Java Code Examples for javax.naming.ldap.InitialLdapContext#search()
The following examples show how to use
javax.naming.ldap.InitialLdapContext#search() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: LdapRolesMappingProvider.java From lams with GNU General Public License v2.0 | 4 votes |
|
protected void rolesSearch(InitialLdapContext ctx, SearchControls constraints, String user, String previousRoleDn,
int recursionMax, int nesting, RoleGroup roleGroup) throws NamingException
{
Object[] filterArgs = {user};
String searchFilter = previousRoleDn == null ? roleFilter : "member=" + previousRoleDn;
NamingEnumeration<SearchResult> results = ctx.search(rolesCtxDN, searchFilter, filterArgs, constraints);
try
{
while (results.hasMore())
{
SearchResult sr = results.next();
String dn = canonicalize(sr.getName());
// Query the context for the roleDN values
String[] attrNames = {roleAttributeID};
Attributes result = ctx.getAttributes(dn, attrNames);
if (result != null && result.size() > 0)
{
Attribute roles = result.get(roleAttributeID);
for (int n = 0; n < roles.size(); n++)
{
String roleName = (String) roles.get(n);
if (roleAttributeIsDN && parseRoleNameFromDN)
{
parseRole(roleName, roleGroup);
}
else if (roleAttributeIsDN)
{
// Query the roleDN location for the value of roleNameAttributeID
String roleDN = roleName;
String[] returnAttribute = {roleNameAttributeID};
PicketBoxLogger.LOGGER.traceFollowRoleDN(roleDN);
try
{
Attributes result2 = ctx.getAttributes(roleDN, returnAttribute);
Attribute roles2 = result2.get(roleNameAttributeID);
if (roles2 != null)
{
for (int m = 0; m < roles2.size(); m++)
{
roleName = (String) roles2.get(m);
addRole(roleName, roleGroup);
}
}
}
catch (NamingException e)
{
PicketBoxLogger.LOGGER.debugFailureToQueryLDAPAttribute(roleNameAttributeID, roleDN, e);
}
}
else
{
// The role attribute value is the role name
addRole(roleName, roleGroup);
}
}
}
if (nesting < recursionMax)
{
rolesSearch(ctx, constraints, user, dn, recursionMax, nesting + 1, roleGroup);
}
}
}
finally
{
if (results != null)
results.close();
}
}
Example 2
| Source File: LdapUsersLoginModule.java From lams with GNU General Public License v2.0 | 4 votes |
|
protected String bindDNAuthentication(InitialLdapContext ctx, String user, Object credential, String baseDN,
String filter) throws NamingException
{
SearchControls constraints = new SearchControls();
constraints.setSearchScope(searchScope);
constraints.setTimeLimit(searchTimeLimit);
String attrList[] = {distinguishedNameAttribute};
constraints.setReturningAttributes(attrList);
NamingEnumeration<SearchResult> results = null;
Object[] filterArgs = {user};
results = ctx.search(baseDN, filter, filterArgs, constraints);
if (!results.hasMore())
{
results.close();
throw PicketBoxMessages.MESSAGES.failedToFindBaseContextDN(baseDN);
}
SearchResult sr = results.next();
String name = sr.getName();
String userDN = null;
Attributes attrs = sr.getAttributes();
if (attrs != null)
{
Attribute dn = attrs.get(distinguishedNameAttribute);
if (dn != null)
{
userDN = (String) dn.get();
}
}
if (userDN == null)
{
if (sr.isRelative())
userDN = name + ("".equals(baseDN) ? "" : "," + baseDN);
else
throw PicketBoxMessages.MESSAGES.unableToFollowReferralForAuth(name);
}
results.close();
results = null;
// Bind as the user dn to authenticate the user
InitialLdapContext userCtx = constructInitialLdapContext(userDN, credential);
userCtx.close();
return userDN;
}
Example 3
| Source File: LdapCallbackHandler.java From lams with GNU General Public License v2.0 | 4 votes |
|
/**
@param ctx - the context to search from
@param user - the input username
@param credential - the bind credential
@param baseDN - base DN to search the ctx from
@param filter - the search filter string
@return the userDN string for the successful authentication
@throws NamingException
*/
@SuppressWarnings("rawtypes")
protected String bindDNAuthentication(InitialLdapContext ctx, String user, Object credential, String baseDN,
String filter) throws NamingException
{
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
constraints.setTimeLimit(searchTimeLimit);
String attrList[] = {distinguishedNameAttribute};
constraints.setReturningAttributes(attrList);
NamingEnumeration results = null;
Object[] filterArgs = {user};
results = ctx.search(baseDN, filter, filterArgs, constraints);
if (results.hasMore() == false)
{
results.close();
throw PicketBoxMessages.MESSAGES.failedToFindBaseContextDN(baseDN);
}
SearchResult sr = (SearchResult) results.next();
String name = sr.getName();
String userDN = null;
Attributes attrs = sr.getAttributes();
if (attrs != null)
{
Attribute dn = attrs.get(distinguishedNameAttribute);
if (dn != null)
{
userDN = (String) dn.get();
}
}
if (userDN == null)
{
if (sr.isRelative() == true)
userDN = name + ("".equals(baseDN) ? "" : "," + baseDN);
else
throw PicketBoxMessages.MESSAGES.unableToFollowReferralForAuth(name);
}
safeClose(results);
results = null;
InitialLdapContext userCtx = constructInitialLdapContext(userDN, credential);
safeClose(userCtx);
return userDN;
}
Example 4
| Source File: JndiLdapAdditionalSignature.java From Android_Code_Arbiter with GNU Lesser General Public License v3.0 | 4 votes |
|
public static void moreLdapInjections(String input) throws NamingException {
//Stub instances
Properties props = new Properties();
props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
props.put(Context.PROVIDER_URL, "ldap://ldap.example.com");
props.put(Context.REFERRAL, "ignore");
SearchControls ctrls = new SearchControls();
ctrls.setReturningAttributes(new String[]{"givenName", "sn"});
ctrls.setSearchScope(SearchControls.SUBTREE_SCOPE);
//Various context instance store in various type (class or interface)
DirContext context1 = new InitialDirContext(props);
InitialDirContext context2 = new InitialDirContext(props);
InitialLdapContext context3 = new InitialLdapContext();
LdapContext context4 = new InitialLdapContext();
NamingEnumeration<SearchResult> answers;
answers = context1.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", ctrls);
answers = context1.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", new Object[0], ctrls);
answers = context1.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", ctrls);
answers = context1.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", new Object[0], ctrls);
answers = context2.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", ctrls);
answers = context2.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", new Object[0], ctrls);
answers = context2.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", ctrls);
answers = context2.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", new Object[0], ctrls);
answers = context3.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", ctrls);
answers = context3.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", new Object[0], ctrls);
answers = context3.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", ctrls);
answers = context3.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", new Object[0], ctrls);
answers = context4.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", ctrls);
answers = context4.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", new Object[0], ctrls);
answers = context4.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", ctrls);
answers = context4.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", new Object[0], ctrls);
//False positive
answers = context1.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=bob)", ctrls);
answers = context1.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=bob)", new Object[0], ctrls);
answers = context1.search("dc=People,dc=example,dc=com", "(uid=bob)", ctrls);
answers = context1.search("dc=People,dc=example,dc=com", "(uid=bob)", new Object[0], ctrls);
}
