|
311 |
MetaCatUtil.logMetacat.info("Provider URL is: " + ldapUrl + ldapBase);
|
| 312 |
312 |
NamingEnumeration answer;
|
| 313 |
313 |
try {
|
| 314 |
|
util.debugMessage("Trying search 1: " + filter, 35);
|
|
314 |
MetaCatUtil.logMetacat.info("Trying search 1: " + filter);
|
| 315 |
315 |
answer = ctx.search("", filter, ctls);
|
| 316 |
|
util.debugMessage("Search 1 complete", 35);
|
|
316 |
MetaCatUtil.logMetacat.info("Search 1 complete");
|
| 317 |
317 |
if (answer == null) {
|
| 318 |
|
util.debugMessage("Search 1 answer is null.", 35);
|
|
318 |
MetaCatUtil.logMetacat.info("Search 1 answer is null.");
|
| 319 |
319 |
}
|
| 320 |
320 |
if (answer.hasMore()) {
|
| 321 |
|
util.debugMessage("Search 1 has answers.", 35);
|
|
321 |
MetaCatUtil.logMetacat.info("Search 1 has answers.");
|
| 322 |
322 |
SearchResult sr = (SearchResult) answer.next();
|
| 323 |
323 |
identifier = sr.getName();
|
| 324 |
|
util.debugMessage("Originally Found: " + identifier, 35);
|
|
324 |
MetaCatUtil.logMetacat.info("Originally Found: " + identifier);
|
| 325 |
325 |
return identifier;
|
| 326 |
326 |
}
|
| 327 |
327 |
}
|
| 328 |
328 |
catch (InvalidSearchFilterException e) {
|
| 329 |
|
util.debugMessage("Invalid Filter exception thrown (if1)", 35);
|
|
329 |
MetaCatUtil.logMetacat.info("Invalid Filter exception thrown (if1)");
|
| 330 |
330 |
}
|
| 331 |
331 |
|
| 332 |
332 |
// That failed, so check if it is just a username
|
| 333 |
333 |
filter = "(" + user + ")";
|
| 334 |
334 |
try {
|
| 335 |
|
MetaCatUtil.debugMessage("Trying again: " + filter, 35);
|
|
335 |
MetaCatUtil.logMetacat.info("Trying again: " + filter);
|
| 336 |
336 |
answer = ctx.search("", filter, ctls);
|
| 337 |
337 |
if (answer.hasMore()) {
|
| 338 |
338 |
SearchResult sr = (SearchResult) answer.next();
|
| ... | ... | |
| 344 |
344 |
identifier = identifier.substring(identifier.lastIndexOf("/") + 1,
|
| 345 |
345 |
identifier.indexOf(","));
|
| 346 |
346 |
}
|
| 347 |
|
util.debugMessage("Found: " + identifier, 35);
|
|
347 |
MetaCatUtil.logMetacat.info("Found: " + identifier);
|
| 348 |
348 |
return identifier;
|
| 349 |
349 |
}
|
| 350 |
350 |
}
|
| ... | ... | |
| 352 |
352 |
|
| 353 |
353 |
// Maybe its a user id (uid)
|
| 354 |
354 |
filter = "(uid=" + user + ")";
|
| 355 |
|
MetaCatUtil.debugMessage("Trying again: " + filter, 35);
|
|
355 |
MetaCatUtil.logMetacat.info("Trying again: " + filter);
|
| 356 |
356 |
answer = ctx.search("", filter, ctls);
|
| 357 |
357 |
if (answer.hasMore()) {
|
| 358 |
358 |
SearchResult sr = (SearchResult) answer.next();
|
| ... | ... | |
| 364 |
364 |
identifier = identifier.substring(identifier.lastIndexOf("/") + 1,
|
| 365 |
365 |
identifier.indexOf(","));
|
| 366 |
366 |
}
|
| 367 |
|
util.debugMessage("Found: " + identifier, 35);
|
|
367 |
MetaCatUtil.logMetacat.info("Found: " + identifier);
|
| 368 |
368 |
}
|
| 369 |
369 |
else {
|
| 370 |
370 |
|
| 371 |
371 |
// maybe its just a common name
|
| 372 |
372 |
filter = "(cn=" + user + ")";
|
| 373 |
|
MetaCatUtil.debugMessage("Trying again: " + filter, 35);
|
|
373 |
MetaCatUtil.logMetacat.info("Trying again: " + filter);
|
| 374 |
374 |
NamingEnumeration answer2 = ctx.search("", filter, ctls);
|
| 375 |
375 |
if (answer2.hasMore()) {
|
| 376 |
376 |
SearchResult sr = (SearchResult) answer2.next();
|
| ... | ... | |
| 382 |
382 |
identifier = identifier.substring(identifier.lastIndexOf("/") + 1,
|
| 383 |
383 |
identifier.indexOf(","));
|
| 384 |
384 |
}
|
| 385 |
|
util.debugMessage("Found: " + identifier, 35);
|
|
385 |
MetaCatUtil.logMetacat.info("Found: " + identifier);
|
| 386 |
386 |
}
|
| 387 |
387 |
else {
|
| 388 |
388 |
|
| 389 |
389 |
// ok, last resort, is it a surname?
