List of usage examples for javax.naming NameParser parse
Name parse(String name) throws NamingException;
From source file:Main.java
public static void main(String[] argv) throws Exception { String url = "iiop://localhost/"; Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.cosnaming.CNCtxFactory"); env.put(Context.PROVIDER_URL, url); Context ctx = new InitialContext(env); NameParser parser = ctx.getNameParser(""); Name dn = parser.parse("cn=John, ou=People, o=JNDITutorial"); dn.remove(1);/*from w w w .j a v a 2 s. c o m*/ dn.add(0, "c=us"); dn.add("cn=fs"); }
From source file:org.apache.geronimo.security.realm.providers.GenericHttpHeaderLdapLoginModule.java
protected boolean authenticate(String username) throws Exception { DirContext context = open();/*from w w w .ja va 2s .c om*/ try { String filter = userSearchMatchingFormat.format(new String[] { username }); SearchControls constraints = new SearchControls(); if (userSearchSubtreeBool) { constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); } else { constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE); } // setup attributes String[] attribs; if (userRoleName == null) { attribs = new String[] {}; } else { attribs = new String[] { userRoleName }; } constraints.setReturningAttributes(attribs); NamingEnumeration results = context.search(userBase, filter, constraints); if (results == null || !results.hasMore()) { log.error("No roles associated with user " + username); loginSucceeded = false; throw new FailedLoginException(); } SearchResult result = (SearchResult) results.next(); if (results.hasMore()) { // ignore for now } NameParser parser = context.getNameParser(""); Name contextName = parser.parse(context.getNameInNamespace()); Name baseName = parser.parse(userBase); Name entryName = parser.parse(result.getName()); Name name = contextName.addAll(baseName); name = name.addAll(entryName); String dn = name.toString(); Attributes attrs = result.getAttributes(); if (attrs == null) { return false; } ArrayList<String> roles = null; if (userRoleName != null) { roles = addAttributeValues(userRoleName, attrs, roles); } // check the credentials by binding to server // bindUser(context, dn); // if authenticated add more roles roles = getRoles(context, dn, username, roles); for (String role : roles) { groups.add(role); } if (groups.isEmpty()) { log.error("No roles associated with user " + username); loginSucceeded = false; throw new FailedLoginException(); } else loginSucceeded = true; } catch (CommunicationException e) { close(context); throw (LoginException) new FailedLoginException().initCause(e); } catch (NamingException e) { close(context); throw (LoginException) new FailedLoginException().initCause(e); } return true; }
From source file:org.jkcsoft.java.util.JndiHelper.java
public static Object lookup(Context jndi, String name) throws NamingException { // String l_name = cleanName(p_name); Object retObj = jndi.lookup(name); if (log.isDebugEnabled()) { try {/*w w w. ja v a2s . c o m*/ StringBuilder sbLog = new StringBuilder(); NameParser parser = jndi.getNameParser(name); Name jndiName = parser.parse(name); List lNames = Collections.list(jndiName.getAll()); if (lNames != null) { Iterator iNames = lNames.iterator(); while (iNames.hasNext()) { String elemName = (String) iNames.next(); Strings.appendLine(sbLog, "name [" + elemName + "]"); } } log.debug("Jndi parse of [" + name + "] => " + sbLog); } catch (NamingException e) { log.warn("Error in getting JNDI name info", e); } } return retObj; }
From source file:org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager.java
/** * *//* w w w . j a v a2 s . co m*/ public void doAddUser(String userName, Object credential, String[] roleList, Map<String, String> claims, String profileName, boolean requirePasswordChange) throws UserStoreException { boolean isUserBinded = false; /* getting search base directory context */ DirContext dirContext = getSearchBaseDirectoryContext(); /* getting add user basic attributes */ BasicAttributes basicAttributes = getAddUserBasicAttributes(userName); if (!isADLDSRole) { // creating a disabled user account in AD DS BasicAttribute userAccountControl = new BasicAttribute( LDAPConstants.ACTIVE_DIRECTORY_USER_ACCOUNT_CONTROL); userAccountControl.add(LDAPConstants.ACTIVE_DIRECTORY_DISABLED_NORMAL_ACCOUNT); basicAttributes.put(userAccountControl); } /* setting