Java Code Examples for org.apache.directory.api.ldap.model.message.BindRequest#setCredentials()
The following examples show how to use
org.apache.directory.api.ldap.model.message.BindRequest#setCredentials() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: Dsmlv2Engine.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
/**
* Binds to the ldap server
*
* @param messageId the message Id
* @throws LdapException If we had an issue while binding
* @throws IOException If we had an issue while transmitting the request or re ceiving the response
*/
protected void bind( int messageId ) throws LdapException, IOException
{
if ( ( connection != null ) && connection.isAuthenticated() )
{
return;
}
if ( connection == null )
{
throw new IOException( I18n.err( I18n.ERR_02002_MISSING_CONNECTION_TO_BIND ) );
}
BindRequest bindRequest = new BindRequestImpl();
bindRequest.setSimple( true );
bindRequest.setCredentials( Strings.getBytesUtf8( password ) );
bindRequest.setName( user );
bindRequest.setVersion3( true );
bindRequest.setMessageId( messageId );
BindResponse bindResponse = connection.bind( bindRequest );
if ( bindResponse.getLdapResult().getResultCode() != ResultCodeEnum.SUCCESS )
{
if ( LOG.isWarnEnabled() )
{
LOG.warn( I18n.msg( I18n.MSG_02003_ERROR, bindResponse.getLdapResult().getDiagnosticMessage() ) );
}
}
}
Example 2
| Source File: AbstractLdapConnection.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
/**
* {@inheritDoc}
*/
@Override
public void bind( Dn name ) throws LdapException
{
byte[] credBytes = Strings.EMPTY_BYTES;
BindRequest bindRequest = new BindRequestImpl();
bindRequest.setDn( name );
bindRequest.setCredentials( credBytes );
BindResponse bindResponse = bind( bindRequest );
processResponse( bindResponse );
}
Example 3
| Source File: AbstractLdapConnection.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
/**
* {@inheritDoc}
*/
@Override
public void bind( Dn name, String credentials ) throws LdapException
{
byte[] credBytes = credentials == null ? Strings.EMPTY_BYTES : Strings.getBytesUtf8( credentials );
BindRequest bindRequest = new BindRequestImpl();
bindRequest.setDn( name );
bindRequest.setCredentials( credBytes );
BindResponse bindResponse = bind( bindRequest );
processResponse( bindResponse );
}
Example 4
| Source File: AbstractLdapConnection.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
/**
* Create a complete BindRequest ready to be sent.
*
* @param name The DN to bind with
* @param credentials The user's password
* @param saslMechanism The SASL mechanism to use
* @param controls The controls to send
* @return The created BindRequest
*/
protected BindRequest createBindRequest( String name, byte[] credentials, String saslMechanism, Control... controls )
{
// Set the new messageId
BindRequest bindRequest = new BindRequestImpl();
// Set the version
bindRequest.setVersion3( true );
// Set the name
bindRequest.setName( name );
// Set the credentials
if ( Strings.isEmpty( saslMechanism ) )
{
// Simple bind
bindRequest.setSimple( true );
bindRequest.setCredentials( credentials );
}
else
{
// SASL bind
bindRequest.setSimple( false );
bindRequest.setCredentials( credentials );
bindRequest.setSaslMechanism( saslMechanism );
}
// Add the controls
if ( ( controls != null ) && ( controls.length != 0 ) )
{
bindRequest.addAllControls( controls );
}
return bindRequest;
}
Example 5
| Source File: StoreSaslCredentials.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
