List of usage examples for javax.naming Context SECURITY_CREDENTIALS
String SECURITY_CREDENTIALS
To view the source code for javax.naming Context SECURITY_CREDENTIALS.
Click Source Link
From source file:org.atricore.idbus.idojos.ldapidentitystore.LDAPIdentityStore.java
/** * Creates an InitialLdapContext by logging into the configured Ldap Server using the provided * username and credential.//from w w w . ja v a2 s. c om * * @return the Initial Ldap Context to be used to perform searches, etc. * @throws NamingException LDAP binding error. */ protected InitialLdapContext createLdapInitialContext(String securityPrincipal, String securityCredential) throws NamingException { Properties env = new Properties(); env.setProperty(Context.INITIAL_CONTEXT_FACTORY, getInitialContextFactory()); env.setProperty(Context.SECURITY_AUTHENTICATION, getSecurityAuthentication()); env.setProperty(Context.PROVIDER_URL, getProviderUrl()); env.setProperty(Context.SECURITY_PROTOCOL, (getSecurityProtocol() == null ? "" : getSecurityProtocol())); // Set defaults for key values if they are missing String factoryName = env.getProperty(Context.INITIAL_CONTEXT_FACTORY); if (factoryName == null) { factoryName = "com.sun.jndi.ldap.LdapCtxFactory"; env.setProperty(Context.INITIAL_CONTEXT_FACTORY, factoryName); } String authType = env.getProperty(Context.SECURITY_AUTHENTICATION); if (authType == null) env.setProperty(Context.SECURITY_AUTHENTICATION, "simple"); String protocol = env.getProperty(Context.SECURITY_PROTOCOL); String providerURL = getProviderUrl(); // Use localhost if providerUrl not set if (providerURL == null) { providerURL = "ldap://localhost:" + ((protocol != null && protocol.equals("ssl")) ? "636" : "389"); } else { // In case user configured provided URL if (providerURL.startsWith("ldaps")) { protocol = "ssl"; env.setProperty(Context.SECURITY_PROTOCOL, "ssl"); } } env.setProperty(Context.PROVIDER_URL, providerURL); if (securityPrincipal != null && !"".equals(securityPrincipal)) env.setProperty(Context.SECURITY_PRINCIPAL, securityPrincipal); if (securityCredential != null && !"".equals(securityCredential)) env.put(Context.SECURITY_CREDENTIALS, securityCredential); // always follow referrals transparently env.put(Context.REFERRAL, "follow"); // Logon into LDAP server if (logger.isDebugEnabled()) logger.debug("Logging into LDAP server, env=" + env); InitialLdapContext ctx = new InitialLdapContext(env, null); if (logger.isDebugEnabled()) logger.debug("Logged into LDAP server, " + ctx); return ctx; }
From source file:org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper.java
private void doBind(final StudioProgressMonitor monitor) throws NamingException { if (context != null && isConnected) { // setup authentication methdod authMethod = AUTHMETHOD_NONE;//ww w .java 2 s .c o m if (connection.getConnectionParameter() .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SIMPLE) { authMethod = AUTHMETHOD_SIMPLE; } else if (connection.getConnectionParameter() .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SASL_DIGEST_MD5) { authMethod = AUTHMETHOD_DIGEST_MD5; saslRealm = connection.getConnectionParameter().getSaslRealm(); } else if (connection.getConnectionParameter() .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SASL_CRAM_MD5) { authMethod = AUTHMETHOD_CRAM_MD5; } else if (connection.getConnectionParameter() .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SASL_GSSAPI) { authMethod = AUTHMETHOD_GSSAPI; } // No Authentication if (authMethod == AUTHMETHOD_NONE) { bindPrincipal = ""; //$NON-NLS-1$ bindCredentials = ""; //$NON-NLS-1$ } else { // setup credentials IAuthHandler authHandler = ConnectionCorePlugin.getDefault().getAuthHandler(); if (authHandler == null) { NamingException namingException = new NamingException(Messages.model__no_auth_handler); monitor.reportError(Messages.model__no_auth_handler, namingException); throw namingException; } ICredentials credentials = authHandler.getCredentials(connection.getConnectionParameter()); if (credentials == null) { CancelException cancelException = new CancelException(); monitor.setCanceled(true); monitor.reportError(Messages.model__no_credentials, cancelException); throw