You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@manifoldcf.apache.org by kw...@apache.org on 2015/06/28 20:39:28 UTC
svn commit: r1688036 - in
/manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth:
./ LdapAuthenticator.java
Author: kwright
Date: Sun Jun 28 18:39:27 2015
New Revision: 1688036
URL: http://svn.apache.org/r1688036
Log:
Add Colin's ldap authenticator class
Added:
manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/
manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java (with props)
Added: manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java
URL: http://svn.apache.org/viewvc/manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java?rev=1688036&view=auto
==============================================================================
--- manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java (added)
+++ manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java Sun Jun 28 18:39:27 2015
@@ -0,0 +1,155 @@
+/* $Id$ */
+
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.manifoldcf.core.auth;
+
+import java.util.Hashtable;
+
+import javax.naming.Context;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.manifoldcf.core.system.Logging;
+import org.apache.manifoldcf.core.system.ManifoldCF;
+
+public class LdapAuthenticator {
+
+ private static final String CONTEXT_FACTORY = "com.sun.jndi.ldap.LdapCtxFactory";
+ private static final String PROVIDER_URL_PROPERTY = "org.apache.manifoldcf.login.ldap.providerurl";
+ private static final String SECURITY_AUTHENTICATION_TYPE = "org.apache.manifoldcf.login.ldap.securityauthenticationtype";
+ private static final String SECURITY_PRINCIPLE = "org.apache.manifoldcf.login.ldap.securityprinciple";
+ private static final String CONTEXT_SEARCH_QUERY = "org.apache.manifoldcf.login.ldap.contextsearchquery";
+ private static final String SEARCH_ATTRIBUTE = "org.apache.manifoldcf.login.ldap.searchattribute";
+
+ /**
+ * @param userID
+ * @param password
+ * @return
+ */
+ private static Hashtable<String, String> buildEnvironment(String userID,
+ String password) {
+
+ Hashtable<String, String> environment = new Hashtable<String, String>();
+
+ environment.put(Context.INITIAL_CONTEXT_FACTORY, CONTEXT_FACTORY);
+
+ environment.put(Context.PROVIDER_URL,
+ ManifoldCF.getProperty(PROVIDER_URL_PROPERTY));
+
+ environment.put(Context.SECURITY_AUTHENTICATION,
+ ManifoldCF.getProperty(SECURITY_AUTHENTICATION_TYPE));
+ environment.put(
+ Context.SECURITY_PRINCIPAL,
+ substituteUser(ManifoldCF.getProperty(SECURITY_PRINCIPLE),
+ userID));
+ environment.put(Context.SECURITY_CREDENTIALS, password);
+
+ return environment;
+ }
+
+ /**
+ * @param source
+ * @param substitution
+ * @return
+ */
+ private static String substituteUser(String source, String substitution) {
+ return source.replace("$(userID)", substitution);
+ }
+
+ /**
+ * @param userId
+ * @param password
+ * @return
+ */
+ public static boolean verifyLogin(String userId, String password) {
+ boolean authenticated = false;
+
+ if (StringUtils.isNotEmpty(userId) && StringUtils.isNotEmpty(password)) {
+
+ try {
+
+ Logging.misc
+ .info("Authentication attempt for user = " + userId);
+
+ // Create initial context
+ DirContext ctx = new InitialDirContext(buildEnvironment(userId,
+ password));
+
+ NamingEnumeration results = null;
+ try {
+
+ SearchControls controls = new SearchControls();
+ controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+
+ results = ctx
+ .search("",
+ substituteUser(ManifoldCF
+ .getProperty(CONTEXT_SEARCH_QUERY),
+ userId), controls);
+ // is the user in the group?
+ while (results.hasMore()) {
+ SearchResult searchResult = (SearchResult) results
+ .next();
+
+ if (userId.equals(searchResult.getAttributes()
+ .get(ManifoldCF.getProperty(SEARCH_ATTRIBUTE))
+ .get())) {
+
+ Logging.misc.info("Successfully authenticated : "
+ + userId);
+
+ authenticated = true;
+ break;
+ }
+ }
+
+ } catch (Exception e) {
+ Logging.misc.error("User not authenticated = " + userId
+ + " exception = " + e.getMessage(), e);
+ } finally {
+
+ if (results != null) {
+ try {
+ results.close();
+ } catch (Exception e) {
+ // do nothing
+ }
+ }
+ if (ctx != null) {
+ try {
+ ctx.close();
+ } catch (Exception e) {
+ // do nothing
+ }
+ }
+ }
+
+ } catch (NamingException e) {
+ Logging.misc.error("Exception authenticating user = " + userId
+ + " exception = " + e.getMessage(), e);
+
+ }
+ }
+ return authenticated;
+ }
+}
\ No newline at end of file
Propchange: manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: manifoldcf/branches/CONNECTORS-1131/framework/core/src/main/java/org/apache/manifoldcf/core/auth/LdapAuthenticator.java
------------------------------------------------------------------------------
svn:keywords = Id