Revision 723
Added by bojilova about 23 years ago
| AuthLdap.java | ||
|---|---|---|
| 40 | 40 |
import javax.naming.directory.DirContext; |
| 41 | 41 |
import javax.naming.directory.InitialDirContext; |
| 42 | 42 |
import javax.naming.directory.SearchResult; |
| 43 |
import javax.naming.directory.SearchControls; |
|
| 43 | 44 |
import javax.naming.NamingEnumeration; |
| 44 | 45 |
import javax.naming.NamingException; |
| 45 | 46 |
import java.util.Iterator; |
| ... | ... | |
| 105 | 106 |
|
| 106 | 107 |
} catch (AuthenticationException ae) {
|
| 107 | 108 |
util.debugMessage("Error authenticating in AuthLdap.authenticate: " + ae);
|
| 108 |
// NEED TO THROW THE RIGHT EXCEPTION HERE
|
|
| 109 |
return false;
|
|
| 109 |
throw new ConnectException(
|
|
| 110 |
"Error authenticating in AuthLdap.authenticate: " + ae);
|
|
| 110 | 111 |
} catch (NamingException e) {
|
| 111 | 112 |
util.debugMessage("Naming exception while authenticating in " +
|
| 112 | 113 |
"AuthLdap.authenticate: " + e); |
| 113 |
// NEED TO THROW THE RIGHT EXCEPTION HERE |
|
| 114 |
return false; |
|
| 114 |
throw new ConnectException( |
|
| 115 |
"Naming exception while authenticating in " + |
|
| 116 |
"AuthLdap.authenticate: " + e); |
|
| 115 | 117 |
} |
| 116 | 118 |
|
| 117 | 119 |
return authenticated; |
| ... | ... | |
| 123 | 125 |
public String[] getUsers(String user, String password) |
| 124 | 126 |
throws ConnectException |
| 125 | 127 |
{
|
| 126 |
// NOT IMPLEMENTED YET |
|
| 127 |
return null; |
|
| 128 |
MetaCatUtil util = new MetaCatUtil(); |
|
| 129 |
String ldapUrl = util.getOption("ldapurl");
|
|
| 130 |
String ldapBase = util.getOption("ldapbase");
|
|
| 131 |
|
|
| 132 |
String[] users = null; |
|
| 133 |
|
|
| 134 |
// Identify service provider to use |
|
| 135 |
Hashtable env = new Hashtable(11); |
|
| 136 |
env.put(Context.INITIAL_CONTEXT_FACTORY, |
|
| 137 |
"com.sun.jndi.ldap.LdapCtxFactory"); |
|
| 138 |
env.put(Context.PROVIDER_URL, ldapUrl + ldapBase); |
|
| 139 |
|
|
| 140 |
try {
|
|
| 141 |
|
|
| 142 |
// Get the dn for this uid or cn |
|
| 143 |
String identifier = getIdentifyingName(user); |
|
| 144 |
if (identifier != null) {
|
|
| 145 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
| 146 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
| 147 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
| 148 |
|
|
| 149 |
// Create the initial directory context |
|
| 150 |
DirContext ctx = new InitialDirContext(env); |
|
| 151 |
|
|
| 152 |
// Specify the ids of the attributes to return |
|
| 153 |
String[] attrIDs = {"uid"};
|
|
| 154 |
|
|
| 155 |
// Search for objects in the current context |
|
| 156 |
// All users should be put in subcontext like "ou=Users" |
|
| 157 |
// NamingEnumeration answer = ctx.search("ou=Users", null, attrIDs);
|
|
| 158 |
NamingEnumeration enum = ctx.search("", null, attrIDs);
|
|
| 159 |
|
|
| 160 |
// Print the users |
|
| 161 |
Vector uvec = new Vector(); |
|
| 162 |