cancelException; } if (credentials.getBindPrincipal() == null || credentials.getBindPassword() == null) { NamingException namingException = new NamingException(Messages.model__no_credentials); monitor.reportError(Messages.model__no_credentials, namingException); throw namingException; } bindPrincipal = credentials.getBindPrincipal(); bindCredentials = credentials.getBindPassword(); } InnerRunnable runnable = new InnerRunnable() { public void run() { try { context.removeFromEnvironment(Context.SECURITY_AUTHENTICATION); context.removeFromEnvironment(Context.SECURITY_PRINCIPAL); context.removeFromEnvironment(Context.SECURITY_CREDENTIALS); context.removeFromEnvironment(JAVA_NAMING_SECURITY_SASL_REALM); context.addToEnvironment(Context.SECURITY_AUTHENTICATION, authMethod); // SASL options if (connection.getConnectionParameter() .getAuthMethod() == AuthenticationMethod.SASL_CRAM_MD5 || connection.getConnectionParameter() .getAuthMethod() == AuthenticationMethod.SASL_DIGEST_MD5 || connection.getConnectionParameter() .getAuthMethod() == AuthenticationMethod.SASL_GSSAPI) { // Request quality of protection switch (connection.getConnectionParameter().getSaslQop()) { case AUTH: context.addToEnvironment(Sasl.QOP, SaslQoP.AUTH.getValue()); break; case AUTH_INT: context.addToEnvironment(Sasl.QOP, SaslQoP.AUTH_INT.getValue()); break; case AUTH_CONF: context.addToEnvironment(Sasl.QOP, SaslQoP.AUTH_CONF.getValue()); break; } // Request mutual authentication if (connection.getConnectionParameter().isSaslMutualAuthentication()) { context.addToEnvironment(Sasl.SERVER_AUTH, "true"); //$NON-NLS-1$ } else { context.removeFromEnvironment(Sasl.SERVER_AUTH); } // Request cryptographic protection strength switch (connection.getConnectionParameter().getSaslSecurityStrength()) { case HIGH: context.addToEnvironment(Sasl.STRENGTH, SaslSecurityStrength.HIGH.getValue()); break; case MEDIUM: context.addToEnvironment(Sasl.STRENGTH, SaslSecurityStrength.MEDIUM.getValue()); break; case LOW: context.addToEnvironment(Sasl.STRENGTH, SaslSecurityStrength.LOW.getValue()); break; } } // Bind if (connection.getConnectionParameter() .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SASL_GSSAPI) { // GSSAPI doGssapiBind(this); } else { // no GSSAPI context.addToEnvironment(Context.SECURITY_PRINCIPAL, bindPrincipal); context.addToEnvironment(Context.SECURITY_CREDENTIALS, bindCredentials); if (connection.getConnectionParameter() .getAuthMethod() == ConnectionParameter.AuthenticationMethod.SASL_DIGEST_MD5 && StringUtils.isNotEmpty(saslRealm)) { context.addToEnvironment(JAVA_NAMING_SECURITY_SASL_REALM, saslRealm); } context.reconnect(context.getConnectControls()); } } catch (NamingException ne) { namingException = ne; } } }; runAndMonitor(runnable, monitor); if (runnable.getException() != null) { throw runnable.getException(); } else if (context != null) { // all OK } else { throw new NamingException("???"); //$NON-NLS-1$ } } else { throw new NamingException(NO_CONNECTION); } }
From source file:org.liveSense.auth.ldap.LdapAuthenticationHandler.java
boolean isLdapValid(final Credentials credentials) throws RepositoryException { LdapUser ldapUser = getLdapAuthData(credentials); if (ldapUser != null) { Hashtable<String, String> authEnv = new Hashtable<String, String>(11); //String dn = "uid=" + ldapUser.getUserName() + "," + ldapBase; String dn = StringUtils.replace(ldapBase, "${userName}", ldapUser.getUserName()); authEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); authEnv.put(Context.PROVIDER_URL, ldapUrl); authEnv.put(Context.SECURITY_AUTHENTICATION, ldapAuthenticationType); authEnv.put(Context.SECURITY_PRINCIPAL, dn); authEnv.put(Context.SECURITY_CREDENTIALS, ldapUser.getPassword()); try {/*from w w w. j a v a2 s . com*/ DirContext ctx = new InitialDirContext(authEnv); Attributes attributes = ctx.getAttributes(dn); ldapUser.setAttributes(attributes); return true; } catch (AuthenticationException authEx) { return false; } catch (NamingException namEx) { throw new RepositoryException("Ldap Error:" + namEx.getExplanation()); } } // no authdata, not valid return false; }
From source file:com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule.java
