List of usage examples for org.springframework.security.ldap SpringSecurityLdapTemplate retrieveEntry
public DirContextOperations retrieveEntry(final String dn, final String[] attributesToRetrieve)
From source file:com.orangeleap.common.security.OrangeLeapBindAuthenticator.java
private DirContextOperations bindWithDn(String userDn, String username, String password) { SpringSecurityLdapTemplate template = new SpringSecurityLdapTemplate(new BindWithSpecificDnContextSource( (SpringSecurityContextSource) getContextSource(), userDn, password)); try {/* w ww .j av a 2s. c o m*/ return template.retrieveEntry(userDn, getUserAttributes()); } catch (BadCredentialsException e) { // This will be thrown if an invalid user name is used and the method may // be called multiple times to try different names, so we trap the exception // unless a subclass wishes to implement more specialized behaviour. handleBindException(userDn, username, e.getCause()); } return null; }
From source file:org.apache.ranger.service.PasswordComparisonAuthenticator.java
public DirContextOperations authenticate(final Authentication authentication) { Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication, "Can only process UsernamePasswordAuthenticationToken objects"); // locate the user and check the password DirContextOperations user = null;/* ww w . j a va 2 s . c om*/ String username = authentication.getName(); String password = (String) authentication.getCredentials(); Iterator dns = getUserDns(username).iterator(); SpringSecurityLdapTemplate ldapTemplate = new SpringSecurityLdapTemplate(getContextSource()); while (dns.hasNext() && user == null) { final String userDn = (String) dns.next(); try { user = ldapTemplate.retrieveEntry(userDn, getUserAttributes()); } catch (NameNotFoundException ignore) { } } if (user == null && getUserSearch() != null) { user = getUserSearch().searchForUser(username); } if (user == null) { throw new UsernameNotFoundException("User not found: " + username, username); } if (logger.isDebugEnabled()) { logger.debug("Performing LDAP compare of password attribute '" + passwordAttributeName + "' for user '" + user.getDn() + "'"); } String encodedPassword = passwordEncoder.encodePassword(password, null); byte[] passwordBytes = encodedPassword.getBytes(); if (!ldapTemplate.compare(user.getDn().toString(), passwordAttributeName, passwordBytes)) { throw new BadCredentialsException( messages.getMessage("PasswordComparisonAuthenticator.badCredentials", "Bad credentials")); } return user; }
From source file:org.cloudfoundry.identity.uaa.ldap.PasswordComparisonAuthenticator.java
@Override public DirContextOperations authenticate(Authentication authentication) { DirContextOperations user = null;/*from ww w .j a va 2 s . c om*/ String username = authentication.getName(); String password = (String) authentication.getCredentials(); SpringSecurityLdapTemplate ldapTemplate = new SpringSecurityLdapTemplate(getContextSource()); for (String userDn : getUserDns(username)) { try { user = ldapTemplate.retrieveEntry(userDn, getUserAttributes()); } catch (NameNotFoundException ignore) { } if (user != null) { break; } } if (user == null && getUserSearch() != null) { user = getUserSearch().searchForUser(username); } if (user == null) { throw new UsernameNotFoundException("User not found: " + username, username); } if (logger.isDebugEnabled()) { logger.debug("Performing LDAP compare of password attribute '" + passwordAttributeName + "' for user '" + user.getDn() + "'"); } if (isLocalCompare()) { localCompareAuthenticate(user, password); } else { String encodedPassword = passwordEncoder.encodePassword(password, null); byte[] passwordBytes = Utf8.encode(encodedPassword); searchAuthenticate(user, passwordBytes, ldapTemplate); } return user; }
From source file:org.cloudfoundry.identity.uaa.provider.ldap.PasswordComparisonAuthenticator.java
@Override public DirContextOperations authenticate(Authentication authentication) { DirContextOperations user = null;/*from ww w .ja v a 2 s . co m*/ String username = authentication.getName(); String password = (String) authentication.getCredentials(); SpringSecurityLdapTemplate ldapTemplate = new SpringSecurityLdapTemplate(getContextSource()); for (String userDn : getUserDns(username)) { try { user = ldapTemplate.retrieveEntry(userDn, getUserAttributes()); } catch (NameNotFoundException ignore) { } if (user != null) { break; } } if (user == null && getUserSearch() != null) { user = getUserSearch().searchForUser(username); } if (user == null) { throw new UsernameNotFoundException("User not found: " + username); } if (logger.isDebugEnabled()) { logger.debug("Performing LDAP compare of password attribute '" + passwordAttributeName + "' for user '" + user.getDn() + "'"); } if (isLocalCompare()) { localCompareAuthenticate(user, password); } else { String encodedPassword = passwordEncoder.encodePassword(password, null); byte[] passwordBytes = Utf8.encode(encodedPassword); searchAuthenticate(user, passwordBytes, ldapTemplate); } return user; }