/**
* {@inheritDoc}
*/
@Override
public void action( LdapMessageContainer<BindRequest> container )
{
BindRequest bindRequestMessage = container.getMessage();
// Get the Value and store it in the BindRequest
TLV tlv = container.getCurrentTLV();
// We have to handle the special case of a 0 length
// credentials
if ( tlv.getLength() == 0 )
{
bindRequestMessage.setCredentials( Strings.EMPTY_BYTES );
}
else
{
bindRequestMessage.setCredentials( tlv.getValue().getData() );
}
// We can have an END transition
container.setGrammarEndAllowed( true );
if ( LOG.isDebugEnabled() )
{
LOG.debug( I18n.msg( I18n.MSG_05117_SASL_CREDENTIALS_DECODED ) );
}
}
Example 6
| Source File: StoreSimpleAuth.java From directory-ldap-api with Apache License 2.0 | 5 votes |
|
/**
* {@inheritDoc}
*/
@Override
public void action( LdapMessageContainer<BindRequest> container )
{
BindRequest bindRequestMessage = container.getMessage();
TLV tlv = container.getCurrentTLV();
// Allocate the Authentication Object
bindRequestMessage.setSimple( true );
// We have to handle the special case of a 0 length simple
if ( tlv.getLength() == 0 )
{
bindRequestMessage.setCredentials( Strings.EMPTY_BYTES );
}
else
{
bindRequestMessage.setCredentials( tlv.getValue().getData() );
}
// We can have an END transition
container.setGrammarEndAllowed( true );
if ( LOG.isDebugEnabled() )
{
LOG.debug( I18n.msg( I18n.MSG_05119_SIMPLE_CREDENTIAL_DECODED ) );
}
}
Example 7
| Source File: LdapDataProvider.java From directory-fortress-core with Apache License 2.0 | 5 votes |
|
/**
* Calls the PoolMgr to perform an LDAP bind for a user/password combination. This function is valid
* if and only if the user entity is a member of the USERS data set.
*
* @param connection connection to ldap server.
* @param szUserDn contains the LDAP dn to the user entry in String format.
* @param password contains the password in clear text.
* @return bindResponse contains the result of the operation.
* @throws LdapException in the event of LDAP error.
*/
protected BindResponse bind( LdapConnection connection, String szUserDn, String password ) throws LdapException
{
COUNTERS.incrementBind();
Dn userDn = new Dn( szUserDn );
BindRequest bindReq = new BindRequestImpl();
bindReq.setDn( userDn );
bindReq.setCredentials( password );
bindReq.addControl( PP_REQ_CTRL );
return connection.bind( bindReq );
}
Example 8
| Source File: BindRequestHandler.java From MyVirtualDirectory with Apache License 2.0 | 4 votes |
|
/**
* For challenge/response exchange, generate the challenge.
* If the exchange is complete then send bind success.
*
* @param ldapSession
* @param ss
* @param bindRequest
*/
private void generateSaslChallengeOrComplete( LdapSession ldapSession, SaslServer ss,
BindRequest bindRequest ) throws Exception
{
LdapResult result = bindRequest.getResultResponse().getLdapResult();
// SaslServer will throw an exception if the credentials are null.
if ( bindRequest.getCredentials() == null )
{
bindRequest.setCredentials( StringConstants.EMPTY_BYTES );
}
try
{
// Compute the challenge
byte[] tokenBytes = ss.evaluateResponse( bindRequest.getCredentials() );
if ( ss.isComplete() )
{
// This is the end of the C/R exchange
if ( tokenBytes != null )
{
/*
* There may be a token to return to the client. We set it here
* so it will be returned in a SUCCESS message, after an LdapContext
* has been initialized for the client.
