Example usage for javax.naming Context SECURITY_AUTHENTICATION

List of usage examples for javax.naming Context SECURITY_AUTHENTICATION

Introduction

In this page you can find the example usage for javax.naming Context SECURITY_AUTHENTICATION.

Prototype

String SECURITY_AUTHENTICATION

To view the source code for javax.naming Context SECURITY_AUTHENTICATION.

Click Source Link

Document

Constant that holds the name of the environment property for specifying the security level to use.

Usage

From source file:org.lsc.jndi.JndiServices.java

private void initConnection() throws NamingException, IOException {
    // log new connection with it's details
    logConnectingTo(connProps);/*from w ww . j  a va  2s  .  com*/

    /* should we negotiate TLS? */
    if (connProps.get(TLS_CONFIGURATION) != null && (Boolean) connProps.get(TLS_CONFIGURATION)) {
        /* if we're going to do TLS, we mustn't BIND before the STARTTLS operation
         * so we remove credentials from the properties to stop JNDI from binding */
        /* duplicate properties to avoid changing them (they are used as a cache key in getInstance() */
        Properties localConnProps = new Properties();
        localConnProps.putAll(connProps);
        String jndiContextAuthentication = localConnProps.getProperty(Context.SECURITY_AUTHENTICATION);
        String jndiContextPrincipal = localConnProps.getProperty(Context.SECURITY_PRINCIPAL);
        String jndiContextCredentials = localConnProps.getProperty(Context.SECURITY_CREDENTIALS);
        localConnProps.remove(Context.SECURITY_AUTHENTICATION);
        localConnProps.remove(Context.SECURITY_PRINCIPAL);
        localConnProps.remove(Context.SECURITY_CREDENTIALS);

        /* open the connection */
        ctx = new InitialLdapContext(localConnProps, null);

        /* initiate the STARTTLS extended operation */
        try {
            tlsResponse = (StartTlsResponse) ctx.extendedOperation(new StartTlsRequest());
            tlsResponse.negotiate();
        } catch (IOException e) {
            LOGGER.error("Error starting TLS encryption on connection to {}",
                    localConnProps.getProperty(Context.PROVIDER_URL));
            LOGGER.debug(e.toString(), e);
            throw e;
        } catch (NamingException e) {
            LOGGER.error("Error starting TLS encryption on connection to {}",
                    localConnProps.getProperty(Context.PROVIDER_URL));
            LOGGER.debug(e.toString(), e);
            throw e;
        }

        /* now we add the credentials back to the context, to BIND once TLS is started */
        ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, jndiContextAuthentication);
        ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, jndiContextPrincipal);
        ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, jndiContextCredentials);

    } else {
        /* don't start TLS, just connect normally (this can be on ldap:// or ldaps://) */
        ctx = new InitialLdapContext(connProps, null);
    }

    /* get LDAP naming context */
    try {
        namingContext = new LdapUrl((String) ctx.getEnvironment().get(Context.PROVIDER_URL));
    } catch (LdapURLEncodingException e) {
        LOGGER.error(e.toString());
        LOGGER.debug(e.toString(), e);
        throw new NamingException(e.getMessage());
    }

    /* handle options */
    contextDn = namingContext.getDn() != null ? namingContext.getDn() : null;

    String pageSizeStr = (String) ctx.getEnvironment().get("java.naming.ldap.pageSize");
    if (pageSizeStr != null) {
        pageSize = Integer.parseInt(pageSizeStr);
    } else {
        pageSize = -1;
    }

    sortedBy = (String) ctx.getEnvironment().get("java.naming.ldap.sortedBy");

    String recursiveDeleteStr = (String) ctx.getEnvironment().get("java.naming.recursivedelete");
    if (recursiveDeleteStr != null) {
        recursiveDelete = Boolean.parseBoolean(recursiveDeleteStr);
    } else {
        recursiveDelete = false;
    }

    /* Load SyncRepl response control */
    LdapApiService ldapApiService = LdapApiServiceFactory.getSingleton();
    ControlFactory<?> factory = new SyncStateValueFactory(ldapApiService);
    ldapApiService.registerControl(factory);
    /* Load Persistent Search response control */
    factory = new PersistentSearchFactory(ldapApiService);
    ldapApiService.registerControl(factory);
}

