List of usage examples for javax.naming.ldap LdapContext search
public NamingEnumeration<SearchResult> search(Name name, String filterExpr, Object[] filterArgs, SearchControls cons) throws NamingException;
From source file:edu.vt.middleware.ldap.auth.handler.CompareAuthorizationHandler.java
/** {@inheritDoc} */ public void process(final AuthenticationCriteria ac, final LdapContext ctx) throws NamingException { // make DN the first filter arg final List<Object> filterArgs = new ArrayList<Object>(); filterArgs.add(ac.getDn());/*from w w w. j av a2 s . com*/ filterArgs.addAll(this.searchFilter.getFilterArgs()); // perform ldap compare operation NamingEnumeration<SearchResult> results = null; try { results = ctx.search(ac.getDn(), this.searchFilter.getFilter(), filterArgs.toArray(), LdapConfig.getCompareSearchControls()); if (!results.hasMore()) { throw new AuthorizationException("Compare failed"); } } finally { if (results != null) { results.close(); } } }
From source file:edu.vt.middleware.ldap.handler.CompareAuthorizationHandler.java
/** {@inheritDoc} */ public void process(final AuthenticationCriteria ac, final LdapContext ctx) throws NamingException { // make DN the first filter arg final List<Object> filterArgs = new ArrayList<Object>(); filterArgs.add(ac.getDn());/*from w w w.j av a2 s . co m*/ filterArgs.addAll(this.searchFilter.getFilterArgs()); // perform ldap compare operation NamingEnumeration<SearchResult> results = null; try { results = ctx.search(ac.getDn(), this.searchFilter.getFilter(), filterArgs.toArray(), LdapConfig.getCompareSearchControls()); if (!results.hasMore()) { throw new AuthenticationException("Compare failed"); } } finally { if (results != null) { results.close(); } } }
From source file:edu.vt.middleware.ldap.AbstractLdap.java
/** * This will perform an LDAP compare operation with the supplied filter and * dn. Note that to perform a <b>real</b> LDAP compare operation, your filter * must be of the form '(name=value)'. Any other filter expression will result * in a regular object level search operation. In either case the desired * result is achieved, but the underlying LDAP invocation is different. * * @param dn <code>String</code> name to compare * @param filter <code>String</code> expression to use for compare * @param filterArgs <code>Object[]</code> to substitute for variables in * the filter/*from w w w. j a v a 2 s . c o m*/ * * @return <code>boolean</code> - result of compare operation * * @throws NamingException if the LDAP returns an error */ protected boolean compare(final String dn, final String filter, final Object[] filterArgs) throws NamingException { if (this.logger.isDebugEnabled()) { this.logger.debug("Compare with the following parameters:"); this.logger.debug(" dn = " + dn); this.logger.debug(" filter = " + filter); this.logger.debug(" filterArgs = " + Arrays.toString(filterArgs)); if (this.logger.isTraceEnabled()) { this.logger.trace(" config = " + this.config.getEnvironment()); } } boolean success = false; LdapContext ctx = null; NamingEnumeration<SearchResult> en = null; try { for (int i = 0; i <= this.config.getOperationRetry() || this.config.getOperationRetry() == -1; i++) { try { ctx = this.getContext(); en = ctx.search(dn, filter, filterArgs, LdapConfig.getCompareSearchControls()); if (en.hasMore()) { success = true; } break; } catch (NamingException e) { this.operationRetry(ctx, e, i); } } } finally { if (en != null) { en.close(); } if (ctx != null) { ctx.close(); } } return success; }
From source file:edu.vt.middleware.ldap.AbstractLdap.java
/** * This will query the LDAP with the supplied dn, filter, filter arguments, * and search controls. This method will perform a search whose scope is * defined in the search controls. The resulting <code>Iterator</code> is a * deep copy of the original search results. If filterArgs is null, then no * variable substitution will occur. See {@link * javax.naming.DirContext#search( String, String, Object[], SearchControls)}. * * @param dn <code>String</code> name to begin search at * @param filter <code>String</code> expression to use for the search * @param filterArgs <code>Object[]</code> to substitute for variables in * the filter//from www . j a v a2s . co m * @param searchControls <code>SearchControls</code> to perform search with * @param handler <code>SearchResultHandler[]</code> to post process results * * @return <code>Iterator</code> - of LDAP search results * * @throws NamingException if the LDAP returns an error */ protected Iterator<SearchResult> search(final String dn, final String filter, final Object[] filterArgs, final SearchControls searchControls, final SearchResultHandler... handler) throws NamingException { if (this.logger.isDebugEnabled()) { this.logger.debug("Search with the following parameters:"); this.logger.debug(" dn = " + dn); this.logger.debug(" filter = " + filter); this.logger.debug(" filterArgs = " + Arrays.toString(filterArgs)); this.logger.debug(" searchControls = " + searchControls); this.logger.debug(" handler = " + Arrays.toString(handler)); if (this.logger.isTraceEnabled()) { this.logger.trace(" config = " + this.config.getEnvironment()); } } List<SearchResult> results = null; LdapContext ctx = null; NamingEnumeration<SearchResult> en = null; try { for (int i = 0; i <= this.config.getOperationRetry() || this.config.getOperationRetry() == -1; i++) { try { ctx = this.getContext(); en = ctx.search(dn, filter, filterArgs, searchControls); if (handler != null && handler.length > 0) { final SearchCriteria sc = new SearchCriteria(); if (ctx != null && !"".equals(ctx.getNameInNamespace())) { sc.setDn(ctx.getNameInNamespace()); } else { sc.setDn(dn); } sc.setFilter(filter); sc.setFilterArgs(filterArgs); if (searchControls != null) { sc.setReturnAttrs(searchControls.getReturningAttributes()); } for (int j = 0; j < handler.length; j++) { if (j == 0) { results = handler[j].process(sc, en, this.config.getHandlerIgnoreExceptions()); } else { results = handler[j].process(sc, results); } } } else { results = SR_COPY_RESULT_HANDLER.process(null, en, this.config.getHandlerIgnoreExceptions()); } break; } catch (NamingException e) { this.operationRetry(ctx, e, i); } } } finally { if (en != null) { en.close(); } if (ctx != null) { ctx.close(); } } return results.iterator(); }
From source file:edu.vt.middleware.ldap.AbstractLdap.java
/** * This will query the LDAP with the supplied dn, filter, filter arguments, * and search controls. See {@link #search(String, String, Object[], * SearchControls, SearchResultHandler...)}. The PagedResultsControl is used * in conjunction with {@link LdapConfig#getPagedResultsSize()} to produce the * results.//from w ww . j a va 2 s. c om * * @param dn <code>String</code> name to begin search at * @param filter <code>String</code> expression to use for the search * @param filterArgs <code>Object[]</code> to substitute for variables in * the filter * @param searchControls <code>SearchControls</code> to perform search with * @param handler <code>SearchResultHandler[]</code> to post process results * * @return <code>Iterator</code> - of LDAP search results * * @throws NamingException if the LDAP returns an error */ protected Iterator<SearchResult> pagedSearch(final String dn, final String filter, final Object[] filterArgs, final SearchControls searchControls, final SearchResultHandler... handler) throws NamingException { if (this.logger.isDebugEnabled()) { this.logger.debug("Paginated search with the following parameters:"); this.logger.debug(" dn = " + dn); this.logger.debug(" filter = " + filter); this.logger.debug(" filterArgs = " + Arrays.toString(filterArgs)); this.logger.debug(" searchControls = " + searchControls); this.logger.debug(" handler = " + Arrays.toString(handler)); if (this.logger.isTraceEnabled()) { this.logger.trace(" config = " + this.config.getEnvironment()); } } final List<SearchResult> results = new ArrayList<SearchResult>(); LdapContext ctx = null; NamingEnumeration<SearchResult> en = null; try { for (int i = 0; i <= this.config.getOperationRetry() || this.config.getOperationRetry() == -1; i++) { try { byte[] cookie = null; ctx = this.getContext(); ctx.setRequestControls(new Control[] { new PagedResultsControl(this.config.getPagedResultsSize(), Control.CRITICAL), }); do { List<SearchResult> pagedResults = null; en = ctx.search(dn, filter, filterArgs, searchControls); if (handler != null && handler.length > 0) { final SearchCriteria sc = new SearchCriteria(); if (ctx != null && !"".equals(ctx.getNameInNamespace())) { sc.setDn(ctx.getNameInNamespace()); } else { sc.setDn(dn); } sc.setFilter(filter); sc.setFilterArgs(filterArgs); if (searchControls != null) { sc.setReturnAttrs(searchControls.getReturningAttributes()); } for (int j = 0; j < handler.length; j++) { if (j == 0) { pagedResults = handler[j].process(sc, en, this.config.getHandlerIgnoreExceptions()); } else { pagedResults = handler[j].process(sc, pagedResults); } } } else { pagedResults = SR_COPY_RESULT_HANDLER.process(null, en, this.config.getHandlerIgnoreExceptions()); } results.addAll(pagedResults); final Control[] controls = ctx.getResponseControls(); if (controls != null) { for (int j = 0; j < controls.length; j++) { if (controls[j] instanceof PagedResultsResponseControl) { final PagedResultsResponseControl prrc = (PagedResultsResponseControl) controls[j]; cookie = prrc.getCookie(); } } } // re-activate paged results ctx.setRequestControls( new Control[] { new PagedResultsControl(this.config.getPagedResultsSize(), cookie, Control.CRITICAL), }); } while (cookie != null); break; } catch (NamingException e) { this.operationRetry(ctx, e, i); } catch (IOException e) { if (this.logger.isErrorEnabled()) { this.logger.error("Could not encode page size into control", e); } throw new NamingException(e.getMessage()); } } } finally { if (en != null) { en.close(); } if (ctx != null) { ctx.close(); } } return results.iterator(); }
