org.apache.directory.server.core.api.LdapPrincipal java code examples

/**
 * TODO - perhaps we should just use a flag that is calculated on creation
 * of this session
 * 
 * @see org.apache.directory.server.core.api.CoreSession#isAdministrator()
 */
@Override
public boolean isAdministrator()
{
  String normName = getEffectivePrincipal().getName();
  return normName.equals( ServerDNConstants.ADMIN_SYSTEM_DN_NORMALIZED );
}

/**
 * Get back an anonymous session
 */
public CoreSession getSession()
{
 return new DefaultCoreSession( new LdapPrincipal( schemaManager ), this );
}

  public boolean hasPermission( OperationContext opContext ) throws LdapException
  {
    Dn principalName = opContext.getSession().getEffectivePrincipal().getDn();
    return principalName.equals( opContext.getSession().getDirectoryService().getAdminSession()
      .getAuthenticatedPrincipal().getDn() );
  }
}

/**
 * Serializes a LdapPrincipal instance.
 * 
 * @param principal The LdapPrincipal instance to serialize
 * @param out The stream into which we will write the serialized instance
 * @throws IOException If the stream can't be written
 */
public static void serialize( LdapPrincipal principal, ObjectOutput out ) throws IOException
{
  // The Authentication level
  out.writeInt( principal.getAuthenticationLevel().getLevel() );
  // The principal's DN
  if ( principal.getDn() == null )
  {
    Dn.EMPTY_DN.writeExternal( out );
  }
  else
  {
    principal.getDn().writeExternal( out );
  }
}

/**
 * Creates a new instance of a DefaultCoreSession
 * @param principal The principal to use to process operation for this session
 * @param directoryService The DirectoryService to which we will send requests
 */
public DefaultCoreSession( LdapPrincipal principal, DirectoryService directoryService )
{
  this.directoryService = directoryService;
  authenticatedPrincipal = principal;
  if ( principal.getAuthenticationLevel() == AuthenticationLevel.NONE )
  {
    anonymousPrincipal = principal;
  }
  else
  {
    anonymousPrincipal = new LdapPrincipal( directoryService.getSchemaManager() );
  }
  // setup attribute type value
  objectClassAT = directoryService.getSchemaManager().getAttributeType( SchemaConstants.OBJECT_CLASS_AT );
}

  /**
   * User has already been authenticated during SASL negotiation. Set the authentication level
   * to strong and return an {@link LdapPrincipal}.
   */
  @Override
  public LdapPrincipal authenticate( BindOperationContext bindContext ) throws LdapAuthenticationException
  {
    // Possibly check if user account is disabled, other account checks.
    LdapPrincipal principal = new LdapPrincipal( getDirectoryService().getSchemaManager(), bindContext.getDn(),
      AuthenticationLevel.STRONG );

    IoSession session = bindContext.getIoSession();

    if ( session != null )
    {
      SocketAddress clientAddress = session.getRemoteAddress();
      principal.setClientAddress( clientAddress );
      SocketAddress serverAddress = session.getServiceAddress();
      principal.setServerAddress( serverAddress );
    }

    return principal;
  }
}

boolean isAdmin = modifyContext.getSession().getAuthenticatedPrincipal().getDn().equals( adminDn );
      getPrincipal( modifyContext ).getName() );

principal = new LdapPrincipal( getDirectoryService().getSchemaManager(), bindContext.getDn(),
  AuthenticationLevel.SIMPLE );
principal.setUserPassword( storedPasswords );

byte[] password = null;
if ( ldapPrincipal.getUserPasswords() != null )
  password = ldapPrincipal.getUserPasswords()[0];
CoreSession userSession = ds.getSession( ldapPrincipal.getDn(),
  password, saslMechanism, null );

  principal.setClientAddress( clientAddress );
  SocketAddress serverAddress = session.getServiceAddress();
  principal.setServerAddress( serverAddress );
byte[][] storedPasswords = principal.getUserPasswords();