|
| 390 |
390 |
filter = "(sn=" + user + ")";
|
| 391 |
|
MetaCatUtil.debugMessage("Trying again: " + filter, 35);
|
|
391 |
MetaCatUtil.logMetacat.info("Trying again: " + filter);
|
| 392 |
392 |
NamingEnumeration answer3 = ctx.search("", filter, ctls);
|
| 393 |
393 |
if (answer3.hasMore()) {
|
| 394 |
394 |
SearchResult sr = (SearchResult) answer3.next();
|
| ... | ... | |
| 401 |
401 |
identifier = identifier.substring(identifier.lastIndexOf("/") + 1,
|
| 402 |
402 |
identifier.indexOf(","));
|
| 403 |
403 |
}
|
| 404 |
|
util.debugMessage("Found: " + identifier, 35);
|
|
404 |
MetaCatUtil.logMetacat.info("Found: " + identifier);
|
| 405 |
405 |
}
|
| 406 |
406 |
}
|
| 407 |
407 |
}
|
| ... | ... | |
| 409 |
409 |
ctx.close();
|
| 410 |
410 |
}
|
| 411 |
411 |
catch (NamingException e) {
|
| 412 |
|
util.debugMessage("Naming exception while getting dn: " + e, 35);
|
|
412 |
MetaCatUtil.logMetacat.info("Naming exception while getting dn: " + e);
|
| 413 |
413 |
throw new NamingException(
|
| 414 |
414 |
"Naming exception in AuthLdap.getIdentifyingName: " + e);
|
| 415 |
415 |
}
|
| 416 |
|
MetaCatUtil.debugMessage("Returning found identifier as: " + identifier, 35);
|
|
416 |
MetaCatUtil.logMetacat.info("Returning found identifier as: " + identifier);
|
| 417 |
417 |
return identifier;
|
| 418 |
418 |
}
|
| 419 |
419 |
|
| ... | ... | |
| 495 |
495 |
}
|
| 496 |
496 |
}
|
| 497 |
497 |
catch (SizeLimitExceededException slee) {
|
| 498 |
|
util.debugMessage("LDAP Server size limit exceeded. " +
|
| 499 |
|
"Returning incomplete record set.", 35);
|
|
498 |
MetaCatUtil.logMetacat.info("LDAP Server size limit exceeded. " +
|
|
499 |
"Returning incomplete record set.");
|
| 500 |
500 |
}
|
| 501 |
501 |
|
| 502 |
502 |
// initialize users[]; fill users[]
|
| ... | ... | |
| 514 |
514 |
|
| 515 |
515 |
}
|
| 516 |
516 |
catch (NamingException e) {
|
| 517 |
|
util.debugMessage("Problem getting users in AuthLdap.getUsers:" + e, 35);
|
|
517 |
MetaCatUtil.logMetacat.info("Problem getting users in AuthLdap.getUsers:" + e);
|
| 518 |
518 |
//e.printStackTrace(System.err);
|
| 519 |
519 |
throw new ConnectException(
|
| 520 |
520 |
"Problem getting users in AuthLdap.getUsers:" + e);
|
| ... | ... | |
| 566 |
566 |
}
|
| 567 |
567 |
}
|
| 568 |
568 |
catch (SizeLimitExceededException slee) {
|
| 569 |
|
util.debugMessage("LDAP Server size limit exceeded. " +
|
| 570 |
|
"Returning incomplete record set.", 35);
|
|
569 |
MetaCatUtil.logMetacat.info("LDAP Server size limit exceeded. " +
|
|
570 |
"Returning incomplete record set.");
