/** * Assembles the Distinguished Name that should be used the given username. */ public DistinguishedName buildDn(String username) { DistinguishedName dn = new DistinguishedName(userDnBase); dn.add(usernameAttribute, username); return dn; } }
/** * Obtains the part of a DN relative to a supplied base context. * <p> * If the DN is "cn=bob,ou=people,dc=springframework,dc=org" and the base context name * is "ou=people,dc=springframework,dc=org" it would return "cn=bob". * </p> * * @param fullDn the DN * @param baseCtx the context to work out the name relative to. * * @return the * * @throws NamingException any exceptions thrown by the context are propagated. */ public static String getRelativeName(String fullDn, Context baseCtx) throws NamingException { String baseDn = baseCtx.getNameInNamespace(); if (baseDn.length() == 0) { return fullDn; } DistinguishedName base = new DistinguishedName(baseDn); DistinguishedName full = new DistinguishedName(fullDn); if (base.equals(full)) { return ""; } Assert.isTrue(full.startsWith(base), "Full DN does not start with base DN"); full.removeFirst(base); return full.toString(); }
private DirContextOperations bindWithDn(String userDnStr, String username, String password, Attributes attrs) { BaseLdapPathContextSource ctxSource = (BaseLdapPathContextSource) getContextSource(); DistinguishedName userDn = new DistinguishedName(userDnStr); DistinguishedName fullDn = new DistinguishedName(userDn); fullDn.prepend(ctxSource.getBaseLdapPath()); ctx = getContextSource().getContext(fullDn.toString(), password);
/** * Gets the full dn of a name by prepending the name of the context it is relative to. * If the name already contains the base name, it is returned unaltered. */ public static DistinguishedName getFullDn(DistinguishedName dn, Context baseCtx) throws NamingException { DistinguishedName baseDn = new DistinguishedName(baseCtx.getNameInNamespace()); if (dn.contains(baseDn)) { return dn; } baseDn.append(dn); return baseDn; }
public void setGroupSearchBase(String groupSearchBase) { this.groupSearchBase = new DistinguishedName(groupSearchBase); }
@Test public void testDistinguishedName_Ldap237_NotDestroyedByCompositeName() throws InvalidNameException { DistinguishedName path = new DistinguishedName("ou=Roger \\\"Bunny\\\" Rabbit,dc=somecompany,dc=com"); assertThat(path.toString()).isEqualTo("ou=Roger \\\"Bunny\\\" Rabbit,dc=somecompany,dc=com"); }
@Test public void testAddAll() throws Exception { DistinguishedName path1 = new DistinguishedName("ou=foo, OU=bar"); DistinguishedName path2 = new DistinguishedName("OU=baz"); path1.addAll(path2); assertThat(path1.toString()).isEqualTo("ou=baz,ou=foo,ou=bar"); }
private String buildUserRefDn(String username) { return new DistinguishedName(BASE_DN).append("cn", username).toString(); }
@Test public void testStartsWith_true() { DistinguishedName path1 = new DistinguishedName("uid=mtah.test, ou=people, ou=EU, o=example.com"); DistinguishedName start1 = new DistinguishedName("o=example.com"); DistinguishedName path2 = new DistinguishedName("uid=mtah.test, ou=people, ou=EU, o=example.com"); DistinguishedName start2 = new DistinguishedName("ou=people, ou=EU, o=example.com"); assertThat(path1.startsWith(start1)).isTrue(); assertThat(path2.startsWith(start2)).isTrue(); }
@Test public void testAdd_Index() throws InvalidNameException { DistinguishedName path1 = new DistinguishedName("ou=foo, ou=bar"); path1.add(1, "ou=baz"); assertThat(path1.toString()).isEqualTo("ou=foo,ou=baz,ou=bar"); }
DistinguishedName searchBaseDn = new DistinguishedName(searchRoot); while (groupsSearch.hasMore()) { SearchResult searchResult = groupsSearch.next(); DistinguishedName dn = new DistinguishedName(new CompositeName(searchResult.getName())); dn.prepend(searchBaseDn); authorities.add(new SimpleGrantedAuthority(dn.removeLast().getValue()));