From source file:org.lsc.jndi.JndiServices.java

private void logConnectingTo(Properties connProps) {
    if (LOGGER.isInfoEnabled()) {
        StringBuilder sb = new StringBuilder();
        sb.append("Connecting to LDAP server ");
        sb.append(connProps.getProperty(Context.PROVIDER_URL));

        // log identity used to connect
        if (connProps.getProperty(Context.SECURITY_AUTHENTICATION) == null
                || connProps.getProperty(Context.SECURITY_AUTHENTICATION).equals("none")) {
            sb.append(" anonymously");
        } else {/* w ww.  ja v a  2 s  .c  om*/
            sb.append(" as ");
            sb.append(connProps.getProperty(Context.SECURITY_PRINCIPAL));
        }

        // using TLS ?
        if (connProps.get(TLS_CONFIGURATION) != null && (Boolean) connProps.get(TLS_CONFIGURATION)) {
            sb.append(" with STARTTLS extended operation");
        }

        LOGGER.info(sb.toString());
    }
}

From source file:org.mule.module.ldap.api.jndi.LDAPJNDIConnection.java

/**
 * @param dn/*from www . j  a  va  2  s .c o m*/
 * @param password
 * @return
 * @throws LDAPException
 */
private Hashtable<String, String> buildEnvironment(String dn, String password) throws LDAPException {
    Hashtable<String, String> env = new Hashtable<String, String>();

    env.put(Context.REFERRAL, getReferral());
    env.put(Context.SECURITY_AUTHENTICATION, getAuthentication());
    if (!isNoAuthentication()) {
        env.put(Context.SECURITY_PRINCIPAL, dn);
        env.put(Context.SECURITY_CREDENTIALS, password);
    }
    env.put(Context.INITIAL_CONTEXT_FACTORY, getInitialContextFactory());
    env.put(Context.PROVIDER_URL, getProviderUrl());

    if (isConnectionPoolEnabled()) {
        env.put(POOL_ENABLED_ENV_PARAM, "true");

        env.put(AUTHENTICATION_ENV_PARAM, getAuthentication());

        if (getMaxPoolConnections() > 0) {
            env.put(MAX_POOL_SIZE_ENV_PARAM, String.valueOf(getMaxPoolConnections()));
        }

        if (getInitialPoolSizeConnections() > 0) {
            env.put(INIT_POOL_SIZE_ENV_PARAM, String.valueOf(getInitialPoolSizeConnections()));
        }

        if (getPoolTimeout() > 0) {
            env.put(TIME_OUT_ENV_PARAM, String.valueOf(getPoolTimeout()));
        }
    } else {
        env.put(POOL_ENABLED_ENV_PARAM, "false");
    }

    if (extendedEnvironment != null && extendedEnvironment.size() > 0) {
        env.putAll(extendedEnvironment);
    }

    return env;

}

From source file:org.mule.module.ldap.api.jndi.LDAPJNDIConnection.java

/**
 * @param dn//from w w  w .  j a v  a 2 s.  com
 * @param password
 * @throws LDAPException
 * @see org.mule.module.ldap.api.LDAPConnection#bind(java.lang.String,
 *      java.lang.String)
 */
@Override
public void bind(String dn, String password) throws LDAPException {
    try {
        if (!isClosed()) {
            String currentUrl = (String) getConn().getEnvironment().get(Context.PROVIDER_URL);
            String currentAuth = (String) getConn().getEnvironment().get(Context.SECURITY_AUTHENTICATION);
            String currentDn = getBindedUserDn();

            logger.info("Already binded to " + currentUrl + " with " + currentAuth + " authentication as "
                    + (currentDn != null ? currentDn : "anonymous") + ". Closing connection first.");

            close();

            logger.info("Re-binding to " + getProviderUrl() + " with " + getAuthentication()
                    + " authentication as " + (dn != null ? dn : "anonymous"));
        }

        logConfiguration(dn, password);
        setConn(new InitialLdapContext(buildEnvironment(dn, password), null));
        logger.info("Binded to " + getProviderUrl() + " with " + getAuthentication() + " authentication as "
                + (dn != null ? dn : "anonymous"));

    } catch (NamingException nex) {
        throw handleNamingException(nex, "Bind failed.");
    }
}

