Home Esplora Aiuto
Registrati Accedi
github
/
spring-security
mirror da https://github.com/spring-projects/spring-security
2
0
Forka 0
File Problemi 0 Wiki
Sfoglia il codice sorgente

Improvements to LDAP provider compatibility with Samba, as per contribution by Robert Sanders.

Ben Alex 20 anni fa
parent
0b296e7cf0
commit
40bf65bdf8
2 ha cambiato i file con 94 aggiunte e 17 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 3 0
      project.xml
  2. 91 17
      sandbox/src/main/java/org/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationDao.java

+ 3 - 0
project.xml
Vedi File 

@@ -136,6 +136,9 @@
 
     <contributor>
 
       <name>Sergio Berna</name>
 
     </contributor>
 
+    <contributor>
 
+      <name>Robert Sanders</name>
 
+    </contributor>
 
   </contributors>
 
   <dependencies>
 
     <dependency>

+ 91 - 17
sandbox/src/main/java/org/acegisecurity/providers/dao/ldap/LdapPasswordAuthenticationDao.java
Vedi File 

@@ -1,4 +1,4 @@
 
-/* Copyright 2004 Acegi Technology Pty Limited
 
+/* Copyright 2004, 2005 Acegi Technology Pty Limited
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -50,9 +50,23 @@ import javax.naming.directory.SearchResult;
 
 /**
 
  * This is an example <code>PasswordAuthenticationDao</code> implementation
 
  * using LDAP service for user authentication.
 
+ * 
+* <p>Example use: <br/>
 
+*   &lt;bean id="ldapDaoImpl" class="net.sf.acegisecurity.providers.dao.ldap.LdapPasswordAuthenticationDao"&gt; <br/>
 
+*      &lt;property name="host"&gt;&lt;value&gt;sydney.ipov.info&lt;/value&gt;&lt;/property&gt; <br/>
 
+*      &lt;property name="rootContext"&gt;&lt;value&gt;dc=ipov,dc=info&lt;/value&gt;&lt;/property&gt; <br/>
 
+*      &lt;property name="userContext"&gt;&lt;alue&gt;ou=Users&lt;/value&gt;&lt;/property&gt; <br/>
 
+*      &lt;property name="userAttribute"&gt;&lt;value&gt;uid&lt;/value&gt;&lt;/property&gt; <br/>
 
+*   &lt;/bean&gt; <br/>
 
+*  ...<br/>
 
+*   &lt;bean id="authenticationProvider" class="net.sf.acegisecurity.providers.dao.PasswordDaoAuthenticationProvider"&gt; <br/>
 
+*      &lt;property name="passwordAuthenticationDao"&gt;&lt;ref local="ldapDaoImpl"/&gt;&lt;/property&gt; <br/>
 
+*   &lt;/bean&gt; <br/>
 
+* </p>
 
  *
 
  * @author Karel Miarka
 
  * @author Daniel Miller
 
+ * @author Robert Sanders
 
  */
 
 public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao {
 
     //~ Static fields/initializers =============================================
 
@@ -63,7 +77,11 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
 
     //~ Instance fields ========================================================
 
 
     private String host;
 
+
 
+    /** The INITIAL_CONTEXT_FACTORY for use with JNDI. */
 
+    private String initialContextFactory = "com.sun.jndi.ldap.LdapCtxFactory";
 
     private String rootContext;
 
+    private String userAttribute = "CN"; // ??? is this the right code??
 
     private String userContext = "CN=Users";
 
     private String[] rolesAttributes = {"memberOf"};
 
     private int port = 389;
 
@@ -79,6 +97,33 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
 
         this.host = hostname;
 
     }
 
 
+    /**
 
+     * DOCUMENT ME!
 
+     *
 
+     * @return Returns the host.
 
+     */
 
+    public String getHost() {
 
+        return host;
 
+    }
 
+
 
+    /**
 
+     * DOCUMENT ME!
 
+     *
 
+     * @param initialContextFactory The initialContextFactory to set.
 
+     */
 
+    public void setInitialContextFactory(String initialContextFactory) {
 
+        this.initialContextFactory = initialContextFactory;
 
+    }
 
+
 
+    /**
 
+     * DOCUMENT ME!
 
