| <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../jacoco-resources/report.gif" type="image/gif"/><title>LdapSimpleAuthenticator.java</title><link rel="stylesheet" href="../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../index.html" class="el_report">jUDDI Core Services</a> > <a href="index.source.html" class="el_package">org.apache.juddi.v3.auth</a> > <span class="el_source">LdapSimpleAuthenticator.java</span></div><h1>LdapSimpleAuthenticator.java</h1><pre class="source lang-java linenums">/* |
| * Copyright 2001-2009 The Apache Software Foundation. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| package org.apache.juddi.v3.auth; |
| |
| import java.util.Hashtable; |
| |
| import javax.naming.Context; |
| import javax.naming.NamingException; |
| import javax.naming.ldap.InitialLdapContext; |
| import javax.naming.ldap.LdapContext; |
| import javax.persistence.EntityManager; |
| import javax.persistence.EntityTransaction; |
| import javax.xml.ws.WebServiceContext; |
| |
| import org.apache.commons.logging.Log; |
| import org.apache.commons.logging.LogFactory; |
| |
| import org.apache.juddi.config.AppConfig; |
| import org.apache.juddi.config.PersistenceManager; |
| import org.apache.juddi.config.Property; |
| import org.apache.juddi.model.Publisher; |
| import org.apache.juddi.model.UddiEntityPublisher; |
| import org.apache.juddi.v3.error.AuthenticationException; |
| import org.apache.juddi.v3.error.ErrorMessage; |
| import org.apache.juddi.v3.error.FatalErrorException; |
| import org.apache.juddi.v3.error.UnknownUserException; |
| |
| import org.apache.commons.configuration.ConfigurationException; |
| |
| /** |
| * This is a implementation of jUDDI's Authenticator interface, that uses the |
| * LDAP. z |
| * |
| * Usage: |
| * |
| * To use this class you must add the following properties to the |
| * juddiv3.properties file: |
| * |
| * # The LDAP Authenticator |
| * juddi.authenticator=org.apache.juddi.v3.auth.LdapSimpleAuthenticator |
| * |
| * # LDAP authentication URL |
| * juddi.authenticator.url=ldap://localhost:389 |
| * |
| * This authenticator assumes that the publisher username is the same as the LDAP |
| * principal name, which may not be the case as the LDAP principal might be a bind name. |
| * This class could easily be extended so that the uid of the LDAP authenticated user is |
| * used, or to authenticate by group.<br><br> |
| * |
| * This class was tested with OpenLDAP.<br> |
| * <br> See properties: |
| * {@link org.apache.juddi.config.Property#JUDDI_AUTHENTICATOR_INITIAL_CONTEXT JUDDI_AUTHENTICATOR_INITIAL_CONTEXT} |
| * {@link org.apache.juddi.config.Property#JUDDI_AUTHENTICATOR_STYLE JUDDI_AUTHENTICATOR_STYLE} |
| * |
| * @author <a href="mailto:tcunning@apache.org">Tom Cunningham</a> |
| * @author <a href="mailto:gunnlaugursig@gmail.com">Gunnlaugur SigurĂ°sson</a> |
| * @author <a href="mailto:alexoree@apache.org">Alex O'Ree</a> |
| * |
| * @since 3.2, all values are now configurable |
| * @see Property |
| * |
| */ |
| public class LdapSimpleAuthenticator implements Authenticator { |
| <span class="nc" id="L77"> private Log logger = LogFactory.getLog(this.getClass());</span> |
| |
| <span class="nc" id="L79"> private LdapContext ctx = null;</span> |
| //this needs to be a Hashtable, HashMap won't work here |
| <span class="nc" id="L81"> private Hashtable<String, String> env = null;</span> |
| <span class="nc" id="L82"> private String url = null;</span> |
| |
| private static final String DEFAULT_URL = "ldap://localhost:389"; |
| |
| <span class="nc" id="L86"> public LdapSimpleAuthenticator() throws NamingException, ConfigurationException {</span> |
| <span class="nc" id="L87"> String authURL = null;</span> |
| try { |
| <span class="nc" id="L89"> authURL = AppConfig.getConfiguration().getString(Property.JUDDI_AUTHENTICATOR_URL, DEFAULT_URL);</span> |
| <span class="nc" id="L90"> } catch (ConfigurationException ce) {</span> |
| <span class="nc" id="L91"> logger.error("Configuration exception occurred retrieving: " + Property.JUDDI_AUTHENTICATOR_URL);</span> |
| <span class="nc" id="L92"> throw new NamingException(Property.JUDDI_AUTHENTICATOR_URL + " missing from config or config is not available.");</span> |
