Java Code Examples for javax.naming.ldap.LdapContext#close()
The following examples show how to use
javax.naming.ldap.LdapContext#close() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: GUISSOLdapClient.java From uavstack with Apache License 2.0 | 6 votes |
|
private void clearLdapContext(String action) {
try {
loggerInfo("LDAPContext", "清空", "开始", action);
if (ldapContexts.containsKey(action)) {
LdapContext context = ldapContexts.get(action);
context.close();
context = null;
ldapContexts.remove(action);
}
loggerInfo("LDAPContext", "清空", "完成", action);
}
catch (Exception e) {
loggerError("LDAPContext清空", action, e);
}
}
Example 2
| Source File: ReadOnlyLDAPUser.java From james-project with Apache License 2.0 | 6 votes |
|
/**
* Verifies that the password supplied is actually the user's password, by
* attempting to rebind to a copy of the LDAP server context using the user's
* username and the supplied password.
*
* @param password
* The password to validate.
* @return <code>True</code> if a connection can successfully be established
* to the LDAP host using the user's id and the supplied password,
* and <code>False</code> otherwise.
*/
@Override
public boolean verifyPassword(String password) {
boolean result = false;
LdapContext ldapContext = null;
try {
ldapContext = this.ldapContext.newInstance(null);
ldapContext.addToEnvironment(Context.SECURITY_AUTHENTICATION,
LdapConstants.SECURITY_AUTHENTICATION_SIMPLE);
ldapContext.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN);
ldapContext.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
ldapContext.reconnect(null);
result = true;
} catch (NamingException exception) {
// no-op
} finally {
if (null != ldapContext) {
try {
ldapContext.close();
} catch (NamingException ex) {
// no-op
}
}
}
return result;
}
Example 3
| Source File: UserServiceImpl.java From seppb with MIT License | 5 votes |
|
private void ldapClose(LdapContext ctx) {
if (null != ctx) {
try {
ctx.close();
} catch (NamingException e) {
log.error("认证服务关闭异常", e.getMessage());
}
}
}
Example 4
| Source File: LdapUserService.java From pmq with Apache License 2.0 | 5 votes |
|
private void doInitUser(Map<String, UserInfo> userInfos, Map<String, Organization> orgMap, String serverPath)
throws NamingException {
Properties env = new Properties();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "corp\\" + soaConfig.getMqLdapUser());
env.put(Context.SECURITY_CREDENTIALS, soaConfig.getMqLdapPass());
env.put(Context.PROVIDER_URL, adServer.get());
LdapContext ctx = new InitialLdapContext(env, null);
SearchControls searchCtls = new SearchControls();
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String searchFilter = String
.format("(&(objectClass=top)(objectClass=user)(objectClass=person)(objectClass=organizationalPerson))");
String returnedAtts[] = { "memberOf", "sAMAccountName", "cn", "distinguishedName", "mail" };
searchCtls.setReturningAttributes(returnedAtts);
NamingEnumeration<SearchResult> answer = ctx.search(serverPath, searchFilter, searchCtls);
while (answer.hasMoreElements()) {
SearchResult sr = (SearchResult) answer.next();
Attributes at = sr.getAttributes();
UserInfo userInfo = new UserInfo();
userInfo.setDepartment(getDValue(at.get("distinguishedName")));
userInfo.setEmail(getValue(at.get("mail")));
userInfo.setUserId(getValue(at.get("sAMAccountName")));
userInfo.setName(getValue(at.get("cn")));
userInfo.setAdmin(roleService.isAdmin(userInfo.getUserId()));
userInfos.put(userInfo.getUserId(), userInfo);
if (!StringUtils.isEmpty(userInfo.getDepartment())) {
Organization organization = new Organization();
organization.setOrgId(userInfo.getDepartment());
orgMap.put(userInfo.getDepartment(), organization);
}
}
ctx.close();
}
Example 5
| Source File: LdapManagerImpl.java From cosmic with Apache License 2.0 | 5 votes |
|
private void closeContext(final LdapContext context) {
try {
if (context != null) {
context.close();
}
} catch (final NamingException e) {
s_logger.warn(e.getMessage(), e);
}
}
Example 6
| Source File: LdapGroupProvider.java From Openfire with Apache License 2.0 | 5 votes |
|
/**
* Reads the group with the given DN
*
* @param groupDN the absolute DN of the group
* @param membersToIgnore A mutable set of DNs and/or UIDs (for Posix mode) to ignore. This set will be
* filled with visited DNs. If flatten of hierarchies of groups is active
* ({@link LdapManager#isFlattenNestedGroups()}, this will prevent endless loops
* for cyclic hierarchies.