|
| 571 |
571 |
}
|
| 572 |
572 |
|
| 573 |
573 |
// initialize users[]; fill users[]
|
| ... | ... | |
| 581 |
581 |
|
| 582 |
582 |
}
|
| 583 |
583 |
catch (NamingException e) {
|
| 584 |
|
util.debugMessage("Problem getting users for a group in " +
|
| 585 |
|
"AuthLdap.getUsers:" + e, 30);
|
|
584 |
MetaCatUtil.logMetacat.info("Problem getting users for a group in " +
|
|
585 |
"AuthLdap.getUsers:" + e);
|
| 586 |
586 |
throw new ConnectException(
|
| 587 |
587 |
"Problem getting users for a group in AuthLdap.getUsers:" + e);
|
| 588 |
588 |
}
|
| ... | ... | |
| 645 |
645 |
else {
|
| 646 |
646 |
filter = "(& " + gfilter + "(uniqueMember=" + foruser + "))";
|
| 647 |
647 |
}
|
| 648 |
|
MetaCatUtil.debugMessage("searching for groups: " + filter, 35);
|
|
648 |
MetaCatUtil.logMetacat.info("searching for groups: " + filter);
|
| 649 |
649 |
NamingEnumeration namingEnum = ctx.search(ldapBase, filter, ctls);
|
| 650 |
650 |
|
| 651 |
651 |
// Print the groups
|
| 652 |
|
MetaCatUtil.debugMessage("getting group results.", 50);
|
|
652 |
MetaCatUtil.logMetacat.info("getting group results.");
|
| 653 |
653 |
while (namingEnum.hasMore()) {
|
| 654 |
654 |
SearchResult sr = (SearchResult) namingEnum.next();
|
| 655 |
655 |
tempAttr = sr.getAttributes();
|
| ... | ... | |
| 662 |
662 |
}
|
| 663 |
663 |
|
| 664 |
664 |
gvec.add(sr.getName() + "," + ldapBase);
|
| 665 |
|
MetaCatUtil.debugMessage("group " + sr.getName() +
|
| 666 |
|
" added to Group vector", 35);
|
|
665 |
MetaCatUtil.logMetacat.info("group " + sr.getName() +
|
|
666 |
" added to Group vector");
|
| 667 |
667 |
}
|
| 668 |
668 |
// Close the context when we're done
|
| 669 |
669 |
ctx.close();
|
| ... | ... | |
| 672 |
672 |
catch (ReferralException re) {
|
| 673 |
673 |
refExc = re;
|
| 674 |
674 |
Thread t = new Thread(new GetGroup());
|
| 675 |
|
util.debugMessage("Starting thread...", 50);
|
|
675 |
MetaCatUtil.logMetacat.info("Starting thread...");
|
| 676 |
676 |
t.start();
|
| 677 |
|
util.debugMessage("sleeping for 5 seconds.", 50);
|
|
677 |
MetaCatUtil.logMetacat.info("sleeping for 5 seconds.");
|
| 678 |
678 |
try {
|
| 679 |
679 |
Thread.sleep(5000);
|
| 680 |
680 |
}
|
| 681 |
681 |
catch (InterruptedException ie) {
|
| 682 |
|
MetaCatUtil.debugMessage("main thread interrupted: " + ie.getMessage(),
|
| 683 |
|
30);
|
|
682 |
MetaCatUtil.logMetacat.info("main thread interrupted: " + ie.getMessage());
|
| 684 |
683 |
}
|
| 685 |
684 |
//this is a manual override of jndi's hideously long time
|
| 686 |
685 |
//out period.
