Project

General

Profile

Revision 980

Added by berkley almost 18 years ago

updated authldap to get the groups to work (king of)

View differences:

src/edu/ucsb/nceas/metacat/AuthLdap.java
66 66
  private String ldapsUrl;
67 67
  private String ldapBase;
68 68
  private String referral;
69
  private Context referralContext;
69
  private DirContext referralContext;
70 70
  Hashtable env = new Hashtable(11);
71 71
  private Context rContext;
72 72
  private String userName;
......
466 466
  public String[] getGroups(String user, String password) 
467 467
         throws ConnectException
468 468
  {
469
      return getGroups(user, password, null);
469
      return getGroups(user, password, user);
470 470
  }
471 471

  
472 472
  /**
......
500 500
        SearchControls ctls = new SearchControls();
501 501
        ctls.setReturningAttributes(attrIDs);
502 502
        ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
503
        
504 503
        String filter = null;
505 504
        String gfilter = "(objectClass=groupOfUniqueNames)";
506 505
        if (null == foruser) {
......
508 507
        } else {
509 508
            filter = "(& " + gfilter + "(uniqueMember=" + foruser + "))";
510 509
        }
511
        NamingEnumeration enum = ctx.search(ldapBase, filter, ctls);
512

  
513
        // Print the groups
510
        
514 511
        Vector uvec = new Vector();
515
        while (enum.hasMore()) {
516
          SearchResult sr = (SearchResult)enum.next();
517
          uvec.add(sr.getName()+","+ldapBase);
512
        
513
        try
514
        {
515
          NamingEnumeration enum = ctx.search(ldapBase, filter, ctls);
516
          // Print the groups
517
          while (enum.hasMore()) {
518
            SearchResult sr = (SearchResult)enum.next();
519
            uvec.addElement(sr.getName()+","+ldapBase);
520
            //System.out.println("result: " + sr.getName() + "," + ldapBase);
521
          }
518 522
        }
519
      
523
        catch(ReferralException re)
524
        {
525
          boolean moreReferrals = true;
526
          while(moreReferrals)
527
          {
528
            //System.out.println("Referral: " + re.toString());
529
            refExc = re;
530
            Thread t = new Thread(this);
531
            //System.out.println("Starting thread...");
532
            t.start();
533
            //System.out.println("sleeping for 7 seconds.");
534
            try
535
            {
536
              Thread.sleep(5000);
537
            }
538
            catch(java.lang.InterruptedException iee)
539
            {
540
              //System.out.println("Main Program Sleep Interrupted");
541
            }
542
            //this is a manual override of ldap's hideously long time
543
            //out period.
544
            //System.out.println("Awake after 5 seconds.");
545
            if (referralContext == null)
546
            {
547
              t.interrupt();
548
              //System.out.println("!!!!!!!!thread interrupted!!!!!!!!!");
549
              moreReferrals = false;
550
            }
551
            else
552
            {
553
              try
554
              {
555
                //System.out.println("searching...");
556
                
557
                NamingEnumeration enum = referralContext.search(ldapBase, filter, ctls);
558
                //System.out.println("searching complete.");
559
                while (enum.hasMore() && enum != null) {
560
                  SearchResult sr = (SearchResult)enum.next();
561
                  uvec.addElement(sr.getName()+","+ldapBase);
562
                  //System.out.println("result: " + sr.getName() + "," + ldapBase);
563
                }
564
                moreReferrals = false;
565
              }
566
              catch (ReferralException re2)
567
              {
568
                moreReferrals=true;
569
                refExc=re2;
570
              }
571
              catch (AuthenticationException ae)
572
              {
573
                util.debugMessage("Error running referral handler thread: " + 
574
                                  ae.getMessage());
575
                //check if has another referral
576
                moreReferrals=refExc.skipReferral();
577
                //don't get the context
578
                referralContext = null;
579
              }
580
              catch (NamingException ne)
581
              {
582
                util.debugMessage("Error running referral handler thread: " + 
583
                                  ne.getMessage());
584
                //check if has another referral
585
                moreReferrals=refExc.skipReferral();
586
                //don't get context
587
                referralContext = null;		
588
              }
589
            }
590
          }
591
        }
520 592

  
521 593
        // initialize groups[] and fill it
522 594
        groups = new String[uvec.size()];
......
526 598