From source file:org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator.java
public DirContextOperations authenticate(final Authentication authentication) { Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication, "Can only process UsernamePasswordAuthenticationToken objects"); // locate the user and check the password DirContextOperations user = null;//from w ww.java 2 s . c o m String username = authentication.getName(); String password = (String) authentication.getCredentials(); SpringSecurityLdapTemplate ldapTemplate = new SpringSecurityLdapTemplate(getContextSource()); for (String userDn : getUserDns(username)) { try { user = ldapTemplate.retrieveEntry(userDn, getUserAttributes()); } catch (NameNotFoundException ignore) { } if (user != null) { break; } } if (user == null && getUserSearch() != null) { user = getUserSearch().searchForUser(username); } if (user == null) { throw new UsernameNotFoundException("User not found: " + username); } if (logger.isDebugEnabled()) { logger.debug("Performing LDAP compare of password attribute '" + passwordAttributeName + "' for user '" + user.getDn() + "'"); } if (usePasswordAttrCompare && isPasswordAttrCompare(user, password)) { return user; } else if (isLdapPasswordCompare(user, ldapTemplate, password)) { return user; } throw new BadCredentialsException( messages.getMessage("PasswordComparisonAuthenticator.badCredentials", "Bad credentials")); }
From source file:org.unitime.timetable.spring.ldap.SpringLdapExternalUidLookup.java
@Override public UserInfo doLookup(String uid) throws Exception { try {/*from w ww. j a v a 2 s . c o m*/ ContextSource source = (ContextSource) SpringApplicationContextHolder .getBean("unitimeLdapContextSource"); String query = ApplicationProperty.AuthenticationLdapIdentify.value(); String idAttributeName = ApplicationProperty.AuthenticationLdapIdAttribute.value(); SpringSecurityLdapTemplate template = new SpringSecurityLdapTemplate(source); DirContextOperations user = template.retrieveEntry(query.replaceAll("\\{0\\}", uid), new String[] { "uid", idAttributeName, "cn", "givenName", "sn", "mail" }); if (user == null || user.getStringAttribute(idAttributeName) == null) return null; UserInfo info = new UserInfo(); info.setExternalId(user.getStringAttribute(idAttributeName)); info.setUserName(user.getStringAttribute("uid")); if (info.getUserName() == null) info.setUserName(uid); info.setName(user.getStringAttribute("cn")); info.setFirstName(user.getStringAttribute("givenName")); info.setLastName(user.getStringAttribute("sn")); info.setEmail(user.getStringAttribute("mail")); if (info.getEmail() == null) { String email = info.getUserName() + "@"; for (String x : user.getNameInNamespace().split(",")) if (x.startsWith("dc=")) email += (email.endsWith("@") ? "" : ".") + x.substring(3); if (!email.endsWith("@")) info.setEmail(email); } return info; } catch (Exception e) { sLog.warn("Lookup for " + uid + " failed: " + e.getMessage()); } return null; }
From source file:org.unitime.timetable.spring.ldap.SpringLdapExternalUidTranslation.java
public String uid2ext(String uid) { String externalIdAttribute = ApplicationProperty.AuthenticationLdapIdAttribute.value(); if ("uid".equals(externalIdAttribute)) return uid; // Nothing to translate try {/*from ww w . ja v a 2 s . c om*/ ContextSource source = (ContextSource) SpringApplicationContextHolder .getBean("unitimeLdapContextSource"); String query = ApplicationProperty.AuthenticationLdapLogin2UserId.value(); SpringSecurityLdapTemplate template = new SpringSecurityLdapTemplate(source); DirContextOperations user = template.retrieveEntry(query.replaceAll("\\{0\\}", uid), new String[] { externalIdAttribute }); return user == null ? null : user.getStringAttribute(externalIdAttribute); } catch (Exception e) { sLog.warn("Unable to translate uid to " + externalIdAttribute + ": " + e.getMessage()); } return null; }
From source file:org.unitime.timetable.spring.ldap.SpringLdapExternalUidTranslation.java
public String ext2uid(String externalUserId) { String externalIdAttribute = ApplicationProperty.AuthenticationLdapIdAttribute.value(); if ("uid".equals(externalIdAttribute)) return externalUserId; // Nothing to translate try {/* w w w .j ava 2s .c o m*/ ContextSource source = (ContextSource) SpringApplicationContextHolder .getBean("unitimeLdapContextSource"); String query = ApplicationProperty.AuthenticationLdapUserId2Login.value().replace("%", externalIdAttribute); SpringSecurityLdapTemplate template = new SpringSecurityLdapTemplate(source); DirContextOperations user = template.retrieveEntry(query.replaceAll("\\{0\\}", externalIdAttribute), new String[] { "uid" }); return user == null ? null : user.getStringAttribute("uid"); } catch (Exception e) { sLog.warn("Unable to translate " + externalIdAttribute + " to uid: " + e.getMessage()); } return null; }