ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, principal); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials); ctx.reconnect(rctls);
} else { // the same context - copy context LdapContext userContext = ((LdapContext) dirContext).newInstance(null); userContext.addToEnvironment(LdapContext.SECURITY_PRINCIPAL, distinguishedName); userContext.addToEnvironment(LdapContext.SECURITY_CREDENTIALS, password); userContext.reconnect(null); userContext.close();
private void changePasswordUsingAttributeModification (DistinguishedName userDn, String oldPassword, String newPassword) { final ModificationItem[] passwordChange = new ModificationItem[] { new ModificationItem( DirContext.REPLACE_ATTRIBUTE, new BasicAttribute(passwordAttributeName, newPassword)) }; if (oldPassword == null) { template.modifyAttributes(userDn, passwordChange); return; } template.executeReadWrite(dirCtx -> { LdapContext ctx = (LdapContext) dirCtx; ctx.removeFromEnvironment("com.sun.jndi.ldap.connect.pool"); ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, LdapUtils.getFullDn(userDn, ctx).toString()); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, oldPassword); // TODO: reconnect doesn't appear to actually change the credentials try { ctx.reconnect(null); } catch (javax.naming.AuthenticationException e) { throw new BadCredentialsException( "Authentication for password change failed."); } ctx.modifyAttributes(userDn, passwordChange); return null; }); }
protected void applyAuthentication(LdapContext ctx, String userDn, String password) throws NamingException { ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, EXTERNAL_AUTHENTICATION); }
protected void applyAuthentication(LdapContext ctx, String userDn, String password) throws NamingException { ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, EXTERNAL_AUTHENTICATION); }
protected void applyAuthentication(LdapContext ctx, String userDn, String password) throws NamingException { ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, EXTERNAL_AUTHENTICATION); }
protected void applyAuthentication(LdapContext ctx, String userDn, String password) throws NamingException { ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, EXTERNAL_AUTHENTICATION); }
protected void applyAuthentication(LdapContext ctx, String userDn, String password) throws NamingException { ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, SIMPLE_AUTHENTICATION); ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDn); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password); // Force reconnect with user credentials ctx.reconnect(null); }
protected void applyAuthentication(LdapContext ctx, String userDn, String password) throws NamingException { ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, SIMPLE_AUTHENTICATION); ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDn); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password); // Force reconnect with user credentials ctx.reconnect(null); }
protected void applyAuthentication(LdapContext ctx, String userDn, String password) throws NamingException { ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, SIMPLE_AUTHENTICATION); ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDn); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password); // Force reconnect with user credentials ctx.reconnect(null); }
protected void applyAuthentication(LdapContext ctx, String userDn, String password) throws NamingException { ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, SIMPLE_AUTHENTICATION); ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDn); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password); // Force reconnect with user credentials ctx.reconnect(null); }
/** * 根据ldapContext和userDn和密码进行认证 * * @param ldapContext ldapContext * @param userDn userDn * @param password 密码 * @return 返回认证结果 */ public static boolean ldapAuthenticate(LdapContext ldapContext, String userDn, String password) { try { ldapContext.addToEnvironment(Context.SECURITY_PRINCIPAL, userDn); ldapContext.addToEnvironment(Context.SECURITY_CREDENTIALS, password); ldapContext.reconnect(null); } catch (NamingException e) { LOGGER.info("ldap authenticate fail: {}", e); return false; } return true; }
LdapContext userContext = ldapContext.newInstance(null); // copy context userContext.addToEnvironment(InitialDirContext.SECURITY_PRINCIPAL, userDn); userContext.addToEnvironment(InitialDirContext.SECURITY_CREDENTIALS, password); userContext.reconnect(null); // throws NamingException if creds wrong userContext.close();
