@Override public SupportLevel getCredentialAcquireSupport(final Class<? extends Credential> credentialType, final String algorithmName, final AlgorithmParameterSpec parameterSpec, final Supplier<Provider[]> providers) { if (credentialType != PasswordCredential.class) { return SupportLevel.UNSUPPORTED; } Attribute algorithmAttribute = attributes.get(algorithmAttributeName); Attribute hashAttribute = attributes.get(hashAttributeName); Attribute seedAttribute = attributes.get(seedAttributeName); Attribute sequenceAttribute = attributes.get(sequenceAttributeName); if (algorithmAttribute != null && hashAttribute != null && seedAttribute != null && sequenceAttribute != null && (algorithmName == null || algorithmAttribute.contains(algorithmName))) { return SupportLevel.SUPPORTED; } return SupportLevel.UNSUPPORTED; }
Attribute sequenceAttribute = attributes.get(sequenceAttributeName); if (algorithmAttribute == null || algorithmName != null && ! algorithmAttribute.contains(algorithmName) || hashAttribute == null || seedAttribute == null || sequenceAttribute == null) { return null;
public boolean contains( Object attrVal ) { return wrapped.contains( attrVal ); }
@Override public SupportLevel getCredentialAcquireSupport(final Class<? extends Credential> credentialType, final String algorithmName, final AlgorithmParameterSpec parameterSpec, final Supplier<Provider[]> providers) { if (credentialType != PasswordCredential.class) { return SupportLevel.UNSUPPORTED; } Attribute algorithmAttribute = attributes.get(algorithmAttributeName); Attribute hashAttribute = attributes.get(hashAttributeName); Attribute seedAttribute = attributes.get(seedAttributeName); Attribute sequenceAttribute = attributes.get(sequenceAttributeName); if (algorithmAttribute != null && hashAttribute != null && seedAttribute != null && sequenceAttribute != null && (algorithmName == null || algorithmAttribute.contains(algorithmName))) { return SupportLevel.SUPPORTED; } return SupportLevel.UNSUPPORTED; }
@Override public SupportLevel getCredentialAcquireSupport(final Class<? extends Credential> credentialType, final String algorithmName, final AlgorithmParameterSpec parameterSpec, final Supplier<Provider[]> providers) { if (credentialType != PasswordCredential.class) { return SupportLevel.UNSUPPORTED; } Attribute algorithmAttribute = attributes.get(algorithmAttributeName); Attribute hashAttribute = attributes.get(hashAttributeName); Attribute seedAttribute = attributes.get(seedAttributeName); Attribute sequenceAttribute = attributes.get(sequenceAttributeName); if (algorithmAttribute != null && hashAttribute != null && seedAttribute != null && sequenceAttribute != null && (algorithmName == null || algorithmAttribute.contains(algorithmName))) { return SupportLevel.SUPPORTED; } return SupportLevel.UNSUPPORTED; }
@Override public SupportLevel getCredentialAcquireSupport(final Class<? extends Credential> credentialType, final String algorithmName, final AlgorithmParameterSpec parameterSpec, final Supplier<Provider[]> providers) { if (credentialType != PasswordCredential.class) { return SupportLevel.UNSUPPORTED; } Attribute algorithmAttribute = attributes.get(algorithmAttributeName); Attribute hashAttribute = attributes.get(hashAttributeName); Attribute seedAttribute = attributes.get(seedAttributeName); Attribute sequenceAttribute = attributes.get(sequenceAttributeName); if (algorithmAttribute != null && hashAttribute != null && seedAttribute != null && sequenceAttribute != null && (algorithmName == null || algorithmAttribute.contains(algorithmName))) { return SupportLevel.SUPPORTED; } return SupportLevel.UNSUPPORTED; }
/** * Unmarshals a MarshalledObject. * * @param orig The possibly null object to check. * @param name Ignored * @param ctx Ignored * @param env Ignored * @param attrs The possibly attributes containing the "objectclass" * @return The non-null unmarshalled object if <tt>orig</tt> is a * MarshalledObject; otherwise null * @exception IOException If problem unmarshalling the object * @exception ClassNotFoundException If cannot find class required to unmarshal. */ public Object getObjectInstance(Object orig, Name name, Context ctx, Hashtable env, Attributes attrs) throws Exception { Attribute oc; if (orig instanceof MarshalledObject && attrs != null && (oc = attrs.get("objectclass")) != null && (oc.contains("javaMarshalledObject") || oc.contains("javamarshalledobject"))) { return ((MarshalledObject)orig).get(); } return null; }
