diff options
Diffstat (limited to 'jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/LdapLoginModule.java')
-rw-r--r-- | jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/LdapLoginModule.java | 53 |
1 files changed, 40 insertions, 13 deletions
diff --git a/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/LdapLoginModule.java b/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/LdapLoginModule.java index c66ff431fd..73ccb914dd 100644 --- a/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/LdapLoginModule.java +++ b/jetty-jaas/src/main/java/org/eclipse/jetty/jaas/spi/LdapLoginModule.java @@ -176,6 +176,28 @@ public class LdapLoginModule extends AbstractLoginModule private DirContext _rootContext; + + public class LDAPUserInfo extends UserInfo + { + + /** + * @param userName + * @param credential + */ + public LDAPUserInfo(String userName, Credential credential) + { + super(userName, credential); + } + + @Override + public List<String> doFetchRoles() throws Exception + { + return getUserRoles(_rootContext, getUserName()); + } + + } + + /** * get the available information about the user * <p> @@ -199,9 +221,7 @@ public class LdapLoginModule extends AbstractLoginModule pwdCredential = convertCredentialLdapToJetty(pwdCredential); Credential credential = Credential.getCredential(pwdCredential); - List<String> roles = getUserRoles(_rootContext, username); - - return new UserInfo(username, credential, roles); + return new LDAPUserInfo(username, credential); } protected String doRFC2254Encoding(String inputString) @@ -411,12 +431,17 @@ public class LdapLoginModule extends AbstractLoginModule setCurrentUser(new JAASUserInfo(userInfo)); + boolean authed = false; if (webCredential instanceof String) - { - return credentialLogin(Credential.getCredential((String) webCredential)); - } - - return credentialLogin(webCredential); + authed = credentialLogin(Credential.getCredential((String) webCredential)); + else + authed = credentialLogin(webCredential); + + //only fetch roles if authenticated + if (authed) + getCurrentUser().fetchRoles(); + + return authed; } catch (UnsupportedCallbackException e) { @@ -496,16 +521,18 @@ public class LdapLoginModule extends AbstractLoginModule String filter = "(&(objectClass={0})({1}={2}))"; - LOG.info("Searching for users with filter: \'" + filter + "\'" + " from base dn: " + _userBaseDn); + if (LOG.isDebugEnabled()) + LOG.debug("Searching for users with filter: \'" + filter + "\'" + " from base dn: " + _userBaseDn); Object[] filterArguments = new Object[]{ - _userObjectClass, - _userIdAttribute, - username + _userObjectClass, + _userIdAttribute, + username }; NamingEnumeration<SearchResult> results = _rootContext.search(_userBaseDn, filter, filterArguments, ctls); - LOG.info("Found user?: " + results.hasMoreElements()); + if (LOG.isDebugEnabled()) + LOG.debug("Found user?: " + results.hasMoreElements()); if (!results.hasMoreElements()) { |