Revision 725
Added by bojilova over 23 years ago
| src/edu/ucsb/nceas/metacat/AuthLdap.java | ||
|---|---|---|
| 165 | 165 |
NamingEnumeration enum1 = attrs.getAll(); // only "uid" attr |
| 166 | 166 |
while (enum1.hasMore()) {
|
| 167 | 167 |
Attribute attr = (Attribute)enum1.next(); |
| 168 |
System.out.print(attr.getID() + "="); |
|
| 169 |
System.out.println((String)attr.get()); |
|
| 168 |
//System.out.print(attr.getID() + "=");
|
|
| 169 |
//System.out.println((String)attr.get());
|
|
| 170 | 170 |
uvec.add(attr.get()); |
| 171 | 171 |
} |
| 172 | 172 |
} |
| ... | ... | |
| 243 | 243 |
NamingEnumeration enum1 = attrs.getAll(); // only "uid" attr |
| 244 | 244 |
while (enum1.hasMore()) {
|
| 245 | 245 |
Attribute attr = (Attribute)enum1.next(); |
| 246 |
System.out.print(attr.getID() + "="); |
|
| 247 |
System.out.println((String)attr.get()); |
|
| 246 |
//System.out.print(attr.getID() + "=");
|
|
| 247 |
//System.out.println((String)attr.get());
|
|
| 248 | 248 |
uvec.add(attr.get()); |
| 249 | 249 |
} |
| 250 | 250 |
} |
| ... | ... | |
| 323 | 323 |
NamingEnumeration enum1 = attrs.getAll(); // only "gid" attr |
| 324 | 324 |
while (enum1.hasMore()) {
|
| 325 | 325 |
Attribute attr = (Attribute)enum1.next(); |
| 326 |
System.out.print(attr.getID() + "="); |
|
| 327 |
System.out.println((String)attr.get()); |
|
| 326 |
//System.out.print(attr.getID() + "=");
|
|
| 327 |
//System.out.println((String)attr.get());
|
|
| 328 | 328 |
uvec.add(attr.get()); |
| 329 | 329 |
} |
| 330 | 330 |
} |
| ... | ... | |
| 401 | 401 |
NamingEnumeration enum1 = attrs.getAll(); // only "gid" attr |
| 402 | 402 |
while (enum1.hasMore()) {
|
| 403 | 403 |
Attribute attr = (Attribute)enum1.next(); |
| 404 |
System.out.print(attr.getID() + "="); |
|
| 405 |
System.out.println((String)attr.get()); |
|
| 404 |
//System.out.print(attr.getID() + "=");
|
|
| 405 |
//System.out.println((String)attr.get());
|
|
| 406 | 406 |
uvec.add(attr.get()); |
| 407 | 407 |
} |
| 408 | 408 |
} |
| ... | ... | |
| 581 | 581 |
} |
| 582 | 582 |
|
| 583 | 583 |
/** |
| 584 |
* Get list of all groups and users from authentication scheme. |
|
| 585 |
* The output is formatted in XML. |
|
| 586 |
*/ |
|
| 587 |
private String getPrincipals(String user, String password) |
|
| 588 |
throws ConnectException |
|
| 589 |
{
|
|
| 590 |
StringBuffer out = new StringBuffer(); |
|
| 591 |
String[] groups = getGroups(user, password); |
|
| 592 |
|
|
| 593 |
out.append("<?xml version=\"1.0\"?>\n");
|
|
| 594 |
out.append("<principals>\n");
|
|
| 595 |
|
|
| 596 |
// for the groups and users that belong to them |
|
| 597 |
if ( groups.length > 0 ) {
|
|
| 598 |
for (int i=0; i < groups.length; i++ ) {
|
|
| 599 |
out.append(" <group>\n");
|
|
| 600 |
out.append(" <groupname>" + groups[i] + "<groupname>\n");
|
|
| 601 |
String[] usersForGroup = getUsers(user,password,groups[i]); |
|
| 602 |
for (int j=0; j <= usersForGroup.length; j++ ) {
|
|
| 603 |
out.append(" <user>\n");
|
|
| 604 |
out.append(" <username>" + usersForGroup[j] + "<username>\n");
|
|
| 605 |
out.append(" </user>\n");
|
|
| 606 |
} |
|
| 607 |
out.append("</group>\n");
|
|
| 608 |
} |
|
| 609 |
// for the users only when there are no any groups defined |
|
| 610 |
} else {
|
|
| 611 |
String[] users = getUsers(user, password); |
|
| 612 |
