protected Set<GroupPrincipal> getACLs(String destinationBase, SearchControls constraints, String roleBase, String roleAttribute) { try { Set<GroupPrincipal> roles = new HashSet<GroupPrincipal>(); Set<String> acls = new HashSet<String>(); NamingEnumeration<?> results = context.search(destinationBase, roleBase, constraints); while (results.hasMore()) { SearchResult result = (SearchResult)results.next(); Attributes attrs = result.getAttributes(); if (attrs == null) { continue; } acls = addAttributeValues(roleAttribute, attrs, acls); } for (Iterator<String> iter = acls.iterator(); iter.hasNext();) { String roleName = iter.next(); LdapName ldapname = new LdapName(roleName); Rdn rdn = ldapname.getRdn(ldapname.size() - 1); LOG.debug("Found role: [" + rdn.getValue().toString() + "]"); roles.add(new GroupPrincipal(rdn.getValue().toString())); } return roles; } catch (NamingException e) { LOG.error(e.toString()); return new HashSet<GroupPrincipal>(); } }
private LdapSearch createLdapSearchByDn() { if ( ! name.regionMatches(true, 0, identityMapping.rdnIdentifier, 0, identityMapping.rdnIdentifier.length())) { return null; } // equal sign not checked here as whitespaces can be between yet try { LdapName ldapName = new LdapName(name); int rdnPosition = ldapName.size() - 1; Rdn rdnIdentifier = ldapName.getRdn(rdnPosition); if ( ! rdnIdentifier.getType().equalsIgnoreCase(identityMapping.rdnIdentifier)) { // uid=... log.tracef("Getting identity [%s] by DN skipped - RDN does not match [%s]", name, identityMapping.rdnIdentifier); return null; } if (identityMapping.searchDn != null) { List<Rdn> expectedStart = new LdapName(identityMapping.searchDn).getRdns(); if ( ! ldapName.startsWith(expectedStart)) { // ...,search-dn log.tracef("Getting identity [%s] by DN skipped - DN not in search-dn [%s]", name, identityMapping.searchDn); return null; } if ( ! identityMapping.searchRecursive && ldapName.size() != expectedStart.size() + 1) { log.tracef("Getting identity [%s] by DN skipped - DN not directly in search-dn and recursive search not enabled [%s]", name, identityMapping.searchDn); return null; } } return new LdapSearch(ldapName.toString(), SearchControls.OBJECT_SCOPE, 0, identityMapping.filterName, rdnIdentifier.getValue().toString()); } catch (InvalidNameException e) { log.tracef(e, "Getting identity [%s] by DN failed - will continue by name", name); } return null; }
identity.getDirContext().modifyAttributes(identityLdapName, modItemsArray); if (renameTo != null && ! renameTo.equals(identityLdapName.getRdn(identityLdapName.size()-1).getValue())) { LdapName newLdapName = new LdapName(identityLdapName.getRdns().subList(0, identityLdapName.size()-1)); newLdapName.add(new Rdn(identityMapping.rdnIdentifier, renameTo));
destination = formatDestination(dn.getRdn(dn.size() - 2), destinationType); } else if (dn.size() == (getPrefixLengthForDestinationType(destinationType) + 1)) { destination = formatDestination(dn.getRdn(dn.size() - 1), destinationType); } else { throw new IllegalArgumentException("Malformed DN for representing a permission or destination entry.");
private String getGroupFromString(String dnString) { String result = dnString; try { LdapName dn = new LdapName(dnString); result = String.valueOf(dn.getRdn(dn.size() - 1).getValue()); } catch (InvalidNameException e) { log.debug("Expected a Group DN but found: " + dnString); } return result; }
private String getGroupFromString(String dnString) { String result = dnString; try { LdapName dn = new LdapName(dnString); result = String.valueOf(dn.getRdn(dn.size() - 1).getValue()); } catch (InvalidNameException e) { log.debug("Expected a Group DN but found: " + dnString); } return result; }
private static String getGroupNameFromDn(String dnString, String groupNameAttribute) throws NamingException { LdapName dn = new LdapName(dnString); // may throw InvalidNameException Attribute attribute = dn.getRdn(dn.size()-1).toAttributes().get(groupNameAttribute); if (attribute == null) { // We were configured with the wrong group name attribute throw new IdentityStoreConfigurationException("Group name attribute '" + groupNameAttribute + "' not found for DN: " + dnString); } return attribute.get(0).toString(); }