LdapPrincipal clonedPrincipal = ( LdapPrincipal ) ( principal.clone() );
clonedPrincipal.setUserPassword( Strings.EMPTY_BYTES );

/**
 * {@inheritDoc}
 */
@Override
public boolean isAnonymous()
{
  if ( ( authorizedPrincipal == null ) && ( authenticatedPrincipal == null ) )
  {
    return true;
  }
  else
  {
    return authenticatedPrincipal.getAuthenticationLevel() == AuthenticationLevel.NONE;
  }
}

/**
 * Clone the object. This is done so that we don't store the 
 * password in a LdapPrincipal more than necessary.
 */
@Override
public Object clone() throws CloneNotSupportedException
{
  LdapPrincipal clone = ( LdapPrincipal ) super.clone();
  if ( userPasswords != null )
  {
    clone.setUserPassword( userPasswords );
  }
  return clone;
}

public void add( AddOperationContext addContext ) throws LdapException
  String principal = getPrincipal( addContext ).getName();
  boolean isAdmin = addContext.getSession().getAuthenticatedPrincipal().getDn().equals( adminDn );

principal = new LdapPrincipal( getDirectoryService().getSchemaManager(), bindDn,
  AuthenticationLevel.SIMPLE,
  bindContext.getCredentials() );
  principal.setClientAddress( clientAddress );
  SocketAddress serverAddress = session.getServiceAddress();
  principal.setServerAddress( serverAddress );

/**
 * {@inheritDoc}
 */
@Override
public AuthenticationLevel getAuthenticationLevel()
{
  return getEffectivePrincipal().getAuthenticationLevel();
}

writer.write( principal.getName() );
writer.write( '\n' );

LdapPrincipal principal = new LdapPrincipal( schemaManager, dn, authenticationLevel );

/**
 * Creates a new instance of UnbindOperationContext.
 * 
 * @param session The session to use
 */
public UnbindOperationContext( CoreSession session )
{
  super( session, session.getEffectivePrincipal().getDn() );
  setInterceptors( session.getDirectoryService().getInterceptors( OperationEnum.UNBIND ) );
}

String adminDn = session.getEffectivePrincipal().getName();

Javadoc

An alternative X500 user implementation that has access to the distinguished name of the principal as well as the String representation.

Most used methods

getName
Returns the normalized distinguished name of the principal as a String.
<init>
Creates a new LDAP/X500 principal without any group associations. Keep this package friendly so only
getDn
Gets a cloned copy of the normalized distinguished name of this principal as a org.apache.directory.
getAuthenticationLevel
Gets the authentication level associated with this LDAP principle.
getUserPasswords
setUserPassword
clone
Clone the object. This is done so that we don't store the password in a LdapPrincipal more than nece
setClientAddress
setSchemaManager
setServerAddress

Popular in Java

Reactive rest calls using spring rest template
getSystemService (Context)
getApplicationContext (Context)
runOnUiThread (Activity)
Table (com.google.common.collect)
A collection that associates an ordered pair of keys, called a row key and a column key, with a sing
GridBagLayout (java.awt)
The GridBagLayout class is a flexible layout manager that aligns components vertically and horizonta
Charset (java.nio.charset)
A charset is a named mapping between Unicode characters and byte sequences. Every Charset can decode
TimeUnit (java.util.concurrent)
A TimeUnit represents time durations at a given unit of granularity and provides utility methods to
Handler (java.util.logging)
A Handler object accepts a logging request and exports the desired messages to a target, for example
JLabel (javax.swing)
Best IntelliJ plugins

How to useLdapPrincipal in org.apache.directory.server.core.api

Best Java code snippets using org.apache.directory.server.core.api.LdapPrincipal (Showing top 20 results out of 315)

How to use
LdapPrincipal
in
org.apache.directory.server.core.api