while (enum.hasMore()) {
|
|
| 163 |
SearchResult sr = (SearchResult)enum.next(); |
|
| 164 |
Attributes attrs = sr.getAttributes(); |
|
| 165 |
NamingEnumeration enum1 = attrs.getAll(); // only "uid" attr |
|
| 166 |
while (enum1.hasMore()) {
|
|
| 167 |
Attribute attr = (Attribute)enum1.next(); |
|
| 168 |
System.out.print(attr.getID() + "="); |
|
| 169 |
System.out.println((String)attr.get()); |
|
| 170 |
uvec.add(attr.get()); |
|
| 171 |
} |
|
| 172 |
} |
|
| 173 |
|
|
| 174 |
// initialize users[]; fill users[] |
|
| 175 |
users = new String[uvec.size()]; |
|
| 176 |
for (int i=0; i < uvec.size(); i++) {
|
|
| 177 |
users[i] = (String)uvec.elementAt(i); |
|
| 178 |
} |
|
| 179 |
|
|
| 180 |
// Close the context when we're done |
|
| 181 |
ctx.close(); |
|
| 182 |
} else {
|
|
| 183 |
util.debugMessage("User not found!");
|
|
| 184 |
} |
|
| 185 |
|
|
| 186 |
} catch (NamingException e) {
|
|
| 187 |
System.err.println("Problem getting users in AuthLdap.getUsers:" + e);
|
|
| 188 |
throw new ConnectException( |
|
| 189 |
"Problem getting groups in AuthLdap.getUsers:" + e); |
|
| 190 |
} |
|
| 191 |
|
|
| 192 |
return users; |
|
| 128 | 193 |
} |
| 129 | 194 |
|
| 130 | 195 |
/** |
| ... | ... | |
| 133 | 198 |
public String[] getUsers(String user, String password, String group) |
| 134 | 199 |
throws ConnectException |
| 135 | 200 |
{
|
| 136 |
// NOT IMPLEMENTED YET |
|
| 137 |
return null; |
|
| 201 |
MetaCatUtil util = new MetaCatUtil(); |
|
| 202 |
String ldapUrl = util.getOption("ldapurl");
|
|
| 203 |
String ldapBase = util.getOption("ldapbase");
|
|
| 204 |
|
|
| 205 |
String[] users = null; |
|
| 206 |
|
|
| 207 |
// Identify service provider to use |
|
| 208 |
Hashtable env = new Hashtable(11); |
|
| 209 |
env.put(Context.INITIAL_CONTEXT_FACTORY, |
|
| 210 |
"com.sun.jndi.ldap.LdapCtxFactory"); |
|
| 211 |
env.put(Context.PROVIDER_URL, ldapUrl + ldapBase); |
|
| 212 |
|
|
| 213 |
try {
|
|
| 214 |
|
|
| 215 |
// Get the dn for this uid or cn |
|
| 216 |
String identifier = getIdentifyingName(user); |
|
| 217 |
if (identifier != null) {
|
|
| 218 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
| 219 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
| 220 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
| 221 |
|
|
| 222 |
// Create the initial directory context |
|
| 223 |
DirContext ctx = new InitialDirContext(env); |
|
| 224 |
|
|
| 225 |
// Specify the ids of the attributes to return |
|
| 226 |
String[] attrIDs = {"uid"};
|
|
| 227 |
|
|
| 228 |
// Specify the attributes to match. |
|
| 229 |
// Ask for objects that have the attribute gid == @group. |
|
| 230 |
Attributes matchAttrs = new BasicAttributes(true); // ignore case |
|
| 231 |
matchAttrs.put(new BasicAttribute("gid", group));
|
|
| 232 |
|
|
| 233 |
// Search for objects in the current context |
|
| 234 |
// All users should be put in subcontext like "ou=Users" |
|
| 235 |
// NamingEnumeration answer=ctx.search("ou=Users",matchAttrs,attrIDs);
