List of usage examples for javax.naming.directory SearchControls ONELEVEL_SCOPE
int ONELEVEL_SCOPE
To view the source code for javax.naming.directory SearchControls ONELEVEL_SCOPE.
Click Source Link
From source file:org.apache.directory.studio.ldapbrowser.core.jobs.ImportDsmlRunnable.java
/** * Returns the {@link SearchControls} object associated with the request. * * @param request/* ww w . j a v a2s.c o m*/ * the search request * @return * the associated {@link SearchControls} object */ private SearchControls getSearchControls(SearchRequest request) { SearchControls controls = new SearchControls(); // Scope switch (request.getScope()) { case OBJECT: controls.setSearchScope(SearchControls.OBJECT_SCOPE); break; case ONELEVEL: controls.setSearchScope(SearchControls.ONELEVEL_SCOPE); break; case SUBTREE: controls.setSearchScope(SearchControls.SUBTREE_SCOPE); break; default: controls.setSearchScope(SearchControls.ONELEVEL_SCOPE); } // Returning attributes List<String> returningAttributes = new ArrayList<String>(); for (String attribute : request.getAttributes()) { returningAttributes.add(attribute); } // If the returning attributes are empty, we need to return the user attributes // [Cf. RFC 2251 - "There are two special values which may be used: an empty // list with no attributes, and the attribute description string '*'. Both of // these signify that all user attributes are to be returned."] if (returningAttributes.size() == 0) { returningAttributes.add("*"); //$NON-NLS-1$ } controls.setReturningAttributes(returningAttributes.toArray(new String[0])); // Size Limit controls.setCountLimit(request.getSizeLimit()); // Time Limit controls.setTimeLimit(request.getTimeLimit()); return controls; }
From source file:org.apache.geronimo.security.realm.providers.GenericHttpHeaderLdapLoginModule.java
protected boolean authenticate(String username) throws Exception { DirContext context = open();// w ww .j a v a 2 s . com try { String filter = userSearchMatchingFormat.format(new String[] { username }); SearchControls constraints = new SearchControls(); if (userSearchSubtreeBool) { constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); } else { constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE); } // setup attributes String[] attribs; if (userRoleName == null) { attribs = new String[] {}; } else { attribs = new String[] { userRoleName }; } constraints.setReturningAttributes(attribs); NamingEnumeration results = context.search(userBase, filter, constraints); if (results == null || !results.hasMore()) { log.error("No roles associated with user " + username); loginSucceeded = false; throw new FailedLoginException(); } SearchResult result = (SearchResult) results.next(); if (results.hasMore()) { // ignore for now } NameParser parser = context.getNameParser(""); Name contextName = parser.parse(context.getNameInNamespace()); Name baseName = parser.parse(userBase); Name entryName = parser.parse(result.getName()); Name name = contextName.addAll(baseName); name = name.addAll(entryName); String dn = name.toString(); Attributes attrs = result.getAttributes(); if (attrs == null) { return false; } ArrayList<String> roles = null; if (userRoleName != null) { roles = addAttributeValues(userRoleName, attrs, roles); } // check the credentials by binding to server // bindUser(context, dn); // if authenticated add more roles roles = getRoles(context, dn, username, roles); for (String role : roles) { groups.add(role); } if (groups.isEmpty()) { log.error("No roles associated with user " + username); loginSucceeded = false; throw new FailedLoginException(); } else loginSucceeded = true; } catch (CommunicationException e) { close(context); throw (LoginException) new FailedLoginException().initCause(e); } catch (NamingException e) { close(context); throw (LoginException) new FailedLoginException().initCause(e); } return true; }
From source file:org.apache.geronimo.security.realm.providers.GenericHttpHeaderLdapLoginModule.java