From source file:org.mule.providers.ldap.util.DSManager.java

/**
 * Sets the contexts for this base class. Values of user and password used
 * to set the respective JNDI properties. These values can be overriden by
 * the overrides properties.//from  w w w .java2 s  . co  m
 * 
 * @param user
 *            the username for authenticating as this user
 * @param passwd
 *            the password of the user
 * @throws NamingException
 *             if there is a failure of any kind
 */
protected void setContexts(String user, String passwd) throws NamingException {
    Hashtable env = new Hashtable(configuration.toJndiEnvironment());
    env.put(Context.SECURITY_PRINCIPAL, user);
    env.put(Context.SECURITY_CREDENTIALS, passwd);
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.INITIAL_CONTEXT_FACTORY, ServerContextFactory.class.getName());
    setContexts(env);
}

From source file:org.mule.transport.ldap.util.DSManager.java

protected void setContexts(final String user, final String passwd) throws Exception {
    final Hashtable<String, Object> env = new Hashtable<String, Object>();
    env.put(DirectoryService.JNDI_KEY, directoryService);
    env.put(Context.SECURITY_PRINCIPAL, user);
    env.put(Context.SECURITY_CREDENTIALS, passwd);
    env.put(Context.SECURITY_AUTHENTICATION, "none");
    env.put(Context.INITIAL_CONTEXT_FACTORY, CoreContextFactory.class.getName());
    setContexts(env);/* w w w  . j  a  va2s  .  c o  m*/
}

From source file:org.nuxeo.ecm.directory.ldap.MockLdapServer.java

public void startLdapServer() {
    cfg = new MutableStartupConfiguration();
    cfg.setWorkingDirectory(workingDir);

    log.debug("Working directory is " + workingDir.getAbsolutePath());

    Properties env = new Properties();

    env.setProperty(Context.PROVIDER_URL, BASE_DN);
    env.setProperty(Context.INITIAL_CONTEXT_FACTORY, CoreContextFactory.class.getName());
    env.setProperty(Context.SECURITY_AUTHENTICATION, "simple");
    env.setProperty(Context.SECURITY_PRINCIPAL, PartitionNexus.ADMIN_PRINCIPAL);
    env.setProperty(Context.SECURITY_CREDENTIALS, PartitionNexus.ADMIN_PASSWORD);

    try {// w  w w  .  jav  a2 s. c  o  m
        initConfiguration();
        env.putAll(cfg.toJndiEnvironment());
        serverContext = new InitialDirContext(env);
    } catch (NamingException e) {
        log.error("Failed to start Apache DS: ", e);
    }
}

From source file:org.olat.ldap.LDAPLoginManagerImpl.java

/**
 * Connect to the LDAP server with System DN and Password Configuration: LDAP URL = olatextconfig.xml (property=ldapURL) System DN = olatextconfig.xml
 * (property=ldapSystemDN) System PW = olatextconfig.xml (property=ldapSystemPW)
 * /*w ww  .  ja va2 s.  c o  m*/
 * @return The LDAP connection (LdapContext) or NULL if connect fails
 * @throws NamingException
 */
public LdapContext bindSystem() {
    // set LDAP connection attributes
    final Hashtable<String, String> env = new Hashtable<String, String>();
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, LDAPLoginModule.getLdapUrl());
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, LDAPLoginModule.getLdapSystemDN());
    env.put(Context.SECURITY_CREDENTIALS, LDAPLoginModule.getLdapSystemPW());

    // check ssl
    if (LDAPLoginModule.isSslEnabled()) {
        enableSSL(env);
    }

    try {
        final InitialLdapContext ctx = new InitialLdapContext(env, new Control[] {});
        ctx.getConnectControls();
        return ctx;
    } catch (final NamingException e) {
        logError("NamingException when trying to bind system with DN::" + LDAPLoginModule.getLdapSystemDN()
                + " and PW::" + LDAPLoginModule.getLdapSystemPW() + " on URL::" + LDAPLoginModule.getLdapUrl(),
                e);
        return null;
    } catch (final Exception e) {
        logError("Exception when trying to bind system with DN::" + LDAPLoginModule.getLdapSystemDN()
                + " and PW::" + LDAPLoginModule.getLdapSystemPW() + " on URL::" + LDAPLoginModule.getLdapUrl(),
                e);
        return null;
    }

