private List<String> addAttributeValues(String attrId, Attributes attrs, List<String> values) throws NamingException { if (attrId == null || attrs == null) { return values; } if (values == null) { values = new ArrayList<String>(); } Attribute attr = attrs.get(attrId); if (attr == null) { return values; } NamingEnumeration<?> e = attr.getAll(); while (e.hasMore()) { String value = (String)e.next(); values.add(value); } return values; }
private SearchResult lookupUser(String accountName) throws NamingException { InitialDirContext context = initContext(); String searchString = searchFilter.replace(":login", accountName); SearchControls searchControls = new SearchControls(); String[] attributeFilter = {idAttribute, nameAttribute, mailAttribute}; searchControls.setReturningAttributes(attributeFilter); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration<SearchResult> results = context.search(searchBase, searchString, searchControls); SearchResult searchResult = null; if (results.hasMoreElements()) { searchResult = results.nextElement(); if (results.hasMoreElements()) { LOGGER.warn("Matched multiple users for the accountName: " + accountName); return null; } } return searchResult; }
private void forEachAttributeValue(SearchResult entry, String attrId, Consumer<String> action) { NamingEnumeration<?> attributesEnum = null; try { Attribute attribute = entry.getAttributes().get(attrId); if (attribute == null) return; attributesEnum = attribute.getAll(); Collections.list(attributesEnum).stream().map(Object::toString).forEach(action); } catch (NamingException e) { throw ElytronMessages.log.ldapRealmFailedObtainAttributes(entry.getNameInNamespace(), e); } finally { if (attributesEnum != null) { try { attributesEnum.close(); } catch (NamingException e) { log.trace("Unable to close attributesEnum", e); } } } }
@Override public boolean process(SearchResult record) throws NamingException { result.add(record.getNameInNamespace()); NamingEnumeration<? extends Attribute> allAttributes = record.getAttributes().getAll(); while(allAttributes.hasMore()) { Attribute attribute = allAttributes.next(); addAllAttributeValuesToResult(attribute.getAll()); } return true; }
private String extractString( Attribute attr ) throws Exception { StringBuilder attrStr = new StringBuilder(); for ( NamingEnumeration<?> eattr = attr.getAll(); eattr.hasMore(); ) { if ( attrStr.length() > 0 ) { attrStr.append( data.multi_valuedFieldSeparator ); } attrStr.append( eattr.next().toString() ); } return attrStr.toString(); }
SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); } else { searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE); searchControls.setReturningAttributes(new String[]{manager.getUsernameField()}); NamingEnumeration answer = ctx.search("", filter, searchControls); while (answer.hasMoreElements()) { String username = (String) ((SearchResult) answer.next()).getAttributes().get( manager.getUsernameField()).get(); answer.close(); } finally { try {
public static List<String> getGroupsFromLdapUser(String host, String user, String base) throws NamingException { String userFilter = "(uniqueMember=" + user + ")"; SearchControls sc = new SearchControls(); sc.setSearchScope(SearchControls.SUBTREE_SCOPE); sc.setReturningAttributes(new String[]{"cn"}); NamingEnumeration<SearchResult> search = getDirContext(host).search(base, userFilter, sc); List<String> resultList = new ArrayList<>(); while (search.hasMore()) { resultList.add((String) search.next().getAttributes().get("cn").get(0)); } return resultList; }
SearchControls controls = new SearchControls(); controls.setSearchScope(SUBTREE_SCOPE); NamingEnumeration<SearchResult> renum = context.search(toDC(domainName), "(& (userPrincipalName=" + principalName + ")(objectClass=user))", controls); if (!renum.hasMore()) { System.out.println("Cannot locate user information for " + username); System.exit(1); SearchResult result = renum.next(); Attribute memberOf = result.getAttributes().get("memberOf"); if (memberOf != null) {// null if this user belongs to no group at all for (int i = 0; i < memberOf.size(); i++) { Attributes atts = context.getAttributes(memberOf.get(i).toString(), new String[] { "CN" }); Attribute att = atts.get("CN"); groups.add(new GrantedAuthorityImpl(att.get().toString()));