/** * 根据ldapContext和userDn和密码进行认证 * * @param ldapContext ldapContext * @param userDn userDn * @param password 密码 * @return 返回认证结果 */ public static boolean ldapAuthenticate(LdapContext ldapContext, String userDn, String password) { try { ldapContext.addToEnvironment(Context.SECURITY_PRINCIPAL, userDn); ldapContext.addToEnvironment(Context.SECURITY_CREDENTIALS, password); ldapContext.reconnect(null); } catch (NamingException e) { LOGGER.info("ldap authenticate fail: {}", e); return false; } return true; }
public Object executeWithContext(DirContext dirCtx) throws NamingException { LdapContext ctx = (LdapContext) dirCtx; ctx.removeFromEnvironment("com.sun.jndi.ldap.connect.pool"); ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, LdapUtils.getFullDn(dn, ctx).toString()); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, oldPassword); // TODO: reconnect doesn't appear to actually change the credentials try { ctx.reconnect(null); } catch (javax.naming.AuthenticationException e) { throw new BadCredentialsException("Authentication for password change failed."); } ctx.modifyAttributes(dn, passwordChange); return null; } });
/** * Creates a new ldap context using {@link LdapContext#newInstance(Control[])}. Adds any additional environment * properties found in the supplied request to the context. * * @param request to read properties from * * @return ldap context * * @throws NamingException if a property cannot be added to the context */ protected LdapContext initializeContext(final Request request) throws NamingException { final LdapContext ctx = context.newInstance( config.getControlProcessor().processRequestControls(request.getControls())); // by default set referral behavior to throw, otherwise jndi will send the // ManageDsaIT control ctx.addToEnvironment(REFERRAL, "throw"); return ctx; }
/** * LDAP modify DN operation. * * @param dn Distinguished name of the entry. * @param newRDN new realtive distinguished name of the entry. * @param deleteOldRDN if old relative distinguished name should be deleted * @param newSuperior new superior DN * @throws NamingException if DN can not be resolved */ public void modifyDn(final String dn, final String newRDN, final boolean deleteOldRDN, final String newSuperior) throws NamingException { WithContext<Object> action = ctx -> { LdapName source = new LdapName(dn); LdapName target = new LdapName(newSuperior); target.add(newRDN); ctx.addToEnvironment("java.naming.ldap.deleteRDN", Boolean.toString(deleteOldRDN)); ctx.rename(source, target); return null; }; performWithContext(action); }
/** * Creates a new ldap context using {@link LdapContext#newInstance(Control[])}. Adds any additional environment * properties found in the supplied request to the context. * * @param request to read properties from * * @return ldap context * * @throws NamingException if a property cannot be added to the context */ protected LdapContext initializeContext(final Request request) throws NamingException { final LdapContext ctx = context.newInstance( config.getControlProcessor().processRequestControls(request.getControls())); // by default set referral behavior to throw, otherwise jndi will send the // ManageDsaIT control ctx.addToEnvironment(REFERRAL, "throw"); return ctx; }
/** * Creates a new ldap context using {@link LdapContext#newInstance(Control[])}. Adds any additional environment * properties found in the supplied request to the context. * * @param request to read properties from * * @return ldap context * * @throws NamingException if a property cannot be added to the context */ protected LdapContext initializeContext(final Request request) throws NamingException { final LdapContext ctx = context.newInstance( config.getControlProcessor().processRequestControls(request.getControls())); // by default set referral behavior to throw, otherwise jndi will send the // ManageDsaIT control ctx.addToEnvironment(REFERRAL, "throw"); return ctx; }
@Override public Response<Void> modifyDn(final ModifyDnRequest request) throws LdapException { Response<Void> response = null; LdapContext ctx = null; try { try { ctx = initializeContext(request); ctx.addToEnvironment("java.naming.ldap.deleteRDN", Boolean.valueOf(request.getDeleteOldRDn()).toString()); ctx.rename(new LdapName(request.getDn()), new LdapName(request.getNewDn())); response = createResponse(request, null, ResultCode.SUCCESS, null, ctx); } finally { if (ctx != null) { ctx.close(); } } } catch (ReferralException e) { final String[] refUrls = e.getReferralInfo() != null ? new String[] {(String) e.getReferralInfo()} : null; response = createResponse(request, null, ResultCode.REFERRAL, refUrls, ctx); } catch (NamingException e) { processNamingException(request, e, null, ctx); } return response; }