|
| 687 |
|
util.debugMessage("Awake after 5 seconds.", 40);
|
|
686 |
MetaCatUtil.logMetacat.info("Awake after 5 seconds.");
|
| 688 |
687 |
if (referralContext == null) {
|
| 689 |
|
util.debugMessage("thread timed out...returning groups: " +
|
| 690 |
|
gvec.toString(), 35);
|
|
688 |
MetaCatUtil.logMetacat.info("thread timed out...returning groups: " +
|
|
689 |
gvec.toString());
|
| 691 |
690 |
String groups[][] = new String[gvec.size()][2];
|
| 692 |
691 |
for (int i = 0; i < gvec.size(); i++) {
|
| 693 |
692 |
groups[i][0] = (String) gvec.elementAt(i);
|
| ... | ... | |
| 736 |
735 |
dc.close();
|
| 737 |
736 |
}
|
| 738 |
737 |
catch (NamingException ne) {
|
| 739 |
|
MetaCatUtil.debugMessage("Naming Exception in AuthLdap.getGroups" +
|
| 740 |
|
ne.getExplanation() + ne.getMessage(), 30);
|
|
738 |
MetaCatUtil.logMetacat.info("Naming Exception in AuthLdap.getGroups" +
|
|
739 |
ne.getExplanation() + ne.getMessage());
|
| 741 |
740 |
}
|
| 742 |
741 |
}
|
| 743 |
742 |
catch (NamingException e) {
|
| ... | ... | |
| 752 |
751 |
"Problem getting groups for a user in AuthLdap.getGroups:" + e);*/
|
| 753 |
752 |
}
|
| 754 |
753 |
|
| 755 |
|
MetaCatUtil.debugMessage("The user is in the following groups: " +
|
| 756 |
|
gvec.toString(), 35);
|
|
754 |
MetaCatUtil.logMetacat.info("The user is in the following groups: " +
|
|
755 |
gvec.toString());
|
| 757 |
756 |
String groups[][] = new String[gvec.size()][2];
|
| 758 |
757 |
for (int i = 0; i < gvec.size(); i++) {
|
| 759 |
758 |
groups[i][0] = (String) gvec.elementAt(i);
|
| ... | ... | |
| 821 |
820 |
ctx.close();
|
| 822 |
821 |
}
|
| 823 |
822 |
catch (NamingException e) {
|
| 824 |
|
util.debugMessage("Problem getting attributes in " +
|
| 825 |
|
"AuthLdap.getAttributes:" + e, 35);
|
|
823 |
MetaCatUtil.logMetacat.info("Problem getting attributes in " +
|
|
824 |
"AuthLdap.getAttributes:" + e);
|
| 826 |
825 |
throw new ConnectException(
|
| 827 |
826 |
"Problem getting attributes in AuthLdap.getAttributes:" + e);
|
| 828 |
827 |
}
|
| ... | ... | |
| 932 |
931 |
|
| 933 |
932 |
}
|
| 934 |
933 |
catch (NamingException e) {
|
| 935 |
|
util.debugMessage("Problem getting subtrees in AuthLdap.getSubtrees:"
|
| 936 |
|
+ e, 30);
|
|
934 |
MetaCatUtil.logMetacat.info("Problem getting subtrees in AuthLdap.getSubtrees:"
|
|
935 |
+ e);
|
| 937 |
936 |
throw new ConnectException(
|
| 938 |
937 |
"Problem getting subtrees in AuthLdap.getSubtrees:" + e);
|
| 939 |
938 |
}
|
| ... | ... | |
| 1081 |
1080 |
String user = args[0];
|
| 1082 |
1081 |
String password = args[1];
|
| 1083 |
1082 |
|
| 1084 |
|
MetaCatUtil.debugMessage("Creating session...", 20);
|
|
1083 |
MetaCatUtil.logMetacat.warn("Creating session...");
|
| 1085 |
1084 |
AuthLdap authservice = new AuthLdap();
|
| 1086 |
|
MetaCatUtil.debugMessage("Session exists...", 20);
|
|
1085 |
MetaCatUtil.logMetacat.warn("Session exists...");
|
| 1087 |
1086 |
|
| 1088 |
1087 |
boolean isValid = false;
|
| 1089 |
1088 |
try {
|
| 1090 |
|
MetaCatUtil.debugMessage("Authenticating...", 20);