| <span class="nc" id="L93"> }</span> |
| <span class="nc" id="L94"> init(authURL);</span> |
| <span class="nc" id="L95"> }</span> |
| |
| <span class="nc" id="L97"> public LdapSimpleAuthenticator(String url) throws NamingException, ConfigurationException {</span> |
| <span class="nc" id="L98"> init(url);</span> |
| <span class="nc" id="L99"> }</span> |
| |
| public void init(String url) throws NamingException, ConfigurationException { |
| <span class="nc" id="L102"> env = new Hashtable<String, String>();</span> |
| <span class="nc" id="L103"> env.put(Context.INITIAL_CONTEXT_FACTORY, AppConfig.getConfiguration().getString(Property.JUDDI_AUTHENTICATOR_INITIAL_CONTEXT, "com.sun.jndi.ldap.LdapCtxFactory"));</span> |
| <span class="nc" id="L104"> env.put(Context.SECURITY_AUTHENTICATION, AppConfig.getConfiguration().getString(Property.JUDDI_AUTHENTICATOR_STYLE, "simple"));</span> |
| <span class="nc" id="L105"> env.put(Context.PROVIDER_URL, url); // organization ldap url, example ldap://localhost:389</span> |
| |
| <span class="nc" id="L107"> this.url = url;</span> |
| |
| try { |
| <span class="nc" id="L110"> ctx = new InitialLdapContext(env, null);</span> |
| <span class="nc" id="L111"> } catch (NamingException e) {</span> |
| <span class="nc" id="L112"> logger.error("Naming exception " + e);</span> |
| <span class="nc" id="L113"> throw e;</span> |
| <span class="nc" id="L114"> }</span> |
| <span class="nc" id="L115"> }</span> |
| |
| public String authenticate(String authorizedName, String cred) |
| throws AuthenticationException, FatalErrorException { |
| <span class="nc bnc" id="L119" title="All 4 branches missed."> if (authorizedName == null || "".equals(authorizedName)) {</span> |
| <span class="nc" id="L120"> throw new UnknownUserException(new ErrorMessage("errors.auth.NoPublisher", authorizedName));</span> |
| } |
| |
| <span class="nc" id="L123"> int MaxBindingsPerService = -1;</span> |
| <span class="nc" id="L124"> int MaxServicesPerBusiness = -1;</span> |
| <span class="nc" id="L125"> int MaxTmodels = -1;</span> |
| <span class="nc" id="L126"> int MaxBusinesses = -1;</span> |
| try { |
| <span class="nc" id="L128"> MaxBindingsPerService = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_BINDINGS_PER_SERVICE, -1);</span> |
| <span class="nc" id="L129"> MaxServicesPerBusiness = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_SERVICES_PER_BUSINESS, -1);</span> |
| <span class="nc" id="L130"> MaxTmodels = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_TMODELS_PER_PUBLISHER, -1);</span> |
| <span class="nc" id="L131"> MaxBusinesses = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_BUSINESSES_PER_PUBLISHER, -1);</span> |
| <span class="nc" id="L132"> } catch (Exception ex) {</span> |
| <span class="nc" id="L133"> MaxBindingsPerService = -1;</span> |
| <span class="nc" id="L134"> MaxServicesPerBusiness = -1;</span> |
| <span class="nc" id="L135"> MaxTmodels = -1;</span> |
| <span class="nc" id="L136"> MaxBusinesses = -1;</span> |
| <span class="nc" id="L137"> logger.error("config exception! " + authorizedName, ex);</span> |
| <span class="nc" id="L138"> }</span> |
| <span class="nc" id="L139"> boolean isLdapUser = false;</span> |
| try { |
| <span class="nc" id="L141"> env = new Hashtable<String, String>();</span> |
| <span class="nc" id="L142"> env.put(Context.INITIAL_CONTEXT_FACTORY, AppConfig.getConfiguration().getString(Property.JUDDI_AUTHENTICATOR_INITIAL_CONTEXT, "com.sun.jndi.ldap.LdapCtxFactory"));</span> |
| <span class="nc" id="L143"> env.put(Context.SECURITY_AUTHENTICATION, AppConfig.getConfiguration().getString(Property.JUDDI_AUTHENTICATOR_STYLE, "simple"));</span> |
| <span class="nc" id="L144"> env.put(Context.PROVIDER_URL, url); // organization ldap url, example ldap://localhost:389</span> |
| <span class="nc" id="L145"> env.put(Context.SECURITY_PRINCIPAL, authorizedName);</span> |
| <span class="nc" id="L146"> env.put(Context.SECURITY_CREDENTIALS, cred);</span> |
| <span class="nc" id="L147"> ctx = new InitialLdapContext(env, null);</span> |
| <span class="nc" id="L148"> isLdapUser = true;</span> |
| <span class="nc" id="L149"> logger.info(authorizedName + " is authenticated");</span> |
