You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by Axel Grosse <ag...@axway.com> on 2013/09/29 01:44:47 UTC
apacheds interceptor question - how to map NamingEnumeration to
EntryFilteringCursor
Hi
I am developing a LDAP Proxy based on embedded apache directory service ...
have set up an embedded Ldap Server wich runs nice against his directory ..
but I wont to intercept the search and use an Interceptor to ask a Backend LDAP Server ...
so I need to forward the search in complete (filter,basedn,controls) ... doable with SearchOperationContext
my problem now is the answer type
... normal LDAP Client search get a NamingEnumeration back
... the interceptor class need to return an EntryFilteringCursor
does anyone has an idea how to map these two ?
thanks for any help
Axel
code for ProxyInterceptor:
import com.vordel.trace.Trace;
import java.util.List;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.server.core.api.filtering.EntryFilter;
import org.apache.directory.server.core.api.filtering.EntryFilteringCursor;
import org.apache.directory.server.core.api.interceptor.BaseInterceptor;
import org.apache.directory.server.core.api.interceptor.Interceptor;
import org.apache.directory.server.core.api.interceptor.context.AddOperationContext;
import org.apache.directory.server.core.api.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.normalization.NormalizationInterceptor;
import com.vordel.dwe.ldap.proxy.ProxyClient;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
/**
*
* @author agrosse
*/
public class ProxyInterceptor extends BaseInterceptor{
private static ProxyClient pc;
NamingEnumeration resultClient;
/**
* Intercepts the search operation in order to replace plain password values
* with hashed ones.
*/
@Override
public EntryFilteringCursor search( SearchOperationContext opContext) throws LdapException {
try {
pc.connect();
} catch (NamingException ex) {
Trace.error(ex);;
}
Trace.debug("Intercation filter touched");
try {
//call new backend DS .. todo
resultClient = pc.search(opContext);
} catch ( Exception e){
Trace.error("Error in Interceptor");
} finally {
this.getNextInterceptor(opContext);
return resultClient;
//super.search(opContext)
}
}
}
code for ProxyClient:
import com.vordel.trace.Trace;
import java.util.Properties;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.api.interceptor.context.SearchOperationContext;
/**
*
* @author agrosse
*/
public class ProxyClient {
DirContext ctx = null;
NamingEnumeration results = null;
public void connect() throws NamingException {
Properties p = new Properties();
p.setProperty(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
p.setProperty(Context.PROVIDER_URL, "ldap://localhost:389/");
p.setProperty(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
p.setProperty(Context.SECURITY_CREDENTIALS, "secret");
p.setProperty(Context.SECURITY_AUTHENTICATION, "simple");
try {
ctx = new InitialDirContext(p);
} catch (NamingException ne){
Trace.error( ne);
} catch (Throwable e) {
Trace.error( e);
} finally {
if (results != null) {
try {
results.close();
} catch (Exception e) {
}
}
if (ctx != null) {
try {
ctx.close();
} catch (Exception e) {
}
}
}
}
public NamingEnumeration search(SearchOperationContext opContext) throws NamingException {
SearchControls controls = (SearchControls) opContext.getRequestControl(null);
return results = ctx.search(opContext.getScope().toString(), opContext.getFilter().toString(),controls);
}
}
AXEL GROSSE
Re: apacheds interceptor question - how to map NamingEnumeration to EntryFilteringCursor
Posted by Kiran Ayyagari <ka...@apache.org>.
On Sun, Sep 29, 2013 at 5:14 AM, Axel Grosse <ag...@axway.com> wrote:
> Hi ****
>
> I am developing a LDAP Proxy based on embedded apache directory service ...
> ****
>
> ** **
>
> have set up an embedded Ldap Server wich runs nice against his directory ..
> ****
>
> ** **
>
> but I wont to intercept the search and use an Interceptor to ask a Backend
> LDAP Server ...****
>
> ** **
>
> so I need to forward the search in complete (filter,basedn,controls) ...