public void add(Entity entity, Entity parentEntity) throws SecurityException { if (parentEntity == null || parentEntity.getInternalId() == null) { throw new SecurityException(SecurityException.UNEXPECTED.create(getClass().getName(), "add(Entity entity, Entity parentEntity)", "Provided parent entity is null or has no internal ID.")); } DistinguishedName parentDn = new DistinguishedName(parentEntity.getInternalId()); parentDn.removeFirst(new DistinguishedName(configuration.getBaseDN())); internalAdd(entity, parentDn); }
protected DistinguishedName getFullDN(DistinguishedName relativeDN) { DistinguishedName fullDN = new DistinguishedName(relativeDN); if (configuration.getBaseDN().size() > 0 && !fullDN.startsWith(configuration.getBaseDN())) { fullDN.prepend(configuration.getBaseDN()); } return fullDN; }
public Object executeWithContext(DirContext ctx) throws NamingException { DistinguishedName ctxBaseDn = new DistinguishedName(ctx.getNameInNamespace()); NamingEnumeration<SearchResult> resultsEnum = ctx.search(base, filter, params, searchControls); if (logger.isDebugEnabled()) { SearchResult searchResult = resultsEnum.next(); DistinguishedName dn = new DistinguishedName(searchResult.getName()); dn.prepend(new DistinguishedName(base));
@Test public void testClone() { DistinguishedName path1 = new DistinguishedName("cn=john.doe, OU=Users,OU=Some company,C=SE"); DistinguishedName path2 = (DistinguishedName) path1.clone(); assertThat(path2).as("Should be equal").isEqualTo(path1); path2.removeFirst(); assertThat(path1.equals(path2)).isFalse(); }
/** * Remove the supplied path from the beginning of this * <code>DistinguishedName</code> if this instance starts with * <code>path</code>. Useful for stripping base path suffix from a * <code>DistinguishedName</code>. * * @param path the path to remove from the beginning of this instance. */ public void removeFirst(Name path) { if (path != null && this.startsWith(path)) { for (int i = 0; i < path.size(); i++) { this.removeFirst(); } } }
protected DistinguishedName getRelativeDN(String fullDN) { DistinguishedName principalDN = new DistinguishedName(fullDN); if (configuration.getBaseDN().size() > 0) { principalDN.removeFirst(configuration.getBaseDN()); } return principalDN; }
@Test public void testRemove() throws InvalidNameException { String testPath = "cn=john.doe, OU=Users,OU=Some Company,OU=G,OU=I,OU=M"; DistinguishedName path = new DistinguishedName(testPath); path.remove(1); path.remove(3); assertThat(path.toString()).isEqualTo("cn=john.doe,ou=Some Company,ou=G,ou=M"); }
/** * Creates the user authority list from the values of the {@code memberOf} attribute * obtained from the user's Active Directory entry. */ @Override protected Collection<? extends GrantedAuthority> loadUserAuthorities( DirContextOperations userData, String username, String password) { String[] groups = userData.getStringAttributes("memberOf"); if (groups == null) { logger.debug("No values for 'memberOf' attribute."); return AuthorityUtils.NO_AUTHORITIES; } if (logger.isDebugEnabled()) { logger.debug("'memberOf' attribute values: " + Arrays.asList(groups)); } ArrayList<GrantedAuthority> authorities = new ArrayList<>( groups.length); for (String group : groups) { authorities.add(new SimpleGrantedAuthority(new DistinguishedName(group) .removeLast().getValue())); } return authorities; }
private void changePasswordUsingAttributeModification (DistinguishedName userDn, String oldPassword, String newPassword) { final ModificationItem[] passwordChange = new ModificationItem[] { new ModificationItem( DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(passwordAttributeName, newPassword)) }; if (oldPassword == null) { template.modifyAttributes(userDn, passwordChange); return; } template.executeReadWrite(dirCtx -> { LdapContext ctx = (LdapContext) dirCtx; ctx.removeFromEnvironment("com.sun.jndi.ldap.connect.pool"); ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, LdapUtils.getFullDn(userDn, ctx).toString()); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, oldPassword); // TODO: reconnect doesn't appear to actually change the credentials try { ctx.reconnect(null); } catch (javax.naming.AuthenticationException e) { throw new BadCredentialsException( "Authentication for password change failed."); } ctx.modifyAttributes(userDn, passwordChange); return null; }); }