List of usage examples for javax.naming Context SECURITY_CREDENTIALS
String SECURITY_CREDENTIALS
To view the source code for javax.naming Context SECURITY_CREDENTIALS.
Click Source Link
From source file:org.apache.jackrabbit.oak.security.authentication.ldap.AbstractServer.java
/** * Sets the contexts for this base class. Values of user and password used to * set the respective JNDI properties. These values can be overriden by the * overrides properties./* w ww .ja v a 2 s . c om*/ * * @param user the username for authenticating as this user * @param passwd the password of the user * @throws NamingException if there is a failure of any kind */ protected void setContexts(String user, String passwd) throws Exception { Hashtable<String, Object> env = new Hashtable<String, Object>(); env.put(DirectoryService.JNDI_KEY, directoryService); env.put(Context.SECURITY_PRINCIPAL, user); env.put(Context.SECURITY_CREDENTIALS, passwd); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.INITIAL_CONTEXT_FACTORY, CoreContextFactory.class.getName()); setContexts(env); }
From source file:org.apache.activemq.artemis.tests.integration.amqp.SaslKrb5LDAPSecurityTest.java
@Test public void testRunning() throws Exception { Hashtable<String, String> env = new Hashtable<>(); env.put(Context.PROVIDER_URL, "ldap://localhost:1024"); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, PRINCIPAL); env.put(Context.SECURITY_CREDENTIALS, CREDENTIALS); DirContext ctx = new InitialDirContext(env); HashSet<String> set = new HashSet<>(); NamingEnumeration<NameClassPair> list = ctx.list("ou=system"); while (list.hasMore()) { NameClassPair ncp = list.next(); set.add(ncp.getName());//from w w w .j a v a2 s . c o m } Assert.assertTrue(set.contains("uid=admin")); Assert.assertTrue(set.contains("ou=users")); Assert.assertTrue(set.contains("ou=groups")); Assert.assertTrue(set.contains("ou=configuration")); Assert.assertTrue(set.contains("prefNodeName=sysPrefRoot")); ctx.close(); }
From source file:com.headstrong.fusion.messaging.model.endpoint.binding.JmsBindingEndPointModeler.java
/** * Creates a {@link JmsComponent} using the parameters set. * /*from www .j av a 2s . c o m*/ * @param routeBuilder * @return {@link JmsComponent} * @throws ProcessModellingException */ @SuppressWarnings("unchecked") private Component getJmsComponent(RouteBuilder routeBuilder) throws ProcessModellingException { JmsComponent jmsComponent = null; if (this.getProvider().equals(Provider.activemq.toString())) { jmsComponent = ActiveMQComponent.activeMQComponent(); jmsComponent.setConnectionFactory(new PooledConnectionFactory(this.getBrokerUrl())); jmsComponent.setCamelContext(routeBuilder.getContext()); jmsComponent.setAcknowledgementMode(Session.AUTO_ACKNOWLEDGE); } else if (this.getProvider().equals(Provider.ibmmq.toString())) { JmsConnectionFactory factory = null; try { JmsFactoryFactory jmsFactoryFactory; jmsFactoryFactory = JmsFactoryFactory.getInstance(JmsConstants.WMQ_PROVIDER); factory = jmsFactoryFactory.createConnectionFactory(); factory.setIntProperty(WMQConstants.WMQ_CONNECTION_MODE, WMQConstants.WMQ_CM_CLIENT); factory.setStringProperty(WMQConstants.WMQ_QUEUE_MANAGER, this.getQueueManager()); factory.setStringProperty(WMQConstants.WMQ_HOST_NAME, this.getBrokerUrl()); factory.setIntProperty(WMQConstants.WMQ_PORT, this.getPort()); if (this.getChannel() != null && !this.getChannel().isEmpty()) factory.setStringProperty(WMQConstants.WMQ_CHANNEL, this.getChannel()); factory.setIntProperty(WMQConstants.DELIVERY_MODE, this.getDeliveryMode()); } catch (JMSException e) { logger.error("Error connecting to JMS provider.", e); throw new ProcessModellingException("Error connecting to JMS provider.", e); } UserCredentialsConnectionFactoryAdapter adapter = new UserCredentialsConnectionFactoryAdapter(); adapter.setTargetConnectionFactory(factory); if (this.getUserName() != null) { adapter.setUsername(this.getUserName()); } if (this.getPassword() != null) { adapter.setPassword(this.getPassword()); } jmsComponent = JmsComponent.jmsComponent(); jmsComponent.setConnectionFactory(adapter); jmsComponent.setCamelContext(routeBuilder.getContext()); jmsComponent.setAcknowledgementMode(Session.AUTO_ACKNOWLEDGE); } else { Hashtable<String, String> prop = new Hashtable<String, String>(); // Mandatory property. prop.put(Context.PROVIDER_URL, this.getLdapConfiguration().getProviderUrl()); prop.put(Context.INITIAL_CONTEXT_FACTORY, this.getLdapConfiguration().getInitialContextFactory()); // Only these optional properties supported now. if (this.getLdapConfiguration().getSecurityAuthentication() != null) { prop.put(Context.SECURITY_AUTHENTICATION, this.getLdapConfiguration().getSecurityAuthentication()); } if (this.getLdapConfiguration().getSecutiryPrincipal() != null) { prop.put(Context.SECURITY_PRINCIPAL, this.getLdapConfiguration().getSecutiryPrincipal()); } if (this.getLdapConfiguration().getSecutiryCredentials() != null) { prop.put(Context.SECURITY_CREDENTIALS, this.getLdapConfiguration().getSecutiryCredentials()); } Context context; ConnectionFactory connectionFactory; try { // HACK required to avoid ClassNotFoundException while // retrieving the // InitialContext. ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader(); try { Thread.currentThread().setContextClassLoader(getClass().getClassLoader()); context = new InitialContext(prop); connectionFactory = (ConnectionFactory) context .lookup(this.getLdapConfiguration().getConnectionFactoryJndiName()); } finally { Thread.currentThread().setContextClassLoader(contextClassLoader); } // HACK -- Finished } catch (NamingException e) { logger.error("Error connecting to JMS provider.", e); throw new ProcessModellingException("Error connecting to JMS provider.", e); } UserCredentialsConnectionFactoryAdapter adapter = new UserCredentialsConnectionFactoryAdapter(); adapter.setTargetConnectionFactory(connectionFactory); if (this.getUserName() != null) { adapter.setUsername(this.getUserName()); } if (this.getPassword() != null) { adapter.setPassword(this.getPassword()); } jmsComponent = JmsComponent.jmsComponent(); jmsComponent.setConnectionFactory(adapter); jmsComponent.setCamelContext(routeBuilder.getContext()); jmsComponent.setAcknowledgementMode(Session.AUTO_ACKNOWLEDGE); } if (jmsComponent != null) { jmsComponent.setConcurrentConsumers(getThreadCount()); } return jmsComponent; }
From source file:org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm.java
/** * Infer the root DN./*from w w w. j a v a 2 s .c o m*/ * * @return null if not found. */ private String inferRootDN(String server) { try { Hashtable<String, String> props = new Hashtable<String, String>(); if (managerDN != null) { props.put(Context.SECURITY_PRINCIPAL, managerDN); props.put(Context.SECURITY_CREDENTIALS, getManagerPassword()); } props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); props.put(Context.PROVIDER_URL, toProviderUrl(fixNull(getServerUrl()), "")); DirContext ctx = new InitialDirContext(props); Attributes atts = ctx.getAttributes(""); Attribute a = atts.get("defaultNamingContext"); if (a != null && a.get() != null) { // this entry is available on Active Directory. See http://msdn2.microsoft.com/en-us/library/ms684291(VS.85).aspx return a.get().toString(); } a = atts.get("namingcontexts"); if (a == null) { LOGGER.warning("namingcontexts attribute not found in root DSE of " + server); return null; } return a.get().toString(); } catch (NamingException e) { LOGGER.log(Level.WARNING, "Failed to connect to LDAP to infer Root DN for " + server, e); return null; } }
From source file:de.acosix.alfresco.mtsupport.repo.auth.ldap.LDAPInitialDirContextFactoryImpl.java