From source file:org.apache.zeppelin.realm.ActiveDirectoryGroupRealm.java
public List<String> searchForUserName(String containString, LdapContext ldapContext) throws NamingException { List<String> userNameList = new ArrayList<>(); SearchControls searchCtls = new SearchControls(); searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); String searchFilter = "(&(objectClass=*)(userPrincipalName=*" + containString + "*))"; Object[] searchArguments = new Object[] { containString }; NamingEnumeration answer = ldapContext.search(searchBase, searchFilter, searchArguments, searchCtls); while (answer.hasMoreElements()) { SearchResult sr = (SearchResult) answer.next(); if (log.isDebugEnabled()) { log.debug("Retrieving userprincipalname names for user [" + sr.getName() + "]"); }/*from w w w .j av a 2 s .c o m*/ Attributes attrs = sr.getAttributes(); if (attrs != null) { NamingEnumeration ae = attrs.getAll(); while (ae.hasMore()) { Attribute attr = (Attribute) ae.next(); if (attr.getID().toLowerCase().equals("cn")) { userNameList.addAll(LdapUtils.getAllAttributeValues(attr)); } } } } return userNameList; }
From source file:org.apache.zeppelin.realm.ActiveDirectoryGroupRealm.java
private Set<String> getRoleNamesForUser(String username, LdapContext ldapContext) throws NamingException { Set<String> roleNames = new LinkedHashSet<>(); SearchControls searchCtls = new SearchControls(); searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); String userPrincipalName = username; if (this.principalSuffix != null && userPrincipalName.indexOf('@') < 0) { userPrincipalName += principalSuffix; }//from ww w. j a v a2s . co m String searchFilter = "(&(objectClass=*)(userPrincipalName=" + userPrincipalName + "))"; Object[] searchArguments = new Object[] { userPrincipalName }; NamingEnumeration answer = ldapContext.search(searchBase, searchFilter, searchArguments, searchCtls); while (answer.hasMoreElements()) { SearchResult sr = (SearchResult) answer.next(); if (log.isDebugEnabled()) { log.debug("Retrieving group names for user [" + sr.getName() + "]"); } Attributes attrs = sr.getAttributes(); if (attrs != null) { NamingEnumeration ae = attrs.getAll(); while (ae.hasMore()) { Attribute attr = (Attribute) ae.next(); if (attr.getID().equals("memberOf")) { Collection<String> groupNames = LdapUtils.getAllAttributeValues(attr); if (log.isDebugEnabled()) { log.debug("Groups found for user [" + username + "]: " + groupNames); } Collection<String> rolesForGroups = getRoleNamesForGroups(groupNames); roleNames.addAll(rolesForGroups); } } } } return roleNames; }
From source file:org.apache.zeppelin.server.ActiveDirectoryGroupRealm.java
private Set<String> getRoleNamesForUser(String username, LdapContext ldapContext) throws NamingException { Set<String> roleNames = new LinkedHashSet<>(); SearchControls searchCtls = new SearchControls(); searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); String userPrincipalName = username; if (principalSuffix != null) { userPrincipalName += principalSuffix; }/*from www .j a v a 2 s .co m*/ String searchFilter = "(&(objectClass=*)(userPrincipalName=" + userPrincipalName + "))"; Object[] searchArguments = new Object[] { userPrincipalName }; NamingEnumeration answer = ldapContext.search(searchBase, searchFilter, searchArguments, searchCtls); while (answer.hasMoreElements()) { SearchResult sr = (SearchResult) answer.next(); if (log.isDebugEnabled()) { log.debug("Retrieving group names for user [" + sr.getName() + "]"); } Attributes attrs = sr.getAttributes(); if (attrs != null) { NamingEnumeration ae = attrs.getAll(); while (ae.hasMore()) { Attribute attr = (Attribute) ae.next(); if (attr.getID().equals("memberOf")) { Collection<String> groupNames = LdapUtils.getAllAttributeValues(attr); if (log.isDebugEnabled()) { log.debug("Groups found for user [" + username + "]: " + groupNames); } Collection<String> rolesForGroups = getRoleNamesForGroups(groupNames); roleNames.addAll(rolesForGroups); } } } } return roleNames; }
From source file:org.mule.module.ldap.api.jndi.LDAPJNDIConnection.java
private LDAPResultSet doSearch(String baseDn, String filter, Object[] filterArgs, LDAPSearchControls controls) throws LDAPException { LdapContext searchConn = null; try {/* w w w. jav a2 s . com*/ searchConn = controls.isPagingEnabled() ? getConn().newInstance(LDAPJNDIUtils.buildRequestControls(controls, null)) : getConn(); NamingEnumeration<SearchResult> entries; if (filterArgs != null && filterArgs.length > 0) { entries = searchConn.search(baseDn, filter, filterArgs, LDAPJNDIUtils.buildSearchControls(controls)); } else { entries = searchConn.search(baseDn, filter, LDAPJNDIUtils.buildSearchControls(controls)); } return LDAPResultSetFactory.create(baseDn, filter, filterArgs, searchConn, controls, entries); } catch (NamingException nex) { throw handleNamingException(nex, "Search failed."); } }