You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by da...@apache.org on 2013/11/02 14:50:43 UTC
git commit: AMQ-4685: Improved LDAPLoginModule to support ldap alias when result is absolute. Thanks to Igor Podolskiy for patch.

Updated Branches:
  refs/heads/trunk 70e2b998d -> 20747eedc


AMQ-4685: Improved LDAPLoginModule to support ldap alias when result is absolute. Thanks to Igor Podolskiy for patch.


Project: http://git-wip-us.apache.org/repos/asf/activemq/repo
Commit: http://git-wip-us.apache.org/repos/asf/activemq/commit/20747eed
Tree: http://git-wip-us.apache.org/repos/asf/activemq/tree/20747eed
Diff: http://git-wip-us.apache.org/repos/asf/activemq/diff/20747eed

Branch: refs/heads/trunk
Commit: 20747eedca6577af2031c107d4b1ec3b69724731
Parents: 70e2b99
Author: Claus Ibsen <cl...@gmail.com>
Authored: Sat Nov 2 14:51:09 2013 +0100
Committer: Claus Ibsen <cl...@gmail.com>
Committed: Sat Nov 2 14:51:09 2013 +0100

----------------------------------------------------------------------
 .../apache/activemq/jaas/LDAPLoginModule.java   | 46 +++++++++++++++++---
 .../src/test/resources/log4j.properties         |  1 +
 2 files changed, 40 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/activemq/blob/20747eed/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java
----------------------------------------------------------------------
diff --git a/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java b/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java
index 4bced65..7dc6326 100644
--- a/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java
+++ b/activemq-jaas/src/main/java/org/apache/activemq/jaas/LDAPLoginModule.java
@@ -17,6 +17,8 @@
 package org.apache.activemq.jaas;
 
 import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
 import java.security.Principal;
 import java.text.MessageFormat;
 import java.util.*;
@@ -225,13 +227,43 @@ public class LDAPLoginModule implements LoginModule {
             if (results.hasMore()) {
                 // ignore for now
             }
-            NameParser parser = context.getNameParser("");
-            Name contextName = parser.parse(context.getNameInNamespace());
-            Name baseName = parser.parse(getLDAPPropertyValue(USER_BASE));
-            Name entryName = parser.parse(result.getName());
-            Name name = contextName.addAll(baseName);
-            name = name.addAll(entryName);
-            String dn = name.toString();
+
+            String dn;
+            if (result.isRelative()) {
+                log.debug("LDAP returned a relative name: {}", result.getName());
+
+                NameParser parser = context.getNameParser("");
+                Name contextName = parser.parse(context.getNameInNamespace());
+                Name baseName = parser.parse(getLDAPPropertyValue(USER_BASE));
+                Name entryName = parser.parse(result.getName());
+                Name name = contextName.addAll(baseName);
+                name = name.addAll(entryName);
+                dn = name.toString();
+            } else {
+                log.debug("LDAP returned an absolute name: {}", result.getName());
+
+                try {
+                    URI uri = new URI(result.getName());
+                    String path = uri.getPath();
+
+                    if (path.startsWith("/")) {
+                        dn = path.substring(1);
+                    } else {
+                        dn = path;
+                    }
+                } catch (URISyntaxException e) {
+                    if (context != null) {
+                        close(context);
+                    }
+                    FailedLoginException ex = new FailedLoginException("Error parsing absolute name as URI.");
+                    ex.initCause(e);
+                    throw ex;
+                }
+            }
+
+            if (log.isDebugEnabled()) {
+                log.debug("Using DN [" + dn + "] for binding.");
+            }
 
             Attributes attrs = result.getAttributes();
             if (attrs == null) {

http://git-wip-us.apache.org/repos/asf/activemq/blob/20747eed/activemq-jaas/src/test/resources/log4j.properties
----------------------------------------------------------------------
diff --git a/activemq-jaas/src/test/resources/log4j.properties b/activemq-jaas/src/test/resources/log4j.properties
index 18cee24..5d00c97 100644
--- a/activemq-jaas/src/test/resources/log4j.properties
+++ b/activemq-jaas/src/test/resources/log4j.properties
@@ -21,6 +21,7 @@
 log4j.rootLogger=INFO, out, stdout
 
 log4j.logger.org.apache.activemq=INFO
+#log4j.logger.org.apache.activemq.jaas.LDAPLoginModule=DEBUG
 
 # CONSOLE appender not used by default
 log4j.appender.stdout=org.apache.log4j.ConsoleAppender