claims */ setUserClaims(claims, basicAttributes, userName); Name compoundName = null; try { NameParser ldapParser = dirContext.getNameParser(""); compoundName = ldapParser.parse("cn=" + escapeSpecialCharactersForDN(userName)); /* bind the user. A disabled user account with no password */ dirContext.bind(compoundName, null, basicAttributes); isUserBinded = true; /* update the user roles */ doUpdateRoleListOfUser(userName, null, roleList); /* reset the password and enable the account */ if (!isSSLConnection) { logger.warn("Unsecured connection is being used. Enabling user account operation will fail"); } ModificationItem[] mods = new ModificationItem[2]; mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(LDAPConstants.ACTIVE_DIRECTORY_UNICODE_PASSWORD_ATTRIBUTE, createUnicodePassword((String) credential))); if (isADLDSRole) { mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(LDAPConstants.ACTIVE_DIRECTORY_MSDS_USER_ACCOUNT_DISSABLED, "FALSE")); } else { mods[1] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute( LDAPConstants.ACTIVE_DIRECTORY_USER_ACCOUNT_CONTROL, userAccountControl)); } dirContext.modifyAttributes(compoundName, mods); } catch (NamingException e) { String errorMessage = "Error while adding the user to the Active Directory for user : " + userName; if (isUserBinded) { try { dirContext.unbind(compoundName); } catch (NamingException e1) { errorMessage = "Error while accessing the Active Directory for user : " + userName; throw new UserStoreException(errorMessage, e); } errorMessage = "Error while enabling the user account. Please check password policy at DC for user : " + userName; } throw new UserStoreException(errorMessage, e); } finally { JNDIUtil.closeContext(dirContext); } }
From source file:org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.java
@Override public void doAddUser(String userName, Object credential, String[] roleList, Map<String, String> claims, String profileName, boolean requirePasswordChange) throws UserStoreException { /* getting search base directory context */ DirContext dirContext = getSearchBaseDirectoryContext(); /* getting add user basic attributes */ BasicAttributes basicAttributes = getAddUserBasicAttributes(escapeSpecialCharactersForDN(userName)); BasicAttribute userPassword = new BasicAttribute("userPassword"); userPassword.add(UserCoreUtil.getPasswordToStore((String) credential, this.realmConfig.getUserStoreProperty(PASSWORD_HASH_METHOD), kdcEnabled)); basicAttributes.put(userPassword);/*w w w . j a va 2 s. c om*/ /* setting claims */ setUserClaims(claims, basicAttributes, userName); try { NameParser ldapParser = dirContext.getNameParser(""); Name compoundName = ldapParser.parse(realmConfig.getUserStoreProperty(LDAPConstants.USER_NAME_ATTRIBUTE) + "=" + escapeSpecialCharactersForDN(userName)); if (log.isDebugEnabled()) { log.debug("Binding user: " + compoundName); } dirContext.bind(compoundName, null, basicAttributes); } catch (NamingException e) { String errorMessage = "Cannot access the directory context or " + "user already exists in the system for user :" + userName; if (log.isDebugEnabled()) { log.debug(errorMessage, e); } throw new UserStoreException(errorMessage, e); } finally { JNDIUtil.closeContext(dirContext); } try { /* update the user roles */ doUpdateRoleListOfUser(userName, null, roleList); if (log.isDebugEnabled()) { log.debug("Roles are added for user : " + userName + " successfully."); } } catch (UserStoreException e) { String errorMessage = "User is added. But error while updating role list of user : " + userName; if (log.isDebugEnabled()) { log.debug(errorMessage, e); } throw new UserStoreException(errorMessage, e); } }
From source file:org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.java