SearchControls constraints = new SearchControls(); if (subTreeSearch) { constraints.setSearchScope (SearchControls.SUBTREE_SCOPE); constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE); constraints.setReturningAttributes(new String[] { usernameField }); NamingEnumeration answer = ctx.search("", princSearchFilter, new String[] {LdapManager.sanitizeSearchFilter(principal)}, constraints); Log.debug("LdapAuthorizationMapping: ... search finished"); if (answer == null || !answer.hasMoreElements()) { Log.debug("LdapAuthorizationMapping: Username based on principal '" + principal + "' not found."); return principal; Attributes atrs = ((SearchResult)answer.next()).getAttributes(); Attribute usernameAttribute = atrs.get(usernameField); username = (String) usernameAttribute.get(); try { if (ctx != null) { ctx.close();
roleNames = new LinkedHashSet<String>(); SearchControls searchCtls = new SearchControls(); searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); while (answer.hasMoreElements()) { SearchResult sr = (SearchResult) answer.next(); log.debug("Retrieving group names for user [" + sr.getName() + "]"); Attributes attrs = sr.getAttributes(); NamingEnumeration ae = attrs.getAll(); while (ae.hasMore()) { Attribute attr = (Attribute) ae.next(); if (attr.getID().equals("memberOf")) {
SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE); constraints.setReturningAttributes(new String[] { groupNameField }); NamingEnumeration<SearchResult> answer = ctx.search("", filter, constraints); if (answer == null || !answer.hasMoreElements()) { if (debug) { Log.debug("LdapManager: Group DN based on groupname '" + groupname + "' not found."); String groupDN = answer.next().getName(); if (answer.hasMoreElements()) { if (debug) { Log.debug("LdapManager: Search for groupDN based on groupname '" + groupname + "' found multiple " + answer.close(); try { ctx.close(); } catch (Exception ignored) {
NamingEnumeration<SearchResult> results = c.search(userbaseDN, userSearchFilter, new Object[]{user}, SEARCH_CONTROLS); if (!results.hasMoreElements()) { if (LOG.isDebugEnabled()) { LOG.debug("doGetGroups(" + user + ") returned no groups because the " + SearchResult result = results.nextElement(); Attribute groupDNAttr = result.getAttributes().get(memberOfAttr); if (groupDNAttr == null) { throw new NamingException("The user object does not have '" + memberOfAttr + "' attribute." + "Returned user object: " + result.toString()); NamingEnumeration groupEnumeration = groupDNAttr.getAll(); while (groupEnumeration.hasMore()) { String groupDN = groupEnumeration.next().toString(); groups.add(getRelativeDistinguishedName(groupDN));
doRFC2254Encoding(username) }); SearchControls constraints = new SearchControls(); if (userSearchSubtreeBool) { constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); } else { constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE); NamingEnumeration<SearchResult> results = context.search(getLDAPPropertyValue(USER_BASE), filter, constraints); if (results == null || !results.hasMore()) { log.warn("User " + username + " not found in LDAP."); throw new FailedLoginException("User " + username + " not found in LDAP."); SearchResult result = results.next(); if (results.hasMore()) { if (result.isRelative()) { log.debug("LDAP returned a relative name: {}", result.getName()); NameParser parser = context.getNameParser(""); Name contextName = parser.parse(context.getNameInNamespace()); Name baseName = parser.parse(getLDAPPropertyValue(USER_BASE)); Name entryName = parser.parse(result.getName()); Name name = contextName.addAll(baseName); name = name.addAll(entryName);
}; ctx = manager.getContext(manager.getUsersBaseDN(username)); Attributes attrs = ctx.getAttributes(userDN, attributes); String name = null; Attribute nameField = attrs.get(manager.getNameField()); if (nameField != null) { name = (String)nameField.get(); Attribute emailField = attrs.get(manager.getEmailField()); if (emailField != null) { email = (String)emailField.get(); Attribute creationDateField = attrs.get("createTimestamp"); if (creationDateField != null && "".equals(((String) creationDateField.get()).trim())) { creationDate = parseLDAPDate((String) creationDateField.get()); NamingEnumeration values = authPassword.getAll(); while (values.hasMore()) { Attribute authPasswordValue = (Attribute) values.next(); String[] parts = ((String) authPasswordValue.get()).split("$"); String[] authInfo = parts[1].split(":"); try { if (ctx != null) { ctx.close();