/** * {@inheritDoc}/*from www .j av a2s . com*/ */ @Override public InitialDirContext getInitialDirContext(final String principal, final String credentials, final AuthenticationDiagnostic diagnostic) throws AuthenticationException { final AuthenticationDiagnostic effectiveDiagnostic = diagnostic != null ? diagnostic : new AuthenticationDiagnostic(); if (principal == null) { // failed before we tried to do anything effectiveDiagnostic.addStep(AuthenticationDiagnostic.STEP_KEY_VALIDATION, false, null); throw new AuthenticationException("Null user name provided.", effectiveDiagnostic); } if (principal.length() == 0) { effectiveDiagnostic.addStep(AuthenticationDiagnostic.STEP_KEY_VALIDATION, false, null); throw new AuthenticationException("Empty user name provided.", effectiveDiagnostic); } if (credentials == null) { effectiveDiagnostic.addStep(AuthenticationDiagnostic.STEP_KEY_VALIDATION, false, null); throw new AuthenticationException("No credentials provided.", effectiveDiagnostic); } if (credentials.length() == 0) { effectiveDiagnostic.addStep(AuthenticationDiagnostic.STEP_KEY_VALIDATION, false, null); throw new AuthenticationException("Empty credentials provided.", effectiveDiagnostic); } effectiveDiagnostic.addStep(AuthenticationDiagnostic.STEP_KEY_VALIDATION, true, null); final Map<String, String> config = new HashMap<>(this.authenticatedEnvironment.size()); config.putAll(this.authenticatedEnvironment); config.put(Context.SECURITY_PRINCIPAL, principal); config.put(Context.SECURITY_CREDENTIALS, credentials); final InitialDirContext initialDirContext = this.buildInitialDirContext(config, 0, effectiveDiagnostic); return initialDirContext; }
From source file:ldap.ActiveLoginImpl.java
/** * open the directory connection./* w ww . ja v a 2s. c o m*/ * @param url * @param tracing * @return * @throws NamingException */ private DirContext setupJNDIConnection(String url, String userDN, String password, boolean tracing) throws NamingException { /* * First, set up a large number of environment variables to sensible default valuse */ Hashtable env = new Hashtable(); // sanity check if (url == null) throw new NamingException("URL not specified in openContext()!"); // set the tracing level now, since it can't be set once the connection is open. if (tracing) env.put("com.sun.jndi.ldap.trace.ber", System.err); // echo trace to standard error output //env.put("java.naming.ldap.version", "3"); // always use ldap v3 - v2 too limited env.put(LdapConstants.ldapVersionStr, LdapConstants.ldapVersion); // always use ldap v3 - v2 too limited //env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); // use default jndi provider env.put(Context.INITIAL_CONTEXT_FACTORY, LdapConstants.ldapContext); // use default jndi provider //env.put("java.naming.ldap.deleteRDN", "false"); // usually what we want env.put(LdapConstants.ldapDeleteRdn, LdapConstants.ldapDeleteRdnValue); // usually what we want //env.put(Context.REFERRAL, "ignore"); //could be: follow, ignore, throw env.put(Context.REFERRAL, LdapConstants.ldapIgnore); //could be: follow, ignore, throw // env.put("java.naming.ldap.derefAliases", "finding"); // could be: finding, searching, etc. env.put(LdapConstants.ldapFindingAliases, LdapConstants.ldapFindingStr); // could be: finding, searching, etc. //env.put(Context.SECURITY_AUTHENTICATION, "simple"); // 'simple' = username + password env.put(Context.SECURITY_AUTHENTICATION, LdapConstants.ldapSecurityAuth); // 'simple' = username + password env.put(Context.SECURITY_PRINCIPAL, userDN); // add the full user dn env.put(Context.SECURITY_CREDENTIALS, password); // stupid jndi requires us to cast this to a string- env.put(Context.PROVIDER_URL, url); // the ldap url to connect to; e.g. "ldap://ca.com:389" /* * Open the actual LDAP session using the above environment variables */ DirContext newContext = new InitialDirContext(env); if (newContext == null) throw new NamingException( "Internal Error with jndi connection: No Context was returned, however no exception was reported by jndi."); return newContext; }