protected ArrayList<String> getRoles(DirContext context, String dn, String username, ArrayList<String> list) throws NamingException { if (list == null) { list = new ArrayList<String>(); }/*from w w w.j a va2 s .c om*/ if (roleName == null || "".equals(roleName)) { return list; } String filter = roleSearchMatchingFormat.format(new String[] { doRFC2254Encoding(dn), username }); SearchControls constraints = new SearchControls(); if (roleSearchSubtreeBool) { constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); } else { constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE); } NamingEnumeration results = context.search(roleBase, filter, constraints); while (results.hasMore()) { SearchResult result = (SearchResult) results.next(); Attributes attrs = result.getAttributes(); if (attrs == null) { continue; } list = addAttributeValues(roleName, attrs, list); } return list; }
From source file:org.apache.openaz.xacml.std.pip.engines.ldap.LDAPEngine.java
@Override public void configure(String id, Properties properties) throws PIPException { /*//w w w .ja v a 2s .c o m * Handle the standard properties */ super.configure(id, properties); String propertyPrefix = id + "."; /* * Configure the LDAP environment: I think the only required property is the provider_url */ if (!this.configureStringProperty(propertyPrefix, Context.PROVIDER_URL, properties, null)) { throw new PIPException("Invalid configuration for " + this.getClass().getName() + ": No " + propertyPrefix + Context.PROVIDER_URL); } this.configureStringProperty(propertyPrefix, Context.AUTHORITATIVE, properties, null); this.configureIntegerProperty(propertyPrefix, Context.BATCHSIZE, properties, null); this.configureStringProperty(propertyPrefix, Context.DNS_URL, properties, null); this.configureStringProperty(propertyPrefix, Context.INITIAL_CONTEXT_FACTORY, properties, DEFAULT_CONTEXT_FACTORY); this.configureStringProperty(propertyPrefix, Context.LANGUAGE, properties, null); this.configureStringProperty(propertyPrefix, Context.OBJECT_FACTORIES, properties, null); this.configureStringProperty(propertyPrefix, Context.REFERRAL, properties, null); this.configureStringProperty(propertyPrefix, Context.SECURITY_AUTHENTICATION, properties, null); this.configureStringProperty(propertyPrefix, Context.SECURITY_CREDENTIALS, properties, null); this.configureStringProperty(propertyPrefix, Context.SECURITY_PRINCIPAL, properties, null); this.configureStringProperty(propertyPrefix, Context.SECURITY_PROTOCOL, properties, null); this.configureStringProperty(propertyPrefix, Context.STATE_FACTORIES, properties, null); this.configureStringProperty(propertyPrefix, Context.URL_PKG_PREFIXES, properties, null); String ldapScopeValue = properties.getProperty(propertyPrefix + PROP_LDAP_SCOPE, DEFAULT_SCOPE); if (LDAP_SCOPE_SUBTREE.equals(ldapScopeValue)) { this.ldapScope = SearchControls.SUBTREE_SCOPE; } else if (LDAP_SCOPE_OBJECT.equals(ldapScopeValue)) { this.ldapScope = SearchControls.OBJECT_SCOPE; } else if (LDAP_SCOPE_ONELEVEL.equals(ldapScopeValue)) { this.ldapScope = SearchControls.ONELEVEL_SCOPE; } else { this.logger.warn("Invalid LDAP Scope value '" + ldapScopeValue + "'; using " + DEFAULT_SCOPE); this.ldapScope = SearchControls.SUBTREE_SCOPE; } /* * Get list of resolvers defined for this LDAP Engine */ String resolversList = properties.getProperty(propertyPrefix + PROP_RESOLVERS); if (resolversList == null || resolversList.isEmpty()) { throw new PIPException("Invalid configuration for " + this.getClass().getName() + ": No " + propertyPrefix + PROP_RESOLVERS); } /* * Iterate the resolvers */ for (String resolver : Splitter.on(',').trimResults().omitEmptyStrings().split(resolversList)) { /* * Get the LDAPResolver for this LDAPEngine */ String resolverClassName = properties .getProperty(propertyPrefix + PROP_RESOLVER + "." + resolver + ".classname"); if (resolverClassName == null) { throw new PIPException("Invalid configuration for " + this.getClass().getName() + ": No " + propertyPrefix + PROP_RESOLVER + "." + resolver + ".classname"); } LDAPResolver ldapResolverNew = null; try { Class<?> classResolver = Class.forName(resolverClassName); if (!LDAPResolver.class.isAssignableFrom(classResolver)) { this.logger.error("LDAPResolver class " + resolverClassName + " does not implement " + LDAPResolver.class.getCanonicalName()); throw new PIPException("LDAPResolver class " + resolverClassName + " does not implement " + LDAPResolver.class.getCanonicalName()); } ldapResolverNew = LDAPResolver.class.cast(classResolver.newInstance()); } catch (Exception ex) { this.logger.error("Exception instantiating LDAPResolver for class '" + resolverClassName + "': " + ex.getMessage(), ex); throw new PIPException("Exception instantiating LDAPResolver for class '" + resolverClassName + "'", ex); } assert ldapResolverNew != null; ldapResolverNew.configure(propertyPrefix + PROP_RESOLVER + "." + resolver, properties, this.getIssuer()); this.ldapResolvers.add(ldapResolverNew); } }