for (int j=0; j < users.length; j++ ) {
|
|
| 613 |
out.append(" <user>\n");
|
|
| 614 |
out.append(" <username>" + users[j] + "<username>\n");
|
|
| 615 |
out.append(" </user>\n");
|
|
| 616 |
} |
|
| 617 |
} |
|
| 618 |
|
|
| 619 |
out.append("</principals>");
|
|
| 620 |
return out.toString(); |
|
| 621 |
} |
|
| 622 |
|
|
| 623 |
/** |
|
| 584 | 624 |
* Test method for the class |
| 585 | 625 |
*/ |
| 586 | 626 |
public static void main(String[] args) {
|
| ... | ... | |
| 600 | 640 |
} else {
|
| 601 | 641 |
System.out.println("Authentication failed for: " + user);
|
| 602 | 642 |
} |
| 603 |
/* |
|
| 643 |
|
|
| 604 | 644 |
if (isValid) {
|
| 605 | 645 |
HashMap userInfo = authservice.getAttributes(user, password, user); |
| 606 | 646 |
|
| ... | ... | |
| 617 | 657 |
} |
| 618 | 658 |
|
| 619 | 659 |
} |
| 620 |
*/ |
|
| 660 |
|
|
| 661 |
/* |
|
| 621 | 662 |
// get the whole list of users |
| 622 | 663 |
if (isValid) {
|
| 623 | 664 |
String[] users = authservice.getUsers(user, password); |
| ... | ... | |
| 625 | 666 |
System.out.println(users[i]); |
| 626 | 667 |
} |
| 627 | 668 |
} |
| 669 |
*/ |
|
| 628 | 670 |
/* |
| 629 | 671 |
// get the whole list of users for a group |
| 630 | 672 |
if (isValid) {
|
| ... | ... | |
| 635 | 677 |
} |
| 636 | 678 |
} |
| 637 | 679 |
*/ |
| 680 |
/* // get the whole list groups and users in XML format |
|
| 681 |
if (isValid) {
|
|
| 682 |
String out = authservice.getPrincipals(user, password); |
|
| 683 |
java.io.File f = new java.io.File("principals.txt");
|
|
| 684 |
java.io.FileWriter fw = new java.io.FileWriter(f); |
|
| 685 |
java.io.BufferedWriter buff = new java.io.BufferedWriter(fw); |
|
| 686 |
buff.write(out); |
|
| 687 |
buff.flush(); |
|
| 688 |
buff.close(); |
|
| 689 |
fw.close(); |
|
| 690 |
} |
|
| 691 |
*/ |
|
| 638 | 692 |
} catch (ConnectException ce) {
|
| 639 | 693 |
System.err.println("Error connecting to LDAP server in authldap.main");
|
| 694 |
} catch (java.io.IOException ioe) {
|
|
| 695 |
System.err.println("I/O Error writing to file principals.txt");
|
|
| 640 | 696 |
} |
| 641 | 697 |
} |
| 642 | 698 |
} |
| src/edu/ucsb/nceas/metacat/AuthSession.java | ||
|---|---|---|
| 65 | 65 |
* @param password the password entered when login |
| 66 | 66 |
*/ |
| 67 | 67 |
public boolean authenticate(HttpServletRequest request, |
| 68 |
String username, String password) {
|
|
| 68 |
String username, String password) {
|
|
| 69 | 69 |
|
| 70 | 70 |
String message = null; |
| 71 | 71 |
|
| 72 | 72 |
try {
|
| 73 | 73 |
if ( authService.authenticate(username, password) ) {
|
| 74 |
this.session = getSession(request, username, password); |
|
| 74 |
String[] groups = authService.getGroups(username,password,username); |
|
| 75 |
this.session = getSession(request, username, password, groups); |
|
| 75 | 76 |
message = "Authentication successful for user: " + username; |
| 76 | 77 |
this.statusMessage = formatOutput("login", message);
|
| 77 | 78 |
return true; |
| ... | ... | |
| 93 | 94 |
|
| 94 | 95 |
/** Get new HttpSession and store username & password in it */ |
| 95 | 96 |
private HttpSession getSession(HttpServletRequest request, |
| 96 |
String username, String password) |
|
| 97 |
throws IllegalStateException {
|
|
| 97 |
String username, String password, |
|
| 98 |
String[] groups) |
|
| 99 |
throws IllegalStateException {
