Project

General

Profile

« Previous | Next » 

Revision 728

Added by bojilova almost 24 years ago

fixes on getting information from LDAP services

View differences:

src/edu/ucsb/nceas/metacat/AuthLdap.java
56 56
 * is authenticated, and whether they are a member of a particular group.
57 57
 */
58 58
public class AuthLdap implements AuthInterface {
59
  
60
  private MetaCatUtil util;
61
  private String ldapUrl;
62
  private String ldapBase;
59 63

  
64
  /** 
65
   * Construct an AuthLdap
66
   */
67
  public AuthLdap() {
68

  
69
    // Read LDAP URI for directory service information
70
    this.util = new MetaCatUtil();
71
    this.ldapUrl = util.getOption("ldapurl");
72
    this.ldapBase = util.getOption("ldapbase");
73
    
74
  }
75

  
60 76
  /**
61 77
   * Determine if a user/password are valid according to the authentication
62 78
   * service.
......
68 84
  public boolean authenticate(String user, String password)
69 85
                    throws ConnectException
70 86
  {
71
    MetaCatUtil util = new MetaCatUtil();
72
    String ldapUrl = util.getOption("ldapurl");
73
    String ldapBase = util.getOption("ldapbase");
74

  
75 87
    String distName = null;
76 88
    boolean authenticated = false;
77 89

  
......
125 137
  public String[] getUsers(String user, String password) 
126 138
         throws ConnectException
127 139
  {
128
    MetaCatUtil util = new MetaCatUtil();
129
    String ldapUrl = util.getOption("ldapurl");
130
    String ldapBase = util.getOption("ldapbase");
131

  
132 140
    String[] users = null;
133 141

  
134 142
    // Identify service provider to use
......
187 195
    } catch (NamingException e) {
188 196
      System.err.println("Problem getting users in AuthLdap.getUsers:" + e);
189 197
      throw new ConnectException(
190
      "Problem getting groups in AuthLdap.getUsers:" + e);
198
      "Problem getting users in AuthLdap.getUsers:" + e);
191 199
    }
192 200

  
193 201
    return users;
......
199 207
  public String[] getUsers(String user, String password, String group) 
200 208
         throws ConnectException
201 209
  {
202
    MetaCatUtil util = new MetaCatUtil();
203
    String ldapUrl = util.getOption("ldapurl");
204
    String ldapBase = util.getOption("ldapbase");
205

  
206 210
    String[] users = null;
207 211

  
208 212
    // Identify service provider to use
......
226 230
        // Specify the ids of the attributes to return
227 231
        String[] attrIDs = {"uniquemember"};
228 232

  
229
        // Get the dn for this group
230
        identifier = getIdentifyingName(group);
231

  
232 233
        // Specify the attributes to match.
233 234
        // Groups are objects with attribute objectclass=groupofuniquenames.
234 235
        Attributes matchAttrs = new BasicAttributes(true); // ignore case
......
243 244
        while (enum.hasMore()) {
244 245
          SearchResult sr = (SearchResult)enum.next();
245 246
          Attributes attrs = sr.getAttributes();
246
          // return all attributes
247
          NamingEnumeration enum1 = attrs.getAll(); // only "uniquemember" attr
247
          // return all attributes (only "uniquemember" attr)
248
          NamingEnumeration enum1 = attrs.getAll();
248 249
          while (enum1.hasMore()) {
249 250
            Attribute attr = (Attribute)enum1.next();
250 251
            // return all values of that attribute
251 252
            NamingEnumeration enum2 = attr.getAll();
252 253
            while (enum2.hasMore()) {
253
              uvec.add((String)enum2.next());
254
              // get DN of a member
255
              String memberDN = (String)enum2.next();
256
              try {
257
                // we actually need RDN of the member
258
                // try to get RDN (UID) of the member in case of a user
259
                String memberID = getUserID(memberDN);
260
                if ( memberID != null ) {
261
                  uvec.add(memberID);
262
                // CURRENTLY WE DON'T SUPPORT SUBGROUPING, THUS
263
                // IGNORE SUBGROUPS AS MEMBERS OF THE GROUP
264
                // // this is a group, not user
265
                // // try to get RDN (CN) of the group
266
                // } else {
267
                //   memberID = getGroupID(memberDN);
268
                //   uvec.add(memberID);
269
                }
270
              } catch (NamingException ne) {}
254 271
            }
255 272
          }
256 273
        }
......
268 285
      }
269 286