private List<Map<String, Object>> search(String base, String filter) { try { SearchControls sc = new SearchControls(); sc.setSearchScope(SearchControls.SUBTREE_SCOPE); sc.setDerefLinkFlag(false); NamingEnumeration results = getBaseContext().search(base, filter, sc); List<Map<String, Object>> result = new ArrayList<>(); while (results.hasMore()) { Map<String, Object> item = new HashMap<>(); result.add(item); SearchResult oneRes = (SearchResult) results.next(); NamingEnumeration<? extends Attribute> fields = (oneRes.getAttributes().getAll()); for (Attribute a = fields.next(); fields.hasMore(); a = fields.next()) { item.put(a.getID(), a.get()); } } return result; } catch (Exception e) { throw new RuntimeException("Search failed: searchBase=" + base + " filter=" + filter, e); } }
@Override public Enumeration<String> engineAliases() { DirContext context = obtainDirContext(); if (context == null) { log.trace("Unable to obtain DirContext"); return null; } try { NamingEnumeration<SearchResult> results = context.search(searchPath, filterIterate, null, createSearchControl(new String[]{aliasAttribute})); // TODO pagination List<String> aliases = new LinkedList<>(); while (results.hasMore()) { Attribute attribute = results.next().getAttributes().get(aliasAttribute); if (attribute != null) aliases.add((String) attribute.get()); } return Collections.enumeration(aliases); } catch (NamingException e) { throw log.ldapKeyStoreFailedToIterateAliases(e); } finally { returnDirContext(context); } }
Attribute memberAttribute = result.getAttributes().get(permissionGroupMemberAttribute); NamingEnumeration<?> memberAttributeEnum = memberAttribute.getAll(); while (memberAttributeEnum.hasMoreElements()) { String memberDn = (String) memberAttributeEnum.nextElement(); boolean group = false; boolean user = false; memberAttributes = context.getAttributes(memberDn, new String[] { "objectClass", groupNameAttribute, userNameAttribute }); } catch (NamingException e) { LOG.error("Policy not applied! Unknown member {} in policy entry {}", new Object[]{ memberDn, result.getNameInNamespace() }, e); continue; Attribute memberEntryObjectClassAttribute = memberAttributes.get("objectClass"); NamingEnumeration<?> memberEntryObjectClassAttributeEnum = memberEntryObjectClassAttribute.getAll(); while (memberEntryObjectClassAttributeEnum.hasMoreElements()) { String objectClass = (String) memberEntryObjectClassAttributeEnum.nextElement(); Attribute name = memberAttributes.get(groupNameAttribute); if (name == null) { LOG.error("Policy not applied! Group {} does not have name attribute {} under entry {}", new Object[]{ memberDn, groupNameAttribute, result.getNameInNamespace() }); break; principalName = (String) name.get();
}); SearchControls constraints = new SearchControls(); if (roleSearchSubtreeBool) { constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); } else { constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE); NamingEnumeration<SearchResult> results = context.search(getLDAPPropertyValue(ROLE_BASE), filter, constraints); while (results.hasMore()) { SearchResult result = results.next(); Attributes attrs = result.getAttributes(); if (expandRolesBool) { haveSeenNames.add(result.getNameInNamespace()); pendingNameExpansion.add(result.getNameInNamespace()); String name = pendingNameExpansion.remove(); filter = expandRolesMatchingFormat.format(new String[]{name}); results = context.search(getLDAPPropertyValue(ROLE_BASE), filter, constraints); while (results.hasMore()) { SearchResult result = results.next(); name = result.getNameInNamespace(); if (!haveSeenNames.contains(name)) {
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.dns.DnsContextFactory"); DirContext ctx = new InitialDirContext(env); Attributes attrs = ctx.getAttributes(lookup, new String[] {"PTR"}); for (NamingEnumeration ae = attrs.getAll(); ae.hasMoreElements();) { Attribute attr = (Attribute) ae.next(); for (Enumeration vals = attr.getAll(); vals.hasMoreElements();) { Object elem = vals.nextElement(); if ("PTR".equals(attr.getID()) && elem != null) { return elem.toString(); ctx.close(); } catch (Exception e) {