Revision 723
Added by bojilova almost 24 years ago
src/edu/ucsb/nceas/metacat/AuthLdap.java | ||
---|---|---|
40 | 40 |
import javax.naming.directory.DirContext; |
41 | 41 |
import javax.naming.directory.InitialDirContext; |
42 | 42 |
import javax.naming.directory.SearchResult; |
43 |
import javax.naming.directory.SearchControls; |
|
43 | 44 |
import javax.naming.NamingEnumeration; |
44 | 45 |
import javax.naming.NamingException; |
45 | 46 |
import java.util.Iterator; |
... | ... | |
105 | 106 |
|
106 | 107 |
} catch (AuthenticationException ae) { |
107 | 108 |
util.debugMessage("Error authenticating in AuthLdap.authenticate: " + ae); |
108 |
// NEED TO THROW THE RIGHT EXCEPTION HERE
|
|
109 |
return false;
|
|
109 |
throw new ConnectException(
|
|
110 |
"Error authenticating in AuthLdap.authenticate: " + ae);
|
|
110 | 111 |
} catch (NamingException e) { |
111 | 112 |
util.debugMessage("Naming exception while authenticating in " + |
112 | 113 |
"AuthLdap.authenticate: " + e); |
113 |
// NEED TO THROW THE RIGHT EXCEPTION HERE |
|
114 |
return false; |
|
114 |
throw new ConnectException( |
|
115 |
"Naming exception while authenticating in " + |
|
116 |
"AuthLdap.authenticate: " + e); |
|
115 | 117 |
} |
116 | 118 |
|
117 | 119 |
return authenticated; |
... | ... | |
123 | 125 |
public String[] getUsers(String user, String password) |
124 | 126 |
throws ConnectException |
125 | 127 |
{ |
126 |
// NOT IMPLEMENTED YET |
|
127 |
return null; |
|
128 |
MetaCatUtil util = new MetaCatUtil(); |
|
129 |
String ldapUrl = util.getOption("ldapurl"); |
|
130 |
String ldapBase = util.getOption("ldapbase"); |
|
131 |
|
|
132 |
String[] users = null; |
|
133 |
|
|
134 |
// Identify service provider to use |
|
135 |
Hashtable env = new Hashtable(11); |
|
136 |
env.put(Context.INITIAL_CONTEXT_FACTORY, |
|
137 |
"com.sun.jndi.ldap.LdapCtxFactory"); |
|
138 |
env.put(Context.PROVIDER_URL, ldapUrl + ldapBase); |
|
139 |
|
|
140 |
try { |
|
141 |
|
|
142 |
// Get the dn for this uid or cn |
|
143 |
String identifier = getIdentifyingName(user); |
|
144 |
if (identifier != null) { |
|
145 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
146 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
147 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
148 |
|
|
149 |
// Create the initial directory context |
|
150 |
DirContext ctx = new InitialDirContext(env); |
|
151 |
|
|
152 |
// Specify the ids of the attributes to return |
|
153 |
String[] attrIDs = {"uid"}; |
|
154 |
|
|
155 |
// Search for objects in the current context |
|
156 |
// All users should be put in subcontext like "ou=Users" |
|
157 |
// NamingEnumeration answer = ctx.search("ou=Users", null, attrIDs); |
|
158 |
NamingEnumeration enum = ctx.search("", null, attrIDs); |
|
159 |
|
|
160 |
// Print the users |
|
161 |
Vector uvec = new Vector(); |
|
162 |
while (enum.hasMore()) { |
|
163 |
SearchResult sr = (SearchResult)enum.next(); |
|
164 |
Attributes attrs = sr.getAttributes(); |
|
165 |
NamingEnumeration enum1 = attrs.getAll(); // only "uid" attr |
|
166 |
while (enum1.hasMore()) { |
|
167 |
Attribute attr = (Attribute)enum1.next(); |
|
168 |
System.out.print(attr.getID() + "="); |
|
169 |
System.out.println((String)attr.get()); |
|
170 |
uvec.add(attr.get()); |
|
171 |
} |
|
172 |
} |
|
173 |
|
|
174 |
// initialize users[]; fill users[] |
|
175 |
users = new String[uvec.size()]; |