|
|
| 98 | 100 |
|
| 99 | 101 |
// get the current session object, create one if necessary |
| 100 | 102 |
HttpSession session = request.getSession(true); |
| ... | ... | |
| 104 | 106 |
session.invalidate(); |
| 105 | 107 |
session = request.getSession(true); |
| 106 | 108 |
} |
| 107 |
// store username & password in the session for later use, especially by
|
|
| 108 |
// the authenticate() method
|
|
| 109 |
// store the username, password, and groupname (the first only)
|
|
| 110 |
// in the session obj for use on subsequent calls to Metacat servlet
|
|
| 109 | 111 |
session.setMaxInactiveInterval(-1); |
| 110 | 112 |
session.setAttribute("username", username);
|
| 111 | 113 |
session.setAttribute("password", password);
|
| 114 |
if ( groups.length > 0 ) {
|
|
| 115 |
session.setAttribute("groupname", groups[0]);
|
|
| 116 |
} |
|
| 112 | 117 |
|
| 113 | 118 |
return session; |
| 114 | 119 |
} |
| ... | ... | |
| 122 | 127 |
return this.statusMessage; |
| 123 | 128 |
} |
| 124 | 129 |
|
| 125 |
/* NOT NEEDED |
|
| 126 | 130 |
/** |
| 127 |
* Determine if the session has been successfully authenticated
|
|
| 128 |
* @returns boolean true if authentication was successful, false otherwise
|
|
| 131 |
* Get list of all groups and users from authentication scheme.
|
|
| 132 |
* The output is formatted in XML.
|
|
| 129 | 133 |
*/ |
| 130 |
/*
|
|
| 131 |
public boolean isAuthenticated()
|
|
| 134 |
public String getPrincipals(String user, String password)
|
|
| 135 |
throws ConnectException
|
|
| 132 | 136 |
{
|
| 133 |
return this.isAuthenticated; |
|
| 137 |
StringBuffer out = new StringBuffer(); |
|
| 138 |
String[] groups = authService.getGroups(user, password); |
|
| 139 |
|
|
| 140 |
out.append("<?xml version=\"1.0\"?>\n");
|
|
| 141 |
out.append("<principals>\n");
|
|
| 142 |
|
|
| 143 |
// for the groups and users that belong to them |
|
| 144 |
if ( groups.length > 0 ) {
|
|
| 145 |
for (int i=0; i < groups.length; i++ ) {
|
|
| 146 |
out.append(" <group>\n");
|
|
| 147 |
out.append(" <groupname>" + groups[i] + "<groupname>\n");
|
|
| 148 |
String[] usersForGroup = authService.getUsers(user,password,groups[i]); |
|
| 149 |
for (int j=0; j <= usersForGroup.length; j++ ) {
|
|
| 150 |
out.append(" <user>\n");
|
|
| 151 |
out.append(" <username>" + usersForGroup[j] + "<username>\n");
|
|
| 152 |
out.append(" </user>\n");
|
|
| 153 |
} |
|
| 154 |
out.append("</group>\n");
|
|
| 155 |
} |
|
| 156 |
// for the users only when there are no any groups defined |
|
| 157 |
} else {
|
|
| 158 |
String[] users = authService.getUsers(user, password); |
|
| 159 |
for (int j=0; j < users.length; j++ ) {
|
|
| 160 |
out.append(" <user>\n");
|
|
| 161 |
out.append(" <username>" + users[j] + "<username>\n");
|
|
| 162 |
out.append(" </user>\n");
|
|
| 163 |
} |
|
| 164 |
} |
|
| 165 |
|
|
| 166 |
out.append("</principals>");
|
|
| 167 |
return out.toString(); |
|
| 134 | 168 |
} |
| 135 |
*/ |
|
| 136 | 169 |
|
| 137 |
/* NOT NEEDED |
|
| 138 |
/** |
|
| 139 |
* Invalidate this HTTPSession object. |
|
| 140 |
* All objects stored in the session are unbound. |
|
| 141 |
*/ |
|
| 142 |
/* |
|
| 143 |
private void invalidate(String message) |
|
| 144 |
{
|
|
| 145 |
this.isAuthenticated = false; |
|
| 146 |
this.session.setAttribute("isAuthenticated", new Boolean(isAuthenticated));