From source file:org.atricore.idbus.idojos.ldapidentitystore.LDAPIdentityStore.java
/** * This method returns the proper search controls to be used when querying the LDAP.. *///from w w w . ja v a 2 s . co m protected SearchControls getSearchControls() { SearchControls sc = new SearchControls(); sc.setSearchScope(_ldapSearchScope == null || _ldapSearchScope.equalsIgnoreCase("ONELEVEL") ? SearchControls.ONELEVEL_SCOPE : SearchControls.SUBTREE_SCOPE); return sc; }
From source file:org.cloudifysource.rest.security.CustomLdapAuthGroupsPopulator.java
/** * If set to true, a subtree scope search will be performed. If false a single-level search is used. * * @param searchSubtree set to true to enable searching of the entire tree below the <tt>groupSearchBase</tt>. *//*w ww .j a v a 2s .c o m*/ public void setSearchSubtree(final boolean searchSubtree) { int searchScope = searchSubtree ? SearchControls.SUBTREE_SCOPE : SearchControls.ONELEVEL_SCOPE; searchControls.setSearchScope(searchScope); }
From source file:org.eclipse.skalli.core.user.ldap.LDAPClient.java
@SuppressWarnings("nls") private SearchControls getSearchControls() { SearchControls sc = new SearchControls(); if ("base".equalsIgnoreCase(config.getSearchScope())) { sc.setSearchScope(SearchControls.OBJECT_SCOPE); } else if ("onelevel".equalsIgnoreCase(config.getSearchScope())) { sc.setSearchScope(SearchControls.ONELEVEL_SCOPE); } else if ("subtree".equalsIgnoreCase(config.getSearchScope())) { sc.setSearchScope(SearchControls.SUBTREE_SCOPE); }/*from w w w. ja v a 2 s.c o m*/ sc.setReturningAttributes(LDAPAttributeNames.getAll()); return sc; }
From source file:org.lsc.jndi.JndiServices.java
private void doDeleteChildrenRecursively(String distinguishName) throws NamingException { SearchControls sc = new SearchControls(); sc.setSearchScope(SearchControls.ONELEVEL_SCOPE); NamingEnumeration<SearchResult> ne = ctx.search(distinguishName, DEFAULT_FILTER, sc); while (ne.hasMore()) { SearchResult sr = (SearchResult) ne.next(); String childrenDn = rewriteBase(sr.getName() + "," + distinguishName); deleteChildrenRecursively(childrenDn); }// ww w . j a va 2 s . c o m ctx.destroySubcontext(new LdapName(distinguishName)); }
From source file:org.nuxeo.ecm.directory.ldap.ExternalLDAPDirectoryFeature.java
protected void destroyRecursively(String dn, DirContext ctx, int limit) throws NamingException { if (limit == 0) { log.warn("Reach recursion limit, stopping deletion at" + dn); return;// w w w . j a v a 2 s . c o m } SearchControls scts = new SearchControls(); scts.setSearchScope(SearchControls.ONELEVEL_SCOPE); NamingEnumeration<SearchResult> children = ctx.search(dn, "(objectClass=*)", scts); try { while (children.hasMore()) { SearchResult child = children.next(); String subDn = child.getName(); subDn = subDn + ',' + dn; destroyRecursively(subDn, ctx, limit); } } catch (SizeLimitExceededException e) { log.warn("SizeLimitExceededException: trying again on partial results " + dn); if (limit == -1) { limit = 100; } destroyRecursively(dn, ctx, limit - 1); } ctx.destroySubcontext(dn); }
From source file:org.nuxeo.ecm.directory.ldap.LDAPDirectoryTestCase.java
protected void destroyRecursively(String dn, DirContext ctx, int limit) throws NamingException { if (limit == 0) { log.warn("Reach recursion limit, stopping deletion at" + dn); return;//w w w .jav a 2 s .co m } SearchControls scts = new SearchControls(); scts.setSearchScope(SearchControls.ONELEVEL_SCOPE); String providerUrl = (String) ctx.getEnvironment().get(Context.PROVIDER_URL); NamingEnumeration<SearchResult> children = ctx.search(dn, "(objectClass=*)", scts); try { while (children.hasMore()) { SearchResult child = children.next(); String subDn = child.getName(); if (!USE_EXTERNAL_TEST_LDAP_SERVER && subDn.endsWith(providerUrl)) { subDn = subDn.substring(0, subDn.length() - providerUrl.length() - 1); } else { subDn = subDn + ',' + dn; } destroyRecursively(subDn, ctx, limit); } } catch (SizeLimitExceededException e) { log.warn("SizeLimitExceededException: trying again on partial results " + dn); if (limit == -1) { limit = 100; } destroyRecursively(dn, ctx, limit - 1); } ctx.destroySubcontext(dn); }