> doable with SearchOperationContext****
>
> ** **
>
> my problem now is the answer type ****
>
> ... normal LDAP Client search get a *NamingEnumeration* back****
>
> ... the interceptor class need to return an *EntryFilteringCursor*****
>
> ** **
>
> does anyone has an idea how to map these two ?****
>
> **
>
implement a new cursor which is backed by the NamingEnumeration
you have got from the other server
alternatively you can use ApcheDS's LDAP API for searching and pass on
that cursor
> **
>
> thanks for any help****
>
> ** **
>
> Axel****
>
> ** **
>
> code for ProxyInterceptor:****
>
> ** **
>
> import com.vordel.trace.Trace;****
>
> import java.util.List;****
>
> import org.apache.directory.api.ldap.model.exception.LdapException;****
>
> import org.apache.directory.server.core.api.filtering.EntryFilter;****
>
> import org.apache.directory.server.core.api.filtering.EntryFilteringCursor;
> ****
>
> import org.apache.directory.server.core.api.interceptor.BaseInterceptor;**
> **
>
> import org.apache.directory.server.core.api.interceptor.Interceptor;****
>
> import
> org.apache.directory.server.core.api.interceptor.context.AddOperationContext;
> ****
>
> import
> org.apache.directory.server.core.api.interceptor.context.SearchOperationContext;
> ****
>
> import
> org.apache.directory.server.core.normalization.NormalizationInterceptor;**
> **
>
> ** **
>
> import com.vordel.dwe.ldap.proxy.ProxyClient;****
>
> import java.util.logging.Level;****
>
> import java.util.logging.Logger;****
>
> import javax.naming.NamingEnumeration;****
>
> import javax.naming.NamingException;****
>
> ** **
>
> ** **
>
> /******
>
> *****
>
> * @author agrosse****
>
> */****
>
> public class ProxyInterceptor extends BaseInterceptor{****
>
> ****
>
> private static ProxyClient pc;****
>
> NamingEnumeration resultClient;****
>
> ****
>
> ****
>
> /******
>
> * Intercepts the search operation in order to replace plain password
> values****
>
> * with hashed ones.****
>
> */****
>
> @Override****
>
> public EntryFilteringCursor search( SearchOperationContext opContext)
> throws LdapException {****
>
> try {****
>
> pc.connect();****
>
> } catch (NamingException ex) {****
>
> Trace.error(ex);;****
>
> }****
>
> ****
>
> Trace.debug("Intercation filter touched");****
>
> try {****
>
> //call new backend DS .. todo****
>
> resultClient = pc.search(opContext);****
>
> ****
>
> ****
>
> } catch ( Exception e){ ****
>
> Trace.error("Error in Interceptor");****
>
> } finally {****
>
> ****
>
> this.getNextInterceptor(opContext);****
>
> ****
>
> ****
>
> ****
>
> return resultClient;****
>
> //super.search(opContext)****
>
> }****
>
> }****
>
> ****
>
> ****
>
> } ****
>
> ** **
>
> code for ProxyClient:****
>
> ** **
>
> import com.vordel.trace.Trace;****
>
> import java.util.Properties;****
>
> import javax.naming.Context;****
>
> import javax.naming.NamingEnumeration;****
>
> import javax.naming.NamingException;****
>
> import javax.naming.directory.Attribute;****
>
> import javax.naming.directory.Attributes;****
>
> import javax.naming.directory.DirContext;****
>
> import javax.naming.directory.InitialDirContext;****
>
> import javax.naming.directory.SearchControls;****
>
> import javax.naming.directory.SearchResult;****
>
> import
> org.apache.directory.server.core.api.interceptor.context.SearchOperationContext;
> ****
>
> ** **
>
> /******
>
> *****
>
> * @author agrosse****
>
> */****
>
> public class ProxyClient {****
>
> DirContext ctx = null;****
>
> ****
>
> NamingEnumeration results = null;****
>
> ****
>
> public void connect() throws NamingException { ****
>
> ****
>
> Properties p = new Properties();****
>
> p.setProperty(Context.INITIAL_CONTEXT_FACTORY,
> "com.sun.jndi.ldap.LdapCtxFactory");****
>
> p.setProperty(Context.PROVIDER_URL, "ldap://localhost:389/");****
>
> p.setProperty(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");*
> ***
>
> p.setProperty(Context.SECURITY_CREDENTIALS, "secret");****
>
> p.setProperty(Context.SECURITY_AUTHENTICATION, "simple");****
>
> ****
>
> ****
>
> ****
>
> try {****
>
> ctx = new InitialDirContext(p);****
>
> ****
>
> ****
>
> } catch (NamingException ne){****
>
> Trace.error( ne);****
>
> } catch (Throwable e) {****
>
> Trace.error( e);****
>
> } finally {****
>
> if (results != null) {****
>
> try {****
>
> results.close();****
>
> } catch (Exception e) {****
>
> }****
>
> }****
>
> if (ctx != null) {****
>
> try {****
>
> ctx.close();****
>
> } catch (Exception e) {****
>
> }****
>
> }****
>
> }****
>
> ****
>
> ****
>
> }****
>
> ****
>
> public NamingEnumeration search(SearchOperationContext opContext)
> throws NamingException {****
>
> ****
>
> ****
>
> ****
>
> SearchControls controls = (SearchControls)
> opContext.getRequestControl(null);****
>
> ****
>
> return results = ctx.search(opContext.getScope().toString(),
> opContext.getFilter().toString(),controls);****
>
> }****
>
> ****
>
> }****
>
> ** **
>
> ** **
>
> AXEL GROSSE****
>
> ** **
>
--
Kiran Ayyagari
http://keydap.com
Re: apacheds interceptor question - how to map NamingEnumeration
to EntryFilteringCursor
Posted by Emmanuel Lécharny <el...@gmail.com>.