  
527 599
        // Close the context when we're done
528 600
        ctx.close();
529

  
530
    } catch (ReferralException re) {
531
      try
532
      {
533
        refExc = re;
534
        Thread t = new Thread(this);
535
        util.debugMessage("Starting thread...");
536
        t.start();
537
        util.debugMessage("sleeping for 5 seconds.");
538
        Thread.sleep(5000); 
539
        //this is a manual override of ldap's hideously long time
540
        //out period.
541
        util.debugMessage("Awake after 5 seconds.");
542
        if (referralContext == null)
543
        {
544
          t.interrupt();
545
          return null;
546
        }
547
        DirContext dc = (DirContext)referralContext;
548
        String[] attrIDs = {"cn"};
549
        // Specify the attributes to match.
550
        // Groups are objects with attribute objectclass=groupofuniquenames.
551
        // and have attribute uniquemember: uid=foruser,ldapbase.
552
        SearchControls ctls = new SearchControls();
553
        ctls.setReturningAttributes(attrIDs);
554
        ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
555
        
556
        String filter = null;
557
        String gfilter = "(objectClass=groupOfUniqueNames)";
558
        if (null == foruser) {
559
            filter = gfilter;
560
        } else {
561
            filter = "(& " + gfilter + "(uniqueMember=" + foruser + "))";
562
        }
563
        NamingEnumeration enum = dc.search(ldapBase, filter, ctls);
564

  
565
        // Print the groups
566
        Vector uvec = new Vector();
567
        while (enum.hasMore()) {
568
          SearchResult sr = (SearchResult)enum.next();
569
          uvec.add(sr.getName()+","+ldapBase);
570
        }
571

  
572
        // initialize groups[] and fill it
573
        groups = new String[uvec.size()];
574
        for (int i=0; i < uvec.size(); i++) {
575
          groups[i] = (String)uvec.elementAt(i); 
576
        }
577
        referralContext.close();
578
        dc.close();
579
      }
580
      catch (Exception e)
581
      {
582
        return groups;
583
      }
584
    } catch (NamingException e) {
601
    }  
602
    catch (NamingException e) 
603
    {
585 604
      e.printStackTrace(System.err);
586 605
      throw new ConnectException(
587 606
      "Problem getting groups for a user in AuthLdap.getGroups:" + e);
......
817 836
    // Provide a user, such as: "Matt Jones", or "jones"
818 837
    String user = args[0];
819 838
    String password = args[1];
839
    String foruser = null;
840
    
841
    if(args.length == 3)
842
      foruser = args[2];
820 843

  
821 844
    AuthLdap authservice = new AuthLdap();
822 845

  
823 846
                
824 847
    boolean isValid = false;
825 848
    try {
849
      System.out.println("authenticating user " + user);
826 850
      isValid = authservice.authenticate(user, password);
827 851
      if (isValid) {
828
        MetaCatUtil.debugMessage("Authentication successful for: " + user );
852
        System.out.println("Authentication successful for: " + user );
829 853
      } else {
830
        MetaCatUtil.debugMessage("Authentication failed for: " + user);
854
        System.out.println("Authentication failed for: " + user);
831 855
      }
832 856

  
833 857
      // Get attributes for the user
834 858
      if (isValid) {
835
        MetaCatUtil.debugMessage("\nGetting attributes for user....");
836
        HashMap userInfo = authservice.getAttributes(user, password, user);
859
        System.out.println("\nGetting attributes for user....");
860
        HashMap userInfo;
861
        if(foruser == null)
862
        {
863
          userInfo = authservice.getAttributes(user, password, user);
864
        }
865
        else
866
        {
867
          userInfo = authservice.getAttributes(user, password, foruser);
868
        }
837 869
        // Print all of the attributes
838 870
        Iterator attList = (Iterator)(((Set)userInfo.keySet()).iterator());
839 871
        while (attList.hasNext()) {
......
842 874
          Iterator attvalues = values.iterator();
843 875
          while (attvalues.hasNext()) {
844 876
            String value = (String)attvalues.next();
845
            MetaCatUtil.debugMessage(att + ": " + value);
877
            System.out.println(att + ": " + value);
846 878
          }
847 879
        }
848 880
      }
849 881