|
|
1089 |
MetaCatUtil.logMetacat.warn("Authenticating...");
|
| 1091 |
1090 |
isValid = authservice.authenticate(user, password);
|
| 1092 |
1091 |
if (isValid) {
|
| 1093 |
|
MetaCatUtil.debugMessage("Authentication successful for: " + user, 20);
|
|
1092 |
MetaCatUtil.logMetacat.warn("Authentication successful for: " + user);
|
| 1094 |
1093 |
}
|
| 1095 |
1094 |
else {
|
| 1096 |
|
MetaCatUtil.debugMessage("Authentication failed for: " + user, 20);
|
|
1095 |
MetaCatUtil.logMetacat.warn("Authentication failed for: " + user);
|
| 1097 |
1096 |
}
|
| 1098 |
1097 |
|
| 1099 |
1098 |
// Get attributes for the user
|
| 1100 |
1099 |
if (isValid) {
|
| 1101 |
|
MetaCatUtil.debugMessage("\nGetting attributes for user....", 20);
|
|
1100 |
MetaCatUtil.logMetacat.warn("\nGetting attributes for user....");
|
| 1102 |
1101 |
HashMap userInfo = authservice.getAttributes(user, password, user);
|
| 1103 |
1102 |
// Print all of the attributes
|
| 1104 |
1103 |
Iterator attList = (Iterator) ( ( (Set) userInfo.keySet()).iterator());
|
| ... | ... | |
| 1108 |
1107 |
Iterator attvalues = values.iterator();
|
| 1109 |
1108 |
while (attvalues.hasNext()) {
|
| 1110 |
1109 |
String value = (String) attvalues.next();
|
| 1111 |
|
MetaCatUtil.debugMessage(att + ": " + value, 20);
|
|
1110 |
MetaCatUtil.logMetacat.warn(att + ": " + value);
|
| 1112 |
1111 |
}
|
| 1113 |
1112 |
}
|
| 1114 |
1113 |
}
|
| 1115 |
1114 |
|
| 1116 |
1115 |
// get the groups
|
| 1117 |
1116 |
if (isValid) {
|
| 1118 |
|
MetaCatUtil.debugMessage("\nGetting all groups....", 20);
|
|
1117 |
MetaCatUtil.logMetacat.warn("\nGetting all groups....");
|
| 1119 |
1118 |
String[][] groups = authservice.getGroups(user, password);
|
| 1120 |
|
MetaCatUtil.debugMessage("Groups found: " + groups.length, 20);
|
|
1119 |
MetaCatUtil.logMetacat.warn("Groups found: " + groups.length);
|
| 1121 |
1120 |
for (int i = 0; i < groups.length; i++) {
|
| 1122 |
|
MetaCatUtil.debugMessage("Group " + i + ": " + groups[i][0], 20);
|
|
1121 |
MetaCatUtil.logMetacat.warn("Group " + i + ": " + groups[i][0]);
|
| 1123 |
1122 |
}
|
| 1124 |
1123 |
}
|
| 1125 |
1124 |
|
| 1126 |
1125 |
// get the groups for the user
|
| 1127 |
1126 |
String savedGroup = null;
|
| 1128 |
1127 |
if (isValid) {
|
| 1129 |
|
MetaCatUtil.debugMessage("\nGetting groups for user....", 20);
|
|
1128 |
MetaCatUtil.logMetacat.warn("\nGetting groups for user....");
|
| 1130 |
1129 |
String[][] groups = authservice.getGroups(user, password, user);
|
| 1131 |
|
MetaCatUtil.debugMessage("Groups found: " + groups.length, 20);
|
|
1130 |
MetaCatUtil.logMetacat.warn("Groups found: " + groups.length);
|
| 1132 |
1131 |
for (int i = 0; i < groups.length; i++) {
|
| 1133 |
|
MetaCatUtil.debugMessage("Group " + i + ": " + groups[i][0], 20);
|
|
1132 |
MetaCatUtil.logMetacat.warn("Group " + i + ": " + groups[i][0]);
|
| 1134 |
1133 |
savedGroup = groups[i][0];
|
| 1135 |
1134 |
}
|
| 1136 |
1135 |
}
|
| 1137 |
1136 |
|
| 1138 |
1137 |
// get the users for a group
|
| 1139 |
1138 |