/** * Unmarshals a MarshalledObject. * * @param orig The possibly null object to check. * @param name Ignored * @param ctx Ignored * @param env Ignored * @param attrs The possibly attributes containing the "objectclass" * @return The non-null unmarshalled object if <tt>orig</tt> is a * MarshalledObject; otherwise null * @exception IOException If problem unmarshalling the object * @exception ClassNotFoundException If cannot find class required to unmarshal. */ public Object getObjectInstance(Object orig, Name name, Context ctx, Hashtable env, Attributes attrs) throws Exception { Attribute oc; if (orig instanceof MarshalledObject && attrs != null && (oc = attrs.get("objectclass")) != null && (oc.contains("javaMarshalledObject") || oc.contains("javamarshalledobject"))) { return ((MarshalledObject)orig).get(); } return null; }
public void entityHasAttributeWithValueOtherThat(String attribute, String value) { Attribute attr = getNotNullAttribute(attribute); assertThat(attr.contains(value), is(false)); }
public boolean isMember(LDAPEntry member) { Attribute memberAttribute = getLDAPAttributes().get(MEMBER); return memberAttribute != null && memberAttribute.contains(member.getDN()); }
public void entityHasAttributeWithValueOtherThat(String attribute, String value) { Attribute attr = getNotNullAttribute(attribute); assertThat(attr.contains(value), is(false)); }
/** * 匿名用户根据objectClass来获取一个entry返回 * * @param ldap * @param ldapContext * @return */ public static Attributes anonymousUserGetByObjectClass(Ldap ldap, LdapContext ldapContext) { SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration namingEnumeration = null; try { namingEnumeration = ldapContext.search("", "objectClass=*", constraints); while (namingEnumeration != null && namingEnumeration.hasMoreElements()) { SearchResult searchResult = (SearchResult) namingEnumeration.nextElement(); Attributes attributes = searchResult.getAttributes(); if (attributes.get("objectClass") != null && attributes.get("objectClass").contains(ldap.getObjectClass())) { return attributes; } } } catch (NamingException e) { LOGGER.info("ldap search fail: {}", e); } return null; } }
/** * 匿名用户根据objectClass来获取一个entry返回 * * @param ldap * @param ldapContext * @return */ public static Attributes anonymousUserGetByObjectClass(Ldap ldap, LdapContext ldapContext) { SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration namingEnumeration = null; try { namingEnumeration = ldapContext.search("", "objectClass=*", constraints); while (namingEnumeration != null && namingEnumeration.hasMoreElements()) { SearchResult searchResult = (SearchResult) namingEnumeration.nextElement(); Attributes attributes = searchResult.getAttributes(); if (attributes.get("objectClass") != null && attributes.get("objectClass").contains(ldap.getObjectClass())) { return attributes; } } } catch (NamingException e) { LOGGER.info("ldap search fail: {}", e); } return null; } }
public boolean isRemovable( ACITuple tuple, String attrId, Object attrValue, Attributes entry ) { for ( Iterator i = tuple.getProtectedItems().iterator(); i.hasNext(); ) { ProtectedItem item = ( ProtectedItem ) i.next(); if ( item instanceof ProtectedItem.RestrictedBy ) { ProtectedItem.RestrictedBy rb = ( ProtectedItem.RestrictedBy ) item; for ( Iterator k = rb.iterator(); k.hasNext(); ) { RestrictedByItem rbItem = ( RestrictedByItem ) k.next(); if ( attrId.equalsIgnoreCase( rbItem.getAttributeType() ) ) { Attribute attr = entry.get( rbItem.getValuesIn() ); if ( attr == null || !attr.contains( attrValue ) ) { return true; } } } } } return false; }
public void addMember(LDAPEntry childEntry) { Attribute memberAttribute = getLDAPAttributes().get(MEMBER); if (memberAttribute != null) { if (memberAttribute.contains(SPACE_STRING)) { memberAttribute.remove(SPACE_STRING); } } else { memberAttribute = new BasicAttribute(MEMBER); } memberAttribute.add(childEntry.getDN()); getLDAPAttributes().put(memberAttribute); }