  
850 882
      // get the groups
851 883
      if (isValid) {
852
        MetaCatUtil.debugMessage("\nGetting all groups....");
853
        String[] groups = authservice.getGroups(user, password);
854
        MetaCatUtil.debugMessage("Groups found: " + groups.length);
884
        System.out.println("\nGetting all groups....");
885
        String[] groups;
886
        if(foruser == null)
887
        {
888
          groups = authservice.getGroups(user, password);
889
        }
890
        else
891
        {
892
          groups = authservice.getGroups(user, password, foruser);
893
        }
894
        System.out.println("Groups found: " + groups.length);
855 895
        for (int i=0; i < groups.length; i++) {
856
            MetaCatUtil.debugMessage("Group " + i + ": " + groups[i]);
896
            System.out.println("Group " + i + ": " + groups[i]);
857 897
        }
858 898
      }
859 899

  
860 900
      // get the groups for the user
861 901
      String savedGroup = null;
862 902
      if (isValid) {
863
        MetaCatUtil.debugMessage("\nGetting groups for user....");
864
        String[] groups = authservice.getGroups(user, password, user);
865
        MetaCatUtil.debugMessage("Groups found: " + groups.length);
903
        System.out.println("\nGetting groups for user....");
904
        String[] groups;
905
        if(foruser == null)
906
        {
907
          groups = authservice.getGroups(user, password, user);
908
        }
909
        else
910
        {
911
          groups = authservice.getGroups(user, password, foruser);
912
        }
913
        System.out.println("Groups found: " + groups.length);
866 914
        for (int i=0; i < groups.length; i++) {
867
            MetaCatUtil.debugMessage("Group " + i + ": " + groups[i]);
915
            System.out.println("Group " + i + ": " + groups[i]);
868 916
            savedGroup = groups[i];
869 917
        }
870 918
      }
871 919

  
872 920
      // get the users for a group
873 921
      if (isValid) {
874
        MetaCatUtil.debugMessage("\nGetting users for group....");
875
        MetaCatUtil.debugMessage("Group: " + savedGroup);
922
        System.out.println("\nGetting users for group....");
923
        System.out.println("Group: " + savedGroup);
876 924
        String[] users = authservice.getUsers(user, password, savedGroup);
877
        MetaCatUtil.debugMessage("Users found: " + users.length);
925
        System.out.println("Users found: " + users.length);
878 926
        for (int i=0; i < users.length; i++) {
879
            MetaCatUtil.debugMessage("User " + i + ": " + users[i]);
927
            System.out.println("User " + i + ": " + users[i]);
880 928
        }
881 929
      }
882 930

  
883 931
      // get all users
884 932
      if (isValid) {
885
        MetaCatUtil.debugMessage("\nGetting all users ....");
933
        System.out.println("\nGetting all users ....");
886 934
        String[] users = authservice.getUsers(user, password);
887
        MetaCatUtil.debugMessage("Users found: " + users.length);
935
        System.out.println("Users found: " + users.length);
888 936
        
889 937
      }
890 938

  
891 939
      // get the whole list groups and users in XML format
892 940
      if (isValid) {
893
        MetaCatUtil.debugMessage("\nTrying principals....");
941
        System.out.println("\nTrying principals....");
894 942
        authservice = new AuthLdap();
895 943
        String out = authservice.getPrincipals(user, password);
896 944
        java.io.File f = new java.io.File("principals.xml");
......
900 948
        buff.flush();
901 949
        buff.close();
902 950
        fw.close();
903
        MetaCatUtil.debugMessage("\nFinished getting principals.");
951
        System.out.println("\nFinished getting principals.");
904 952
      }
905 953

  
906 954
    } catch (ConnectException ce) {
907
      MetaCatUtil.debugMessage(ce.getMessage());
955
      System.out.println(ce.getMessage());
908 956
    } catch (java.io.IOException ioe) {
909
      MetaCatUtil.debugMessage("I/O Error writing to file principals.txt");
957
      System.out.println("I/O Error writing to file principals.txt");
910 958
    }
911 959
  }
912 960
  