if (isValid) {
|
| 1140 |
|
MetaCatUtil.debugMessage("\nGetting users for group....", 20);
|
| 1141 |
|
MetaCatUtil.debugMessage("Group: " + savedGroup, 20);
|
|
1139 |
MetaCatUtil.logMetacat.warn("\nGetting users for group....");
|
|
1140 |
MetaCatUtil.logMetacat.warn("Group: " + savedGroup);
|
| 1142 |
1141 |
String[] users = authservice.getUsers(user, password, savedGroup);
|
| 1143 |
|
MetaCatUtil.debugMessage("Users found: " + users.length, 20);
|
|
1142 |
MetaCatUtil.logMetacat.warn("Users found: " + users.length);
|
| 1144 |
1143 |
for (int i = 0; i < users.length; i++) {
|
| 1145 |
|
MetaCatUtil.debugMessage("User " + i + ": " + users[i], 20);
|
|
1144 |
MetaCatUtil.logMetacat.warn("User " + i + ": " + users[i]);
|
| 1146 |
1145 |
}
|
| 1147 |
1146 |
}
|
| 1148 |
1147 |
|
| 1149 |
1148 |
// get all users
|
| 1150 |
1149 |
if (isValid) {
|
| 1151 |
|
MetaCatUtil.debugMessage("\nGetting all users ....", 20);
|
|
1150 |
MetaCatUtil.logMetacat.warn("\nGetting all users ....");
|
| 1152 |
1151 |
String[][] users = authservice.getUsers(user, password);
|
| 1153 |
|
MetaCatUtil.debugMessage("Users found: " + users.length, 20);
|
|
1152 |
MetaCatUtil.logMetacat.warn("Users found: " + users.length);
|
| 1154 |
1153 |
|
| 1155 |
1154 |
}
|
| 1156 |
1155 |
|
| 1157 |
1156 |
// get the whole list groups and users in XML format
|
| 1158 |
1157 |
if (isValid) {
|
| 1159 |
|
MetaCatUtil.debugMessage("\nTrying principals....", 20);
|
|
1158 |
MetaCatUtil.logMetacat.warn("\nTrying principals....");
|
| 1160 |
1159 |
authservice = new AuthLdap();
|
| 1161 |
1160 |
String out = authservice.getPrincipals(user, password);
|
| 1162 |
1161 |
java.io.File f = new java.io.File("principals.xml");
|
| ... | ... | |
| 1166 |
1165 |
buff.flush();
|
| 1167 |
1166 |
buff.close();
|
| 1168 |
1167 |
fw.close();
|
| 1169 |
|
MetaCatUtil.debugMessage("\nFinished getting principals.", 20);
|
|
1168 |
MetaCatUtil.logMetacat.warn("\nFinished getting principals.");
|
| 1170 |
1169 |
}
|
| 1171 |
1170 |
|
| 1172 |
1171 |
}
|
| 1173 |
1172 |
catch (ConnectException ce) {
|
| 1174 |
|
MetaCatUtil.debugMessage(ce.getMessage(), 30);
|
|
1173 |
MetaCatUtil.logMetacat.info(ce.getMessage());
|
| 1175 |
1174 |
}
|
| 1176 |
1175 |
catch (java.io.IOException ioe) {
|
| 1177 |
|
MetaCatUtil.debugMessage("I/O Error writing to file principals.txt", 20);
|
|
1176 |
MetaCatUtil.logMetacat.info("I/O Error writing to file principals.txt");
|
| 1178 |
1177 |
}
|
| 1179 |
1178 |
}
|
| 1180 |
1179 |
|
| ... | ... | |
| 1193 |
1192 |
try {
|
| 1194 |
1193 |
//revise environment variable
|
| 1195 |
1194 |
referralInfo = (String) refExc.getReferralInfo();
|
| 1196 |
|
util.debugMessage("Processing referral (pr0): ", 35);
|
| 1197 |
|
util.debugMessage("PROVIDER_URL set to (pr1): " + referralInfo, 35);
|
|
1195 |
MetaCatUtil.logMetacat.info("Processing referral (pr0): ");
|
|
1196 |
MetaCatUtil.logMetacat.info("PROVIDER_URL set to (pr1): " + referralInfo);
|
| 1198 |
1197 |
//env.put(Context.PROVIDER_URL,referralInfo);
|
| 1199 |
1198 |