| |
| <span class="nc" id="L151"> } catch (ConfigurationException e) {</span> |
| <span class="nc" id="L152"> logger.error(authorizedName + " is not authenticated", e);</span> |
| <span class="nc" id="L153"> throw new UnknownUserException(new ErrorMessage("errors.auth.NoPublisher", authorizedName));</span> |
| } |
| <span class="nc" id="L155"> catch (NamingException e) {</span> |
| <span class="nc" id="L156"> logger.error(authorizedName + " is not authenticated");</span> |
| <span class="nc" id="L157"> throw new UnknownUserException(new ErrorMessage("errors.auth.NoPublisher", authorizedName));</span> |
| }finally { |
| <span class="nc" id="L159"> try {</span> |
| <span class="nc" id="L160"> ctx.close();</span> |
| <span class="nc" id="L161"> } catch (NamingException e) {</span> |
| <span class="nc" id="L162"> logger.error("Context close failure " + e);</span> |
| <span class="nc" id="L163"> }</span> |
| <span class="nc" id="L164"> }</span> |
| |
| <span class="nc bnc" id="L166" title="All 2 branches missed."> if (isLdapUser) {</span> |
| <span class="nc" id="L167"> EntityManager em = PersistenceManager.getEntityManager();</span> |
| <span class="nc" id="L168"> EntityTransaction tx = em.getTransaction();</span> |
| try { |
| <span class="nc" id="L170"> tx.begin();</span> |
| <span class="nc" id="L171"> Publisher publisher = em.find(Publisher.class, authorizedName);</span> |
| <span class="nc bnc" id="L172" title="All 2 branches missed."> if (publisher == null) {</span> |
| <span class="nc" id="L173"> logger.warn("Publisher was not found in the database, adding the publisher in on the fly.");</span> |
| <span class="nc" id="L174"> publisher = new Publisher();</span> |
| <span class="nc" id="L175"> publisher.setAuthorizedName(authorizedName);</span> |
| <span class="nc" id="L176"> publisher.setIsAdmin("false");</span> |
| <span class="nc" id="L177"> publisher.setIsEnabled("true");</span> |
| <span class="nc" id="L178"> publisher.setMaxBindingsPerService(MaxBindingsPerService);</span> |
| <span class="nc" id="L179"> publisher.setMaxBusinesses(MaxBusinesses);</span> |
| <span class="nc" id="L180"> publisher.setMaxServicesPerBusiness(MaxServicesPerBusiness);</span> |
| <span class="nc" id="L181"> publisher.setMaxTmodels(MaxTmodels);</span> |
| <span class="nc" id="L182"> publisher.setPublisherName("Unknown");</span> |
| <span class="nc" id="L183"> em.persist(publisher);</span> |
| <span class="nc" id="L184"> tx.commit();</span> |
| } |
| } finally { |
| <span class="nc bnc" id="L187" title="All 4 branches missed."> if (tx.isActive()) {</span> |
| <span class="nc" id="L188"> tx.rollback();</span> |
| } |
| <span class="nc" id="L190"> em.close();</span> |
| <span class="nc" id="L191"> }</span> |
| <span class="nc" id="L192"> } else {</span> |
| <span class="nc" id="L193"> throw new UnknownUserException(new ErrorMessage("errors.auth.NoPublisher", authorizedName));</span> |
| } |
| <span class="nc" id="L195"> return authorizedName;</span> |
| } |
| |
| public UddiEntityPublisher identify(String authInfo, String authorizedName, WebServiceContext ctx) throws AuthenticationException, FatalErrorException { |
| <span class="nc" id="L199"> EntityManager em = PersistenceManager.getEntityManager();</span> |
| <span class="nc" id="L200"> EntityTransaction tx = em.getTransaction();</span> |
| try { |
| <span class="nc" id="L202"> tx.begin();</span> |
| <span class="nc" id="L203"> Publisher publisher = em.find(Publisher.class, authorizedName);</span> |
| <span class="nc bnc" id="L204" title="All 2 branches missed."> if (publisher == null)</span> |
| <span class="nc" id="L205"> throw new UnknownUserException(new ErrorMessage("errors.auth.NoPublisher", authorizedName));</span> |
| <span class="nc" id="L206"> return publisher;</span> |
| } finally { |
| <span class="nc bnc" id="L208" title="All 4 branches missed."> if (tx.isActive()) {</span> |
| <span class="nc" id="L209"> tx.rollback();</span> |
| } |
| <span class="nc" id="L211"> em.close();</span> |
| } |
| } |
| } |
| </pre><div class="footer"><span class="right">Created with <a href="http://www.jacoco.org/jacoco">JaCoCo</a> 0.7.9.201702052155</span></div></body></html> |