|
176 |
for (int i=0; i < uvec.size(); i++) { |
|
177 |
users[i] = (String)uvec.elementAt(i); |
|
178 |
} |
|
179 |
|
|
180 |
// Close the context when we're done |
|
181 |
ctx.close(); |
|
182 |
} else { |
|
183 |
util.debugMessage("User not found!"); |
|
184 |
} |
|
185 |
|
|
186 |
} catch (NamingException e) { |
|
187 |
System.err.println("Problem getting users in AuthLdap.getUsers:" + e); |
|
188 |
throw new ConnectException( |
|
189 |
"Problem getting groups in AuthLdap.getUsers:" + e); |
|
190 |
} |
|
191 |
|
|
192 |
return users; |
|
128 | 193 |
} |
129 | 194 |
|
130 | 195 |
/** |
... | ... | |
133 | 198 |
public String[] getUsers(String user, String password, String group) |
134 | 199 |
throws ConnectException |
135 | 200 |
{ |
136 |
// NOT IMPLEMENTED YET |
|
137 |
return null; |
|
201 |
MetaCatUtil util = new MetaCatUtil(); |
|
202 |
String ldapUrl = util.getOption("ldapurl"); |
|
203 |
String ldapBase = util.getOption("ldapbase"); |
|
204 |
|
|
205 |
String[] users = null; |
|
206 |
|
|
207 |
// Identify service provider to use |
|
208 |
Hashtable env = new Hashtable(11); |
|
209 |
env.put(Context.INITIAL_CONTEXT_FACTORY, |
|
210 |
"com.sun.jndi.ldap.LdapCtxFactory"); |
|
211 |
env.put(Context.PROVIDER_URL, ldapUrl + ldapBase); |
|
212 |
|
|
213 |
try { |
|
214 |
|
|
215 |
// Get the dn for this uid or cn |
|
216 |
String identifier = getIdentifyingName(user); |
|
217 |
if (identifier != null) { |
|
218 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
219 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
220 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
221 |
|
|
222 |
// Create the initial directory context |
|
223 |
DirContext ctx = new InitialDirContext(env); |
|
224 |
|
|
225 |
// Specify the ids of the attributes to return |
|
226 |
String[] attrIDs = {"uid"}; |
|
227 |
|
|
228 |
// Specify the attributes to match. |
|
229 |
// Ask for objects that have the attribute gid == @group. |
|
230 |
Attributes matchAttrs = new BasicAttributes(true); // ignore case |
|
231 |
matchAttrs.put(new BasicAttribute("gid", group)); |
|
232 |
|
|
233 |
// Search for objects in the current context |
|
234 |
// All users should be put in subcontext like "ou=Users" |
|
235 |
// NamingEnumeration answer=ctx.search("ou=Users",matchAttrs,attrIDs); |
|
236 |
NamingEnumeration enum = ctx.search("", matchAttrs, attrIDs); |
|
237 |
|
|
238 |
// Print the users |
|
239 |
Vector uvec = new Vector(); |
|
240 |
while (enum.hasMore()) { |
|
241 |
SearchResult sr = (SearchResult)enum.next(); |
|
242 |
Attributes attrs = sr.getAttributes(); |
|
243 |
NamingEnumeration enum1 = attrs.getAll(); // only "uid" attr |
|
244 |
while (enum1.hasMore()) { |
|
245 |
Attribute attr = (Attribute)enum1.next(); |
|
246 |
System.out.print(attr.getID() + "="); |
|
247 |
System.out.println((String)attr.get()); |
|
248 |
uvec.add(attr.get()); |
|
249 |
} |
|
250 |
} |
|
251 |
|
|
252 |
// initialize users[]; fill users[] |
|
253 |
users = new String[uvec.size()]; |
|
254 |
for (int i=0; i < uvec.size(); i++) { |
|
255 |
users[i] = (String)uvec.elementAt(i); |
|
256 |
} |
|
257 |
|
|
258 |
// Close the context when we're done |
|
259 |
ctx.close(); |
|
260 |
} else { |
|
261 |
util.debugMessage("User not found!"); |
|
262 |
} |
|
263 |
|
|
264 |
} catch (NamingException e) { |
|
265 |
System.err.println("Problem getting users in AuthLdap.getUsers:" + e); |