/** * get the context for connection/*from w ww.j a v a2 s . c o m*/ * * @return */ @SuppressWarnings("unchecked") public Hashtable getEnvironment() { Properties env = new Properties(); env.put(Context.INITIAL_CONTEXT_FACTORY, _contextFactory); String url = null; if (_providerUrl != null) { url = _providerUrl; } else { if (_hostname != null) { url = "ldap://" + _hostname + "/"; if (_port != 0) { url += ":" + _port + "/"; } LOG.warn("Using hostname and port. Use providerUrl instead: " + url); } } env.put(Context.PROVIDER_URL, url); if (_authenticationMethod != null) { env.put(Context.SECURITY_AUTHENTICATION, _authenticationMethod); } if (_bindDn != null) { env.put(Context.SECURITY_PRINCIPAL, _bindDn); } if (_bindPassword != null) { env.put(Context.SECURITY_CREDENTIALS, _bindPassword); } env.put("com.sun.jndi.ldap.read.timeout", Long.toString(_timeoutRead)); env.put("com.sun.jndi.ldap.connect.timeout", Long.toString(_timeoutConnect)); // Set the SSLContextFactory to implementation that validates cert subject if (url != null && url.startsWith("ldaps") && _ldapsVerifyHostname) { try { URI uri = new URI(url); HostnameVerifyingSSLSocketFactory.setTargetHost(uri.getHost()); env.put("java.naming.ldap.factory.socket", "com.dtolabs.rundeck.jetty.jaas.HostnameVerifyingSSLSocketFactory"); } catch (URISyntaxException e) { throw new RuntimeException(e); } } return env; }
From source file:org.nuxeo.ecm.directory.ldap.LDAPSession.java
@Override public boolean authenticate(String username, String password) throws DirectoryException { if (password == null || "".equals(password.trim())) { // never use anonymous bind as a way to authenticate a user in // Nuxeo EP return false; }/* ww w. ja v a 2s . c o m*/ // lookup the user: fetch its dn SearchResult entry; try { entry = getLdapEntry(username); } catch (NamingException e) { throw new DirectoryException("failed to fetch the ldap entry for " + username, e); } if (entry == null) { // no such user => authentication failed return false; } String dn = entry.getNameInNamespace(); Properties env = (Properties) getDirectory().getContextProperties().clone(); env.put(Context.SECURITY_PRINCIPAL, dn); env.put(Context.SECURITY_CREDENTIALS, password); InitialLdapContext authenticationDirContext = null; try { // creating a context does a bind log.debug(String.format("LDAP bind dn='%s'", dn)); // noinspection ResultOfObjectAllocationIgnored authenticationDirContext = new InitialLdapContext(env, null); // force reconnection to prevent from using a previous connection // with an obsolete password (after an user has changed his // password) authenticationDirContext.reconnect(null); log.debug("Bind succeeded, authentication ok"); return true; } catch (NamingException e) { log.debug("Bind failed: " + e.getMessage()); // authentication failed return false; } finally { try { if (authenticationDirContext != null) { authenticationDirContext.close(); } } catch (NamingException e) { log.error("Error closing authentication context when biding dn " + dn, e); return false; } } }
From source file:org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore.java
/** * Creates an InitialLdapContext by logging into the configured Ldap Server using the provided * username and credential./*from w w w . j a v a2s. c o m*/ * * @return the Initial Ldap Context to be used to perform searches, etc. * @throws NamingException LDAP binding error. */ protected InitialLdapContext createLdapInitialContext(String securityPrincipal, String securityCredential) throws NamingException { Properties env = new Properties(); env.setProperty(Context.INITIAL_CONTEXT_FACTORY, getInitialContextFactory()); env.setProperty(Context.SECURITY_AUTHENTICATION, getSecurityAuthentication()); env.setProperty(Context.PROVIDER_URL, getProviderUrl()); env.setProperty(Context.SECURITY_PROTOCOL, (getSecurityProtocol() == null ? "" : getSecurityProtocol())); // Set defaults for key values if they are missing String factoryName = env.getProperty(Context.INITIAL_CONTEXT_FACTORY); if (factoryName == null) { factoryName = "com.sun.jndi.ldap.LdapCtxFactory"; env.setProperty(Context.INITIAL_CONTEXT_FACTORY, factoryName); } String authType = env.getProperty(Context.SECURITY_AUTHENTICATION); if (authType == null) env.setProperty(Context.SECURITY_AUTHENTICATION, "simple"); String protocol = env.getProperty(Context.SECURITY_PROTOCOL); String providerURL = getProviderUrl(); // Use localhost if providerUrl not set if (providerURL == null) { //providerURL = "ldap://localhost:" + ((protocol != null && protocol.equals("ssl")) ? "636" : "389"); if (protocol != null && protocol.equals("ssl")) { // We should use Start TLS extension? providerURL = "ldaps://localhost:636"; } else { providerURL = "ldap://localhost:389"; } } env.setProperty(Context.PROVIDER_URL, providerURL); env.setProperty(Context.SECURITY_PRINCIPAL, securityPrincipal); env.put(Context.SECURITY_CREDENTIALS, securityCredential); // always follow referrals transparently env.put(Context.REFERRAL, "follow"); // Logon into LDAP server if (logger.isDebugEnabled()) logger.debug("Logging into LDAP server, env=" + env); InitialLdapContext ctx = new InitialLdapContext(env, null); if (logger.isDebugEnabled()) logger.debug("Logged into LDAP server, " + ctx); return ctx; }
From source file:nl.nn.adapterframework.ldap.LdapSender.java
/** * Retrieves the DirContext from the JNDI environment and sets the <code>providerURL</code> back to <code>ldapProviderURL</code> if specified. * @throws ParameterException // ww w. j ava 2s . com * */ protected synchronized DirContext loopkupDirContext(Map paramValueMap) throws NamingException, ParameterException { DirContext dirContext; if (jndiEnv == null) { Hashtable newJndiEnv = getJndiEnv(); //newJndiEnv.put("com.sun.jndi.ldap.trace.ber", System.err);//ldap response in log for debug purposes if (getLdapProviderURL() != null) { //Overwriting the (realm)providerURL if specified in configuration newJndiEnv.put("java.naming.provider.url", getLdapProviderURL()); } if (principalParameterFound) { newJndiEnv.put(Context.SECURITY_PRINCIPAL, paramValueMap.get("principal")); newJndiEnv.put(Context.SECURITY_CREDENTIALS, paramValueMap.get("credentials")); } if (isUsePooling()) { // Enable connection pooling newJndiEnv.put("com.sun.jndi.ldap.connect.pool", "true"); //see http://java.sun.com/products/jndi/tutorial/ldap/connect/config.html // newJndiEnv.put("com.sun.jndi.ldap.connect.pool.maxsize", "20" ); // newJndiEnv.put("com.sun.jndi.ldap.connect.pool.prefsize", "10" ); // newJndiEnv.put("com.sun.jndi.ldap.connect.pool.timeout", "300000" ); } else { // Disable connection pooling newJndiEnv.put("com.sun.jndi.ldap.connect.pool", "false"); } if (log.isDebugEnabled()) log.debug("created environment for LDAP provider URL [" + newJndiEnv.get("java.naming.provider.url") + "]"); dirContext = (DirContext) new InitialDirContext(newJndiEnv); if (!principalParameterFound) { jndiEnv = newJndiEnv; } } else { dirContext = (DirContext) new InitialDirContext(jndiEnv); } return dirContext; // return (DirContext) dirContextTemplate.lookup(""); // return copy to be thread-safe }
From source file:org.akaza.openclinica.controller.SystemController.java
public HashMap<String, Object> getLdapModule(StudyBean studyBean) { String enabled = CoreResources.getField("ldap.enabled"); String ldapHost = CoreResources.getField("ldap.host"); String username = CoreResources.getField("ldap.userDn"); String password = CoreResources.getField("ldap.password"); String result = ""; Properties env = new Properties(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); env.put(Context.PROVIDER_URL, ldapHost); env.put(Context.SECURITY_AUTHENTICATION, "simple"); env.put(Context.SECURITY_PRINCIPAL, username); // replace with user DN env.put(Context.SECURITY_CREDENTIALS, password); DirContext ctx = null;//www . ja v a2s. co m try { ctx = new InitialDirContext(env); result = "ACTIVE"; } catch (Exception e) { result = "INACTIVE"; } HashMap<String, String> mapMetadata = new HashMap<>(); mapMetadata.put("ldap.host", ldapHost); HashMap<String, Object> mapWebService = new HashMap<>(); mapWebService.put("enabled", enabled.equalsIgnoreCase("true") ? "True" : "False"); mapWebService.put("status", result); mapWebService.put("metadata", mapMetadata); HashMap<String, Object> mapModule = new HashMap<>(); mapModule.put("Ldap", mapWebService); return mapModule; }