Project

General

Profile

« Previous | Next » 

Revision 868

Added by berkley over 22 years ago

fixed referral catching mechanism in authLdap.ldapAuthenticate() so that it will refer through a bunch of linked servers instead of just one....I still haven't figured out why the getGroups method wont work.

View differences:

src/edu/ucsb/nceas/metacat/AuthLdap.java
45 45
import javax.naming.directory.InitialDirContext;
46 46
import javax.naming.directory.SearchResult;
47 47
import javax.naming.directory.SearchControls;
48
import javax.naming.ReferralException;
48 49
import javax.naming.ldap.*;
49 50
import java.util.Iterator;
50 51
import java.util.HashMap;
......
90 91
  public boolean authenticate(String user, String password)
91 92
                    throws ConnectException
92 93
  {
93
    //System.out.println("ldap authenticating");
94
    System.out.println("ldap authenticating");
94 95
    String ldapUrl = this.ldapUrl;
95 96
    String ldapsUrl = this.ldapsUrl;
96 97
    String ldapBase = this.ldapBase;
......
148 149
        //System.out.println("referral: " + referral);
149 150
        // Now that we have the dn, we can authenticate, so
150 151
        // authenticate this time when opening the DirContext
152
        //System.out.println("referral=throw");
151 153
        env.put(Context.REFERRAL, "throw");
152 154
        /*CB:  Note that the above env.put statement does not use the referral 
153 155
          variable.  it is hard coded to 'throw'.  Matt: Is it ok to do this
......
191 193
          if ( ctx != null ) {
192 194
            ctx.close();
193 195
          }
194
        } catch (javax.naming.InvalidNameException ine) {
196
        } 
197
        catch (javax.naming.InvalidNameException ine) 
198
        {
195 199
            System.out.println("An invalid DN was provided!");
196
        } catch(javax.naming.ReferralException re) {
197
	        System.out.println("referral to : " + re.getReferralInfo().toString());
198
            try
199
            {
200
              /*
201
               Matt, I think this is right but I'm not sure...please check me to make
202
               sure I didn't do something wrong here.
203
              */
204
              double refStartTime = System.currentTimeMillis();
205
              Context refctx = re.getReferralContext(env);
206
              authenticated = true;
207
              refctx.close();
208
              this.ldapUrl = ldapUrl;
209
              this.ldapBase = ldapBase;
210
              double refStopTime = System.currentTimeMillis();
211
              System.out.println("total referral time: " + 
212
                                (refStopTime - refStartTime)/1000 + " seconds");
213
            }
214
            catch(Exception e)
215
            {
216
                System.out.println("Error with referral to : " + 
217
                                   re.getReferralInfo().toString());
218
                authenticated = false;
219
            }
220
            
221
	}
200
        } 
201
        catch(javax.naming.ReferralException re) 
202
        {
203
	        try
204
          {
205
            Context c = handleReferral(env, re);
206
            authenticated = true;
207
          }
208
          catch(Exception e)
209
          {
210
            authenticated = false;
211
          }
212
        }
222 213
    } else { 
223 214
        util.debugMessage("User not found");
224 215
    }
......
227 218
                      (totStopTime - totStartTime)/1000 + " seconds");
228 219
    return authenticated;
229 220
  }
221
  
222
  /**
223
   * handles a referral exception.  this method should be called from
224
   * within the catch statement of a ReferralException 
225
   */
226
  private Context handleReferral(Hashtable env, ReferralException re)
227
                  throws Exception 
228
  {
229
    System.out.println("referral to : " + re.getReferralInfo().toString());
230
    boolean referralSuccess = false;
231
    while(referralSuccess != true)
232
    {
233
      try
234
      {
235
        /*
236
         Matt, I think this is right but I'm not sure...please check me to make
237
         sure I didn't do something wrong here.
238
        */
239
        double refStartTime = System.currentTimeMillis();
240
        Context refctx = re.getReferralContext(env);
241
        referralSuccess = true;
242
        refctx.close();
243
        this.ldapUrl = ldapUrl;
244
        this.ldapBase = ldapBase;
245
        double refStopTime = System.currentTimeMillis();
246
        System.out.println("total referral time: " + 
247
                          (refStopTime - refStartTime)/1000 + " seconds");
248
        return refctx;
249
      }
250
      catch(ReferralException e)
251
      {
252
          System.out.println("Referring to: " + 
253
                             re.getReferralInfo().toString());
254
      }
255
      catch(Exception e)
256
      {
257
        throw e;
258
      }
259
    }
260
    return null; //this should never get called
261
  }
230 262

