You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by da...@apache.org on 2013/11/02 14:50:43 UTC
git commit: AMQ-4685: Improved LDAPLoginModule to support ldap alias
when result is absolute. Thanks to Igor Podolskiy for patch.
Updated Branches:
refs/heads/trunk 70e2b998d -> 20747eedc
AMQ-4685: Improved LDAPLoginModule to support ldap alias when result is absolute. Thanks to Igor Podolskiy for patch.
Project: http://git-wip-us.apache.org/repos/asf/activemq/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/20747eed
Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/20747eed
Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/20747eed
Branch: refs/heads/trunk
Commit: 20747eedca6577af2031c107d4b1ec3b69724731
Parents: 70e2b99
Author: Claus Ibsen <cl...@gmail.com>
Authored: Sat Nov 2 14:51:09 2013 +0100
Committer: Claus Ibsen <cl...@gmail.com>
Committed: Sat Nov 2 14:51:09 2013 +0100
----------------------------------------------------------------------
.../apache/activemq/jaas/LDAPLoginModule.java | 46 +++++++++++++++++---
.../src/test/resources/log4j.properties | 1 +
2 files changed, 40 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/activemq/blob/20747eed/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java
----------------------------------------------------------------------
diff --git a/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java b/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java
index 4bced65..7dc6326 100644
--- a/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java
+++ b/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java
@@ -17,6 +17,8 @@
package org.apache.activemq.jaas;
import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
import java.security.Principal;
import java.text.MessageFormat;
import java.util.*;
@@ -225,13 +227,43 @@ public class LDAPLoginModule implements LoginModule {
if (results.hasMore()) {
// ignore for now
}
- NameParser parser = context.getNameParser("");
- Name contextName = parser.parse(context.getNameInNamespace());
- Name baseName = parser.parse(getLDAPPropertyValue(USER_BASE));
- Name entryName = parser.parse(result.getName());
- Name name = contextName.addAll(baseName);
- name = name.addAll(entryName);
- String dn = name.toString();
+
+ String dn;
+ if (result.isRelative()) {
+ log.debug("LDAP returned a relative name: {}", result.getName());
+
+ NameParser parser = context.getNameParser("");
+ Name contextName = parser.parse(context.getNameInNamespace());
+ Name baseName = parser.parse(getLDAPPropertyValue(USER_BASE));
+ Name entryName = parser.parse(result.getName());
+ Name name = contextName.addAll(baseName);
+ name = name.addAll(entryName);
+ dn = name.toString();
+ } else {
+ log.debug("LDAP returned an absolute name: {}", result.getName());
+
+ try {
+ URI uri = new URI(result.getName());
+ String path = uri.getPath();
+
+ if (path.startsWith("/")) {
+ dn = path.substring(1);
+ } else {
+ dn = path;
+ }
+ } catch (URISyntaxException e) {
+ if (context != null) {
+ close(context);
+ }
+ FailedLoginException ex = new FailedLoginException("Error parsing absolute name as URI.");
+ ex.initCause(e);
+ throw ex;
+ }
+ }
+
+ if (log.isDebugEnabled()) {
+ log.debug("Using DN [" + dn + "] for binding.");
+ }
Attributes attrs = result.getAttributes();
if (attrs == null) {
http://git-wip-us.apache.org/repos/asf/activemq/blob/20747eed/activemq-jaas/src/test/resources/log4j.properties
----------------------------------------------------------------------
diff --git a/activemq-jaas/src/test/resources/log4j.properties b/activemq-jaas/src/test/resources/log4j.properties
index 18cee24..5d00c97 100644
--- a/activemq-jaas/src/test/resources/log4j.properties
+++ b/activemq-jaas/src/test/resources/log4j.properties
@@ -21,6 +21,7 @@
log4j.rootLogger=INFO, out, stdout
log4j.logger.org.apache.activemq=INFO
+#log4j.logger.org.apache.activemq.jaas.LDAPLoginModule=DEBUG
# CONSOLE appender not used by default
log4j.appender.stdout=org.apache.log4j.ConsoleAppender