|
|
| 147 |
this.statusMessage = formatOutput("error", message);
|
|
| 148 |
this.session.setAttribute("statusMessage", this.statusMessage);
|
|
| 149 |
this.session.invalidate(); |
|
| 150 |
} |
|
| 151 |
*/ |
|
| 152 | 170 |
/* |
| 153 | 171 |
* format the output in xml for processing from client applications |
| 154 | 172 |
* |
| src/edu/ucsb/nceas/metacat/MetaCatServlet.java | ||
|---|---|---|
| 96 | 96 |
* action=getdoctypes -- retrieve all doctypes (publicID)<br> |
| 97 | 97 |
* action=getdtdschema -- retrieve a DTD or Schema file<br> |
| 98 | 98 |
* action=getdataguide -- retrieve a Data Guide<br> |
| 99 |
* action=getprincipals -- retrieve a list of principals in XML<br> |
|
| 99 | 100 |
* datadoc -- data document name (id)<br> |
| 100 | 101 |
* <p> |
| 101 | 102 |
* The particular combination of parameters that are valid for each |
| ... | ... | |
| 246 | 247 |
// by looking up the current session information for all actions |
| 247 | 248 |
// other than "login" and "logout" |
| 248 | 249 |
String username = null; |
| 250 |
String password = null; |
|
| 249 | 251 |
String groupname = null; |
| 250 | 252 |
String sess_id = null; |
| 251 | 253 |
|
| ... | ... | |
| 269 | 271 |
sess.setAttribute("username", username);
|
| 270 | 272 |
} else {
|
| 271 | 273 |
username = (String)sess.getAttribute("username");
|
| 274 |
password = (String)sess.getAttribute("password");
|
|
| 272 | 275 |
groupname = (String)sess.getAttribute("groupname");
|
| 273 | 276 |
try |
| 274 | 277 |
{
|
| ... | ... | |
| 377 | 380 |
} else if (action.equals("getdataguide")) {
|
| 378 | 381 |
PrintWriter out = response.getWriter(); |
| 379 | 382 |
handleGetDataGuideAction(out, params, response); |
| 383 |
} else if (action.equals("getprincipals")) {
|
|
| 384 |
PrintWriter out = response.getWriter(); |
|
| 385 |
handleGetPrincipalsAction(out, username, password); |
|
| 380 | 386 |
} else if (action.equals("login") || action.equals("logout")) {
|
| 381 | 387 |
} else if (action.equals("protocoltest")) {
|
| 382 | 388 |
String testURL = "metacat://dev.nceas.ucsb.edu/NCEAS.897766.9"; |
| ... | ... | |
| 1696 | 1702 |
|
| 1697 | 1703 |
} |
| 1698 | 1704 |
|
| 1705 |
/** |
|
| 1706 |
* Handle the "getprincipals" action. |
|
| 1707 |
* Read all principals from authentication scheme in XML format |
|
| 1708 |
*/ |
|
| 1709 |
private void handleGetPrincipalsAction(PrintWriter out, String user, |
|
| 1710 |
String password) {
|
|
| 1711 |
|
|
| 1712 |
Connection conn = null; |
|
| 1713 |
|
|
| 1714 |
try {
|
|
| 1715 |
|
|
| 1716 |
// get connection from the pool |
|
| 1717 |
AuthSession auth = new AuthSession(); |
|
| 1718 |
String principals = auth.getPrincipals(user, password); |
|
| 1719 |
out.println(principals); |
|
| 1720 |
|
|
| 1721 |
} catch (Exception e) {
|
|
| 1722 |
out.println("<?xml version=\"1.0\"?>");
|
|
| 1723 |
out.println("<error>");
|
|
| 1724 |
out.println(e.getMessage()); |
|
| 1725 |
out.println("</error>");
|
|
| 1726 |
} finally {
|
|
| 1727 |
util.returnConnection(conn); |
|
| 1728 |
} |
|
| 1729 |
|
|
| 1730 |
} |
|
| 1731 |
|
|
| 1699 | 1732 |
} |
Also available in: Unified diff
Included back getting the list of users and groups stored in auth scheme
through new action="getprincipals". No extra parameters are needed.
Any logged in users are able to get this information