......
926 974
      try
927 975
      {
928 976
        //revise environment variable
929
        env.put(Context.PROVIDER_URL, refExc.getReferralInfo());
977
        String refInfo = null;
978
        refInfo = (String)refExc.getReferralInfo();
979
        //refInfo = (String)refExc.getReferralContext().getEnvironment().get(Context.PROVIDER_URL);
980
        //System.out.println("refInfo: " + refInfo);
981
        if(refInfo != null)
982
        {
983
          //System.out.println("Referral in thread to: " + 
984
          //                  refInfo.toString());
985
        }
986
        else
987
        {
988
          refInfo = (String)refExc.getReferralContext().getEnvironment().get(Context.PROVIDER_URL);
989
        }
990
        
991
        /*env.put(Context.PROVIDER_URL, refExc.getReferralInfo());
930 992
        env.put(Context.INITIAL_CONTEXT_FACTORY, 
931 993
                "com.sun.jndi.ldap.LdapCtxFactory");
932 994
        env.put(Context.SECURITY_PRINCIPAL, userName);
933 995
        env.put(Context.SECURITY_CREDENTIALS, userPassword);
996
        env.put(Context.REFERRAL, "throw");*/
997
        
998
        //get a context object for referral in the new envriment
999
        //rContext = refExc.getReferralContext();
1000
        
1001
        env.put(Context.INITIAL_CONTEXT_FACTORY, 
1002
            "com.sun.jndi.ldap.LdapCtxFactory");
934 1003
        env.put(Context.REFERRAL, "throw");
935
        //get a context object for referral in the new envriment
936
        rContext = refExc.getReferralContext(env);
1004
        env.put(Context.PROVIDER_URL, refInfo);
1005
        
1006
        referralContext = new InitialDirContext(env);
937 1007
        //casting the context to dircontext and it will create a
938 1008
        //autherntication or naming exception if DN and password is incorrect
939
        referralContext=rContext;
940
        refDirContext=(DirContext)rContext;
941
        refDirContext.close();
1009
        //referralContext=rContext;
1010
        //refDirContext=(DirContext)rContext;
1011
        //refDirContext.close();
942 1012
        //get context and jump out the while loop
943 1013
        moreReferrals=false;
944 1014
      }//try
945
      //if referral have another referral excption
946 1015
      catch (ReferralException re)
947 1016
      {
948 1017
        //keep running in while loop
......
950 1019
        //assign refExc to new referral exception re
951 1020
        refExc=re;
952 1021
      }
953
      //catch a authentication exception
954 1022
      catch (AuthenticationException ae)
955 1023
      {
956 1024
        util.debugMessage("Error running referral handler thread: " + 
......
960 1028
        //don't get the context
961 1029
        referralContext = null;
962 1030
      }
963
      //catch a naming exception
964 1031
      catch (NamingException ne)
965 1032
      {
966 1033
        util.debugMessage("Error running referral handler thread: " + 
build.xml
51 51
     <property name="jdbc" value="lib/jdbc7.1-1.2.jar" />
52 52
   </target>
53 53
   
54
   <target name="config" depends="postgresql">
54
   <target name="config" depends="oracle">
55 55
      <!-- Change the 'depends' attribute above to 'postgresql' to install 
56 56
           metacat with postgres instead of oracle -->
57 57

  
58 58
      <!-- Customize these properties for your system -->
59
      <property name="tomcat" value="/home/tao/tomcat" />
60
      <property name="webapps" value="/home/tao/tomcat/webapps" />
61
      <property name="context" value="tao" />
62
      <property name="user" value="tao"/>
63
      <property name="password" value="tdataint"/>
64
      <property name="server" value="epsilon.nceas.ucsb.edu:8443"/>
65
      <property name="systemidserver" value="http://epsilon.nceas.ucsb.edu:8080" />
59
      <property name="tomcat" value="/usr/local/devtools/jakarta-tomcat" />
60
      <property name="webapps" value="/opt/tomcat/webapps" />
61
      <property name="context" value="berkley" />
62
      <property name="user" value="berkley"/>
63
      <property name="password" value=""/>
64
      <property name="server" value="dev.nceas.ucsb.edu:8091"/>
65
      <property name="systemidserver" value="http://dev.nceas.ucsb.edu:8091" />
66 66
      <property name="web-base-url" 
67 67
                value="http://knb.ecoinformatics.org"/>
68 68
      <property name="default-style" value="knb" />

Also available in: Unified diff