  
231 263
  /**
232 264
   * Get the identifying name for a given userid or name.  This is the name
......
652 684
        ctx.close();
653 685

  
654 686
    } catch (NamingException e) {
655
      System.err.println("Problem getting groups in AuthLdap.getGroups:" + e);
687
      System.err.println("Problem getting groups in AuthLdap.getGroups 1:" + e);
656 688
      throw new ConnectException(
657 689
      "Problem getting groups in AuthLdap.getGroups:" + e);
658 690
    }
......
666 698
  public String[] getGroups(String user, String password, String foruser) 
667 699
         throws ConnectException
668 700
  {
701
    //System.err.println("GG in get groups 2");
669 702
    String[] groups = null;
670 703

  
671 704
    // Identify service provider to use
......
673 706
    env.put(Context.INITIAL_CONTEXT_FACTORY, 
674 707
            "com.sun.jndi.ldap.LdapCtxFactory");
675 708
    env.put(Context.REFERRAL, referral);
709
    //System.out.println("GG server: " + ldapUrl + ldapBase); 
676 710
    env.put(Context.PROVIDER_URL, ldapUrl + ldapBase);
677 711
    try {
678 712

  
......
683 717
        // Specify the attributes to match.
684 718
        // Groups are objects with attribute objectclass=groupofuniquenames.
685 719
        // and have attribute uniquemember: uid=foruser,ldapbase.
686
        Attributes matchAttrs = new BasicAttributes(true); // ignore case
687
        matchAttrs.put(new BasicAttribute("objectclass", "groupofuniquenames"));
720
        Attributes matchAttrs = new BasicAttributes(); // ignore case
721
        matchAttrs.put(new BasicAttribute("objectClass", "groupOfUniqueNames"));
722
        //System.out.println("GG user: " + user);
723
        //System.out.println("GG foruser: " + foruser);
688 724
        String dn = user;/*getIdentifyingName(foruser, ldapUrl, ldapBase);*/ 
689
        matchAttrs.put(new BasicAttribute("uniquemember",dn+","+ldapBase));
725
        //System.out.println("GG dn: " + dn);
726
        matchAttrs.put(new BasicAttribute("uniqueMember", dn));
690 727
        // Search for objects in the current context
728
        //System.out.println("GG matchAttrs: " + matchAttrs.toString());
691 729
        NamingEnumeration enum = ctx.search("", matchAttrs, attrIDs);
692 730
        // Print the users
693 731
        Vector uvec = new Vector();
694 732
        while (enum.hasMore()) {
733
          //System.out.println("GG search result found");
695 734
          SearchResult sr = (SearchResult)enum.next();
696 735
          Attributes attrs = sr.getAttributes();
697 736
          NamingEnumeration enum1 = attrs.getAll(); // only "cn" attr
......
702 741
        }
703 742

  
704 743
        // initialize groups[] and fill it
744
        //System.out.println("GG getting groups: " + uvec.size());
705 745
        groups = new String[uvec.size()];
706 746
        for (int i=0; i < uvec.size(); i++) {
747
          //System.out.println("GG group: " + groups[i]);
707 748
          groups[i] = (String)uvec.elementAt(i); 
708 749
        }
709 750

  
......
711 752
        ctx.close();
712 753

  
713 754
    } catch (NamingException e) {
714
      System.err.println("Problem getting groups in AuthLdap.getGroups:" + e);
755
      System.err.println("Problem getting groups in AuthLdap.getGroups 2:" + e);
756
      e.printStackTrace(System.err);
715 757
      throw new ConnectException(
716 758
      "Problem getting groups for a user in AuthLdap.getGroups:" + e);
717 759
    }
718

  
719 760
    return groups;
720 761
  }
721 762

  

Also available in: Unified diff