From bbd1bf9c76923008d8b53737090490a1698aea85 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Sat, 19 Apr 2014 15:04:24 +0200 Subject: [LdapUser] Added doc-comments, some TODOs, restructured connection error checking --- .../java/org/openslx/imagemaster/db/LDAPUser.java | 134 --------------------- 1 file changed, 134 deletions(-) delete mode 100644 src/main/java/org/openslx/imagemaster/db/LDAPUser.java (limited to 'src/main/java/org/openslx/imagemaster/db/LDAPUser.java') diff --git a/src/main/java/org/openslx/imagemaster/db/LDAPUser.java b/src/main/java/org/openslx/imagemaster/db/LDAPUser.java deleted file mode 100644 index 2d17b08..0000000 --- a/src/main/java/org/openslx/imagemaster/db/LDAPUser.java +++ /dev/null @@ -1,134 +0,0 @@ -package org.openslx.imagemaster.db; - -import java.io.IOException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; - -import javax.net.ssl.X509TrustManager; - -import org.apache.directory.api.ldap.model.cursor.CursorException; -import org.apache.directory.api.ldap.model.cursor.EntryCursor; -import org.apache.directory.api.ldap.model.entry.Entry; -import org.apache.directory.api.ldap.model.exception.LdapException; -import org.apache.directory.api.ldap.model.message.SearchScope; -import org.apache.directory.ldap.client.api.LdapConnectionConfig; -import org.apache.directory.ldap.client.api.LdapNetworkConnection; -import org.openslx.imagemaster.session.User; -import org.openslx.imagemaster.thrift.iface.AuthenticationException; -import org.openslx.imagemaster.util.Sha512Crypt; - -/* - * This TrustManager is used to accept custom certificates. - */ -class MyTrustManager implements X509TrustManager { - - @Override - public void checkClientTrusted(X509Certificate[] arg0, String arg1) - throws CertificateException {} - - @Override - public void checkServerTrusted(X509Certificate[] arg0, String arg1) - throws CertificateException {} - - @Override - public X509Certificate[] getAcceptedIssuers() { - return new X509Certificate[0]; - } - -} - -public class LDAPUser extends User { - - protected LDAPUser(int userId, String username, String password, String organization, - String firstName, String lastName, String eMail, - String satelliteAddress) { - super(userId, username, password, organization, firstName, lastName, eMail, - satelliteAddress); - } - - /** - * Query LDAP for user with given login - * @param login (user@organization) - * @return instance of LDAPUser for matching entry from LDAP, or null if not found - */ - @SuppressWarnings("finally") - public static LDAPUser forLogin( final String login, final String password ) throws AuthenticationException { - String username, organization, firstName, lastName, eMail, satelliteAddress; - - LdapConnectionConfig ldapConfig = new LdapConnectionConfig(); - ldapConfig.setTrustManagers(new MyTrustManager()); - ldapConfig.setLdapPort(636); - ldapConfig.setLdapHost("bv1.ruf.uni-freiburg.de"); - ldapConfig.setUseSsl(true); - - LdapNetworkConnection connection = new LdapNetworkConnection( ldapConfig ); - - // bind connection - try { - connection.bind("uid=" + login + ",ou=people,dc=uni-freiburg,dc=de", password); - } catch (LdapException e1) { - try { - connection.unBind(); - connection.close(); - } catch (LdapException | IOException e) { - } finally { - AuthenticationException ae = new AuthenticationException(); - ae.message = "Could not bind to LDAP server. Invalid credentials."; - throw ae; - } - } - - // test authorization - if (!connection.isConnected() || !connection.isAuthenticated()) { - try { - connection.unBind(); - connection.close(); - } catch (LdapException | IOException e) { - } finally { - AuthenticationException ae = new AuthenticationException(); - ae.message = "Could not connect / authenticate to LDAP server. Invalid credentials?"; - throw ae; - } - } - - // make search query - try { - EntryCursor cursor = connection.search("ou=people,dc=uni-freiburg,dc=de", "(&(objectclass=person)(uid=" - + login + "))", SearchScope.SUBTREE); - // only use the first result - cursor.next(); - Entry entry = cursor.get(); - username = entry.get("uid").getString(); - organization = "Test Organization"; // will be filled with bwIDM LDAP server - firstName = entry.get("givenName").getString(); - lastName = entry.get("sn").getString(); - eMail = entry.get("rufPreferredMail").getString(); - // get the satellite address from db - DbSatellite dbSatellite = DbSatellite.fromOrganization(organization); - if (dbSatellite != null) { - satelliteAddress = dbSatellite.getAddress(); - } else { - /* - * Organization is not known.. - * TODO: Handle this - */ - satelliteAddress = "addressNotKown"; - } - } catch (LdapException | CursorException e1) { - return null; - } finally { - // close connection - try { - connection.unBind(); - } catch (LdapException e) { - return null; - } - try { - connection.close(); - } catch (IOException e) { - return null; - } - } - return new LDAPUser(0, username, Sha512Crypt.Sha512_crypt(password, null, 0), organization, firstName, lastName, eMail, satelliteAddress); - } -} -- cgit v1.2.3-55-g7522