private static String getGroupNameFromDn(String dnString, String groupNameAttribute) throws NamingException { LdapName dn = new LdapName(dnString); // may throw InvalidNameException Attribute attribute = dn.getRdn(dn.size()-1).toAttributes().get(groupNameAttribute); if (attribute == null) { // We were configured with the wrong group name attribute throw new IdentityStoreConfigurationException("Group name attribute '" + groupNameAttribute + "' not found for DN: " + dnString); } return attribute.get(0).toString(); }
String dn = "CN=FDCD111304,OU=Workstations,OU=SIM,OU=Accounts,DC=FL,DC=NET"; LdapName ldapName = new LdapName(dn); String commonName = (String) ldapName.getRdn(ldapName.size() - 1).getValue();
private void parseLdapName(String distinguishedName) { try { LdapName dn = new LdapName(distinguishedName); for(int i=0; i<dn.size(); i++) { Rdn rdn = dn.getRdn(i); map.put(rdn.getType(), rdn.getValue().toString()); } } catch(InvalidNameException e) { log.error("Cannot extract Common Name from Distinguished Name", e); } }
protected Set<GroupPrincipal> getACLs(String destinationBase, SearchControls constraints, String roleBase, String roleAttribute) { try { Set<GroupPrincipal> roles = new HashSet<GroupPrincipal>(); Set<String> acls = new HashSet<String>(); NamingEnumeration<?> results = context.search(destinationBase, roleBase, constraints); while (results.hasMore()) { SearchResult result = (SearchResult)results.next(); Attributes attrs = result.getAttributes(); if (attrs == null) { continue; } acls = addAttributeValues(roleAttribute, attrs, acls); } for (Iterator<String> iter = acls.iterator(); iter.hasNext();) { String roleName = iter.next(); LdapName ldapname = new LdapName(roleName); Rdn rdn = ldapname.getRdn(ldapname.size() - 1); LOG.debug("Found role: [" + rdn.getValue().toString() + "]"); roles.add(new GroupPrincipal(rdn.getValue().toString())); } return roles; } catch (NamingException e) { LOG.error(e.toString()); return new HashSet<GroupPrincipal>(); } }
protected Set<GroupPrincipal> getACLs(String destinationBase, SearchControls constraints, String roleBase, String roleAttribute) { try { Set<GroupPrincipal> roles = new HashSet<GroupPrincipal>(); Set<String> acls = new HashSet<String>(); NamingEnumeration<?> results = context.search(destinationBase, roleBase, constraints); while (results.hasMore()) { SearchResult result = (SearchResult)results.next(); Attributes attrs = result.getAttributes(); if (attrs == null) { continue; } acls = addAttributeValues(roleAttribute, attrs, acls); } for (Iterator<String> iter = acls.iterator(); iter.hasNext();) { String roleName = iter.next(); LdapName ldapname = new LdapName(roleName); Rdn rdn = ldapname.getRdn(ldapname.size() - 1); LOG.debug("Found role: [" + rdn.getValue().toString() + "]"); roles.add(new GroupPrincipal(rdn.getValue().toString())); } return roles; } catch (NamingException e) { LOG.error(e.toString()); return new HashSet<GroupPrincipal>(); } }
/** * Get the value of the Rdn at the requested index in the supplied Name. * * @param name the Name to work on. * @param index The 0-based index of the rdn value to retrieve. Must be in the range [0,size()). * @return the value of the rdn at the requested index. * @throws IndexOutOfBoundsException if index is outside the specified range. * @since 2.0 */ public static Object getValue(Name name, int index) { Assert.notNull(name, "name must not be null"); LdapName ldapName = returnOrConstructLdapNameFromName(name); Rdn rdn = ldapName.getRdn(index); if(rdn.size() > 1) { LOGGER.warn("Rdn at position " + index + " of dn '" + name + "' is multi-value - returned value is not to be trusted. " + "Consider using name-based getValue method instead"); } return rdn.getValue(); }
