Project

General

Profile

Revision 740

Added by bojilova about 20 years ago

fixed the problem with empy password authentication.
Ldap somehow allows DirContext to be created
when empty password is provided as in our case
instead of comlaining like with wrong password string.
So included a check for empty password in order to reject the login.

View differences:

src/edu/ucsb/nceas/metacat/AuthLdap.java
111 111
System.out.println(ldapUrl + ldapBase); 
112 112
        String identifier = getIdentifyingName(user,ldapUrl,ldapBase);
113 113

  
114
        if (identifier != null) {
114
        if (identifier != null && !password.equals("")) {
115 115
          // Now that we have the dn, we can authenticate, so
116 116
          // authenticate this time when opening the DirContext
117 117
          env.put(Context.PROVIDER_URL, ldapUrl + ldapBase);
118
//        env.put(Context.SECURITY_PROTOCOL, "ssl");
118
          //env.put(Context.SECURITY_PROTOCOL, "ssl");
119 119
          env.put(Context.SECURITY_AUTHENTICATION, "simple");
120 120
          env.put(Context.SECURITY_PRINCIPAL, identifier + "," + ldapBase);
121 121
          env.put(Context.SECURITY_CREDENTIALS, password);
......
136 136
          }
137 137
        } else { 
138 138
          util.debugMessage("User not found");
139
//System.out.println("NOT FOUND HERE");
139
//System.out.println("User NOT FOUND");
140 140
        }
141 141
      } /* while ( enum.hasMore() ) */
142 142

  
143
    } catch (NullPointerException e) {
144
      util.debugMessage("NullPointerException b' password is null");
145
      util.debugMessage("NullPointerException while authenticating in " + 
146
                        "AuthLdap.authenticate: " + e);
147
      throw new ConnectException(
148
      "NullPointerException while authenticating in " + 
149
                        "AuthLdap.authenticate: " + e);
143 150
    } catch (NamingException e) {
144 151
      util.debugMessage("Naming exception while authenticating in " + 
145 152
                        "AuthLdap.authenticate: " + e);

Also available in: Unified diff