GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Refactoring of BindAuthenticator to allow an extended version which uses ppolicy controls. Added no-cause constructor in LdapDataAccessException for use in data parsing errors.

1.0.x
Luke Taylor 20 years ago
parent
ca1bf5cc21
commit
2daea069f9
2 changed files with 24 additions and 13 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      core/src/main/java/org/acegisecurity/providers/ldap/LdapDataAccessException.java
  2. 30
      core/src/main/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticator.java

7
core/src/main/java/org/acegisecurity/providers/ldap/LdapDataAccessException.java
Unescape View File

@ -18,13 +18,18 @@ package org.acegisecurity.providers.ldap; @@ -18,13 +18,18 @@ package org.acegisecurity.providers.ldap;
import org.acegisecurity.AuthenticationServiceException;
/**
* Used to wrap unexpected NamingExceptions while accessing the LDAP server.
* Used to wrap unexpected NamingExceptions while accessing the LDAP server
* or for other LDAP-related data problems such as data we can't handle.
*
* @author Luke Taylor
* @version $Id$
*/
public class LdapDataAccessException extends AuthenticationServiceException {
public LdapDataAccessException(String msg) {
super(msg);
}
public LdapDataAccessException(String msg, Throwable ex) {
super(msg, ex);
}

30
core/src/main/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticator.java
Unescape View File

@ -33,7 +33,7 @@ import java.util.Iterator; @@ -33,7 +33,7 @@ import java.util.Iterator;
* @author Luke Taylor
* @version $Id$
*/
public final class BindAuthenticator extends AbstractLdapAuthenticator {
public class BindAuthenticator extends AbstractLdapAuthenticator {
//~ Static fields/initializers =============================================
@ -55,14 +55,14 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator { @@ -55,14 +55,14 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
Iterator dns = getUserDns(username).iterator();
while(dns.hasNext() && user == null) {
user = authenticateWithDn((String)dns.next(), password);
user = bindWithDn((String)dns.next(), password);
}
// Otherwise use the configured locator to find the user
// and authenticate with the returned DN.
if (user == null && getUserSearch() != null) {
LdapUserInfo userFromSearch = getUserSearch().searchForUser(username);
user = authenticateWithDn(userFromSearch.getDn(), password);
user = bindWithDn(userFromSearch.getDn(), password);
}
if(user == null) {
@ -75,10 +75,9 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator { @@ -75,10 +75,9 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
}
private LdapUserInfo authenticateWithDn(String userDn, String password) {
LdapUserInfo bindWithDn(String userDn, String password) {
DirContext ctx = null;
LdapUserInfo user = null;
Attributes attributes = null;
if (logger.isDebugEnabled()) {
logger.debug("Attempting to bind with DN = " + userDn);
@ -86,15 +85,9 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator { @@ -86,15 +85,9 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
try {
ctx = getInitialDirContextFactory().newInitialDirContext(userDn, password);
attributes = ctx.getAttributes(
LdapUtils.getRelativeName(userDn, ctx),
getUserAttributes());
Attributes attributes = loadAttributes(ctx, userDn);
user = new LdapUserInfo(userDn, attributes);
} catch(NamingException ne) {
throw new LdapDataAccessException(messages.getMessage(
"BindAuthenticator.failedToLoadAttributes", new String[] {userDn},
"Failed to load attributes for user {0}"), ne);
} catch(BadCredentialsException e) {
// This will be thrown if an invalid user name is used and the method may
// be called multiple times to try different names, so we trap the exception.
@ -108,4 +101,17 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator { @@ -108,4 +101,17 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
return user;
}
Attributes loadAttributes(DirContext ctx, String userDn) {
try {
return ctx.getAttributes(
LdapUtils.getRelativeName(userDn, ctx),
getUserAttributes());
} catch(NamingException ne) {
throw new LdapDataAccessException(messages.getMessage(
"BindAuthenticator.failedToLoadAttributes", new String[] {userDn},
"Failed to load attributes for user {0}"), ne);
}
}
}

Write Preview
Loading…
Cancel
Save