List of usage examples for javax.naming Context SECURITY_AUTHENTICATION
String SECURITY_AUTHENTICATION
To view the source code for javax.naming Context SECURITY_AUTHENTICATION.
Click Source Link
From source file:org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandler.java
/** * Helper method to create the LDAP context needed to interact with the Active Directory. * * @return the relevant LdapContext//from w w w . ja va 2s .com * @throws KerberosKDCConnectionException if a connection to the KDC cannot be made * @throws KerberosAdminAuthenticationException if the administrator credentials fail to authenticate * @throws KerberosRealmException if the realm does not map to a KDC * @throws KerberosOperationException if an unexpected error occurred */ protected LdapContext createLdapContext() throws KerberosOperationException { KerberosCredential administratorCredentials = getAdministratorCredentials(); Properties properties = new Properties(); properties.put(Context.INITIAL_CONTEXT_FACTORY, LDAP_CONTEXT_FACTORY_CLASS); properties.put(Context.PROVIDER_URL, ldapUrl); properties.put(Context.SECURITY_PRINCIPAL, administratorCredentials.getPrincipal()); properties.put(Context.SECURITY_CREDENTIALS, administratorCredentials.getPassword()); properties.put(Context.SECURITY_AUTHENTICATION, "simple"); properties.put(Context.REFERRAL, "follow"); properties.put("java.naming.ldap.factory.socket", TrustingSSLSocketFactory.class.getName()); try { return createInitialLdapContext(properties, null); } catch (CommunicationException e) { String message = String.format("Failed to communicate with the Active Directory at %s: %s", ldapUrl, e.getMessage()); LOG.warn(message, e); throw new KerberosKDCConnectionException(message, e); } catch (AuthenticationException e) { String message = String.format("Failed to authenticate with the Active Directory at %s: %s", ldapUrl, e.getMessage()); LOG.warn(message, e); throw new KerberosAdminAuthenticationException(message, e); } catch (NamingException e) { String error = e.getMessage(); if ((error != null) && !error.isEmpty()) { String message = String.format("Failed to communicate with the Active Directory at %s: %s", ldapUrl, e.getMessage()); LOG.warn(message, e); if (error.startsWith("Cannot parse url:")) { throw new KerberosKDCConnectionException(message, e); } else { throw new KerberosOperationException(message, e); } } else { throw new KerberosOperationException("Unexpected error condition", e); } } }
From source file:org.apache.cloudstack.ldap.LdapContextFactory.java
private void setAuthentication(final Hashtable<String, String> environment, final boolean isSystemContext, final Long domainId) { final String authentication = _ldapConfiguration.getAuthentication(domainId); if ("none".equals(authentication) && !isSystemContext) { environment.put(Context.SECURITY_AUTHENTICATION, "simple"); } else {// w w w. j a v a2 s . c om environment.put(Context.SECURITY_AUTHENTICATION, authentication); } }
From source file:org.apache.directory.server.core.jndi.LdapJndiPropertiesTest.java
License:asdf
@Test public void testAuthWithNoCredsEnv() throws Exception { Hashtable<String, Object> env = new Hashtable<String, Object>(); env.put(Context.SECURITY_PRINCIPAL, ""); env.put(Context.SECURITY_AUTHENTICATION, "simple"); try {/* w w w . ja v a2 s .c o m*/ LdapJndiProperties.getLdapJndiProperties(env); fail("should never get here"); } catch (ConfigurationException e) { } }
From source file:org.apache.directory.server.core.jndi.LdapJndiPropertiesTest.java
License:asdf
@Test public void testAuthWithNoCredsStrong() throws Exception { Hashtable<String, Object> env = new Hashtable<String, Object>(); env.put(Context.SECURITY_PRINCIPAL, ""); env.put(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5 CRAM-MD5"); env.put(Context.PROVIDER_URL, ""); LdapJndiProperties props = LdapJndiProperties.getLdapJndiProperties(env); assertEquals(AuthenticationLevel.STRONG, props.getAuthenticationLevel()); assertTrue(props.getCredentials() == null); }
From source file:org.apache.directory.server.core.jndi.LdapJndiPropertiesTest.java
License:asdf
@Test public void testAuthWithCredsStrong() throws Exception { Hashtable<String, Object> env = new Hashtable<String, Object>(); env.put(Context.SECURITY_PRINCIPAL, ""); env.put(Context.SECURITY_CREDENTIALS, "asdf"); env.put(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5 CRAM-MD5"); env.put(Context.PROVIDER_URL, ""); LdapJndiProperties props = LdapJndiProperties.getLdapJndiProperties(env); assertEquals(AuthenticationLevel.STRONG, props.getAuthenticationLevel()); assertTrue(ArrayUtils.isEquals(Strings.getBytesUtf8("asdf"), props.getCredentials())); }
From source file:org.apache.directory.server.ldap.handlers.sasl.AbstractSaslCallbackHandler.java
/** * Convenience method for getting an environment suitable for acquiring * an {@link LdapContext} for the client. * /*from w w w . ja v a 2 s.c o m*/ * @param session The current session. * @return An environment suitable for acquiring an {@link LdapContext} for the client. */ protected Hashtable<String, Object> getEnvironment(IoSession session) { Hashtable<String, Object> env = new Hashtable<>(); env.put(Context.PROVIDER_URL, session.getAttribute("baseDn")); env.put(Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory"); env.put(Context.SECURITY_PRINCIPAL, ServerDNConstants.ADMIN_SYSTEM_DN); env.put(Context.SECURITY_CREDENTIALS, "secret"); env.put(Context.SECURITY_AUTHENTICATION, AuthenticationLevel.SIMPLE.toString()); return env; }
