Java Code Examples for org.apache.directory.ldap.client.api.LdapNetworkConnection#close()
The following examples show how to use
org.apache.directory.ldap.client.api.LdapNetworkConnection#close() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: AuthenticationProviderService.java From guacamole-client with Apache License 2.0 | 5 votes |
|
/**
* Returns a UserContext object initialized with data accessible to the
* given AuthenticatedUser.
*
* @param authenticatedUser
* The AuthenticatedUser to retrieve data for.
*
* @return
* A UserContext object initialized with data accessible to the given
* AuthenticatedUser.
*
* @throws GuacamoleException
* If the UserContext cannot be created due to an error.
*/
public LDAPUserContext getUserContext(AuthenticatedUser authenticatedUser)
throws GuacamoleException {
// Bind using credentials associated with AuthenticatedUser
Credentials credentials = authenticatedUser.getCredentials();
if (authenticatedUser instanceof LDAPAuthenticatedUser) {
Dn bindDn = ((LDAPAuthenticatedUser) authenticatedUser).getBindDn();
LdapNetworkConnection ldapConnection = ldapService.bindAs(bindDn, credentials.getPassword());
if (ldapConnection == null) {
logger.debug("LDAP bind succeeded for \"{}\" during "
+ "authentication but failed during data retrieval.",
authenticatedUser.getIdentifier());
throw new GuacamoleInvalidCredentialsException("Invalid login.",
CredentialsInfo.USERNAME_PASSWORD);
}
try {
// Build user context by querying LDAP
LDAPUserContext userContext = userContextProvider.get();
userContext.init(authenticatedUser, ldapConnection);
return userContext;
}
// Always disconnect
finally {
ldapConnection.close();
}
}
return null;
}
Example 2
| Source File: AuthenticationProviderService.java From guacamole-client with Apache License 2.0 | 5 votes |
|
/**
* Returns a UserContext object initialized with data accessible to the
* given AuthenticatedUser.
*
* @param authenticatedUser
* The AuthenticatedUser to retrieve data for.
*
* @return
* A UserContext object initialized with data accessible to the given
* AuthenticatedUser.
*
* @throws GuacamoleException
* If the UserContext cannot be created due to an error.
*/
public LDAPUserContext getUserContext(AuthenticatedUser authenticatedUser)
throws GuacamoleException {
// Bind using credentials associated with AuthenticatedUser
Credentials credentials = authenticatedUser.getCredentials();
if (authenticatedUser instanceof LDAPAuthenticatedUser) {
Dn bindDn = ((LDAPAuthenticatedUser) authenticatedUser).getBindDn();
LdapNetworkConnection ldapConnection = ldapService.bindAs(bindDn, credentials.getPassword());
if (ldapConnection == null) {
logger.debug("LDAP bind succeeded for \"{}\" during "
+ "authentication but failed during data retrieval.",
authenticatedUser.getIdentifier());
throw new GuacamoleInvalidCredentialsException("Invalid login.",
CredentialsInfo.USERNAME_PASSWORD);
}
try {
// Build user context by querying LDAP
LDAPUserContext userContext = userContextProvider.get();
userContext.init(authenticatedUser, ldapConnection);
return userContext;
}
// Always disconnect
finally {
ldapConnection.close();
}
}
return null;
}
Example 3
| Source File: AuthenticationProviderService.java From guacamole-client with Apache License 2.0 | 4 votes |
|
/**
* Determines the DN which corresponds to the user having the given
* username. The DN will either be derived directly from the user base DN,
* or queried from the LDAP server, depending on how LDAP authentication
* has been configured.
*
* @param username
* The username of the user whose corresponding DN should be returned.
*
* @return
* The DN which corresponds to the user having the given username.
*
* @throws GuacamoleException
* If required properties are missing, and thus the user DN cannot be
* determined.
*/
private Dn getUserBindDN(String username) throws GuacamoleException {
// If a search DN is provided, search the LDAP directory for the DN
// corresponding to the given username
Dn searchBindDN = confService.getSearchBindDN();
if (searchBindDN != null) {
// Create an LDAP connection using the search account
LdapNetworkConnection searchConnection = ldapService.bindAs(
searchBindDN,
confService.getSearchBindPassword()
);
// Warn of failure to find
if (searchConnection == null) {
logger.error("Unable to bind using search DN \"{}\"", searchBindDN);
return null;
}
try {
// Retrieve all DNs associated with the given username
List<Dn> userDNs = userService.getUserDNs(searchConnection, username);
if (userDNs.isEmpty())
return null;
// Warn if multiple DNs exist for the same user
if (userDNs.size() != 1) {
logger.warn("Multiple DNs possible for user \"{}\": {}", username, userDNs);
return null;
}
// Return the single possible DN
return userDNs.get(0);
}
// Always disconnect
finally {
searchConnection.close();
}
}
// Otherwise, derive user DN from base DN
return userService.deriveUserDN(username);
}
Example 4
| Source File: AuthenticationProviderService.java From guacamole-client with Apache License 2.0 | 4 votes |
|
/**
* Returns an AuthenticatedUser representing the user authenticated by the
* given credentials. Also adds custom LDAP attributes to the
* AuthenticatedUser.
*
* @param credentials
* The credentials to use for authentication.
*
* @return
* An AuthenticatedUser representing the user authenticated by the
* given credentials.