|
|
| 236 |
NamingEnumeration enum = ctx.search("", matchAttrs, attrIDs);
|
|
| 237 |
|
|
| 238 |
// Print the users |
|
| 239 |
Vector uvec = new Vector(); |
|
| 240 |
while (enum.hasMore()) {
|
|
| 241 |
SearchResult sr = (SearchResult)enum.next(); |
|
| 242 |
Attributes attrs = sr.getAttributes(); |
|
| 243 |
NamingEnumeration enum1 = attrs.getAll(); // only "uid" attr |
|
| 244 |
while (enum1.hasMore()) {
|
|
| 245 |
Attribute attr = (Attribute)enum1.next(); |
|
| 246 |
System.out.print(attr.getID() + "="); |
|
| 247 |
System.out.println((String)attr.get()); |
|
| 248 |
uvec.add(attr.get()); |
|
| 249 |
} |
|
| 250 |
} |
|
| 251 |
|
|
| 252 |
// initialize users[]; fill users[] |
|
| 253 |
users = new String[uvec.size()]; |
|
| 254 |
for (int i=0; i < uvec.size(); i++) {
|
|
| 255 |
users[i] = (String)uvec.elementAt(i); |
|
| 256 |
} |
|
| 257 |
|
|
| 258 |
// Close the context when we're done |
|
| 259 |
ctx.close(); |
|
| 260 |
} else {
|
|
| 261 |
util.debugMessage("User not found!");
|
|
| 262 |
} |
|
| 263 |
|
|
| 264 |
} catch (NamingException e) {
|
|
| 265 |
System.err.println("Problem getting users in AuthLdap.getUsers:" + e);
|
|
| 266 |
throw new ConnectException( |
|
| 267 |
"Problem getting groups in AuthLdap.getUsers:" + e); |
|
| 268 |
} |
|
| 269 |
|
|
| 270 |
return users; |
|
| 138 | 271 |
} |
| 139 | 272 |
|
| 140 | 273 |
/** |
| ... | ... | |
| 143 | 276 |
public String[] getGroups(String user, String password) |
| 144 | 277 |
throws ConnectException |
| 145 | 278 |
{
|
| 146 |
// NOT IMPLEMENTED YET |
|
| 147 |
return null; |
|
| 279 |
MetaCatUtil util = new MetaCatUtil(); |
|
| 280 |
String ldapUrl = util.getOption("ldapurl");
|
|
| 281 |
String ldapBase = util.getOption("ldapbase");
|
|
| 282 |
|
|
| 283 |
String[] groups = null; |
|
| 284 |
|
|
| 285 |
// Identify service provider to use |
|
| 286 |
Hashtable env = new Hashtable(11); |
|
| 287 |
env.put(Context.INITIAL_CONTEXT_FACTORY, |
|
| 288 |
"com.sun.jndi.ldap.LdapCtxFactory"); |
|
| 289 |
env.put(Context.PROVIDER_URL, ldapUrl + ldapBase); |
|
| 290 |
|
|
| 291 |
try {
|
|
| 292 |
|
|
| 293 |
// Get the dn for this uid or cn |
|
| 294 |
String identifier = getIdentifyingName(user); |
|
| 295 |
if (identifier != null) {
|
|
| 296 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
| 297 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
| 298 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
| 299 |
|
|
| 300 |
// Create the initial directory context |
|
| 301 |
DirContext ctx = new InitialDirContext(env); |
|
| 302 |
|
|
| 303 |
// Specify the ids of the attributes to return |
|
| 304 |
String[] attrIDs = {"gid"};
|
|
| 305 |
SearchControls ctls = new SearchControls(); |
|
| 306 |
ctls.setReturningAttributes(attrIDs); |
|
| 307 |
|
|
| 308 |
// Specify the search filter to match. |
|
| 309 |
// Ask for objects that do not have "uid". |
|
| 310 |
// This will assure that the directory entries are groups. |