}

From source file:org.olat.ldap.LDAPLoginManagerImpl.java

/**
 * Connect to LDAP with the User-Name and Password given as parameters Configuration: LDAP URL = olatextconfig.xml (property=ldapURL) LDAP Base = olatextconfig.xml
 * (property=ldapBase) LDAP Attributes Map = olatextconfig.xml (property=userAttrs)
 * //from   ww w.java2 s.c  o  m
 * @param uid The users LDAP login name (can't be null)
 * @param pwd The users LDAP password (can't be null)
 * @return After successful bind Attributes otherwise NULL
 * @throws NamingException
 */
public Attributes bindUser(final String uid, final String pwd, final LDAPError errors) {
    // get user name, password and attributes
    final String ldapUrl = LDAPLoginModule.getLdapUrl();
    final String[] userAttr = LDAPLoginModule.getUserAttrs();

    if (uid == null || pwd == null) {
        if (isLogDebugEnabled()) {
            logDebug("Error when trying to bind user, missing username or password. Username::" + uid + " pwd::"
                    + pwd);
        }
        errors.insert("Username and password must be selected");
        return null;
    }

    final LdapContext ctx = bindSystem();
    if (ctx == null) {
        errors.insert("LDAP connection error");
        return null;
    }
    final String userDN = searchUserDN(uid, ctx);
    if (userDN == null) {
        logInfo("Error when trying to bind user with username::" + uid + " - user not found on LDAP server"
                + (LDAPLoginModule.isCacheLDAPPwdAsOLATPwdOnLogin() ? ", trying with OLAT login provider"
                        : ""));
        errors.insert("Username or password incorrect");
        return null;
    }

    // Ok, so far so good, user exists. Now try to fetch attributes using the
    // users credentials
    final Hashtable<String, String> env = new Hashtable<String, String>();
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, ldapUrl);
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, userDN);
    env.put(Context.SECURITY_CREDENTIALS, pwd);
    if (LDAPLoginModule.isSslEnabled()) {
        enableSSL(env);
    }

    try {
        final Control[] connectCtls = new Control[] {};
        final LdapContext userBind = new InitialLdapContext(env, connectCtls);
        final Attributes attributes = userBind.getAttributes(userDN, userAttr);
        userBind.close();
        return attributes;
    } catch (final AuthenticationException e) {
        logInfo("Error when trying to bind user with username::" + uid + " - invalid LDAP password");
        errors.insert("Username or password incorrect");
        return null;
    } catch (final NamingException e) {
        logError("NamingException when trying to get attributes after binding user with username::" + uid, e);
        errors.insert("Username or password incorrect");
        return null;
    }
}

From source file:org.olat.ldap.manager.LDAPLoginManagerImpl.java

/**
 * Connect to the LDAP server with System DN and Password
 * /*from ww w . j a  va 2s .co m*/
 * Configuration: LDAP URL = ldapContext.xml (property=ldapURL) System DN =
 * ldapContext.xml (property=ldapSystemDN) System PW = ldapContext.xml
 * (property=ldapSystemPW)
 * 
 * @return The LDAP connection (LdapContext) or NULL if connect fails
 * 
 * @throws NamingException
 */
public LdapContext bindSystem() {
    // set LDAP connection attributes
    Hashtable<String, String> env = new Hashtable<String, String>();
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, ldapLoginModule.getLdapUrl());
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, ldapLoginModule.getLdapSystemDN());
    env.put(Context.SECURITY_CREDENTIALS, ldapLoginModule.getLdapSystemPW());
    if (ldapLoginModule.getLdapConnectionTimeout() != null) {
        env.put(TIMEOUT_KEY, ldapLoginModule.getLdapConnectionTimeout().toString());
    }

    // check ssl
    if (ldapLoginModule.isSslEnabled()) {
        enableSSL(env);
    }

    try {
        InitialLdapContext ctx = new InitialLdapContext(env, new Control[] {});
        ctx.getConnectControls();
        return ctx;
    } catch (NamingException e) {
        log.error("NamingException when trying to bind system with DN::" + ldapLoginModule.getLdapSystemDN()
                + " and PW::" + ldapLoginModule.getLdapSystemPW() + " on URL::" + ldapLoginModule.getLdapUrl(),
                e);
        return null;
    } catch (Exception e) {
        log.error("Exception when trying to bind system with DN::" + ldapLoginModule.getLdapSystemDN()
                + " and PW::" + ldapLoginModule.getLdapSystemPW() + " on URL::" + ldapLoginModule.getLdapUrl(),
                e);
        return null;
    }

}