@Override protected void removeFromRelationships(final IdentityContext context, final IdentityType identityType) { String bindingDN = getBindingDN(identityType, true); for (LDAPMappingConfiguration relationshipConfig : getConfig().getRelationshipConfigs()) { for (String attributeName : relationshipConfig.getMappedProperties().values()) { StringBuilder filter = new StringBuilder(); filter.append("(&(").append(attributeName).append(EQUAL).append("").append(bindingDN).append("))"); try { List<SearchResult> search = this.operationManager.search(getMappingConfig(relationshipConfig.getRelatedAttributedType()).getBaseDN(), filter.toString(), getMappingConfig(relationshipConfig.getRelatedAttributedType())); for (SearchResult result : search) { Attributes attributes = result.getAttributes(); Attribute relationshipAttribute = attributes.get(attributeName); if (relationshipAttribute != null && relationshipAttribute.contains(bindingDN)) { relationshipAttribute.remove(bindingDN); if (relationshipAttribute.size() == 0) { relationshipAttribute.add(EMPTY_ATTRIBUTE_VALUE); } this.operationManager.modifyAttribute(result.getNameInNamespace(), relationshipAttribute); } } } catch (NamingException e) { throw new IdentityManagementException("Could not remove " + identityType + " from relationship " + relationshipConfig.getMappedClass(), e); } } } }
private void removeMemberShipEntry(LDAPEntry ldapEntry, LDAPEntry member) { String dn = ldapEntry.getDN(); LDAPEntry storedGroupRole = getLdapManager().lookup(dn); if (storedGroupRole != null) { Attribute memberAttribute = storedGroupRole.getLDAPAttributes().get(MEMBER); if (memberAttribute.contains(member.getDN())) { memberAttribute.remove(member.getDN()); memberAttribute.add(SPACE_STRING); getLdapManager().modifyAttribute(dn, memberAttribute); getLdapManager().rebind(dn, storedGroupRole); } } }
@Override public void unassignUser(String userId, GroupName group) throws UserNotFoundException, GroupNotFoundException { if (userId==null) { throw new UserNotFoundException(userId); } if (group==null || group.getName()==null) { throw new GroupNotFoundException(group); } try { Name userDN = builUserDn(userId); DirContextOperations ctxOps = ldapTemplate.lookupContext(userDN); Attributes allAttrs = ctxOps.getAttributes(); Attribute groupAttr = allAttrs.get(JoomlaLDAPConstants.GROUP_ATTR_NAME); // disallowing unassigning user from predefined required group name if (groupAttr.contains(group.getName()) && !PREDEFINED_REQUIRED_GROUP_NAME.equals(group.getName())) { groupAttr.remove(group.getName()); ldapTemplate.modifyAttributes(userDN, new ModificationItem[] { new ModificationItem(DirContext.REPLACE_ATTRIBUTE, groupAttr)}); } } catch (NameNotFoundException e) { throw new UserNotFoundException(userId); } }
private void storeMembershipEntry(LDAPEntry ldapEntry, LDAPEntry member) { String dn = ldapEntry.getDN(); LDAPEntry storedGroupRole = getLdapManager().lookup(dn); if (storedGroupRole == null) { storedGroupRole = ldapEntry; getLdapManager().bind(dn, storedGroupRole); } else { Attribute memberAttribute = storedGroupRole.getLDAPAttributes().get(MEMBER); if (!memberAttribute.contains(member.getDN())) { memberAttribute.add(member.getDN()); getLdapManager().modifyAttribute(dn, memberAttribute); getLdapManager().rebind(dn, storedGroupRole); } } }
@Override public void assignUser(String userId, GroupName group) throws UserNotFoundException, GroupNotFoundException { if (userId==null) { throw new UserNotFoundException(userId); } if (group==null || group.getName()==null) { throw new GroupNotFoundException(group); } try { Name userDN = builUserDn(userId); DirContextOperations ctxOps = ldapTemplate.lookupContext(userDN); Attributes allAttrs = ctxOps.getAttributes(); Attribute groupAttr = allAttrs.get(JoomlaLDAPConstants.GROUP_ATTR_NAME); if (!groupAttr.contains(group.getName())) { groupAttr.add(group.getName()); ldapTemplate.modifyAttributes(userDN, new ModificationItem[] { new ModificationItem(DirContext.REPLACE_ATTRIBUTE, groupAttr)}); } } catch (NameNotFoundException e) { throw new UserNotFoundException(userId); } }