|
| 311 |
String filter = "(!(uid=*))"; |
|
| 312 |
|
|
| 313 |
// Search for objects in the current context |
|
| 314 |
// All users should be put in subcontext like "ou=Users" |
|
| 315 |
// NamingEnumeration answer = ctx.search("ou=Users", filter,ctls);
|
|
| 316 |
NamingEnumeration enum = ctx.search("", filter, ctls);
|
|
| 317 |
|
|
| 318 |
// Print the users |
|
| 319 |
Vector uvec = new Vector(); |
|
| 320 |
while (enum.hasMore()) {
|
|
| 321 |
SearchResult sr = (SearchResult)enum.next(); |
|
| 322 |
Attributes attrs = sr.getAttributes(); |
|
| 323 |
NamingEnumeration enum1 = attrs.getAll(); // only "gid" attr |
|
| 324 |
while (enum1.hasMore()) {
|
|
| 325 |
Attribute attr = (Attribute)enum1.next(); |
|
| 326 |
System.out.print(attr.getID() + "="); |
|
| 327 |
System.out.println((String)attr.get()); |
|
| 328 |
uvec.add(attr.get()); |
|
| 329 |
} |
|
| 330 |
} |
|
| 331 |
|
|
| 332 |
// initialize groups[] and fill it |
|
| 333 |
groups = new String[uvec.size()]; |
|
| 334 |
for (int i=0; i < uvec.size(); i++) {
|
|
| 335 |
groups[i] = (String)uvec.elementAt(i); |
|
| 336 |
} |
|
| 337 |
|
|
| 338 |
// Close the context when we're done |
|
| 339 |
ctx.close(); |
|
| 340 |
} else {
|
|
| 341 |
util.debugMessage("User not found!");
|
|
| 342 |
} |
|
| 343 |
|
|
| 344 |
} catch (NamingException e) {
|
|
| 345 |
System.err.println("Problem getting groups in AuthLdap.getGroups:" + e);
|
|
| 346 |
throw new ConnectException( |
|
| 347 |
"Problem getting groups in AuthLdap.getGroups:" + e); |
|
| 348 |
} |
|
| 349 |
|
|
| 350 |
return groups; |
|
| 148 | 351 |
} |
| 149 | 352 |
|
| 150 | 353 |
/** |
| ... | ... | |
| 153 | 356 |
public String[] getGroups(String user, String password, String foruser) |
| 154 | 357 |
throws ConnectException |
| 155 | 358 |
{
|
| 156 |
// NOT IMPLEMENTED YET |
|
| 157 |
return null; |
|
| 359 |
MetaCatUtil util = new MetaCatUtil(); |
|
| 360 |
String ldapUrl = util.getOption("ldapurl");
|
|
| 361 |
String ldapBase = util.getOption("ldapbase");
|
|
| 362 |
|
|
| 363 |
String[] groups = null; |
|
| 364 |
|
|
| 365 |
// Identify service provider to use |
|
| 366 |
Hashtable env = new Hashtable(11); |
|
| 367 |
env.put(Context.INITIAL_CONTEXT_FACTORY, |
|
| 368 |
"com.sun.jndi.ldap.LdapCtxFactory"); |
|
| 369 |
env.put(Context.PROVIDER_URL, ldapUrl + ldapBase); |
|
| 370 |
|
|
| 371 |
try {
|
|
| 372 |
|
|
| 373 |
// Get the dn for this uid or cn |
|
| 374 |
String identifier = getIdentifyingName(user); |
|
| 375 |
if (identifier != null) {
|
|
| 376 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
| 377 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
| 378 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
| 379 |
|
|
| 380 |
// Create the initial directory context |
|
| 381 |
DirContext ctx = new InitialDirContext(env); |
|
| 382 |
|
|
| 383 |
// Specify the ids of the attributes to return |
|
| 384 |
String[] attrIDs = {"gid"};
|
|
| 385 |
|
|
| 386 |
