Example usage for org.springframework.security.ldap.authentication BindAuthenticator authenticate

Introduction

In this page you can find the example usage for org.springframework.security.ldap.authentication BindAuthenticator authenticate.

Prototype

public DirContextOperations authenticate(Authentication authentication) 

Source Link

Usage

From source file:de.interseroh.report.test.security.LdapServerTest.java

@Test
public void testJndiSpring() throws Exception {
    DefaultSpringSecurityContextSource ctxSrc = new DefaultSpringSecurityContextSource(
            "ldap://ldap.xxx:389/OU=xxx");

    ctxSrc.setUserDn(USER_LDAP);/*  w w w .j ava2s .c  o m*/
    ctxSrc.setPassword(PASSWORD_LDAP);

    ctxSrc.afterPropertiesSet();

    logger.info("Base LDAP Path: " + ctxSrc.getBaseLdapPath());
    logger.info("Principal: " + ctxSrc.getAuthenticationSource().getPrincipal().toString());
    logger.info("Credentials: " + ctxSrc.getAuthenticationSource().getCredentials());

    Authentication bob = new UsernamePasswordAuthenticationToken("bob", "bob");

    BindAuthenticator authenticator = new BindAuthenticator(ctxSrc);
    authenticator.setUserSearch(
            new FilterBasedLdapUserSearch("", "(&(objectCategory=Person)(sAMAccountName={0}))", ctxSrc));
    authenticator.afterPropertiesSet();

    authenticator.authenticate(bob);

    DirContextOperations user = authenticator.authenticate(bob);

    logger.info("User: {}", user);
}

---

From source file:org.artifactory.security.ldap.ArtifactoryLdapAuthenticationProvider.java

@Override
public Authentication authenticate(Authentication authentication) {
    String userName = authentication.getName();
    // If it's an anonymous user, don't bother searching for the user.
    if (UserInfo.ANONYMOUS.equals(userName)) {
        return null;
    }//  w  ww  .  ja  v a  2s  .com

    log.debug("Trying to authenticate user '{}' via ldap.", userName);
    LdapSetting usedLdapSetting = null;
    DirContextOperations user = null;
    AddonsManager addonsManager = InternalContextHelper.get().beanForType(AddonsManager.class);
    LdapGroupAddon ldapGroupAddon = addonsManager.addonByType(LdapGroupAddon.class);
    try {
        RuntimeException authenticationException = null;
        for (Map.Entry<String, BindAuthenticator> entry : authenticator.getAuthenticators().entrySet()) {
            LdapSetting currentLdapSetting = centralConfig.getDescriptor().getSecurity()
                    .getLdapSettings(entry.getKey());
            BindAuthenticator bindAuthenticator = entry.getValue();
            try {
                user = bindAuthenticator.authenticate(authentication);
                if (user != null) {
                    usedLdapSetting = currentLdapSetting;
                    break;
                }
            } catch (AuthenticationException e) {
                authenticationException = e;
                checkIfBindAndSearchActive(currentLdapSetting, userName);
            } catch (org.springframework.security.core.AuthenticationException e) {
                authenticationException = e;
                checkIfBindAndSearchActive(currentLdapSetting, userName);
            } catch (RuntimeException e) {
                authenticationException = e;
            }
        }
        if (user == null) {
            if (authenticationException != null) {
                UserInfo userInfo = userGroupService.findUser(userName);
                if (userInfo != null) {
                    log.debug("user {} failed to perform ldap authentication (not bad credential)",
                            userInfo.getUsername());
                    removeUserLdapRelatedGroups(userInfo);
                }
                throw authenticationException;
            }
            throw new AuthenticationServiceException(ArtifactoryLdapAuthenticator.LDAP_SERVICE_MISCONFIGURED);
        }

        // user authenticated via ldap
        log.debug("'{}' authenticated successfully by ldap server.", userName);

        //Collect internal groups, and if using external groups add them to the user info
        MutableUserInfo userInfo = InfoFactoryHolder.get().copyUser(
                userGroupService.findOrCreateExternalAuthUser(userName, !usedLdapSetting.isAutoCreateUser()));
        userInfo.setRealm(LdapService.REALM);
        String emailAttribute = usedLdapSetting.getEmailAttribute();
        if (StringUtils.isNotBlank(emailAttribute)) {
            String email = user.getStringAttribute(emailAttribute);
            if (StringUtils.isNotBlank(email)) {
                log.debug("User '{}' has email address '{}'", userName, email);
                userInfo.setEmail(email);
            }
        }

        log.debug("Loading LDAP groups");
        ldapGroupAddon.populateGroups(user, userInfo);
        log.debug("Finished Loading LDAP groups");
        SimpleUser simpleUser = new SimpleUser(userInfo);

        // update user with latest attribute
        userGroupService.updateUser(userInfo, false);

        // create new authentication response containing the user and it's authorities
        return new LdapRealmAwareAuthentication(simpleUser, authentication.getCredentials(),
                simpleUser.getAuthorities());
    } catch (AuthenticationException e) {
        String message = String.format("Failed to authenticate user '%s' via LDAP: %s", userName,
                e.getMessage());
        log.debug(message);
        throw new AuthenticationServiceException(message, e);
    } catch (CommunicationException ce) {
        String message = String.format("Failed to authenticate user '%s' via LDAP: communication error",
                userName);
        log.warn(message);
        log.debug(message, ce);
        throw new AuthenticationServiceException(message, ce);
    } catch (org.springframework.security.core.AuthenticationException e) {
        String message = String.format("Failed to authenticate user '%s' via LDAP: %s", userName,
                e.getMessage());
        log.debug(message);
        throw e;
    } catch (NamingException e) {
        String message = String.format("Failed to locate directory entry for authenticated user: %s",
                e.getMostSpecificCause().getMessage());
        log.debug(message);
        throw new AuthenticationServiceException(message, e);
    } catch (InvalidNameException e) {
        String message = String.format("Failed to persist user '%s': %s", userName, e.getMessage());
        log.warn(message);
        log.debug("Cause: {}", e);
        throw new InternalAuthenticationServiceException(message, e);
    } catch (Exception e) {
        String message = "Unexpected exception in LDAP authentication:";
        log.error(message, e);
        throw new AuthenticationServiceException(message, e);
    } finally {
        LdapUtils.closeContext(user);
    }
}

---

From source file:org.artifactory.security.ldap.ArtifactoryLdapAuthenticator.java

@Override
public DirContextOperations authenticate(Authentication authentication) {
    //Spring expects an exception on failed authentication
    if (authenticators != null && centralConfig.getDescriptor().getSecurity().isLdapEnabled()) {
        RuntimeException authenticationException = null;
        for (BindAuthenticator authenticator : authenticators.values()) {
            DirContextOperations user = null;
            try {
                user = authenticator.authenticate(authentication);
            } catch (RuntimeException e) {
                authenticationException = e;
            }/*from   w  w w . j  a v  a2 s.  co m*/
            if (user != null) {
                return user;
            }
        }
        if (authenticationException != null) {
            throw authenticationException;
        }
        throw new AuthenticationServiceException(LDAP_SERVICE_MISCONFIGURED);
    } else {
        throw new AuthenticationServiceException(NO_LDAP_SERVICE_CONFIGURED);
    }
}

---