From source file:ru.efo.security.ADUserDetailsService.java
private DirContext getDirContext(String username, String password) throws NamingException { final Properties props = new Properties(); props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); props.put(Context.SECURITY_AUTHENTICATION, "simple"); props.put(Context.SECURITY_PRINCIPAL, username); props.put(Context.SECURITY_CREDENTIALS, password); props.put(Context.PROVIDER_URL, ldapUrl); props.put("java.naming.ldap.attributes.binary", "objectSID"); return new InitialDirContext(props); }
From source file:de.sub.goobi.helper.ldap.Ldap.java
/** * Get next free uidNumber.//from w w w. ja v a 2 s . c o m * * @return next free uidNumber */ private String getNextUidNumber() { Hashtable<String, String> env = getLdapConnectionSettings(); env.put(Context.SECURITY_PRINCIPAL, ConfigCore.getParameter("ldap_adminLogin")); env.put(Context.SECURITY_CREDENTIALS, ConfigCore.getParameter("ldap_adminPassword")); DirContext ctx; String rueckgabe = ""; try { ctx = new InitialDirContext(env); Attributes attrs = ctx.getAttributes(ConfigCore.getParameter("ldap_nextFreeUnixId")); Attribute la = attrs.get("uidNumber"); rueckgabe = (String) la.get(0); ctx.close(); } catch (NamingException e) { logger.error(e); Helper.setFehlerMeldung(e.getMessage()); } return rueckgabe; }
From source file:no.feide.moria.directory.backend.JNDIBackend.java
/** * Authenticates the user using the supplied credentials and retrieves the * requested attributes./*from w w w.j a v a 2 s . co m*/ * @param userCredentials * User's credentials. Cannot be <code>null</code>. * @param attributeRequest * Requested attributes. * @return The requested attributes (<code>String</code> names and * <code>String[]</code> values), if they did exist in the * external backend. Otherwise returns those attributes that could * actually be read, this may be an empty <code>HashMap</code>. * Returns an empty <code>HashMap</code> if * <code>attributeRequest</code> is <code>null</code> or an * empty array. * @throws AuthenticationFailedException * If the authentication fails. * @throws BackendException * If there is a problem accessing the backend. * @throws IllegalArgumentException * If <code>userCredentials</code> is <code>null</code>. */ public final HashMap<String, String[]> authenticate(final Credentials userCredentials, final String[] attributeRequest) throws AuthenticationFailedException, BackendException { // Sanity check. if (userCredentials == null) throw new IllegalArgumentException("Credentials cannot be NULL"); // Go through all references. for (int i = 0; i < myReferences.length; i++) { final String[] references = myReferences[i].getReferences(); final String[] usernames = myReferences[i].getUsernames(); final String[] passwords = myReferences[i].getPasswords(); for (int j = 0; j < references.length; j++) { // For the benefit of the finally block below. InitialLdapContext ldap = null; try { // Context for this reference. try { ldap = connect(references[j]); } catch (NamingException e) { // Connection failed, but we might have other sources. log.logWarn("Unable to access the backend on '" + references[j] + "': " + e.getClass().getName(), mySessionTicket, e); continue; } // Skip search phase if the reference(s) are explicit. String rdn = ""; if (myReferences[i].isExplicitlyIndexed()) { // Add the explicit reference; no search phase, no RDN. ldap.addToEnvironment(Context.SECURITY_PRINCIPAL, references[j].substring(references[j].lastIndexOf('/') + 1)); } else { // Anonymous search or not? ldap.addToEnvironment(Context.SECURITY_AUTHENTICATION, "simple"); if ((usernames[j].length() == 