*/
ldapSession.putSaslProperty( SaslConstants.SASL_CREDS, tokenBytes );
}
LdapPrincipal ldapPrincipal = ( LdapPrincipal ) ldapSession
.getSaslProperty( SaslConstants.SASL_AUTHENT_USER );
if ( ldapPrincipal != null )
{
DirectoryService ds = ldapSession.getLdapServer().getDirectoryService();
String saslMechanism = bindRequest.getSaslMechanism();
byte[] password = null;
if ( ldapPrincipal.getUserPasswords() != null )
{
password = ldapPrincipal.getUserPasswords()[0];
}
CoreSession userSession = ds.getSession( ldapPrincipal.getDn(),
password, saslMechanism, null );
// Set the user session into the ldap session
ldapSession.setCoreSession( userSession );
// Store the IoSession in the coreSession
( ( DefaultCoreSession ) userSession ).setIoSession( ldapSession.getIoSession() );
}
// Mark the user as authenticated
ldapSession.setAuthenticated();
// Call the cleanup method for the selected mechanism
MechanismHandler handler = ( MechanismHandler ) ldapSession
.getSaslProperty( SaslConstants.SASL_MECH_HANDLER );
handler.cleanup( ldapSession );
// Return the successful response
sendBindSuccess( ldapSession, bindRequest, tokenBytes );
}
else
{
// The SASL bind must continue, we are sending the computed challenge
LOG.info( "Continuation token had length " + tokenBytes.length );
// Build the response
result.setResultCode( ResultCodeEnum.SASL_BIND_IN_PROGRESS );
BindResponse resp = bindRequest.getResultResponse();
// Store the challenge
resp.setServerSaslCreds( tokenBytes );
// Switch to SASLAuthPending
ldapSession.setSaslAuthPending();
// And write back the response
ldapSession.getIoSession().write( resp );
LOG.debug( "Returning final authentication data to client to complete context." );
}
}
catch ( SaslException se )
{
sendInvalidCredentials( ldapSession, bindRequest, se );
}
}
Example 9
| Source File: BindRequestHandler.java From MyVirtualDirectory with Apache License 2.0 | 4 votes |
|
/**
* For challenge/response exchange, generate the challenge. If the exchange is complete then send bind success.
*
* @param ldapSession
* @param ss
* @param bindRequest
*/
private void generateSaslChallengeOrComplete(LdapSession ldapSession, SaslServer ss,
BindRequest bindRequest) throws Exception {
LdapResult result = bindRequest.getResultResponse().getLdapResult();
// SaslServer will throw an exception if the credentials are null.
if (bindRequest.getCredentials() == null) {
bindRequest.setCredentials(StringConstants.EMPTY_BYTES);
}
try {
// Compute the challenge
byte[] tokenBytes = ss.evaluateResponse(bindRequest.getCredentials());
if (ss.isComplete()) {
// This is the end of the C/R exchange
if (tokenBytes != null) {
/*
* There may be a token to return to the client. We set it here
* so it will be returned in a SUCCESS message, after an LdapContext
* has been initialized for the client.
*/
ldapSession.putSaslProperty(SaslConstants.SASL_CREDS, tokenBytes);
}
LdapPrincipal ldapPrincipal = (LdapPrincipal) ldapSession
.getSaslProperty(SaslConstants.SASL_AUTHENT_USER);
if (ldapPrincipal != null) {
DirectoryService ds = ldapSession.getLdapServer().getDirectoryService();
String saslMechanism = bindRequest.getSaslMechanism();
byte[] password = null;
if (ldapPrincipal.getUserPasswords() != null) {
password = ldapPrincipal.getUserPasswords()[0];
}
CoreSession userSession = ds.getSession(ldapPrincipal.getDn(),
password, saslMechanism, null);
// Set the user session into the ldap session
ldapSession.setCoreSession(userSession);
// Store the IoSession in the coreSession
((DefaultCoreSession) userSession).setIoSession(ldapSession.getIoSession());
}
// Mark the user as authenticated
ldapSession.setAuthenticated();
// Call the cleanup method for the selected mechanism
MechanismHandler handler = (MechanismHandler) ldapSession
.getSaslProperty(SaslConstants.SASL_MECH_HANDLER);
handler.cleanup(ldapSession);
// Return the successful response
sendBindSuccess(ldapSession, bindRequest, tokenBytes);
} else {
// The SASL bind must continue, we are sending the computed challenge
LOG.info("Continuation token had length " + tokenBytes.length);
// Build the response
result.setResultCode(ResultCodeEnum.SASL_BIND_IN_PROGRESS);
BindResponse resp = (BindResponse) bindRequest.getResultResponse();
// Store the challenge
resp.setServerSaslCreds(tokenBytes);
// Switch to SASLAuthPending
ldapSession.setSaslAuthPending();
// And write back the response
ldapSession.getIoSession().write(resp);
LOG.debug("Returning final authentication data to client to complete context.");
}
} catch (SaslException se) {
sendInvalidCredentials(ldapSession, bindRequest, se);
}
}