/** * Get the value of the Rdn at the requested index in the supplied Name. * * @param name the Name to work on. * @param index The 0-based index of the rdn value to retrieve. Must be in the range [0,size()). * @return the value of the rdn at the requested index. * @throws IndexOutOfBoundsException if index is outside the specified range. * @since 2.0 */ public static Object getValue(Name name, int index) { Assert.notNull(name, "name must not be null"); LdapName ldapName = returnOrConstructLdapNameFromName(name); Rdn rdn = ldapName.getRdn(index); if(rdn.size() > 1) { LOGGER.warn("Rdn at position " + index + " of dn '" + name + "' is multi-value - returned value is not to be trusted. " + "Consider using name-based getValue method instead"); } return rdn.getValue(); }
/** * Get the value of the Rdn at the requested index in the supplied Name. * * @param name the Name to work on. * @param index The 0-based index of the rdn value to retrieve. Must be in the range [0,size()). * @return the value of the rdn at the requested index. * @throws IndexOutOfBoundsException if index is outside the specified range. * @since 2.0 */ public static Object getValue(Name name, int index) { Assert.notNull(name, "name must not be null"); LdapName ldapName = returnOrConstructLdapNameFromName(name); Rdn rdn = ldapName.getRdn(index); if(rdn.size() > 1) { LOGGER.warn("Rdn at position " + index + " of dn '" + name + "' is multi-value - returned value is not to be trusted. " + "Consider using name-based getValue method instead"); } return rdn.getValue(); }
private String getGroupFromString( String dnString ) { String result = dnString; try { LdapName dn = new LdapName( dnString ); result = String.valueOf( dn.getRdn( dn.size() - 1 ).getValue() ); } catch ( InvalidNameException e ) { this.getLogger().debug( "Expected a Group DN but found: " + dnString ); } return result; }
/** * Get the value of the Rdn at the requested index in the supplied Name. * * @param name the Name to work on. * @param index The 0-based index of the rdn value to retrieve. Must be in the range [0,size()). * @return the value of the rdn at the requested index. * @throws IndexOutOfBoundsException if index is outside the specified range. * @since 2.0 */ public static Object getValue(Name name, int index) { Assert.notNull(name, "name must not be null"); LdapName ldapName = returnOrConstructLdapNameFromName(name); Rdn rdn = ldapName.getRdn(index); if(rdn.size() > 1) { LOGGER.warn("Rdn at position " + index + " of dn '" + name + "' is multi-value - returned value is not to be trusted. " + "Consider using name-based getValue method instead"); } return rdn.getValue(); }
private String getGroupFromString( String dnString ) { String result = dnString; try { LdapName dn = new LdapName( dnString ); result = String.valueOf( dn.getRdn( dn.size() - 1 ).getValue() ); } catch ( InvalidNameException e ) { this.getLogger().debug( "Expected a Group DN but found: " + dnString ); } return result; }
public String getUsername() { if (this.userName == null) { this.userName = getCertificatePrincipal().getName(); if (subjectRegex == null) { try { LdapName ldapName = new LdapName(this.userName); this.userName = ldapName.getRdn(ldapName.size() - 1).getValue().toString(); } catch (Exception e) { throw new IdentityManagementException("Could not extract CN from X509.", e); } } else { Matcher matcher = Pattern.compile(this.subjectRegex).matcher(this.userName); if (matcher.find()) if (matcher.groupCount() != 1) { throw new IdentityManagementException("Single group expected from expression."); } this.userName = matcher.group(1); } } return this.userName; }
public String getUsername() { if (this.userName == null) { this.userName = getCertificatePrincipal().getName(); if (subjectRegex == null) { try { LdapName ldapName = new LdapName(this.userName); this.userName = ldapName.getRdn(ldapName.size() - 1).getValue().toString(); } catch (Exception e) { throw new IdentityManagementException("Could not extract CN from X509.", e); } } else { Matcher matcher = Pattern.compile(this.subjectRegex).matcher(this.userName); if (matcher.find()) if (matcher.groupCount() != 1) { throw new IdentityManagementException("Single group expected from expression."); } this.userName = matcher.group(1); } } return this.userName; }