From source file:org.apache.directory.server.operations.bind.MiscBindIT.java
/** * Test to make sure anonymous binds are disabled when going through * the wire protocol./* ww w. ja va 2 s . c o m*/ * * @throws Exception if anything goes wrong */ @Test public void testDisableAnonymousBinds() throws Exception { getLdapServer().getDirectoryService().setAllowAnonymousAccess(false); // Use the SUN JNDI provider to hit server port and bind as anonymous final Hashtable<String, Object> env = new Hashtable<String, Object>(); env.put(Context.PROVIDER_URL, Network.ldapLoopbackUrl(getLdapServer().getPort()) + "/ou=system"); env.put(Context.SECURITY_AUTHENTICATION, "none"); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); try { new InitialDirContext(env); fail(); } catch (Exception e) { // We should get here } try { // Use the netscape API as JNDI cannot be used to do a search without // first binding. LDAPUrl url = new LDAPUrl(Network.LOOPBACK_HOSTNAME, getLdapServer().getPort(), "ou=system", new String[] { "vendorName" }, 0, "(ObjectClass=*)"); LDAPConnection.search(url); fail(); } catch (LDAPException e) { // Expected result } }
From source file:org.apache.directory.server.operations.bind.MiscBindIT.java
/** * Test to make sure anonymous binds are allowed on the RootDSE even when disabled * in general when going through the wire protocol. * * @throws Exception if anything goes wrong */// w w w . j a v a2 s . c o m @Test public void testEnableAnonymousBindsOnRootDse() throws Exception { getLdapServer().getDirectoryService().setAllowAnonymousAccess(true); // Use the SUN JNDI provider to hit server port and bind as anonymous Hashtable<String, Object> env = new Hashtable<String, Object>(); env.put(Context.PROVIDER_URL, Network.ldapLoopbackUrl(getLdapServer().getPort())); env.put(Context.SECURITY_AUTHENTICATION, "none"); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); InitialDirContext ctx = new InitialDirContext(env); SearchControls cons = new SearchControls(); cons.setSearchScope(SearchControls.OBJECT_SCOPE); NamingEnumeration<SearchResult> list = ctx.search("", "(objectClass=*)", cons); SearchResult result = null; if (list.hasMore()) { result = list.next(); } assertFalse(list.hasMore()); list.close(); assertNotNull(result); assertEquals("", result.getName().trim()); }
From source file:org.apache.directory.server.operations.bind.MiscBindIT.java
/** * Test to make sure that if anonymous binds are allowed a user may search * within a a partition.//www .ja v a 2 s . c o m * * @throws Exception if anything goes wrong */ @Test public void testAnonymousBindsEnabledBaseSearch() throws Exception { getLdapServer().getDirectoryService().setAllowAnonymousAccess(true); // Use the SUN JNDI provider to hit server port and bind as anonymous Hashtable<String, Object> env = new Hashtable<String, Object>(); env.put(Context.PROVIDER_URL, Network.ldapLoopbackUrl(getLdapServer().getPort())); env.put(Context.SECURITY_AUTHENTICATION, "none"); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); InitialDirContext ctx = new InitialDirContext(env); SearchControls cons = new SearchControls(); cons.setSearchScope(SearchControls.OBJECT_SCOPE); NamingEnumeration<SearchResult> list = ctx.search("dc=apache,dc=org", "(objectClass=*)", cons); SearchResult result = null; if (list.hasMore()) { result = list.next(); } assertFalse(list.hasMore()); list.close(); assertNotNull(result); assertNotNull(result.getAttributes().get("dc")); }
From source file:org.apache.directory.server.operations.bind.MiscBindIT.java
/** * Test case for <a href="http://issues.apache.org/jira/browse/DIREVE-284" where users in * mixed case partitions were not able to authenticate properly. This test case creates * a new partition under dc=aPache,dc=org, it then creates the example user in the JIRA * issue and attempts to authenticate as that user. * * @throws Exception if the user cannot authenticate or test fails *///w ww.java 2 s . c om @Test public void testUserAuthOnMixedCaseSuffix() throws Exception { getLdapServer().getDirectoryService().setAllowAnonymousAccess(true); Hashtable<String, Object> env = new Hashtable<String, Object>(); env.put(Context.PROVIDER_URL, Network.ldapLoopbackUrl(getLdapServer().getPort()) + "/dc=aPache,dc=org"); env.put("java.naming.ldap.version", "3"); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); InitialDirContext ctx = new InitialDirContext(env); Attributes attrs = ctx.getAttributes(""); assertTrue(attrs.get("dc").get().equals("aPache")); Attributes user = new BasicAttributes("cn", "Kate Bush", true); Attribute oc = new BasicAttribute("objectClass"); oc.add("top"); oc.add("person"); oc.add("organizationalPerson"); oc.add("inetOrgPerson"); user.put(oc); user.put("sn", "Bush"); user.put("userPassword", "Aerial"); ctx.createSubcontext("cn=Kate Bush", user); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_CREDENTIALS, "Aerial"); env.put(Context.SECURITY_PRINCIPAL, "cn=Kate Bush,dc=aPache,dc=org"); InitialDirContext userCtx = new InitialDirContext(env); assertNotNull(userCtx); ctx.destroySubcontext("cn=Kate Bush"); }