* @return A group (never null)
* @throws NamingException When a group can't be read from LDAP.
*/
private Group getGroupByDN(LdapName groupDN, Set<String> membersToIgnore) throws NamingException {
LdapContext ctx = null;
try {
LdapName baseDN;
Name relativeDN;
if (manager.getAlternateBaseDN() != null
&& groupDN.startsWith(manager.getAlternateBaseDN())) {
baseDN = manager.getAlternateBaseDN();
} else if (groupDN.startsWith(manager.getBaseDN())) {
baseDN = manager.getBaseDN();
}
else {
throw new IllegalArgumentException("GroupDN does not match any baseDN");
}
relativeDN = groupDN.getSuffix(baseDN.size());
membersToIgnore.add(groupDN.toString());
// Load record.
ctx = manager.getContext(baseDN);
Attributes attrs = ctx.getAttributes(relativeDN, standardAttributes);
return processGroup(ctx, attrs, membersToIgnore);
}
finally {
try {
if (ctx != null) {
ctx.setRequestControls(null);
ctx.close();
}
}
catch (Exception ex) {
Log.debug( "An exception was ignored while trying to close the Ldap context after trying to get a group.", ex );
}
}
}
Example 7
| Source File: LdapManagerImpl.java From cloudstack with Apache License 2.0 | 5 votes |
|
private void closeContext(final LdapContext context) {
try {
if (context != null) {
context.close();
}
} catch (final NamingException e) {
LOGGER.warn(e.getMessage(), e);
}
}
Example 8
| Source File: LdapUserService.java From radar with Apache License 2.0 | 4 votes |
|
private void doInitUser(Map<String, UserBo> userInfos, Map<String, OrganizationBo> orgMap, String serverPath)
throws NamingException {
Properties env = new Properties();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, soaConfig.getRadarLdapUser());
env.put(Context.SECURITY_CREDENTIALS, soaConfig.getRadarLdapPass());
env.put(Context.PROVIDER_URL, adServer.get());
LdapContext ctx = new InitialLdapContext(env, null);
SearchControls searchCtls = new SearchControls();
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String searchFilter = String
.format("(&(objectClass=top)(objectClass=user)(objectClass=person)(objectClass=organizationalPerson))");
String returnedAtts[] = { "memberOf", "sAMAccountName", "cn", "distinguishedName", "mail" };
searchCtls.setReturningAttributes(returnedAtts);
NamingEnumeration<SearchResult> answer = ctx.search(serverPath, searchFilter, searchCtls);
while (answer.hasMoreElements()) {
SearchResult sr = (SearchResult) answer.next();
Attributes at = sr.getAttributes();
UserBo userBo = new UserBo();
userBo.setDepartment(getDValue(at.get("distinguishedName")));
userBo.setEmail(getValue(at.get("mail")));
userBo.setUserId(getValue(at.get("sAMAccountName")));
userBo.setName(getValue(at.get("cn")));
userBo.setAdmin(false);
if ((","+soaConfig.getAdminUsers()+",").indexOf(","+userBo.getUserId()+",") != -1) {
userBo.setAdmin(true);
}
userInfos.put(userBo.getUserId(), userBo);
if (!StringUtils.isEmpty(userBo.getDepartment())) {
OrganizationBo organization = new OrganizationBo();
organization.setOrgId(userBo.getDepartment());
organization.setOrgName(userBo.getDepartment());
orgMap.put(userBo.getDepartment(), organization);
}
}
ctx.close();
}
Example 9
| Source File: LdapAccessControl.java From light-oauth2 with Apache License 2.0 | 4 votes |
|
@Override
public boolean hasRole(final String username, final String attribute) {
final String key = username + "_attr_" + attribute;
final long now = System.currentTimeMillis();
try {
if (!matchedExpired(key, now)) {
return true;
}
if (!unMatchedExpired(key, now)) {
return false;
}
// query AD to update both MapS and expiration time
LOGGER.fine("username: " + username + "; role: " + attribute);
this.writeLock.lock();
try {
// remove from cache if exists
this.matchedList.remove(key);
this.unMatchedList.remove(key);
int count = 0;
final LdapContext context = new InitialLdapContext(environment, null);
