List of usage examples for javax.naming.directory InitialDirContext InitialDirContext
public InitialDirContext(Hashtable<?, ?> environment) throws NamingException
From source file:org.kitodo.production.services.data.LdapServerService.java
private boolean isPasswordCorrectForAuthWithoutTLS(Hashtable<String, String> env, User user, String password) { if (ConfigCore.getBooleanParameter(ParameterCore.LDAP_USE_SIMPLE_AUTH, false)) { env.put(Context.SECURITY_AUTHENTICATION, "none"); // TODO: test for password } else {// w ww .j a v a2 s .c o m env.put(Context.SECURITY_PRINCIPAL, buildUserDN(user)); env.put(Context.SECURITY_CREDENTIALS, password); } logger.debug("ldap environment set"); try { logger.debug("start classic ldap authentication"); logger.debug("user DN is {}", buildUserDN(user)); if (Objects.isNull(ConfigCore.getParameter(ParameterCore.LDAP_ATTRIBUTE_TO_TEST))) { logger.debug("ldap attribute to test is null"); DirContext ctx = new InitialDirContext(env); ctx.close(); return true; } else { logger.debug("ldap attribute to test is not null"); DirContext ctx = new InitialDirContext(env); Attributes attrs = ctx.getAttributes(buildUserDN(user)); Attribute la = attrs.get(ConfigCore.getParameter(ParameterCore.LDAP_ATTRIBUTE_TO_TEST)); logger.debug("ldap attributes set"); String test = (String) la.get(0); if (test.equals(ConfigCore.getParameter(ParameterCore.LDAP_VALUE_OF_ATTRIBUTE))) { logger.debug("ldap ok"); ctx.close(); return true; } else { logger.debug("ldap not ok"); ctx.close(); return false; } } } catch (NamingException e) { logger.debug("login not allowed for {}. Exception: {}", user.getLogin(), e); return false; } }
From source file:org.kitodo.services.data.LdapServerService.java
/** * change password of given user, needs old password for authentication. * * @param user// ww w. ja va2s.c o m * User object * @param inNewPassword * String * @return boolean about result of change */ public boolean changeUserPassword(User user, String inNewPassword) throws NoSuchAlgorithmException { JDKMessageDigest.MD4 digester = new JDKMessageDigest.MD4(); PasswordEncryption passwordEncryption = user.getLdapGroup().getLdapServer().getPasswordEncryptionEnum(); Hashtable<String, String> env = initializeWithLdapConnectionSettings(user.getLdapGroup().getLdapServer()); if (!user.getLdapGroup().getLdapServer().isReadOnly()) { try { // encryption of password and Base64-Encoding MessageDigest md = MessageDigest.getInstance(passwordEncryption.getTitle()); md.update(inNewPassword.getBytes(StandardCharsets.UTF_8)); String encryptedPassword = new String(Base64.encodeBase64(md.digest()), StandardCharsets.UTF_8); // change attribute userPassword BasicAttribute userPassword = new BasicAttribute("userPassword", "{" + passwordEncryption + "}" + encryptedPassword); // change attribute lanmgrPassword BasicAttribute lanmgrPassword = proceedPassword("sambaLMPassword", inNewPassword, null); // change attribute ntlmPassword BasicAttribute ntlmPassword = proceedPassword("sambaNTPassword", inNewPassword, digester); BasicAttribute sambaPwdLastSet = new BasicAttribute("sambaPwdLastSet", String.valueOf(System.currentTimeMillis() / 1000L)); ModificationItem[] mods = new ModificationItem[4]; mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, userPassword); mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, lanmgrPassword); mods[2] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, ntlmPassword); mods[3] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, sambaPwdLastSet); DirContext ctx = new InitialDirContext(env); ctx.modifyAttributes(buildUserDN(user), mods); // Close the context when we're done ctx.close(); return true; } catch (NamingException e) { logger.debug("Benutzeranmeldung nicht korrekt oder Passwortnderung nicht mglich", e); return false; } } return false; }
From source file:com.googlecode.fascinator.authentication.custom.ldap.CustomLdapAuthenticationHandler.java
private String performRoleSearch(String location, String roleName) { String val = null; try {/*from ww w . ja va2s .c o m*/ DirContext dc = new InitialDirContext(env); SearchControls sc = new SearchControls(); sc.setSearchScope(SearchControls.ONELEVEL_SCOPE); //String filter = "(" + filterPrefix + roleName + ")"; NamingEnumeration<SearchResult> ne = dc.search(location, roleName, sc); if (ne.hasMore()) { val = getAttrValue("memberOf", ne.next()); } ne.close(); dc.close(); } catch (NamingException ne) { log.warn("Failed LDAP lookup getAttr", ne); log.warn("roleName:", roleName); log.warn("location:", location); } return val; }
From source file:org.apache.syncope.fit.AbstractITCase.java
@SuppressWarnings({ "unchecked", "rawtypes", "UseOfObsoleteCollectionType" })
protected InitialDirContext getLdapResourceDirContext(final String bindDn, final String bindPwd)
throws NamingException {
ResourceTO ldapRes = resourceService.read(RESOURCE_NAME_LDAP);
ConnInstanceTO ldapConn = connectorService.read(ldapRes.getConnector(), Locale.ENGLISH.getLanguage());
Properties env = new Properties();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://" + ldapConn.getConf("host").get().getValues().get(0) + ":"