//env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
|
| 1200 |
1199 |
//env.put(Context.SECURITY_PRINCIPAL, userName);
|
| 1201 |
1200 |
//env.put(Context.SECURITY_CREDENTIALS, userPassword);
|
| 1202 |
1201 |
//env.put(Context.REFERRAL, "throw");
|
| 1203 |
|
//util.debugMessage("Processing referral (pr1.info): " + userName,35);
|
| 1204 |
|
//util.debugMessage("Processing referral (pr2)",35);
|
|
1202 |
//MetaCatUtil.logMetacat.info("Processing referral (pr1.info): " + userName,35);
|
|
1203 |
//MetaCatUtil.logMetacat.info("Processing referral (pr2)",35);
|
| 1205 |
1204 |
//rContext = refExc.getReferralContext(env);
|
| 1206 |
1205 |
rContext = refExc.getReferralContext();
|
| 1207 |
|
util.debugMessage("Processing referral (pr3)", 35);
|
|
1206 |
MetaCatUtil.logMetacat.info("Processing referral (pr3)");
|
| 1208 |
1207 |
//casting the context to dircontext and it will create a
|
| 1209 |
1208 |
//autherntication or naming exception if DN and password is incorrect
|
| 1210 |
1209 |
referralContext = rContext;
|
| ... | ... | |
| 1212 |
1211 |
refDirContext.close();
|
| 1213 |
1212 |
//get context and jump out the while loop
|
| 1214 |
1213 |
moreReferrals = false;
|
| 1215 |
|
util.debugMessage("Processing referral (pr4)", 35);
|
|
1214 |
MetaCatUtil.logMetacat.info("Processing referral (pr4)");
|
| 1216 |
1215 |
} //try
|
| 1217 |
1216 |
//if referral have another referral excption
|
| 1218 |
1217 |
catch (ReferralException re) {
|
| 1219 |
|
util.debugMessage("GOT referral exception (re1): " + re.getMessage(),
|
| 1220 |
|
35);
|
| 1221 |
|
util.debugMessage("RE details (re2): " + re.toString(true), 35);
|
|
1218 |
MetaCatUtil.logMetacat.info("GOT referral exception (re1): " + re.getMessage());
|
|
1219 |
MetaCatUtil.logMetacat.info("RE details (re2): " + re.toString(true));
|
| 1222 |
1220 |
//keep running in while loop
|
| 1223 |
1221 |
moreReferrals = true;
|
| 1224 |
1222 |
//assign refExc to new referral exception re
|
| ... | ... | |
| 1226 |
1224 |
}
|
| 1227 |
1225 |
//catch a authentication exception
|
| 1228 |
1226 |
catch (AuthenticationException ae) {
|
| 1229 |
|
util.debugMessage("Error running referral handler thread (ae1): " +
|
| 1230 |
|
ae.getMessage(), 20);
|
|
1227 |
MetaCatUtil.logMetacat.warn("Error running referral handler thread (ae1): " +
|
|
1228 |
ae.getMessage());
|
| 1231 |
1229 |
//check if has another referral
|
| 1232 |
1230 |
moreReferrals = refExc.skipReferral();
|
| 1233 |
1231 |
//don't get the context
|
| ... | ... | |
| 1235 |
1233 |
}
|
| 1236 |
1234 |
//catch a naming exception
|
| 1237 |
1235 |
catch (NamingException ne) {
|
| 1238 |
|
util.debugMessage("Error running referral handler thread (ne1): " +
|
| 1239 |
|
ne.getMessage(), 20);
|
|
1236 |
MetaCatUtil.logMetacat.warn("Error running referral handler thread (ne1): " +
|
|
1237 |
ne.getMessage());
|
| 1240 |
1238 |
//check if has another referral
|
| 1241 |
1239 |
moreReferrals = refExc.skipReferral();
|
| 1242 |
1240 |
//don't get context
|
| ... | ... | |
| 1249 |
1247 |