for (String filter : this.policy) {
// perform AD lookup add to cache
final NamingEnumeration<SearchResult> results =
context.search(this.deecee
, String.format(filter, username, attribute)
, this.srchCntrls);
final boolean found = results.hasMoreElements();
results.close();
// add to cache
if (found) {
count++;
//LOGGER.info("add attribute to matchedList: " + attribute);
this.matchedList.put(key, System.currentTimeMillis());
if (!this.uniqueOnly) {
break;
}
}
// check if we have a duplicate attribute
if (count > 1 && this.uniqueOnly) {
this.matchedList.remove(key);
throw new IllegalArgumentException("Uniqueness property violated. "
+ "Found duplicate role/attribute:" + attribute
+ ". This MAY be caused by an improper policy definition"
+ "; filter=" + filter
+ "; policy=" + this.policy);
}
}
context.close();
if (0 == count) {
//LOGGER.info("add attribute to unMatchedList: " + attribute);
this.unMatchedList.put(key, System.currentTimeMillis());
} else {
cacheUserInfo(username);
}
} finally {
this.writeLock.unlock();
}
} catch (NamingException lex) {
LOGGER.severe(lex.getMessage());
throw new RuntimeException(lex);
}
return hasRole(username, attribute);
}
Example 10
| Source File: LdapManager.java From Openfire with Apache License 2.0 | 4 votes |
|
/**
* Generic routine for retrieving a single element from the LDAP server. It's meant to be very
* flexible so that just about any query for a single results can make use of it without having
* to reimplement their own calls to LDAP.
* <p>
* The passed in filter string needs to be pre-prepared! In other words, nothing will be changed
* in the string before it is used as a string.
*
* @param attribute LDAP attribute to be pulled from each result and placed in the return results.
* Typically pulled from this manager. Null means the the absolute DN is returned.
* @param searchFilter Filter to use to perform the search. Typically pulled from this manager.
* @param failOnMultipleResults It true, an {@link IllegalStateException} will be thrown, if the
* search result is not unique. If false, just the first result will be returned.
* @param baseDN DN where to start the search. Typically {@link #getBaseDN()} or {@link #getAlternateBaseDN()}.
* @return A single string.
*/
public String retrieveSingle(String attribute, String searchFilter, boolean failOnMultipleResults, LdapName baseDN) {
LdapContext ctx = null;
try {
ctx = getContext(baseDN);
SearchControls searchControls = new SearchControls();
// See if recursive searching is enabled. Otherwise, only search one level.
if (isSubTreeSearch()) {
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
}
else {
searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
}
searchControls.setReturningAttributes(attribute == null ? new String[0] : new String[]{attribute});
NamingEnumeration<SearchResult> answer = ctx.search("", searchFilter, searchControls);
if (answer == null || !answer.hasMoreElements()) {
return null;
}
SearchResult searchResult = answer.next();
String result = attribute == null
? new LdapName(searchResult.getName()).addAll(0, baseDN).toString() :
(String) searchResult.getAttributes().get(attribute).get();
if (answer.hasMoreElements()) {
Log.debug("Search result for '{}' is not unique.", searchFilter);
if (failOnMultipleResults)
throw new IllegalStateException("Search result for " + searchFilter + " is not unique.");
}
answer.close();
return result;
}
catch (Exception e) {
Log.error("Error while searching for single result of: {}", searchFilter, e);
return null;
}
finally {
try {
if (ctx != null) {
ctx.close();
}
} catch (Exception ex) {
Log.debug("An exception occurred while trying to close a LDAP context after trying to retrieve a single attribute element for {}.", attribute, ex);
}
}
}
