Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * To change this template, choose Tools | Templates
   * and open the template in the editor.
   */
  package org.connid.ad;
  
  import static org.identityconnectors.common.StringUtil.isNotBlank;
  import static org.identityconnectors.ldap.LdapUtil.nullAsEmpty;
 
 import  com.sun.jndi.ldap.ctl.PasswordExpiredResponseControl;
 import java.util.List;

Author(s):
fabio
 
 public class ADConnection extends LdapConnection {
 
     private static final Log LOG = Log.getLog(ADConnection.class);
 
     private static final String LDAP_CTX_FACTORY =
             "com.sun.jndi.ldap.LdapCtxFactory";
 
     private static final String LDAP_CTX_SOCKET_FACTORY =
             "java.naming.ldap.factory.socket";
 
     private static final String LDAP_BINARY_ATTRIBUTE =
             "java.naming.ldap.attributes.binary";
 
     private LdapContext initCtx = null;
 
     private LdapContext syncCtx = null;
 
     private final ADSchema schema;
 
     private ADConfiguration config;
 
     public ADConnection(ADConfiguration config) {
         super(config);
         this. = config;
          = new ADSchema(this);
     }
 
     @Override
             final String entryDNfinal GuardedString password) {
 
         assert entryDN != null;
 
         if (.isOk()) {
             .ok("Attempting to authenticate {0}"entryDN);
         }
 
         final Pair<AuthenticationResultLdapContextpair =
                 createContext(entryDNpassword);
 
         if (pair.second != null) {
             quietClose(pair.second);
         }
 
         if (.isOk()) {
             .ok("Authentication result: {0}"pair.first);
         }
 
         return pair.first;
     }
 
     public ADSchema getADSchema() {
         return ;
     }
 
     public LdapContext getSyncContext(final Control[] control) {
         return cloneContext(control);
     }
 
     @Override
     public void close() {
         try {
             super.close();
             quietClose();
             quietClose();
         } finally {
              = null;
              = null;
        }
    }
    private LdapContext cloneContext(final Control[] control) {
        LdapContext ctx = null;
        try {
            @SuppressWarnings("UseOfObsoleteCollectionType")
            final java.util.Hashtable env = new java.util.Hashtable(
                    getInitialContext().getEnvironment());
            ctx = new InitialLdapContext(envnull);
            ctx.setRequestControls(control);
        } catch (NamingException e) {
            .error(e"Context initialization failed");
        }
        return ctx;
    }
    private static void quietClose(final LdapContext ctx) {
        try {
            if (ctx != null) {
                ctx.close();
            }
        } catch (NamingException e) {
            .warn(e"Failure closing context");
        }
    }
    @Override
    public LdapContext getInitialContext() {
        if (this. != null) {
            return this.;
        }
        this. = connect(.getPrincipal(), .getCredentials());
        return ;
    }
    private LdapContext connect(String principalGuardedString credentials) {
        final Pair<AuthenticationResultLdapContextpair =
                createContext(principalcredentials);
        .error("Authentication result {0}"pair.first.getType());
        if (pair.first.getType().equals(.)) {
            return pair.second;
        }
        pair.first.propagate();
        throw new IllegalStateException("Should never get here");
    }
            final String principalfinal GuardedString credentials) {
        final List<Pair<AuthenticationResultLdapContext>> result =
                new ArrayList<Pair<AuthenticationResultLdapContext>>(1);
        @SuppressWarnings("UseOfObsoleteCollectionType")
        final java.util.Hashtable<ObjectObjectenv =
                new java.util.Hashtable<ObjectObject>();
        env.put(.getLdapUrls());
        env.put(."follow");
        if (.isSsl()) {
            env.put(."ssl");
            if (.isTrustAllCerts()) {
                env.put(,
                        "org.connid.ad.util.TrustAllSocketFactory");
            }
        }
        // needs one env property more to retrieve binary objectGUID
        env.put("objectGUID");
        String authentication = isNotBlank(principal) ? "simple" : "none";
        env.put(.authentication);
        if (.isOk()) {
            .ok("Initial context environment: {0}"env);
        }
        if (isNotBlank(principal)) {
            env.put(.principal);
            if (credentials != null) {
                credentials.access(new Accessor() {
                    @Override
                    public void access(char[] clearChars) {
                        env.put(.,
                                new String(clearChars));
                    }
                });
            }
        }
        result.add(createContext(env));
        return result.get(0);
    }
            @SuppressWarnings("UseOfObsoleteCollectionType")
            final java.util.Hashtable<?, ?> env) {
        AuthenticationResult authnResult = null;
        InitialLdapContext context = null;
        try {
            context = new InitialLdapContext(envnull);
                if (hasPasswordExpiredControl(context.getResponseControls())) {
                    authnResult = new AuthenticationResult(
                            .);
                }
            }
        } catch (AuthenticationException e) {
            // TODO: check AD response
            String message = e.getMessage().toLowerCase();
            if (message.contains("password expired")) { // Sun DS.
                authnResult = new AuthenticationResult(
                        .e);
            } else if (message.contains("password has expired")) { // RACF.
                authnResult = new AuthenticationResult(
                        .e);
            } else {
                authnResult = new AuthenticationResult(
                        .e);
            }
        } catch (NamingException e) {
            authnResult = new AuthenticationResult(
                    .e);
        }
        if (authnResult == null) {
            assert context != null;
            authnResult = new AuthenticationResult(
                    .);
        }
        return new Pair<AuthenticationResultLdapContext>(authnResultcontext);
    }
    private static boolean hasPasswordExpiredControl(final Control[] controls) {
        if (controls != null) {
            for (Control control : controls) {
                if (control instanceof PasswordExpiredResponseControl) {
                    return true;
                }
            }
        }
        return false;
    }
    private String getLdapUrls() {
        final StringBuilder builder = new StringBuilder();
        builder.append("ldap://").
                append(.getHost()).append(':').append(.getPort());
        for (String failover : nullAsEmpty(.getFailover())) {
            builder.append(' ');
            builder.append(failover);
        }
        return builder.toString();
    }
    @Override
    public void test() {
        checkAlive();
    }
    @Override
    public void checkAlive() {
        try {
            final Attributes attrs = getInitialContext().
                    getAttributes(""new String[]{"subschemaSubentry"});
            attrs.get("subschemaSubentry");
        } catch (NamingException e) {
            throw new ConnectorException(e);
        }
    }
New to GrepCode? Check out our FAQ X