implements Runnable {
|
| 1250 |
1248 |
public void run() {
|
| 1251 |
1249 |
referralContext = null;
|
| 1252 |
|
MetaCatUtil.debugMessage("getting groups context", 50);
|
|
1250 |
MetaCatUtil.logMetacat.info("getting groups context");
|
| 1253 |
1251 |
DirContext refDirContext = null;
|
| 1254 |
1252 |
boolean moreReferrals = true;
|
| 1255 |
1253 |
//set a while loop is because we don't know if a referral excption
|
| ... | ... | |
| 1260 |
1258 |
String refInfo = null;
|
| 1261 |
1259 |
refInfo = (String) refExc.getReferralInfo();
|
| 1262 |
1260 |
if (refInfo != null) {
|
| 1263 |
|
MetaCatUtil.debugMessage("Referral in thread to: " +
|
| 1264 |
|
refInfo.toString(), 40);
|
|
1261 |
MetaCatUtil.logMetacat.info("Referral in thread to: " +
|
|
1262 |
refInfo.toString());
|
| 1265 |
1263 |
}
|
| 1266 |
1264 |
else {
|
| 1267 |
|
MetaCatUtil.debugMessage("getting refInfo Manually", 50);
|
|
1265 |
MetaCatUtil.logMetacat.info("getting refInfo Manually");
|
| 1268 |
1266 |
refInfo = (String) refExc.getReferralContext().getEnvironment().
|
| 1269 |
1267 |
get(Context.PROVIDER_URL);
|
| 1270 |
1268 |
}
|
| 1271 |
|
MetaCatUtil.debugMessage("refInfo: " + refInfo, 40);
|
|
1269 |
MetaCatUtil.logMetacat.info("refInfo: " + refInfo);
|
| 1272 |
1270 |
|
| 1273 |
1271 |
env.put(Context.INITIAL_CONTEXT_FACTORY,
|
| 1274 |
1272 |
"com.sun.jndi.ldap.LdapCtxFactory");
|
| 1275 |
1273 |
env.put(Context.REFERRAL, "throw");
|
| 1276 |
1274 |
env.put(Context.PROVIDER_URL, refInfo);
|
| 1277 |
1275 |
|
| 1278 |
|
MetaCatUtil.debugMessage("creating referralContext", 40);
|
|
1276 |
MetaCatUtil.logMetacat.info("creating referralContext");
|
| 1279 |
1277 |
referralContext = new InitialDirContext(env);
|
| 1280 |
|
MetaCatUtil.debugMessage("referralContext created", 40);
|
|
1278 |
MetaCatUtil.logMetacat.info("referralContext created");
|
| 1281 |
1279 |
//get context and jump out the while loop
|
| 1282 |
1280 |
moreReferrals = false;
|
| 1283 |
1281 |
} //try
|
| ... | ... | |
| 1288 |
1286 |
refExc = re;
|
| 1289 |
1287 |
}
|
| 1290 |
1288 |
catch (AuthenticationException ae) {
|
| 1291 |
|
util.debugMessage("Error running referral handler thread (ae2): " +
|
| 1292 |
|
ae.getMessage(), 50);
|
|
1289 |
MetaCatUtil.logMetacat.info("Error running referral handler thread (ae2): " +
|
|
1290 |
ae.getMessage());
|
| 1293 |
1291 |
//check if has another referral
|
| 1294 |
1292 |
moreReferrals = refExc.skipReferral();
|
| 1295 |
1293 |
//don't get the context
|
| 1296 |
1294 |
referralContext = null;
|
| 1297 |
1295 |
}
|
| 1298 |
1296 |
catch (NamingException ne) {
|
| 1299 |
|
util.debugMessage("Error running referral handler thread (ne2): " +
|
| 1300 |
|
ne.getMessage(), 50);
|
|
1297 |
MetaCatUtil.logMetacat.info("Error running referral handler thread (ne2): " +
|
|
1298 |
ne.getMessage());
|
| 1301 |
1299 |
//check if has another referral
|
| 1302 |
1300 |
moreReferrals = refExc.skipReferral();
|
| 1303 |
1301 |
//don't get context
|
Replacing debugMessage in metacat code with log4j methods for logging