*
* @throws GuacamoleException
* If an error occurs while authenticating the user, or if access is
* denied.
*/
public LDAPAuthenticatedUser authenticateUser(Credentials credentials)
throws GuacamoleException {
String username = credentials.getUsername();
String password = credentials.getPassword();
// Username and password are required
if (username == null
|| username.isEmpty()
|| password == null
|| password.isEmpty()) {
throw new GuacamoleInvalidCredentialsException(
"Anonymous bind is not currently allowed by the LDAP"
+ " authentication provider.", CredentialsInfo.USERNAME_PASSWORD);
}
Dn bindDn = getUserBindDN(username);
if (bindDn == null || bindDn.isEmpty()) {
throw new GuacamoleInvalidCredentialsException("Unable to determine"
+ " DN of user " + username, CredentialsInfo.USERNAME_PASSWORD);
}
// Attempt bind
LdapNetworkConnection ldapConnection = ldapService.bindAs(bindDn, password);
if (ldapConnection == null)
throw new GuacamoleInvalidCredentialsException("Invalid login.",
CredentialsInfo.USERNAME_PASSWORD);
try {
// Retrieve group membership of the user that just authenticated
Set<String> effectiveGroups =
userGroupService.getParentUserGroupIdentifiers(ldapConnection,
bindDn);
// Return AuthenticatedUser if bind succeeds
LDAPAuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
authenticatedUser.init(credentials, getAttributeTokens(ldapConnection,
bindDn), effectiveGroups, bindDn);
return authenticatedUser;
}
// Always disconnect
finally {
ldapConnection.close();
}
}
Example 5
| Source File: AuthenticationProviderService.java From guacamole-client with Apache License 2.0 | 4 votes |
|
/**
* Determines the DN which corresponds to the user having the given
* username. The DN will either be derived directly from the user base DN,
* or queried from the LDAP server, depending on how LDAP authentication
* has been configured.
*
* @param username
* The username of the user whose corresponding DN should be returned.
*
* @return
* The DN which corresponds to the user having the given username.
*
* @throws GuacamoleException
* If required properties are missing, and thus the user DN cannot be
* determined.
*/
private Dn getUserBindDN(String username) throws GuacamoleException {
// If a search DN is provided, search the LDAP directory for the DN
// corresponding to the given username
Dn searchBindDN = confService.getSearchBindDN();
if (searchBindDN != null) {
// Create an LDAP connection using the search account
LdapNetworkConnection searchConnection = ldapService.bindAs(
searchBindDN,
confService.getSearchBindPassword()
);
// Warn of failure to find
if (searchConnection == null) {
logger.error("Unable to bind using search DN \"{}\"", searchBindDN);
return null;
}
try {
// Retrieve all DNs associated with the given username
List<Dn> userDNs = userService.getUserDNs(searchConnection, username);
if (userDNs.isEmpty())
return null;
// Warn if multiple DNs exist for the same user
if (userDNs.size() != 1) {
logger.warn("Multiple DNs possible for user \"{}\": {}", username, userDNs);
return null;
}
// Return the single possible DN
return userDNs.get(0);
}
// Always disconnect
finally {
searchConnection.close();
}
}
// Otherwise, derive user DN from base DN
return userService.deriveUserDN(username);
}
Example 6
| Source File: AuthenticationProviderService.java From guacamole-client with Apache License 2.0 | 4 votes |
|
/**
* Returns an AuthenticatedUser representing the user authenticated by the
* given credentials. Also adds custom LDAP attributes to the
* AuthenticatedUser.
*
* @param credentials
* The credentials to use for authentication.
*
* @return
* An AuthenticatedUser representing the user authenticated by the
* given credentials.
*
* @throws GuacamoleException
* If an error occurs while authenticating the user, or if access is
* denied.
*/
public LDAPAuthenticatedUser authenticateUser(Credentials credentials)
throws GuacamoleException {
String username = credentials.getUsername();
String password = credentials.getPassword();
// Username and password are required
if (username == null
|| username.isEmpty()
|| password == null
|| password.isEmpty()) {
throw new GuacamoleInvalidCredentialsException(
"Anonymous bind is not currently allowed by the LDAP"
+ " authentication provider.", CredentialsInfo.USERNAME_PASSWORD);
}
Dn bindDn = getUserBindDN(username);
if (bindDn == null || bindDn.isEmpty()) {
throw new GuacamoleInvalidCredentialsException("Unable to determine"
+ " DN of user " + username, CredentialsInfo.USERNAME_PASSWORD);
}
// Attempt bind
LdapNetworkConnection ldapConnection = ldapService.bindAs(bindDn, password);
if (ldapConnection == null)
throw new GuacamoleInvalidCredentialsException("Invalid login.",
CredentialsInfo.USERNAME_PASSWORD);
try {
// Retrieve group membership of the user that just authenticated
Set<String> effectiveGroups =
userGroupService.getParentUserGroupIdentifiers(ldapConnection,
bindDn);
// Return AuthenticatedUser if bind succeeds
LDAPAuthenticatedUser authenticatedUser = authenticatedUserProvider.get();
authenticatedUser.init(credentials, getAttributeTokens(ldapConnection,
bindDn), effectiveGroups, bindDn);
return authenticatedUser;
}
// Always disconnect
finally {
ldapConnection.close();
}
}
