You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@manifoldcf.apache.org by kw...@apache.org on 2015/06/28 21:21:54 UTC
svn commit: r1688042 - in
/manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core:
auth/LdapAuthenticator.java interfaces/IAuth.java
Author: kwright
Date: Sun Jun 28 19:21:54 2015
New Revision: 1688042
URL: http://svn.apache.org/r1688042
Log:
Add LdapAuthenticator
Added:
manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IAuth.java (with props)
Modified:
manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java
Modified: manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java
URL: http://svn.apache.org/viewvc/manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java?rev=1688042&r1=1688041&r2=1688042&view=diff
==============================================================================
--- manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java (original)
+++ manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java Sun Jun 28 19:21:54 2015
@@ -29,24 +29,37 @@ import javax.naming.directory.SearchCont
import javax.naming.directory.SearchResult;
import org.apache.commons.lang.StringUtils;
+import org.apache.manifoldcf.core.interfaces.IAuth;
+import org.apache.manifoldcf.core.interfaces.IThreadContext;
import org.apache.manifoldcf.core.system.Logging;
import org.apache.manifoldcf.core.system.ManifoldCF;
+import org.apache.manifoldcf.core.interfaces.ManifoldCFException;
+import org.apache.manifoldcf.core.interfaces.LockManagerFactory;
-public class LdapAuthenticator {
+public class LdapAuthenticator implements IAuth {
private static final String CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
+
private static final String PROVIDER_URL_PROPERTY = "org.apache.manifoldcf.login.ldap.providerurl";
private static final String SECURITY_AUTHENTICATION_TYPE = "org.apache.manifoldcf.login.ldap.securityauthenticationtype";
private static final String SECURITY_PRINCIPLE = "org.apache.manifoldcf.login.ldap.securityprinciple";
private static final String CONTEXT_SEARCH_QUERY = "org.apache.manifoldcf.login.ldap.contextsearchquery";
private static final String SEARCH_ATTRIBUTE = "org.apache.manifoldcf.login.ldap.searchattribute";
+ protected final String securityPrincipal;
+
+ /** Constructor */
+ public LdapAuthenticator(final IThreadContext threadContext)
+ throws ManifoldCFException {
+ securityPrincipal = LockManagerFactory.getStringProperty(threadContext,SECURITY_PRINCIPLE,"admin");
+ }
+
/**
* @param userID
* @param password
* @return
*/
- private static Hashtable<String, String> buildEnvironment(String userID,
+ private Hashtable<String, String> buildEnvironment(String userID,
String password) {
Hashtable<String, String> environment = new Hashtable<String, String>();
@@ -60,8 +73,7 @@ public class LdapAuthenticator {
ManifoldCF.getProperty(SECURITY_AUTHENTICATION_TYPE));
environment.put(
Context.SECURITY_PRINCIPAL,
- substituteUser(ManifoldCF.getProperty(SECURITY_PRINCIPLE),
- userID));
+ substituteUser(securityPrincipal, userID));
environment.put(Context.SECURITY_CREDENTIALS, password);
return environment;
@@ -81,7 +93,9 @@ public class LdapAuthenticator {
* @param password
* @return
*/
- public static boolean verifyLogin(String userId, String password) {
+ @Override
+ public boolean verifyLogin(final String userId, final String password)
+ throws ManifoldCFException {
boolean authenticated = false;
if (StringUtils.isNotEmpty(userId) && StringUtils.isNotEmpty(password)) {
@@ -126,6 +140,7 @@ public class LdapAuthenticator {
} catch (Exception e) {
Logging.misc.error("User not authenticated = " + userId
+ " exception = " + e.getMessage(), e);
+ throw new ManifoldCFException("User not authenticated: "+e.getMessage(),e);
} finally {
if (results != null) {
@@ -147,9 +162,17 @@ public class LdapAuthenticator {
} catch (NamingException e) {
Logging.misc.error("Exception authenticating user = " + userId
+ " exception = " + e.getMessage(), e);
-
+ throw new ManifoldCFException("Exception authenticating user: "+e.getMessage(),e);
}
}
return authenticated;
}
+
+ /** Check user capability */
+ public boolean checkCapability(final String userId, final int capability)
+ throws ManifoldCFException {
+ // No current ability to distinguish roles
+ return true;
+ }
+
}
\ No newline at end of file
Added: manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IAuth.java
URL: http://svn.apache.org/viewvc/manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IAuth.java?rev=1688042&view=auto
==============================================================================
--- manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IAuth.java (added)
+++ manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IAuth.java Sun Jun 28 19:21:54 2015
@@ -0,0 +1,48 @@
+/* $Id$ */
+
+/**
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements. See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License. You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package org.apache.manifoldcf.core.interfaces;
+
+/** An instance of this interface describes how to authorize various components
+* of the ManifoldCF system.
+*/
+public interface IAuth
+{
+
+ // User capabilities
+
+ /** View connections */
+ public final static int CAPABILITY_VIEW_CONNECTIONS = 1;
+ /** View jobs */
+ public final static int CAPABILITY_VIEW_JOBS = 2;
+ /** View reports */
+ public final static int CAPABILITY_VIEW_REPORTS = 3;
+ /** Edit connections */
+ public final static int CAPABILITY_EDIT_CONNECTIONS = 4;
+ /** Edit jobs */
+ public final static int CAPABILITY_EDIT_JOBS = 5;
+
+ /** Verify login */
+ public boolean verifyLogin(final String userId, final String password)
+ throws ManifoldCFException;
+
+ /** Check user capability */
+ public boolean checkCapability(final String userId, final int capability)
+ throws ManifoldCFException;
+
+}
\ No newline at end of file
Propchange: manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IAuth.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/interfaces/IAuth.java
------------------------------------------------------------------------------
svn:keywords = Id