SearchControls controls = new SearchControls(); controls.setSearchScope(SUBTREE_SCOPE); NamingEnumeration<SearchResult> renum = context.search(toDC(domainName), "(& (userPrincipalName=" + principalName + ")(objectClass=user))", controls); if (!renum.hasMore()) { System.out.println("Cannot locate user information for " + username); System.exit(1); SearchResult result = renum.next(); Attribute memberOf = result.getAttributes().get("memberOf"); if (memberOf != null) {// null if this user belongs to no group at all for (int i = 0; i < memberOf.size(); i++) { Attributes atts = context.getAttributes(memberOf.get(i).toString(), new String[] { "CN" }); Attribute att = atts.get("CN"); groups.add(new GrantedAuthorityImpl(att.get().toString()));
private List<String> addAttributeValues(String attrId, Attributes attrs, List<String> values) throws NamingException { if (attrId == null || attrs == null) { return values; } if (values == null) { values = new ArrayList<String>(); } Attribute attr = attrs.get(attrId); if (attr == null) { return values; } NamingEnumeration<?> e = attr.getAll(); while (e.hasMore()) { String value = (String)e.next(); values.add(value); } return values; }
public Object mapFromContext(Object ctx) { DirContextAdapter adapter = (DirContextAdapter) ctx; Map<String, List<String>> record = new HashMap<String, List<String>>(); if (attributeNames == null || attributeNames.length == 0) { try { for (NamingEnumeration ae = adapter.getAttributes().getAll(); ae .hasMore();) { Attribute attr = (Attribute) ae.next(); extractStringAttributeValues(adapter, record, attr.getID()); } } catch (NamingException x) { org.springframework.ldap.support.LdapUtils .convertLdapException(x); } } else { for (String attributeName : attributeNames) { extractStringAttributeValues(adapter, record, attributeName); } } record.put(DN_KEY, Arrays.asList(getAdapterDN(adapter))); set.add(record); return null; } };
@Override public boolean verifyCertificate(X509Certificate certificate, Attributes attributes) throws NamingException { Attribute attribute = attributes.get(ldapAttribute); if (attribute == null) return false; final int size = attribute.size(); for (int i = 0; i < size; i++) { Object attrSerialNumber = attribute.get(i); if (attrSerialNumber != null){ BigInteger value = new BigInteger((String) attrSerialNumber); if (certificate.getSerialNumber().equals(value)) { return true; } } } return false; } }
@Override public boolean verifyCertificate(X509Certificate certificate, Attributes attributes) throws NamingException, RealmUnavailableException { Attribute attribute = LdapUtil.getBinaryAttribute(attributes, ldapAttribute); if (attribute == null) return false; final int size = attribute.size(); try { for (int i = 0; i < size; i++) { Object attrCertificate = attribute.get(i); if (attrCertificate != null){ if (Arrays.equals(certificate.getEncoded(), (byte[]) attrCertificate)) { return true; } } } } catch (CertificateEncodingException e) { throw new RealmUnavailableException(e); } return false; } }
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.dns.DnsContextFactory"); DirContext ctx = new InitialDirContext(env); Attributes attrs = ctx.getAttributes(lookup, new String[] {"PTR"}); for (NamingEnumeration ae = attrs.getAll(); ae.hasMoreElements();) { Attribute attr = (Attribute) ae.next(); for (Enumeration vals = attr.getAll(); vals.hasMoreElements();) { Object elem = vals.nextElement(); if ("PTR".equals(attr.getID()) && elem != null) { return elem.toString(); ctx.close(); } catch (Exception e) {
ctx.setRequestControls(searchControl); SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE); while (answer.hasMoreElements()) { Attributes attributes = ((SearchResult) answer.next()).getAttributes(); String groupName = (String) attributes.get(manager.getGroupNameField()).get(); String description = ""; int elements = 0; try { description = ((String) attributes.get(manager.getGroupDescriptionField()).get()); } catch (NullPointerException e) { Attribute memberField = attributes.get(manager.getGroupMemberField()); if (memberField != null) { NamingEnumeration ne = memberField.getAll(); while (ne.hasMore()) { ne.next(); elements = elements + 1;
SearchControls constraints = new SearchControls(); if (subTreeSearch) { constraints.setSearchScope (SearchControls.SUBTREE_SCOPE); constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE); constraints.setReturningAttributes(new String[] { usernameField }); NamingEnumeration answer = ctx.search("", princSearchFilter, new String[] {LdapManager.sanitizeSearchFilter(principal)}, constraints); Log.debug("LdapAuthorizationMapping: ... search finished"); if (answer == null || !answer.hasMoreElements()) { Log.debug("LdapAuthorizationMapping: Username based on principal '" + principal + "' not found."); return principal; Attributes atrs = ((SearchResult)answer.next()).getAttributes(); Attribute usernameAttribute = atrs.get(usernameField); username = (String) usernameAttribute.get(); try { if (ctx != null) { ctx.close();
