Java tutorial
/* * Licensed to Jasig under one or more contributor license * agreements. See the NOTICE file distributed with this work * for additional information regarding copyright ownership. * Jasig licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file * except in compliance with the License. You may obtain a * copy of the License at the following location: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ package org.jasig.cas.adaptors.ldap; import java.util.List; import org.jasig.cas.authentication.LdapAuthenticationException; import org.jasig.cas.authentication.handler.AuthenticationException; import org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException; import org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler; import org.springframework.beans.factory.InitializingBean; import org.springframework.ldap.core.LdapTemplate; import org.springframework.ldap.core.ContextSource; import org.springframework.util.Assert; import javax.validation.constraints.NotNull; /** * Abstract class to handle common LDAP functionality. * * @author Scott Battaglia * @version $Revision$ $Date$ * @since 3.0.3 */ public abstract class AbstractLdapUsernamePasswordAuthenticationHandler extends AbstractUsernamePasswordAuthenticationHandler implements InitializingBean { /** LdapTemplate to execute ldap queries. */ @NotNull private LdapTemplate ldapTemplate; /** Instance of ContextSource */ @NotNull private ContextSource contextSource; /** The filter path to the uid of the user. */ @NotNull private String filter; /** List of error definitions and their types, based on which the user will be directed to a given view in the flow **/ private List<LdapErrorDefinition> ldapErrorDefinitions; /** Whether the LdapTemplate should ignore partial results. */ private boolean ignorePartialResultException = false; /** * Method to set the datasource and generate a JdbcTemplate. * * @param contextSource the datasource to use. */ public final void setContextSource(final ContextSource contextSource) { this.contextSource = contextSource; } public final void setIgnorePartialResultException(final boolean ignorePartialResultException) { this.ignorePartialResultException = ignorePartialResultException; } public void setLdapErrorDefinitions(final List<LdapErrorDefinition> ldapErrorDefs) { this.ldapErrorDefinitions = ldapErrorDefs; } /** * Method to return the LdapTemplate * * @return a fully created LdapTemplate. */ protected final LdapTemplate getLdapTemplate() { return this.ldapTemplate; } protected final ContextSource getContextSource() { return this.contextSource; } protected final String getFilter() { return this.filter; } public final void afterPropertiesSet() throws Exception { Assert.isTrue(this.filter.contains("%u") || this.filter.contains("%U"), "filter must contain %u or %U"); if (this.ldapTemplate == null) { this.ldapTemplate = new LdapTemplate(this.contextSource); } this.ldapTemplate.setIgnorePartialResultException(this.ignorePartialResultException); afterPropertiesSetInternal(); } /** * Available ONLY for subclasses that are doing special things with the ContextSource. * * @param ldapTemplate the LDAPTemplate to use. */ protected final void setLdapTemplate(final LdapTemplate ldapTemplate) { this.ldapTemplate = ldapTemplate; } protected void afterPropertiesSetInternal() throws Exception { // template method with nothing to do for sub classes. } /** * @param filter The filter to set. */ public final void setFilter(final String filter) { this.filter = filter; } /** * Available ONLY for subclasses that would want to customize how ldap error codes are handled * * @param e The ldap exception that occurred. * @return an instance of {@link AuthenticationException} */ protected AuthenticationException handleLdapError(final Exception e) { if (this.ldapErrorDefinitions == null || this.ldapErrorDefinitions.size() == 0) { if (this.log.isDebugEnabled()) this.log.debug("No error definitions are defined. Throwing error " + e.getMessage()); return BadCredentialsAuthenticationException.ERROR; } if (this.log.isDebugEnabled()) this.log.debug("Handling error: " + e.getMessage()); for (final LdapErrorDefinition ldapErrorDef : this.ldapErrorDefinitions) if (ldapErrorDef.matches(e.getMessage())) { if (this.log.isDebugEnabled()) this.log.debug("Found error type " + ldapErrorDef.getType() + ". Throwing error for " + e.getMessage()); return new LdapAuthenticationException(BadCredentialsAuthenticationException.CODE, e.getMessage(), ldapErrorDef.getType()); } if (this.log.isDebugEnabled()) this.log.debug("No error definition could be matched against the error. Throwing default error for " + e.getMessage()); return BadCredentialsAuthenticationException.ERROR; } }