  
270 287
    } catch (NamingException e) {
271
      System.err.println("Problem getting users in AuthLdap.getUsers:" + e);
288
      System.err.println("Problem getting users for a group in AuthLdap.getUsers:" + e);
272 289
      throw new ConnectException(
273
      "Problem getting groups in AuthLdap.getUsers:" + e);
290
      "Problem getting users for a group in AuthLdap.getUsers:" + e);
274 291
    }
275 292

  
276 293
    return users;
277 294
  }
278 295

  
279 296
  /**
297
   * Get UID by DN of a member
298
   */
299
  private String getUserID(String dn) 
300
         throws NamingException
301
  {
302
    String[] users = null;
303

  
304
    // Identify service provider to use
305
    Hashtable env = new Hashtable(11);
306
    env.put(Context.INITIAL_CONTEXT_FACTORY, 
307
            "com.sun.jndi.ldap.LdapCtxFactory");
308
    env.put(Context.PROVIDER_URL, ldapUrl); // + ldapBase);
309

  
310
    try {
311

  
312
        // Create the initial directory context
313
        DirContext ctx = new InitialDirContext(env);
314

  
315
        // Specify the ids of the attributes to return
316
        String[] attrIDs = {"uid"};
317

  
318
        // Ask for "uid" attributes of the user 
319
        Attributes attrs = ctx.getAttributes(dn, attrIDs);
320

  
321
        // Print all of the attributes (only "uid" attr)
322
        Vector uvec = new Vector();
323
        NamingEnumeration en = attrs.getAll();
324
        while (en.hasMore()) {
325
          Attribute att = (Attribute)en.next();
326
          Vector values = new Vector();
327
          String attName = att.getID();
328
          NamingEnumeration attvalues = att.getAll();
329
          while (attvalues.hasMore()) {
330
            String value = (String)attvalues.next();
331
            values.add(value);
332
          }
333
          uvec.add(values.elementAt(0));
334
        }
335

  
336
        // initialize users[]; fill users[]
337
        users = new String[uvec.size()];
338
        for (int i=0; i < uvec.size(); i++) {
339
          users[i] = (String)uvec.elementAt(i); 
340
        }
341

  
342
        // Close the context when we're done
343
        ctx.close();
344

  
345
    } catch (NamingException ne) {
346
      System.err.println("Problem getting userID by \"dn\" in AuthLdap.getUserID:" + ne);
347
      throw ne;
348
      //throw new ConnectException(
349
      //"Problem getting userID searching by \"dn\" in AuthLdap.getUserID:" + e);
350
      //return null;
351
    }
352

  
353
    if ( users.length > 0 ) {
354
      return users[0];
355
    }
356
    return null;
357
  }
358

  
359
  /**
360
   * Get CN by DN of a member
361
   */
362
  private String getGroupID(String dn) 
363
         throws NamingException
364
  {
365
    String[] groups = null;
366

  
367
    // Identify service provider to use
368
    Hashtable env = new Hashtable(11);
369
    env.put(Context.INITIAL_CONTEXT_FACTORY, 
370
            "com.sun.jndi.ldap.LdapCtxFactory");
371
    env.put(Context.PROVIDER_URL, ldapUrl); // + ldapBase);
372

  
373
    try {
374

  
375
        // Create the initial directory context
376
        DirContext ctx = new InitialDirContext(env);
377

  
378
        // Specify the ids of the attributes to return
379
        String[] attrIDs = {"cn"};
380

  
381
        // Ask for "uid" attributes of the user 
382
        Attributes attrs = ctx.getAttributes(dn, attrIDs);
383

  
384
        // Print all of the attributes (only "cn" attr)
385
        Vector uvec = new Vector();
386
        NamingEnumeration en = attrs.getAll();
387
        while (en.hasMore()) {
388
          Attribute att = (Attribute)en.next();
389
          Vector values = new Vector();
390
          String attName = att.getID();
391
          NamingEnumeration attvalues = att.getAll();
392
          while (attvalues.hasMore()) {
393
            String value = (String)attvalues.next();
394
            values.add(value);
395
          }
396
          uvec.add(values.elementAt(0));
397
        }
398

  
399
        // initialize users[]; fill users[]
400
        groups = new String[uvec.size()];
401
        for (int i=0; i < uvec.size(); i++) {
402
          groups[i] = (String)uvec.elementAt(i); 
403
        }
404

  
405
        // Close the context when we're done
406
        ctx.close();
407

  
408
    } catch (NamingException ne) {
409
      System.err.println("Problem getting groupID by \"dn\" in AuthLdap.getGroupID:" + ne);
410
      throw ne;
411
      //throw new ConnectException(
412
      //"Problem getting groupID searching by \"dn\" in AuthLdap.getGroupID:" + e);
413
      //return null;
414
    }
415

