diff options
| -rw-r--r-- | src/main/java/com/c2kernel/lookup/ldap/LDAPLookup.java | 20 | ||||
| -rw-r--r-- | src/main/java/com/c2kernel/lookup/ldap/LDAPProperties.java | 208 |
2 files changed, 190 insertions, 38 deletions
diff --git a/src/main/java/com/c2kernel/lookup/ldap/LDAPLookup.java b/src/main/java/com/c2kernel/lookup/ldap/LDAPLookup.java index 96fe82b..96ab609 100644 --- a/src/main/java/com/c2kernel/lookup/ldap/LDAPLookup.java +++ b/src/main/java/com/c2kernel/lookup/ldap/LDAPLookup.java @@ -51,26 +51,28 @@ import com.novell.ldap.LDAPSearchResults; * @author $Author: abranson $
*/
-public class LDAPLookup implements LookupManager
-
-{
+public class LDAPLookup implements LookupManager{
+
protected LDAPAuthManager mLDAPAuth;
protected LDAPPropertyManager mPropManager;
-
+ protected LDAPProperties ldapProps;
+
private String mGlobalPath, mRootPath, mLocalPath, mRolePath, mItemTypeRoot, mDomainTypeRoot;
- LDAPProperties ldapProps;
+ /**
+ *
+ */
public LDAPLookup() {
+ super();
}
-
/**
* Initializes the DN paths from the Root, global and local paths supplied by the LDAP properties.
* @param props
*/
- protected void initPaths(LDAPProperties props)
- {
- Logger.msg(8,"LDAPLookup - initialising.");
+ protected void initPaths(LDAPProperties props){
+
+ Logger.msg(8,"LDAPLookup.initPaths(): - initialising with LDAPProperties");
ldapProps = props;
mGlobalPath=props.mGlobalPath;
diff --git a/src/main/java/com/c2kernel/lookup/ldap/LDAPProperties.java b/src/main/java/com/c2kernel/lookup/ldap/LDAPProperties.java index 1e9f971..289b206 100644 --- a/src/main/java/com/c2kernel/lookup/ldap/LDAPProperties.java +++ b/src/main/java/com/c2kernel/lookup/ldap/LDAPProperties.java @@ -1,38 +1,188 @@ -/*
+package com.c2kernel.lookup.ldap;
+
+/**
* Directory Lookup Service
-*/
+ *
+ * This represent
+ *
+ */
-package com.c2kernel.lookup.ldap;
+import javax.xml.bind.DatatypeConverter;
import com.c2kernel.utils.ObjectProperties;
/**
+ * example:
+ *
+ * <pre>
+ * # LDAP Lookup config
+ * # use the ApacheDS 2.0.0 M15 available using the port 10389
+ * LDAP.GlobalPath=dc=cristalosgiglobal
+ * LDAP.RootPath=cn=cristalosgiroot
+ * LDAP.LocalPath=cn=cristalosgilocal
+ * LDAP.port=10389
+ * LDAP.host=localhost
+ * LDAP.user=uid=admin,ou=system
+ * LDAP.password=xxxxxx
+ * or
+ * LDAP.password64=xxxxxx
+ * </pre>
+ *
* @version $Revision: 1.16 $ $Date: 2005/10/12 12:51:54 $
- * @author $Author: abranson $
+ * @author $Author: abranson $
+ * @author ogattaz
*/
-public class LDAPProperties
-{
- public String mGlobalPath = null; //o=cern.ch
- public String mRootPath = null; //cn=cristal2
- public String mLocalPath = null; //cn=lab27
- public Integer mPort = null;
- public String mHost = null;
- public String mUser = null;
- public String mPassword = null;
-
- public LDAPProperties(ObjectProperties obj)
- {
- mGlobalPath = obj.getProperty( "LDAP.GlobalPath" );
- mRootPath = obj.getProperty( "LDAP.RootPath" );
- mLocalPath = obj.getProperty( "LDAP.LocalPath" );
- mPort = obj.getInt( "LDAP.port", 389 );
- mHost = obj.getProperty( "LDAP.host" );
- mUser = obj.getProperty( "LDAP.user" );
- mPassword = obj.getProperty( "LDAP.password" );
-
- mRootPath += "," + mGlobalPath;
- mLocalPath += "," + mRootPath;
-
- }
-}
+public class LDAPProperties {
+
+ private static final String BAD_PASSWORD_MESSAGE = "bad base64 password value";
+
+ public static final String LDAP_PROP_GPATH = "LDAP.GlobalPath";
+ public static final String LDAP_PROP_HOST = "LDAP.host";
+ public static final String LDAP_PROP_LPATH = "LDAP.LocalPath";
+ public static final String LDAP_PROP_PASS = "LDAP.password";
+ public static final String LDAP_PROP_PASS64 = "LDAP.password64";
+ public static final String LDAP_PROP_PORT = "LDAP.port";
+ public static final String LDAP_PROP_RPATH = "LDAP.RootPath";
+ public static final String LDAP_PROP_USER = "LDAP.user";
+
+ public String mGlobalPath = null; // o=cern.ch