+ ldapConn.getConf("port").get().getValues().get(0) + "/");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL,
bindDn == null ? ldapConn.getConf("principal").get().getValues().get(0) : bindDn);
env.put(Context.SECURITY_CREDENTIALS,
bindPwd == null ? ldapConn.getConf("credentials").get().getValues().get(0) : bindPwd);
return new InitialDirContext(env);
}
From source file:org.opentravel.schemacompiler.security.impl.JNDIAuthenticationProvider.java
/** * Opens a connection to the remote directory. If the first attempt is unsuccessful using the * primary connection URL, a second attempt is made using the alternate URL (if one has been * provided)./*from w w w .j ava2s . com*/ * * @param loginId * the user principal ID to use when establishing the connection * @param loginPassword * the password credentials to use when establishing the connection * @return DirContext * @throws NamingException * thrown if a connection to the remote directory cannot be established */ protected DirContext openConnection(String loginId, String loginPassword) throws NamingException { DirContext context = null; if (alternateUrl == null) { context = new InitialDirContext(getDirectoryContextEnvironment(loginId, loginPassword, false)); } else { try { context = new InitialDirContext(getDirectoryContextEnvironment(loginId, loginPassword, false)); } catch (NamingException e) { log.warn("Unable to connect using primary directory URL - attempting using alternate address."); context = new InitialDirContext(getDirectoryContextEnvironment(loginId, loginPassword, true)); } } return context; }
From source file:com.funambol.LDAP.security.LDAPUserProvisioningOfficer.java
/** * return the user dn of an ldap entry// w w w . j a va 2s .co m * * search: base, filter, attrs, user, pass * @return */ protected SearchResult ldapSearch(String bindUser, String bindPass, String base, String filter, String[] attributes) { SearchResult ret = null; Hashtable<String, Object> bindEnv = new Hashtable<String, Object>(11); bindEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); bindEnv.put(Context.PROVIDER_URL, getLdapUrl()); // remove null attributes List<String> goodAttributes = new ArrayList<String>(); for (String s : attributes) { if (s != null) { goodAttributes.add(s); } } // get the DN DirContext authenticationContext; try { SearchControls ctls = new SearchControls(); ctls.setCountLimit(1); ctls.setReturningObjFlag(true); ctls.setReturningAttributes(goodAttributes.toArray(new String[0])); ctls.setSearchScope(SearchControls.SUBTREE_SCOPE); // Authenticate as User and password if (bindUser != null && bindPass != null) { log.debug("NBinding with credential as user: " + bindUser); bindEnv.put(Context.SECURITY_AUTHENTICATION, "simple"); bindEnv.put(Context.SECURITY_PRINCIPAL, bindUser); bindEnv.put(Context.SECURITY_CREDENTIALS, bindPass); } authenticationContext = new InitialDirContext(bindEnv); // %u, %d in baseDN are still expanded NamingEnumeration<SearchResult> answer; try { answer = authenticationContext.search(base, filter, ctls); if (answer.hasMore()) { ret = (SearchResult) answer.next(); } } catch (NamingException e) { log.warn("Error while searching user with filter [" + filter + "]: " + e.getMessage()); } authenticationContext.close(); return ret; } catch (NamingException e) { log.error("Error while creating context: " + e.getMessage()); if (e.getCause() != null) { log.error("Error is: " + e.getCause().getMessage()); } return null; } }
From source file:com.maxmind.geoip.LookupService.java
String getDnsAttributes(String ip) {
try {// www . ja va 2s . co m
Hashtable<String, String> env = new Hashtable<String, String>();
env.put("java.naming.factory.initial", "com.sun.jndi.dns.DnsContextFactory");
// TODO don't specify ws1, instead use ns servers for s.maxmind.com
env.put("java.naming.provider.url", "dns://ws1.maxmind.com/");
DirContext ictx = new InitialDirContext(env);
Attributes attrs = ictx.getAttributes(licenseKey + "." + ip + ".s.maxmind.com", new String[] { "txt" });
//System.out.println(attrs.get("txt").get());
String str = attrs.get("txt").get().toString();
return str;
} catch (NamingException e) {
// TODO fix this to handle exceptions
System.out.println("DNS error");
return null;
}
}
From source file:com.emc.ecs.smart.SmartUploader.java
/** * Use JNDI to bind to DNS and resolve ALL the 'A' records for a host. * @param hostname host to resolve//from w w w . j av a2s. c om * @return the list of IP addresses for the host. */ public List<String> getIPAddresses(String hostname) throws NamingException { InitialDirContext idc; Properties env = new Properties(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.dns.DnsContextFactory"); idc = new InitialDirContext(env); List<String> ipAddresses = new ArrayList<String>(); Attributes attrs = idc.getAttributes(hostname, ADDR_ATTRIBS); Attribute attr = attrs.get(ADDR_ATTRIB); if (attr != null) { for (int i = 0; i < attr.size(); i++) { ipAddresses.add((String) attr.get(i)); } } return ipAddresses; }