protected void addLDAPRole(RoleContext context) throws UserStoreException { String roleName = context.getRoleName(); String[] userList = context.getMembers(); String groupEntryObjectClass = ((LDAPRoleContext) context).getGroupEntryObjectClass(); String groupNameAttribute = ((LDAPRoleContext) context).getRoleNameProperty(); String searchBase = ((LDAPRoleContext) context).getSearchBase(); if ((userList == null || userList.length == 0) && !emptyRolesAllowed) { String errorMessage = "Can not create empty role. There should be at least " + "one user for the role."; throw new UserStoreException(errorMessage); } else if (userList == null && emptyRolesAllowed || userList != null && userList.length > 0 && !emptyRolesAllowed || emptyRolesAllowed) { // if (userList.length > 0) { DirContext mainDirContext = this.connectionSource.getContext(); DirContext groupContext = null; NamingEnumeration<SearchResult> results = null; try {//from w w w . j a v a2 s .co m // create the attribute set for group entry Attributes groupAttributes = new BasicAttributes(true); // create group entry's object class attribute Attribute objectClassAttribute = new BasicAttribute(LDAPConstants.OBJECT_CLASS_NAME); objectClassAttribute.add(groupEntryObjectClass); groupAttributes.put(objectClassAttribute); // create cn attribute Attribute cnAttribute = new BasicAttribute(groupNameAttribute); cnAttribute.add(roleName); groupAttributes.put(cnAttribute); // following check is for if emptyRolesAllowed made this // code executed. if (userList != null && userList.length > 0) { String memberAttributeName = realmConfig .getUserStoreProperty(LDAPConstants.MEMBERSHIP_ATTRIBUTE); Attribute memberAttribute = new BasicAttribute(memberAttributeName); for (String userName : userList) { if (userName == null || userName.trim().length() == 0) { continue; } // search the user in user search base String searchFilter = realmConfig .getUserStoreProperty(LDAPConstants.USER_NAME_SEARCH_FILTER); searchFilter = searchFilter.replace("?", escapeSpecialCharactersForFilter(userName)); results = searchInUserBase(searchFilter, new String[] {}, SearchControls.SUBTREE_SCOPE, mainDirContext); // we assume only one user with the given user // name under user search base. SearchResult userResult = null; if (results.hasMore()) { userResult = results.next(); } else { String errorMsg = "There is no user with the user name: " + userName + " to be added to this role."; logger.error(errorMsg); throw new UserStoreException(errorMsg); } // get his DN String userEntryDN = userResult.getNameInNamespace(); // put it as member-attribute value memberAttribute.add(userEntryDN); } groupAttributes.put(memberAttribute); } groupContext = (DirContext) mainDirContext.lookup(searchBase); NameParser ldapParser = groupContext.getNameParser(""); /* * Name compoundGroupName = ldapParser.parse(groupNameAttributeName + "=" + * roleName); */ Name compoundGroupName = ldapParser.parse("cn=" + roleName); groupContext.bind(compoundGroupName, null, groupAttributes); } catch (NamingException e) { String errorMsg = "Role: " + roleName + " could not be added."; if (log.isDebugEnabled()) { log.debug(errorMsg, e); } throw new UserStoreException(errorMsg, e); } catch (Exception e) { String errorMsg = "Role: " + roleName + " could not be added."; if (log.isDebugEnabled()) { log.debug(errorMsg, e); } throw new UserStoreException(errorMsg, e); } finally { JNDIUtil.closeNamingEnumeration(results); JNDIUtil.closeContext(groupContext); JNDIUtil.closeContext(mainDirContext); } } }
From source file:org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager.java
public void addSharedGroupForTenant(Tenant tenant, DirContext mainDirContext) throws UserStoreException { if (!isSharedGroupEnabled()) { return;//from ww w.j a va 2s . co m } Attributes groupAttributes = new BasicAttributes(true); String domainName = tenant.getDomain(); // create ou attribute String groupNameAttributeName = realmConfig .getUserStoreProperty(LDAPConstants.SHARED_TENANT_NAME_ATTRIBUTE); // create group entry's object class attribute Attribute objectClassAttribute = new BasicAttribute(LDAPConstants.OBJECT_CLASS_NAME); objectClassAttribute.add(realmConfig.getUserStoreProperty(LDAPConstants.SHARED_TENANT_OBJECT_CLASS)); groupAttributes.put(objectClassAttribute); DirContext groupContext = null; String searchBase = realmConfig.getUserStoreProperties().get(LDAPConstants.SHARED_GROUP_SEARCH_BASE); try { groupContext = (DirContext) mainDirContext.lookup(searchBase); NameParser ldapParser = groupContext.getNameParser(""); Name compoundGroupName = ldapParser.parse(groupNameAttributeName + "=" + domainName); groupContext.bind(compoundGroupName, null, groupAttributes); } catch (Exception e) { String errorMsg = "Shared tenant: " + domainName + "could not be added."; if (logger.isDebugEnabled()) { logger.debug(errorMsg, e); } throw new UserStoreException(errorMsg, e); } finally { JNDIUtil.closeContext(groupContext); } }