roleNames = new LinkedHashSet<String>(); SearchControls searchCtls = new SearchControls(); searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE); while (answer.hasMoreElements()) { SearchResult sr = (SearchResult) answer.next(); log.debug("Retrieving group names for user [" + sr.getName() + "]"); Attributes attrs = sr.getAttributes(); NamingEnumeration ae = attrs.getAll(); while (ae.hasMore()) { Attribute attr = (Attribute) ae.next(); if (attr.getID().equals("memberOf")) {
private static void printAttrs(Attributes attrs) throws NamingException { NamingEnumeration<? extends Attribute> attrsEnum = attrs.getAll(); while (attrsEnum.hasMore()) { Attribute currentAttr = attrsEnum.next(); outstream.print(String.format("%1$s:", currentAttr.getID())); NamingEnumeration<?> valuesEnum = currentAttr.getAll(); while (valuesEnum.hasMoreElements()) { outstream.print(String.format("%1$s ", valuesEnum.nextElement().toString())); } outstream.println(); } }
NamingEnumeration<SearchResult> results = c.search(userbaseDN, userSearchFilter, new Object[]{user}, SEARCH_CONTROLS); if (!results.hasMoreElements()) { if (LOG.isDebugEnabled()) { LOG.debug("doGetGroups(" + user + ") returned no groups because the " + SearchResult result = results.nextElement(); Attribute groupDNAttr = result.getAttributes().get(memberOfAttr); if (groupDNAttr == null) { throw new NamingException("The user object does not have '" + memberOfAttr + "' attribute." + "Returned user object: " + result.toString()); NamingEnumeration groupEnumeration = groupDNAttr.getAll(); while (groupEnumeration.hasMore()) { String groupDN = groupEnumeration.next().toString(); groups.add(getRelativeDistinguishedName(groupDN));
}; ctx = manager.getContext(manager.getUsersBaseDN(username)); Attributes attrs = ctx.getAttributes(userDN, attributes); String name = null; Attribute nameField = attrs.get(manager.getNameField()); if (nameField != null) { name = (String)nameField.get(); Attribute emailField = attrs.get(manager.getEmailField()); if (emailField != null) { email = (String)emailField.get(); Attribute creationDateField = attrs.get("createTimestamp"); if (creationDateField != null && "".equals(((String) creationDateField.get()).trim())) { creationDate = parseLDAPDate((String) creationDateField.get()); Attribute modificationDateField = attrs.get("modifyTimestamp"); if (modificationDateField != null && "".equals(((String) modificationDateField.get()).trim())) { modificationDate = parseLDAPDate((String)modificationDateField.get()); NamingEnumeration values = authPassword.getAll(); while (values.hasMore()) { Attribute authPasswordValue = (Attribute) values.next(); String[] parts = ((String) authPasswordValue.get()).split("$"); String[] authInfo = parts[1].split(":"); String[] authValue = parts[2].split(":");
/** * convert search result into URI * * @param result * search result to convert to URI */ protected URI toURI(SearchResult result) throws Exception { Attributes attributes = result.getAttributes(); String address = (String) attributes.get("iphostnumber").get(); String port = (String) attributes.get("ipserviceport").get(); String protocol = (String) attributes.get("ipserviceprotocol").get(); URI connectorURI = new URI("static:(" + protocol + "://" + address + ":" + port + ")"); LOG.debug("retrieved URI from SearchResult [{}]", connectorURI); return connectorURI; }
private List<Map<String, Object>> search(String base, String filter) { try { SearchControls sc = new SearchControls(); sc.setSearchScope(SearchControls.SUBTREE_SCOPE); sc.setDerefLinkFlag(false); NamingEnumeration results = getBaseContext().search(base, filter, sc); List<Map<String, Object>> result = new ArrayList<>(); while (results.hasMore()) { Map<String, Object> item = new HashMap<>(); result.add(item); SearchResult oneRes = (SearchResult) results.next(); NamingEnumeration<? extends Attribute> fields = (oneRes.getAttributes().getAll()); for (Attribute a = fields.next(); fields.hasMore(); a = fields.next()) { item.put(a.getID(), a.get()); } } return result; } catch (Exception e) { throw new RuntimeException("Search failed: searchBase=" + base + " filter=" + filter, e); } }
@Override public Enumeration<String> engineAliases() { DirContext context = obtainDirContext(); if (context == null) { log.trace("Unable to obtain DirContext"); return null; } try { NamingEnumeration<SearchResult> results = context.search(searchPath, filterIterate, null, createSearchControl(new String[]{aliasAttribute})); // TODO pagination List<String> aliases = new LinkedList<>(); while (results.hasMore()) { Attribute attribute = results.next().getAttributes().get(aliasAttribute); if (attribute != null) aliases.add((String) attribute.get()); } return Collections.enumeration(aliases); } catch (NamingException e) { throw log.ldapKeyStoreFailedToIterateAliases(e); } finally { returnDirContext(context); } }