+     *
 
+     * @return Returns the initialContextFactory.
 
+     */
 
+    public String getInitialContextFactory() {
 
+        return initialContextFactory;
 
+    }
 
+
 
     /**
 
      * Set the port on which is running the LDAP server. <br>Default value: 389
 
      *
 
@@ -88,6 +133,27 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
 
         this.port = port;
 
     }
 
 
+    /**
 
+     * DOCUMENT ME!
 
+     *
 
+     * @return Returns the port.
 
+     */
 
+    public int getPort() {
 
+        return port;
 
+    }
 
+
 
+    public String getProviderURL() {
 
+        StringBuffer providerUrl = new StringBuffer();
 
+        providerUrl.append("ldap://");
 
+        providerUrl.append(this.host);
 
+        providerUrl.append(":");
 
+        providerUrl.append(this.port);
 
+        providerUrl.append("/");
 
+        providerUrl.append(this.rootContext);
 
+
 
+        return providerUrl.toString();
 
+    }
 
+
 
     /**
 
      * Set the name of user object's attribute(s) which contains the list of
 
      * user's role names. The role is converted to upper case and a "ROLE_"
 
@@ -110,6 +176,24 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
 
         this.rootContext = rootContext;
 
     }
 
 
+    /**
 
+     * DOCUMENT ME!
 
+     *
 
+     * @param userAttribute The userAttribute to set.
 
+     */
 
+    public void setUserAttribute(String userAttribute) {
 
+        this.userAttribute = userAttribute;
 
+    }
 
+
 
+    /**
 
+     * DOCUMENT ME!
 
+     *
 
+     * @return Returns the userAttribute.
 
+     */
 
+    public String getUserAttribute() {
 
+        return userAttribute;
 
+    }
 
+
 
     /**
 
      * Set the context in which all users reside relative to the root context. <br>
 
      * Defalut value: "CN=Users"
 
@@ -130,23 +214,14 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
 
 
         env.put(Context.INITIAL_CONTEXT_FACTORY,
 
             "com.sun.jndi.ldap.LdapCtxFactory");
 
-
 
-        StringBuffer providerUrl = new StringBuffer();
 
-        providerUrl.append("ldap://");
 
-        providerUrl.append(this.host);
 
-        providerUrl.append(":");
 
-        providerUrl.append(this.port);
 
-        providerUrl.append("/");
 
-        providerUrl.append(this.rootContext);
 
-
 
-        env.put(Context.PROVIDER_URL, providerUrl.toString());
 
+        env.put(Context.PROVIDER_URL, getProviderURL());
 
         env.put(Context.SECURITY_AUTHENTICATION, "simple");
 
         env.put(Context.SECURITY_PRINCIPAL, getUserPrincipal(username));
 
         env.put(Context.SECURITY_CREDENTIALS, password);
 
 
         try {
 
             if (log.isDebugEnabled()) {
 
-                log.debug("Connecting to " + providerUrl + " as "
 
+                log.debug("Connecting to " + getProviderURL() + " as "
 
                     + getUserPrincipal(username));
 
             }
 
 
@@ -293,17 +368,16 @@ public class LdapPasswordAuthenticationDao implements PasswordAuthenticationDao
 
 
     /**
 
      * Get the <code>Context.SECURITY_PRINCIPAL</code> for the given username
 
-     * string. This implementation returns a string composed of the following:
 
-     * &lt;usernamePrefix&gt;&lt;username&gt;&lt;usernameSufix. This function
 
-     * may be overridden in a subclass.
 
+     * string. This implementation returns the userBase for JNDI / LDAP
 
+     * lookup.
 
      *
 
      * @param username DOCUMENT ME!
 
      *
 
      * @return DOCUMENT ME!
 
      */
 
     protected String getUserPrincipal(String username) {
 
-        StringBuffer principal = new StringBuffer();
 
-        principal.append("CN=");
 
+        StringBuffer principal = new StringBuffer(userAttribute);
 
+        principal.append("=");
 
         principal.append(username);
 
         principal.append(",");
 
         principal.append(this.userContext);