Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
==================== DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. Copyright 2008-2009 Sun Microsystems, Inc. All rights reserved. Copyright 2011-2013 Tirasa. All rights reserved. The contents of this file are subject to the terms of the Common Development and Distribution License("CDDL") (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the License at https://oss.oracle.com/licenses/CDDL See the License for the specific language governing permissions and limitations under the License. When distributing the Covered Code, include this CDDL Header Notice in each file and include the License file at https://oss.oracle.com/licenses/CDDL. If applicable, add the following below this CDDL Header, with the fields enclosed by brackets [] replaced by your own identifying information: "Portions Copyrighted [year] [name of copyright owner]" ====================
 
 package org.connid.bundles.ad;
 
 import static org.connid.bundles.ldap.commons.LdapUtil.nullAsEmpty;
 import static org.identityconnectors.common.StringUtil.isNotBlank;
 
 import java.util.List;
 
 public class ADConnection extends LdapConnection {
 
     private static final Log LOG = Log.getLog(ADConnection.class);
 
     private static final String LDAP_CTX_FACTORY =
             "com.sun.jndi.ldap.LdapCtxFactory";
 
     private static final String LDAP_CTX_SOCKET_FACTORY =
             "java.naming.ldap.factory.socket";
 
     private static final String LDAP_BINARY_ATTRIBUTE =
             "java.naming.ldap.attributes.binary";
 
     private LdapContext initCtx = null;
 
     private LdapContext syncCtx = null;
 
     private final ADSchema schema;
 
     private ADConfiguration config;
 
     public ADConnection(ADConfiguration config) {
         super(config);
         this. = config;
          = new ADSchema(this);
     }
 
     @Override
     public AuthenticationResult authenticate(final String entryDNfinal GuardedString password) {
 
         assert entryDN != null;
 
         if (.isOk()) {
             .ok("Attempting to authenticate {0}"entryDN);
         }
 
         final Pair<AuthenticationResultLdapContextpair = createContext(entryDNpassword);
 
         if (pair.second != null) {
             quietClose(pair.second);
         }
 
         if (.isOk()) {
             .ok("Authentication result: {0}"pair.first);
         }
 
         return pair.first;
     }
 
     public ADSchema getADSchema() {
        return ;
    }
    public LdapContext getSyncContext(final Control[] control) {
        return cloneContext(control);
    }
    @Override
    public void close() {
        try {
            super.close();
            quietClose();
            quietClose();
        } finally {
             = null;
             = null;
        }
    }
    private LdapContext cloneContext(final Control[] control) {
        LdapContext ctx = null;
        try {
            @SuppressWarnings({"UseOfObsoleteCollectionType""rawtypes""unchecked"})
            final Hashtable env = new Hashtable(getInitialContext().getEnvironment());
            ctx = new InitialLdapContext(envnull);
            ctx.setRequestControls(control);
        } catch (NamingException e) {
            .error(e"Context initialization failed");
        }
        return ctx;
    }
    private static void quietClose(final LdapContext ctx) {
        try {
            if (ctx != null) {
                ctx.close();
            }
        } catch (NamingException e) {
            .warn(e"Failure closing context");
        }
    }
    @Override
    public LdapContext getInitialContext() {
        if (this. != null) {
            return this.;
        }
        this. = connect(.getPrincipal(), .getCredentials());
        return ;
    }
    private LdapContext connect(String principalGuardedString credentials) {
        final Pair<AuthenticationResultLdapContextpair =
                createContext(principalcredentials);
        .error("Authentication result {0}"pair.first.getType());
        if (pair.first.getType().equals(.)) {
            return pair.second;
        }
        pair.first.propagate();
        throw new IllegalStateException("Should never get here");
    }
            final String principalfinal GuardedString credentials) {
        final List<Pair<AuthenticationResultLdapContext>> result =
                new ArrayList<Pair<AuthenticationResultLdapContext>>(1);
        @SuppressWarnings("UseOfObsoleteCollectionType")
        final java.util.Hashtable<ObjectObjectenv = new java.util.Hashtable<ObjectObject>();
        env.put(.getLdapUrls());
        env.put(."follow");
        if (.isSsl()) {
            env.put(."ssl");
            if (.isTrustAllCerts()) {
                env.put(TrustAllSocketFactory.class.getName());
            }
        }
        // needs one env property more to retrieve binary objectGUID
        env.put("objectGUID");
        String authentication = isNotBlank(principal) ? "simple" : "none";
        env.put(.authentication);
        if (.isOk()) {
            .ok("Initial context environment: {0}"env);
        }
        if (isNotBlank(principal)) {
            env.put(.principal);
            if (credentials != null) {
                credentials.access(new Accessor() {
                    @Override
                    public void access(char[] clearChars) {
                        env.put(.new String(clearChars));
                    }
                });
            }
        }
        result.add(createContext(env));
        return result.get(0);
    }
            @SuppressWarnings("UseOfObsoleteCollectionType")
            final java.util.Hashtable<?, ?> env) {
        AuthenticationResult authnResult = null;
        InitialLdapContext context = null;
        try {
            context = new InitialLdapContext(envnull);
                if (hasPasswordExpiredControl(context.getResponseControls())) {
                    authnResult = new AuthenticationResult(
                            .);
                }
            }
        } catch (AuthenticationException e) {
            // TODO: check AD response
            String message = e.getMessage().toLowerCase();
            if (message.contains("password expired")) { // Sun DS.
                authnResult = new AuthenticationResult(
                        .e);
            } else if (message.contains("password has expired")) { // RACF.
                authnResult = new AuthenticationResult(
                        .e);
            } else {
                authnResult = new AuthenticationResult(
                        .e);
            }
        } catch (NamingException e) {
            authnResult = new AuthenticationResult(
                    .e);
        }
        if (authnResult == null) {
            assert context != null;
            authnResult = new AuthenticationResult(
                    .);
        }
        return new Pair<AuthenticationResultLdapContext>(authnResultcontext);
    }
    private static boolean hasPasswordExpiredControl(final Control[] controls) {
        if (controls != null) {
            for (Control control : controls) {
                if (control instanceof PasswordExpiredResponseControl) {
                    return true;
                }
            }
        }
        return false;
    }
    private String getLdapUrls() {
        final StringBuilder builder = new StringBuilder();
        builder.append("ldap://").
                append(.getHost()).append(':').append(.getPort());
        for (String failover : nullAsEmpty(.getFailover())) {
            builder.append(' ');
            builder.append(failover);
        }
        return builder.toString();
    }
    @Override
    public void test() {
        checkAlive();
    }
    @Override
    public void checkAlive() {
        try {
            final Attributes attrs = getInitialContext().
                    getAttributes(""new String[]{"subschemaSubentry"});
            attrs.get("subschemaSubentry");
        } catch (NamingException e) {
            throw new ConnectorException(e);
        }
    }
New to GrepCode? Check out our FAQ X