  
416
    if ( groups.length > 0 ) {
417
      return groups[0];
418
    }
419
    return null;
420
  }
421

  
422
  /**
280 423
   * Get all groups from the authentication service
281 424
   */
282 425
  public String[] getGroups(String user, String password) 
283 426
         throws ConnectException
284 427
  {
285
    MetaCatUtil util = new MetaCatUtil();
286
    String ldapUrl = util.getOption("ldapurl");
287
    String ldapBase = util.getOption("ldapbase");
288

  
289 428
    String[] groups = null;
290 429

  
291 430
    // Identify service provider to use
......
356 495
  public String[] getGroups(String user, String password, String foruser) 
357 496
         throws ConnectException
358 497
  {
359
    MetaCatUtil util = new MetaCatUtil();
360
    String ldapUrl = util.getOption("ldapurl");
361
    String ldapBase = util.getOption("ldapbase");
362

  
363 498
    String[] groups = null;
364 499

  
365 500
    // Identify service provider to use
......
398 533
        while (enum.hasMore()) {
399 534
          SearchResult sr = (SearchResult)enum.next();
400 535
          Attributes attrs = sr.getAttributes();
401
          NamingEnumeration enum1 = attrs.getAll(); // only "gid" attr
536
          NamingEnumeration enum1 = attrs.getAll(); // only "cn" attr
402 537
          while (enum1.hasMore()) {
403 538
            Attribute attr = (Attribute)enum1.next();
404 539
            uvec.add(attr.get());
......
420 555
    } catch (NamingException e) {
421 556
      System.err.println("Problem getting groups in AuthLdap.getGroups:" + e);
422 557
      throw new ConnectException(
423
      "Problem getting groups in AuthLdap.getGroups:" + e);
558
      "Problem getting groups for a user in AuthLdap.getGroups:" + e);
424 559
    }
425 560

  
426 561
    return groups;
......
449 584
  public HashMap getAttributes(String user, String password, String foruser) 
450 585
         throws ConnectException
451 586
  {
452
    MetaCatUtil util = new MetaCatUtil();
453
    String ldapUrl = util.getOption("ldapurl");
454
    String ldapBase = util.getOption("ldapbase");
455

  
456 587
    HashMap attributes = new HashMap();
457 588

  
458 589
    // Identify service provider to use
......
519 650
  private String getIdentifyingName(String user) 
520 651
         throws NamingException
521 652
  {
522
    MetaCatUtil util = new MetaCatUtil();
523
    String ldapUrl = util.getOption("ldapurl");
524
    String ldapBase = util.getOption("ldapbase");
525

  
526 653
    String identifier = null;
527 654

  
528 655
    // Identify service provider to use
......
590 717
    Vector usersIn = new Vector();
591 718
    
592 719
    out.append("<?xml version=\"1.0\"?>\n");
593
    out.append("<principals>\n");
720
    out.append("<principals authSystemURI=\"" + ldapUrl + ldapBase + "\">\n");
594 721
    
595 722
    // for the groups and users that belong to them
596 723
    if ( groups.length > 0 ) {
......
638 765
      if (isValid) {
639 766
        System.out.println("Authentication successful for: " + user );
640 767
        System.out.println(" ");
768
        
641 769
      } else {
642 770
        System.out.println("Authentication failed for: " + user);
643 771
      }
src/edu/ucsb/nceas/metacat/AuthSession.java
41 41
  private String authClass = null;
42 42
  private HttpSession session = null;
43 43
  private AuthInterface authService = null;
44
  private String ldapUrl;
45
  private String ldapBase;
44 46
  private String statusMessage = null;
45 47
 
46 48
  /** 
......
51 53
    // Determine our session authentication method and
52 54
    // create an instance of the auth class
53 55
    MetaCatUtil util = new MetaCatUtil();
54
    authClass = util.getOption("authclass");
55
    authService = (AuthInterface)createObject(authClass);
56
    this.authClass = util.getOption("authclass");
57
    this.authService = (AuthInterface)createObject(authClass);
58
    this.ldapUrl = util.getOption("ldapurl");
59
    this.ldapBase = util.getOption("ldapbase");
56 60
    
57 61
  }
58 62

  
......
138 142
    String[] groups = authService.getGroups(user, password);
139 143
    
140 144
    out.append("<?xml version=\"1.0\"?>\n");
141
    out.append("<principals>\n");
145
    out.append("<principals authSystemURI=\"" + ldapUrl + ldapBase + "\">\n");
142 146
    
143 147
    // for the groups and users that belong to them
144 148
    if ( groups.length > 0 ) {

Also available in: Unified diff