Attribute memberAttribute = result.getAttributes().get(permissionGroupMemberAttribute); NamingEnumeration<?> memberAttributeEnum = memberAttribute.getAll(); while (memberAttributeEnum.hasMoreElements()) { String memberDn = (String) memberAttributeEnum.nextElement(); boolean group = false; boolean user = false; memberAttributes = context.getAttributes(memberDn, new String[] { "objectClass", groupNameAttribute, userNameAttribute }); } catch (NamingException e) { LOG.error("Policy not applied! Unknown member {} in policy entry {}", new Object[]{ memberDn, result.getNameInNamespace() }, e); continue; Attribute memberEntryObjectClassAttribute = memberAttributes.get("objectClass"); NamingEnumeration<?> memberEntryObjectClassAttributeEnum = memberEntryObjectClassAttribute.getAll(); while (memberEntryObjectClassAttributeEnum.hasMoreElements()) { String objectClass = (String) memberEntryObjectClassAttributeEnum.nextElement(); Attribute name = memberAttributes.get(groupNameAttribute); if (name == null) { LOG.error("Policy not applied! Group {} does not have name attribute {} under entry {}", new Object[]{ memberDn, groupNameAttribute, result.getNameInNamespace() }); break; principalName = (String) name.get(); principalName = (String) name.get();
@Override public boolean process(SearchResult record) throws NamingException { result.add(record.getNameInNamespace()); NamingEnumeration<? extends Attribute> allAttributes = record.getAttributes().getAll(); while(allAttributes.hasMore()) { Attribute attribute = allAttributes.next(); addAllAttributeValuesToResult(attribute.getAll()); } return true; }
private Set<String> getGroupMembershipsIntersectingWithRestrictedGroups(AutoclosingLdapContext context, String userName) throws NamingException { userName = userNameBaseOnGroupClass(userName); final String filter = String.format("(&(%s=%s)(objectClass=%s))", configuration.getGroupMembershipAttribute(), userName, configuration.getGroupClassName()); final NamingEnumeration<SearchResult> result = context.search(configuration.getGroupFilter(), filter, new SearchControls()); ImmutableSet.Builder<String> overlappingGroups = ImmutableSet.builder(); try { while (result.hasMore()) { SearchResult next = result.next(); if (next.getAttributes() != null && next.getAttributes().get(configuration.getGroupNameAttribute()) != null) { String group = (String) next.getAttributes().get(configuration.getGroupNameAttribute()).get(0); if (configuration.getRestrictToGroups().isEmpty() || configuration.getRestrictToGroups().contains(group)) { overlappingGroups.add(group); } } } return overlappingGroups.build(); } finally { result.close(); } }
public static int get_OLD_Gid(LDAPConfiguration cfg2, String groupName) throws Throwable { LDAPConfiguration cfg = cfg2.clone(); cfg.setSearchBase("ou=Groups,dc=ncsa,dc=illinois,dc=edu"); LDAPClaimsSource claimsSource = new LDAPClaimsSource(cfg, null); DirContext dirContext = new InitialDirContext(claimsSource.createEnv(cfg)); LdapContext ctx = (LdapContext) dirContext.lookup(cfg.getSearchBase()); SearchControls ctls = new SearchControls(); ctls.setReturningAttributes(new String[]{"gidNumber"}); String filter = "(&(cn=" + groupName + "))"; NamingEnumeration e = ctx.search(cfg.getContextName(), filter, ctls); while (e.hasMoreElements()) { SearchResult entry = (SearchResult) e.next(); Attributes a = entry.getAttributes(); Attribute attribute = a.get("gidNumber"); if (attribute == null) { continue; } String xxx = String.valueOf(attribute.get(0)); if (xxx != null && !xxx.isEmpty()) { ctx.close(); return Integer.parseInt(xxx); } } return -1; }
@Override public List<LdapUser> getUsersInGroup(String groupName, LdapContext context, Long domainId) throws NamingException { String attributeName = _ldapConfiguration.getGroupUniqueMemberAttribute(domainId); final SearchControls controls = new SearchControls(); controls.setSearchScope(_ldapConfiguration.getScope()); controls.setReturningAttributes(new String[] {attributeName}); NamingEnumeration<SearchResult> result = context.search(_ldapConfiguration.getBaseDn(domainId), generateGroupSearchFilter(groupName, domainId), controls); final List<LdapUser> users = new ArrayList<LdapUser>(); //Expecting only one result which has all the users if (result.hasMoreElements()) { Attribute attribute = result.nextElement().getAttributes().get(attributeName); NamingEnumeration<?> values = attribute.getAll(); while (values.hasMoreElements()) { String userdn = String.valueOf(values.nextElement()); try{ users.add(getUserForDn(userdn, context, domainId)); } catch (NamingException e){ s_logger.info("Userdn: " + userdn + " Not Found:: Exception message: " + e.getMessage()); } } } Collections.sort(users); return users; }