// Specify the attributes to match. |
|
| 387 |
// Ask for objects that have the attribute uid == @foruser. |
|
| 388 |
Attributes matchAttrs = new BasicAttributes(true); // ignore case |
|
| 389 |
matchAttrs.put(new BasicAttribute("uid", foruser));
|
|
| 390 |
|
|
| 391 |
// Search for objects in the current context |
|
| 392 |
// All users should be put in subcontext like "ou=Users" |
|
| 393 |
// NamingEnumeration answer=ctx.search("ou=Users",matchAttrs,attrIDs);
|
|
| 394 |
NamingEnumeration enum = ctx.search("", matchAttrs, attrIDs);
|
|
| 395 |
|
|
| 396 |
// Print the users |
|
| 397 |
Vector uvec = new Vector(); |
|
| 398 |
while (enum.hasMore()) {
|
|
| 399 |
SearchResult sr = (SearchResult)enum.next(); |
|
| 400 |
Attributes attrs = sr.getAttributes(); |
|
| 401 |
NamingEnumeration enum1 = attrs.getAll(); // only "gid" attr |
|
| 402 |
while (enum1.hasMore()) {
|
|
| 403 |
Attribute attr = (Attribute)enum1.next(); |
|
| 404 |
System.out.print(attr.getID() + "="); |
|
| 405 |
System.out.println((String)attr.get()); |
|
| 406 |
uvec.add(attr.get()); |
|
| 407 |
} |
|
| 408 |
} |
|
| 409 |
|
|
| 410 |
// initialize groups[] and fill it |
|
| 411 |
groups = new String[uvec.size()]; |
|
| 412 |
for (int i=0; i < uvec.size(); i++) {
|
|
| 413 |
groups[i] = (String)uvec.elementAt(i); |
|
| 414 |
} |
|
| 415 |
|
|
| 416 |
// Close the context when we're done |
|
| 417 |
ctx.close(); |
|
| 418 |
} else {
|
|
| 419 |
util.debugMessage("User not found!");
|
|
| 420 |
} |
|
| 421 |
|
|
| 422 |
} catch (NamingException e) {
|
|
| 423 |
System.err.println("Problem getting groups in AuthLdap.getGroups:" + e);
|
|
| 424 |
throw new ConnectException( |
|
| 425 |
"Problem getting groups in AuthLdap.getGroups:" + e); |
|
| 426 |
} |
|
| 427 |
|
|
| 428 |
return groups; |
|
| 158 | 429 |
} |
| 159 | 430 |
|
| 160 | 431 |
/** |
| ... | ... | |
| 193 | 464 |
env.put(Context.PROVIDER_URL, ldapUrl + ldapBase); |
| 194 | 465 |
|
| 195 | 466 |
// Authentication information |
| 196 |
if ((user != null) && (password != null)) {
|
|
| 197 |
String identifier = getIdentifyingName(user); |
|
| 198 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
| 199 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
| 200 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
| 201 |
} |
|
| 202 | 467 |
|
| 203 | 468 |
try {
|
| 204 | 469 |
|
| 205 |
// Find out the identifying attribute for the user |
|
| 206 |
String userident = getIdentifyingName(foruser); |
|
| 470 |
if ((user != null) && (password != null)) {
|
|
| 471 |
String identifier = getIdentifyingName(user); |
|
| 472 |
env.put(Context.SECURITY_AUTHENTICATION, "simple"); |
|
| 473 |
env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase); |
|
| 474 |
env.put(Context.SECURITY_CREDENTIALS, password); |
|
| 475 |
} |
|
| 207 | 476 |
|
| 208 | 477 |
// Create the initial directory context |
| 209 | 478 |
DirContext ctx = new InitialDirContext(env); |
| 210 | 479 |
|
| 480 |