|
266 |
throw new ConnectException( |
|
267 |
"Problem getting groups in AuthLdap.getUsers:" + e); |
|
268 |
} |
|
269 |
|
|
270 |
return users; |
|
138 | 271 |
} |
139 | 272 |
|
140 | 273 |
/** |
... | ... | |
143 | 276 |
public String[] getGroups(String user, String password) |
144 | 277 |
throws ConnectException |
145 | 278 |
{ |
146 |
// NOT IMPLEMENTED YET |
|
147 |
return null; |
|
279 |
MetaCatUtil util = new MetaCatUtil(); |
|
280 |
String ldapUrl = util.getOption("ldapurl"); |
|
281 |
String ldapBase = util.getOption("ldapbase"); |
|
282 |
|
|
283 |
String[] groups = null; |
|
284 |
|
|
285 |
// Identify service provider to use |
|
286 |
Hashtable env = new Hashtable(11); |
|
287 |
env.put(Context.INITIAL_CONTEXT_FACTORY, |
|
288 |
"com.sun.jndi.ldap.LdapCtxFactory"); |
|
289 |
env.put(Context.PROVIDER_URL, ldapUrl + ldapBase); |
|
290 |
|
|
291 |
try { |
|
292 |
|
|
293 |
// Get the dn for this uid or cn |
|
294 |
String identifier = getIdentifyingName(user); |
|
295 |
if (identifier != null) { |
|
296 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
297 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
298 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
299 |
|
|
300 |
// Create the initial directory context |
|
301 |
DirContext ctx = new InitialDirContext(env); |
|
302 |
|
|
303 |
// Specify the ids of the attributes to return |
|
304 |
String[] attrIDs = {"gid"}; |
|
305 |
SearchControls ctls = new SearchControls(); |
|
306 |
ctls.setReturningAttributes(attrIDs); |
|
307 |
|
|
308 |
// Specify the search filter to match. |
|
309 |
// Ask for objects that do not have "uid". |
|
310 |
// This will assure that the directory entries are groups. |
|
311 |
String filter = "(!(uid=*))"; |
|
312 |
|
|
313 |
// Search for objects in the current context |
|
314 |
// All users should be put in subcontext like "ou=Users" |
|
315 |
// NamingEnumeration answer = ctx.search("ou=Users", filter,ctls); |
|
316 |
NamingEnumeration enum = ctx.search("", filter, ctls); |
|
317 |
|
|
318 |
// Print the users |
|
319 |
Vector uvec = new Vector(); |
|
320 |
while (enum.hasMore()) { |
|
321 |
SearchResult sr = (SearchResult)enum.next(); |
|
322 |
Attributes attrs = sr.getAttributes(); |
|
323 |
NamingEnumeration enum1 = attrs.getAll(); // only "gid" attr |
|
324 |
while (enum1.hasMore()) { |
|
325 |
Attribute attr = (Attribute)enum1.next(); |
|
326 |
System.out.print(attr.getID() + "="); |
|
327 |
System.out.println((String)attr.get()); |
|
328 |
uvec.add(attr.get()); |
|
329 |
} |
|
330 |
} |
|
331 |
|
|
332 |
// initialize groups[] and fill it |
|
333 |
groups = new String[uvec.size()]; |
|
334 |
for (int i=0; i < uvec.size(); i++) { |
|
335 |
groups[i] = (String)uvec.elementAt(i); |
|
336 |
} |
|
337 |
|
|
338 |
// Close the context when we're done |
|
339 |
ctx.close(); |
|
340 |
} else { |
|
341 |
util.debugMessage("User not found!"); |
|
342 |
} |
|
343 |
|
|
344 |
} catch (NamingException e) { |
|
345 |
System.err.println("Problem getting groups in AuthLdap.getGroups:" + e); |
|
346 |
throw new ConnectException( |
|
347 |
"Problem getting groups in AuthLdap.getGroups:" + e); |
|
348 |
} |
|
349 |
|
|
350 |
return groups; |
|
148 | 351 |
} |
149 | 352 |
|
150 | 353 |
/** |
... | ... | |
153 | 356 |
public String[] getGroups(String user, String password, String foruser) |