0) && (passwords[j].length() > 0)) log.logWarn( "Search username is empty but search password is not - possible index problem", mySessionTicket); else if ((passwords[j].length() == 0) && (usernames[j].length() > 0)) log.logWarn( "Search password is empty but search username is not - possible index problem", mySessionTicket); else if ((passwords[j].length() == 0) && (usernames[j].length() == 0)) { log.logDebug("Anonymous search for user element DN on " + references[j], mySessionTicket); ldap.removeFromEnvironment(Context.SECURITY_AUTHENTICATION); } else log.logDebug("Non-anonymous search for user element DN on " + references[j], mySessionTicket); ldap.addToEnvironment(Context.SECURITY_PRINCIPAL, usernames[j]); ldap.addToEnvironment(Context.SECURITY_CREDENTIALS, passwords[j]); // Search using the implicit reference. String pattern = usernameAttribute + '=' + userCredentials.getUsername(); rdn = ldapSearch(ldap, pattern); if (rdn == null) { // No user element found. Try to guess the RDN. rdn = userCredentials.getUsername(); rdn = guessedAttribute + '=' + rdn.substring(0, rdn.indexOf('@')); log.logDebug("No subtree match for " + pattern + " on " + references[j] + " - guessing on RDN " + rdn, mySessionTicket); } else log.logDebug("Matched " + pattern + " to " + rdn + ',' + ldap.getNameInNamespace(), mySessionTicket); ldap.addToEnvironment(Context.SECURITY_PRINCIPAL, rdn + ',' + ldap.getNameInNamespace()); } // Authenticate and get attributes. ldap.addToEnvironment(Context.SECURITY_AUTHENTICATION, "simple"); ldap.addToEnvironment(Context.SECURITY_CREDENTIALS, userCredentials.getPassword()); try { ldap.reconnect(null); log.logDebug("Successfully authenticated " + userCredentials.getUsername() + " on " + references[j], mySessionTicket); return getAttributes(ldap, rdn, attributeRequest); // Success. } catch (AuthenticationException e) { // Authentication failed, but we may have other // references. log.logDebug("Failed to authenticate user " + userCredentials.getUsername() + " on " + references[j] + " - authentication failed", mySessionTicket); continue; } catch (AuthenticationNotSupportedException e) { // Password authentication not supported for the DN. // We may still have other references. log.logDebug("Failed to authenticate user " + userCredentials.getUsername() + " on " + references[j] + " - authentication not supported", mySessionTicket); continue; } } catch (ConfigurationException e) { throw new BackendException("Backend configuration problem with " + references[j], e); } catch (NamingException e) { throw new BackendException("Unable to access the backend on " + references[j], e); } finally { // Close the LDAP connection. if (ldap != null) { try { ldap.close(); } catch (NamingException e) { // Ignored. log.logWarn( "Unable to close the backend connection to " + references[j] + " - ignoring", mySessionTicket, e); } } } } } // No user was found. throw new AuthenticationFailedException( "Failed to authenticate user " + userCredentials.getUsername() + " - no user found"); }
From source file:org.apache.geronimo.security.realm.providers.GenericHttpHeaderLdapLoginModule.java
protected void bindUser(DirContext context, String dn) throws NamingException, FailedLoginException { context.addToEnvironment(Context.SECURITY_PRINCIPAL, dn); try {/*from ww w .j a v a 2 s . c om*/ context.getAttributes("", null); } catch (AuthenticationException e) { log.debug("Authentication failed for dn=" + dn); throw new FailedLoginException(); } finally { if (connectionUsername != null) { context.addToEnvironment(Context.SECURITY_PRINCIPAL, connectionUsername); } else { context.removeFromEnvironment(Context.SECURITY_PRINCIPAL); } if (connectionPassword != null) { context.addToEnvironment(Context.SECURITY_CREDENTIALS, connectionPassword); } else { context.removeFromEnvironment(Context.SECURITY_CREDENTIALS); } } }