// Find out the identifying attribute for the user |
|
| 481 |
String userident = getIdentifyingName(foruser); |
|
| 482 |
|
|
| 211 | 483 |
// Ask for all attributes of the user |
| 212 | 484 |
Attributes attrs = ctx.getAttributes(userident); |
| 213 |
|
|
| 485 |
|
|
| 214 | 486 |
// Print all of the attributes |
| 215 | 487 |
NamingEnumeration en = attrs.getAll(); |
| 216 | 488 |
while (en.hasMore()) {
|
| ... | ... | |
| 230 | 502 |
} catch (NamingException e) {
|
| 231 | 503 |
System.err.println("Problem getting attributes in AuthLdap.getAttributes:"
|
| 232 | 504 |
+ e); |
| 233 |
// NEED TO THROW THE RIGHT EXCEPTION HERE |
|
| 505 |
throw new ConnectException( |
|
| 506 |
"Problem getting attributes in AuthLdap.getAttributes:" + e); |
|
| 234 | 507 |
} |
| 235 | 508 |
|
| 236 | 509 |
return attributes; |
| ... | ... | |
| 246 | 519 |
* or null if not found |
| 247 | 520 |
*/ |
| 248 | 521 |
private String getIdentifyingName(String user) |
| 249 |
throws ConnectException
|
|
| 522 |
throws NamingException
|
|
| 250 | 523 |
{
|
| 251 | 524 |
MetaCatUtil util = new MetaCatUtil(); |
| 252 | 525 |
String ldapUrl = util.getOption("ldapurl");
|
| ... | ... | |
| 300 | 573 |
} catch (NamingException e) {
|
| 301 | 574 |
util.debugMessage("Naming exception while getting dn: " + e);
|
| 302 | 575 |
System.out.println("Naming exception in AuthLdap.getIdentifyingName");
|
| 303 |
// NEED TO THROW THE RIGHT EXCEPTION HERE
|
|
| 304 |
return null;
|
|
| 576 |
throw new NamingException(
|
|
| 577 |
"Naming exception in AuthLdap.getIdentifyingName: " + e);
|
|
| 305 | 578 |
} |
| 306 | 579 |
|
| 307 | 580 |
return identifier; |
| ... | ... | |
| 327 | 600 |
} else {
|
| 328 | 601 |
System.out.println("Authentication failed for: " + user);
|
| 329 | 602 |
} |
| 330 |
|
|
| 603 |
/* |
|
| 331 | 604 |
if (isValid) {
|
| 332 | 605 |
HashMap userInfo = authservice.getAttributes(user, password, user); |
| 333 | 606 |
|
| ... | ... | |
| 342 | 615 |
System.out.println(att + ": " + value); |
| 343 | 616 |
} |
| 344 | 617 |
} |
| 618 |
|
|
| 345 | 619 |
} |
| 346 |
|
|
| 620 |
*/ |
|
| 621 |
// get the whole list of users |
|
| 622 |
if (isValid) {
|
|
| 623 |
String[] users = authservice.getUsers(user, password); |
|
| 624 |
for (int i=0; i < users.length; i++) {
|
|
| 625 |
System.out.println(users[i]); |
|
| 626 |
} |
|
| 627 |
} |
|
| 628 |
/* |
|
| 629 |
// get the whole list of users for a group |
|
| 630 |
if (isValid) {
|
|
| 631 |
String group = args[2]; |
|
| 632 |
String[] users = authservice.getUsers(user, password, group); |
|
| 633 |
for (int i=0; i < users.length; i++) {
|
|
| 634 |
System.out.println(users[i]); |
|
| 635 |
} |
|
| 636 |
} |
|
| 637 |
*/ |
|
| 347 | 638 |
} catch (ConnectException ce) {
|
| 348 | 639 |
System.err.println("Error connecting to LDAP server in authldap.main");
|
| 349 | 640 |
} |
Also available in: Unified diff
included missing implementation of getUsers(), getGroups() interfaces