154 | 357 |
throws ConnectException |
155 | 358 |
{ |
156 |
// NOT IMPLEMENTED YET |
|
157 |
return null; |
|
359 |
MetaCatUtil util = new MetaCatUtil(); |
|
360 |
String ldapUrl = util.getOption("ldapurl"); |
|
361 |
String ldapBase = util.getOption("ldapbase"); |
|
362 |
|
|
363 |
String[] groups = null; |
|
364 |
|
|
365 |
// Identify service provider to use |
|
366 |
Hashtable env = new Hashtable(11); |
|
367 |
env.put(Context.INITIAL_CONTEXT_FACTORY, |
|
368 |
"com.sun.jndi.ldap.LdapCtxFactory"); |
|
369 |
env.put(Context.PROVIDER_URL, ldapUrl + ldapBase); |
|
370 |
|
|
371 |
try { |
|
372 |
|
|
373 |
// Get the dn for this uid or cn |
|
374 |
String identifier = getIdentifyingName(user); |
|
375 |
if (identifier != null) { |
|
376 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
377 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
378 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
379 |
|
|
380 |
// Create the initial directory context |
|
381 |
DirContext ctx = new InitialDirContext(env); |
|
382 |
|
|
383 |
// Specify the ids of the attributes to return |
|
384 |
String[] attrIDs = {"gid"}; |
|
385 |
|
|
386 |
// Specify the attributes to match. |
|
387 |
// Ask for objects that have the attribute uid == @foruser. |
|
388 |
Attributes matchAttrs = new BasicAttributes(true); // ignore case |
|
389 |
matchAttrs.put(new BasicAttribute("uid", foruser)); |
|
390 |
|
|
391 |
// Search for objects in the current context |
|
392 |
// All users should be put in subcontext like "ou=Users" |
|
393 |
// NamingEnumeration answer=ctx.search("ou=Users",matchAttrs,attrIDs); |
|
394 |
NamingEnumeration enum = ctx.search("", matchAttrs, attrIDs); |
|
395 |
|
|
396 |
// Print the users |
|
397 |
Vector uvec = new Vector(); |
|
398 |
while (enum.hasMore()) { |
|
399 |
SearchResult sr = (SearchResult)enum.next(); |
|
400 |
Attributes attrs = sr.getAttributes(); |
|
401 |
NamingEnumeration enum1 = attrs.getAll(); // only "gid" attr |
|
402 |
while (enum1.hasMore()) { |
|
403 |
Attribute attr = (Attribute)enum1.next(); |
|
404 |
System.out.print(attr.getID() + "="); |
|
405 |
System.out.println((String)attr.get()); |
|
406 |
uvec.add(attr.get()); |
|
407 |
} |
|
408 |
} |
|
409 |
|
|
410 |
// initialize groups[] and fill it |
|
411 |
groups = new String[uvec.size()]; |
|
412 |
for (int i=0; i < uvec.size(); i++) { |
|
413 |
groups[i] = (String)uvec.elementAt(i); |
|
414 |
} |
|
415 |
|
|
416 |
// Close the context when we're done |
|
417 |
ctx.close(); |
|
418 |
} else { |
|
419 |
util.debugMessage("User not found!"); |
|
420 |
} |
|
421 |
|
|
422 |
} catch (NamingException e) { |
|
423 |
System.err.println("Problem getting groups in AuthLdap.getGroups:" + e); |
|
424 |
throw new ConnectException( |
|
425 |
"Problem getting groups in AuthLdap.getGroups:" + e); |
|
426 |
} |
|
427 |
|
|
428 |
return groups; |
|
158 | 429 |
} |
159 | 430 |
|
160 | 431 |
/** |
... | ... | |
193 | 464 |
env.put(Context.PROVIDER_URL, ldapUrl + ldapBase); |
194 | 465 |
|
195 | 466 |
// Authentication information |
196 |
if ((user != null) && (password != null)) { |
|
197 |
String identifier = getIdentifyingName(user); |
|
198 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
199 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
200 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
201 |
} |
|
202 | 467 |
|
203 | 468 |
try { |