+ public String mHost = null;
+ public String mLocalPath = null; // cn=lab27
+ public String mPassword = null;
+ public Integer mPort = null;
+ public String mRootPath = null; // cn=cristal2
+ public String mUser = null;
+
+ /**
+ * @param aObjectProps
+ * an ObjectProperties instance comming from clc file for exemple
+ */
+ public LDAPProperties(final ObjectProperties aObjectProps) {
+
+ if (aObjectProps != null) {
+
+ mGlobalPath = aObjectProps.getProperty(LDAP_PROP_GPATH);
+
+ mRootPath = aObjectProps.getProperty(LDAP_PROP_RPATH);
+ if (mRootPath != null) {
+ mRootPath += "," + mGlobalPath;
+ }
+
+ mLocalPath = aObjectProps.getProperty(LDAP_PROP_LPATH);
+ if (mLocalPath != null) {
+ mLocalPath += "," + mRootPath;
+ }
+
+ mPort = aObjectProps.getInt(LDAP_PROP_PORT, 389);
+ mHost = aObjectProps.getProperty(LDAP_PROP_HOST);
+ mUser = aObjectProps.getProperty(LDAP_PROP_USER);
+ mPassword = aObjectProps.getProperty(LDAP_PROP_PASS);
+
+ // if raw password not available, try to find base64 one
+ if (mPassword == null) {
+ mPassword = aObjectProps.getProperty(LDAP_PROP_PASS64);
+ // if base64 password available
+ if (mPassword != null) {
+ mPassword = translateBase64OPassword(mPassword);
+ }
+ }
+ }
+ }
+ /**
+ * @param aPropertyName
+ * the name of the property associated to the member
+ * @param aMemberValue
+ * the value to check
+ * @return true if valid
+ * @throws IllegalArgumentException
+ * if not valid
+ */
+ private boolean checkMemberValidity(final String aPropertyName,
+ final String aMemberValue) throws IllegalArgumentException {
+
+ if (isMemberValueValid(aMemberValue))
+ return true;
+
+ throw new IllegalArgumentException(String.format(
+ "The LDAP property [%s] is not valid. The member value=[%s]",
+ aPropertyName, aMemberValue));
+ }
+
+ /**
+ * @param aValue
+ * the value to be checked
+ * @return true if not null and not empty
+ */
+ private boolean checkPasswordValidity(final String aPasswordValue)
+ throws IllegalArgumentException {
+
+ if (checkMemberValidity(LDAP_PROP_PASS, aPasswordValue)) {
+
+ if (aPasswordValue.contains(BAD_PASSWORD_MESSAGE)) {
+ throw new IllegalArgumentException(
+ String.format(
+ "The LDAP property [%s] is not valid. The member value=[%s]",
+ LDAP_PROP_PASS, aPasswordValue));
+ }
+ }
+ return true;
+ }
+
+ /**
+ * @return true is valid
+ * @throws IllegalArgumentException
+ * if one of the members is not valid (null or empty)
+ */
+ public boolean checkValidity() throws IllegalArgumentException {
+
+ return checkMemberValidity(LDAP_PROP_GPATH, mGlobalPath)
+ && checkMemberValidity(LDAP_PROP_RPATH, mRootPath)
+ && checkMemberValidity(LDAP_PROP_LPATH, mLocalPath)
+ && checkMemberValidity(LDAP_PROP_HOST, mHost)
+ && checkMemberValidity(LDAP_PROP_USER, mUser)
+ && checkPasswordValidity(mPassword);
+ }
+
+ /**
+ * @param aValue
+ * the value to be checked
+ * @return true if not null and not empty
+ */
+ private boolean isMemberValueValid(final String aValue) {
+
+ return (aValue != null && !aValue.isEmpty());
+ }
+
+ /**
+ * @return true if the password is not null, not empty and is decoded id the
+ * passed property is a password64 one
+ */
+ public boolean isPasswordValid() {
+ try {
+ return checkPasswordValidity(mPassword);
+ } catch (IllegalArgumentException ex) {
+ return false;
+ }
+ }
+
+ /**
+ * @param aBase6Password
+ * the encoded password
+ * @return the decodded password or a dummy phrase which cause an explicit
+ * error when it will be used during the connection
+ */
+ private String translateBase64OPassword(final String aBase6Password) {
+
+ try {
+ // DatatypeConverter tool class available since java 1.5.
+ // Throws IllegalArgumentException if value not conform
+ return new String(
+ DatatypeConverter.parseBase64Binary(aBase6Password));
+
+ } catch (IllegalArgumentException ex) {
+ return String.format("#### %s [%s] ####", BAD_PASSWORD_MESSAGE,
+ aBase6Password);
+ }
+ }
+}
|