Hi,
the simple wy to do it is to use teh LDAP API instead of JNDI. JNDI is
by all mean atrocious anyway...
Otherwise, we have a class named NamingEnumerationAdapter which wraps a
EntryFilteringCursor, and this is what you want, I guess :
public NamingEnumerationAdapter( EntryFilteringCursor cursor )
throws NamingException
Le 9/28/13 4:44 PM, Axel Grosse a écrit :
> Hi
> I am developing a LDAP Proxy based on embedded apache directory service ...
>
> have set up an embedded Ldap Server wich runs nice against his directory ..
>
> but I wont to intercept the search and use an Interceptor to ask a Backend LDAP Server ...
>
> so I need to forward the search in complete (filter,basedn,controls) ... doable with SearchOperationContext
>
> my problem now is the answer type
> ... normal LDAP Client search get a NamingEnumeration back
> ... the interceptor class need to return an EntryFilteringCursor
>
> does anyone has an idea how to map these two ?
>
> thanks for any help
>
> Axel
>
> code for ProxyInterceptor:
>
> import com.vordel.trace.Trace;
> import java.util.List;
> import org.apache.directory.api.ldap.model.exception.LdapException;
> import org.apache.directory.server.core.api.filtering.EntryFilter;
> import org.apache.directory.server.core.api.filtering.EntryFilteringCursor;
> import org.apache.directory.server.core.api.interceptor.BaseInterceptor;
> import org.apache.directory.server.core.api.interceptor.Interceptor;
> import org.apache.directory.server.core.api.interceptor.context.AddOperationContext;
> import org.apache.directory.server.core.api.interceptor.context.SearchOperationContext;
> import org.apache.directory.server.core.normalization.NormalizationInterceptor;
>
> import com.vordel.dwe.ldap.proxy.ProxyClient;
> import java.util.logging.Level;
> import java.util.logging.Logger;
> import javax.naming.NamingEnumeration;
> import javax.naming.NamingException;
>
>
> /**
> *
> * @author agrosse
> */
> public class ProxyInterceptor extends BaseInterceptor{
>
> private static ProxyClient pc;
> NamingEnumeration resultClient;
>
>
> /**
> * Intercepts the search operation in order to replace plain password values
> * with hashed ones.
> */
> @Override
> public EntryFilteringCursor search( SearchOperationContext opContext) throws LdapException {
> try {
> pc.connect();
> } catch (NamingException ex) {
> Trace.error(ex);;
> }
>
> Trace.debug("Intercation filter touched");
> try {
> //call new backend DS .. todo
> resultClient = pc.search(opContext);
>
>
> } catch ( Exception e){
> Trace.error("Error in Interceptor");
> } finally {
>
> this.getNextInterceptor(opContext);
>
>
>
> return resultClient;
> //super.search(opContext)
> }
> }
>
> }
>
> code for ProxyClient:
>
> import com.vordel.trace.Trace;
> import java.util.Properties;
> import javax.naming.Context;
> import javax.naming.NamingEnumeration;
> import javax.naming.NamingException;
> import javax.naming.directory.Attribute;
> import javax.naming.directory.Attributes;
> import javax.naming.directory.DirContext;
> import javax.naming.directory.InitialDirContext;
> import javax.naming.directory.SearchControls;
> import javax.naming.directory.SearchResult;
> import org.apache.directory.server.core.api.interceptor.context.SearchOperationContext;
>
> /**
> *
> * @author agrosse
> */
> public class ProxyClient {
> DirContext ctx = null;
>
> NamingEnumeration results = null;
>
> public void connect() throws NamingException {
>
> Properties p = new Properties();
> p.setProperty(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
> p.setProperty(Context.PROVIDER_URL, "ldap://localhost:389/");
> p.setProperty(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
> p.setProperty(Context.SECURITY_CREDENTIALS, "secret");
> p.setProperty(Context.SECURITY_AUTHENTICATION, "simple");
>
>
>
> try {
> ctx = new InitialDirContext(p);
>
>
> } catch (NamingException ne){
> Trace.error( ne);
> } catch (Throwable e) {
> Trace.error( e);
> } finally {
> if (results != null) {
> try {
> results.close();
> } catch (Exception e) {
> }
> }
> if (ctx != null) {
> try {
> ctx.close();
> } catch (Exception e) {
> }
> }
> }
>
>
> }
>
> public NamingEnumeration search(SearchOperationContext opContext) throws NamingException {
>
>
>
> SearchControls controls = (SearchControls) opContext.getRequestControl(null);
>
> return results = ctx.search(opContext.getScope().toString(), opContext.getFilter().toString(),controls);
> }
>
> }
>
>
> AXEL GROSSE
>
>
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com