204 | 469 |
|
205 |
// Find out the identifying attribute for the user |
|
206 |
String userident = getIdentifyingName(foruser); |
|
470 |
if ((user != null) && (password != null)) { |
|
471 |
String identifier = getIdentifyingName(user); |
|
472 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
473 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
474 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
475 |
} |
|
207 | 476 |
|
208 | 477 |
// Create the initial directory context |
209 | 478 |
DirContext ctx = new InitialDirContext(env); |
210 | 479 |
|
480 |
// Find out the identifying attribute for the user |
|
481 |
String userident = getIdentifyingName(foruser); |
|
482 |
|
|
211 | 483 |
// Ask for all attributes of the user |
212 | 484 |
Attributes attrs = ctx.getAttributes(userident); |
213 |
|
|
485 |
|
|
214 | 486 |
// Print all of the attributes |
215 | 487 |
NamingEnumeration en = attrs.getAll(); |
216 | 488 |
while (en.hasMore()) { |
... | ... | |
230 | 502 |
} catch (NamingException e) { |
231 | 503 |
System.err.println("Problem getting attributes in AuthLdap.getAttributes:" |
232 | 504 |
+ e); |
233 |
// NEED TO THROW THE RIGHT EXCEPTION HERE |
|
505 |
throw new ConnectException( |
|
506 |
"Problem getting attributes in AuthLdap.getAttributes:" + e); |
|
234 | 507 |
} |
235 | 508 |
|
236 | 509 |
return attributes; |
... | ... | |
246 | 519 |
* or null if not found |
247 | 520 |
*/ |
248 | 521 |
private String getIdentifyingName(String user) |
249 |
throws ConnectException
|
|
522 |
throws NamingException
|
|
250 | 523 |
{ |
251 | 524 |
MetaCatUtil util = new MetaCatUtil(); |
252 | 525 |
String ldapUrl = util.getOption("ldapurl"); |
... | ... | |
300 | 573 |
} catch (NamingException e) { |
301 | 574 |
util.debugMessage("Naming exception while getting dn: " + e); |
302 | 575 |
System.out.println("Naming exception in AuthLdap.getIdentifyingName"); |
303 |
// NEED TO THROW THE RIGHT EXCEPTION HERE
|
|
304 |
return null;
|
|
576 |
throw new NamingException(
|
|
577 |
"Naming exception in AuthLdap.getIdentifyingName: " + e);
|
|
305 | 578 |
} |
306 | 579 |
|
307 | 580 |
return identifier; |
... | ... | |
327 | 600 |
} else { |
328 | 601 |
System.out.println("Authentication failed for: " + user); |
329 | 602 |
} |
330 |
|
|
603 |
/* |
|
331 | 604 |
if (isValid) { |
332 | 605 |
HashMap userInfo = authservice.getAttributes(user, password, user); |
333 | 606 |
|
... | ... | |
342 | 615 |
System.out.println(att + ": " + value); |
343 | 616 |
} |
344 | 617 |
} |
618 |
|
|
345 | 619 |
} |
346 |
|
|
620 |
*/ |
|
621 |
// get the whole list of users |
|
622 |
if (isValid) { |
|
623 |
String[] users = authservice.getUsers(user, password); |
|
624 |
for (int i=0; i < users.length; i++) { |
|
625 |
System.out.println(users[i]); |
|
626 |
} |
|
627 |
} |
|
628 |
/* |
|
629 |
// get the whole list of users for a group |
|
630 |
if (isValid) { |
|
631 |
String group = args[2]; |
|
632 |
String[] users = authservice.getUsers(user, password, group); |
|
633 |
for (int i=0; i < users.length; i++) { |
|
634 |
System.out.println(users[i]); |
|
635 |
} |
|
636 |
} |
|
637 |
*/ |
|
347 | 638 |
} catch (ConnectException ce) { |
348 | 639 |
System.err.println("Error connecting to LDAP server in authldap.main"); |
349 | 640 |
} |
Also available in: Unified diff
included missing implementation of getUsers(), getGroups() interfaces