diff options
author | Roberto E. Escobar | 2013-05-14 23:20:23 +0000 |
---|---|---|
committer | Roberto E. Escobar | 2013-05-15 20:13:24 +0000 |
commit | 25c67dffd9b7801af4ce4d129478957a53990004 (patch) | |
tree | 9ca2ffa4e6254e372c1b894377c47f3f9c06c35b /plugins/org.eclipse.osee.framework.authentication.ldap.core | |
parent | f688d2b5450bd9b39c36ab064d5c685aa9f547b8 (diff) | |
download | org.eclipse.osee-25c67dffd9b7801af4ce4d129478957a53990004.tar.gz org.eclipse.osee-25c67dffd9b7801af4ce4d129478957a53990004.tar.xz org.eclipse.osee-25c67dffd9b7801af4ce4d129478957a53990004.zip |
refactor: Use OrcsApi to load user data for authentication
Change-Id: Ia9cdc6037f965a383505280dcece7efdc5cba882
Diffstat (limited to 'plugins/org.eclipse.osee.framework.authentication.ldap.core')
5 files changed, 137 insertions, 202 deletions
diff --git a/plugins/org.eclipse.osee.framework.authentication.ldap.core/META-INF/MANIFEST.MF b/plugins/org.eclipse.osee.framework.authentication.ldap.core/META-INF/MANIFEST.MF index efa748138c1..1df976c48ff 100644 --- a/plugins/org.eclipse.osee.framework.authentication.ldap.core/META-INF/MANIFEST.MF +++ b/plugins/org.eclipse.osee.framework.authentication.ldap.core/META-INF/MANIFEST.MF @@ -3,7 +3,6 @@ Bundle-ManifestVersion: 2 Bundle-Name: Osee Ldap Authentication Bundle-SymbolicName: org.eclipse.osee.framework.authentication.ldap.core;singleton:=true Bundle-Version: 0.11.0.qualifier -Bundle-Activator: org.eclipse.osee.framework.authentication.ldap.core.Activator Bundle-Vendor: Eclipse Open System Engineering Environment Require-Bundle: org.eclipse.core.runtime Bundle-RequiredExecutionEnvironment: JavaSE-1.6 @@ -12,5 +11,6 @@ Export-Package: org.eclipse.osee.framework.authentication.ldap.core, org.eclipse.osee.framework.authentication.ldap.core.service Import-Package: org.eclipse.osee.framework.core.data, org.eclipse.osee.framework.core.server, - org.eclipse.osee.framework.logging + org.eclipse.osee.logger, + org.eclipse.osee.orcs Service-Component: OSGI-INF/*.xml diff --git a/plugins/org.eclipse.osee.framework.authentication.ldap.core/OSGI-INF/ldapauthentication.xml b/plugins/org.eclipse.osee.framework.authentication.ldap.core/OSGI-INF/ldapauthentication.xml index 90a698b2a0a..e2fe0c356a3 100644 --- a/plugins/org.eclipse.osee.framework.authentication.ldap.core/OSGI-INF/ldapauthentication.xml +++ b/plugins/org.eclipse.osee.framework.authentication.ldap.core/OSGI-INF/ldapauthentication.xml @@ -1,14 +1,13 @@ <?xml version="1.0"?> -<!-- Copyright (c) Robert Bosch Engineering and Business Solutions Ltd India. <br> -All rights reserved.This program and the accompanying materials <br> -are made available under the terms of the Eclipse Public License v1.0 which accompanies <br> -this distribution, and is available at http://www.eclipse.org/legal/epl-v10.html. --> -<component name="authentication.provider.ldap"> - <implementation class="org.eclipse.osee.framework.authentication.ldap.core.LDAPAuthenticationProvider"/> +<!-- Copyright (c) Robert Bosch Engineering and Business Solutions Ltd India. + <br> All rights reserved.This program and the accompanying materials <br> + are made available under the terms of the Eclipse Public License v1.0 which + accompanies <br> this distribution, and is available at http://www.eclipse.org/legal/epl-v10.html. --> +<scr:component xmlns:scr="http://www.osgi.org/xmlns/scr/v1.1.0" name="authentication.provider.ldap"> + <implementation class="org.eclipse.osee.framework.authentication.ldap.core.LDAPAuthenticationProvider" /> <service> - <provide interface="org.eclipse.osee.framework.core.server.IAuthenticationProvider"/> + <provide interface="org.eclipse.osee.framework.core.server.IAuthenticationProvider" /> </service> - <reference bind="setLogger" cardinality="1..1" interface="org.eclipse.osee.logger.Log" name="Log" policy="static"/> - <reference bind="setDatabaseService" cardinality="1..1" interface="org.eclipse.osee.framework.database.IOseeDatabaseService" name="IOseeDatabaseService" policy="static"/> - <reference bind="setCachingService" cardinality="1..1" interface="org.eclipse.osee.framework.core.services.IOseeCachingService" name="IOseeCachingService" policy="static"/> -</component> + <reference bind="setLogger" cardinality="1..1" interface="org.eclipse.osee.logger.Log" name="Log" policy="static" /> + <reference bind="setOrcsApi" cardinality="1..1" interface="org.eclipse.osee.orcs.OrcsApi" name="OrcsApi" policy="static"/> +</scr:component> diff --git a/plugins/org.eclipse.osee.framework.authentication.ldap.core/src/org/eclipse/osee/framework/authentication/ldap/core/Activator.java b/plugins/org.eclipse.osee.framework.authentication.ldap.core/src/org/eclipse/osee/framework/authentication/ldap/core/Activator.java deleted file mode 100644 index d5da5ffeca2..00000000000 --- a/plugins/org.eclipse.osee.framework.authentication.ldap.core/src/org/eclipse/osee/framework/authentication/ldap/core/Activator.java +++ /dev/null @@ -1,63 +0,0 @@ -/** - * <copyright> Copyright (c) Robert Bosch Engineering and Business Solutions Ltd India. All rights reserved. This - * program and the accompanying materials are made available under the terms of the Eclipse Public License v1.0 which - * accompanies this distribution, and is available at http://www.eclipse.org/legal/epl-v10.html </copyright> - */ -package org.eclipse.osee.framework.authentication.ldap.core; - -/** - * @author Swapna - */ -import org.osgi.framework.BundleActivator; -import org.osgi.framework.BundleContext; - -/** - * The activator class controls the plug-in life cycle - */ -public class Activator implements BundleActivator { - - /** - * plug-in ID - */ - public static final String PLUGIN_ID = "org.eclipse.osee.framework.authentication.ldap.core"; //$NON-NLS-1$ - - // The Bundle context instance - private static BundleContext context; - - static BundleContext getContext() { - return context; - } - - /** - * The constructor - */ - public Activator() { - // Default constructor - } - - /* - * (non-Javadoc) - * - * @see - * org.eclipse.ui.plugin.AbstractUIPlugin#start(org.osgi.framework.BundleContext - * ) - */ - @Override - public void start(final BundleContext bundleContext) throws Exception { - Activator.context = bundleContext; - - } - - /* - * (non-Javadoc) - * - * @see - * org.eclipse.ui.plugin.AbstractUIPlugin#stop(org.osgi.framework.BundleContext - * ) - */ - @Override - public void stop(final BundleContext context) throws Exception { - Activator.context = null; - } - -} diff --git a/plugins/org.eclipse.osee.framework.authentication.ldap.core/src/org/eclipse/osee/framework/authentication/ldap/core/LDAPAuthenticationProvider.java b/plugins/org.eclipse.osee.framework.authentication.ldap.core/src/org/eclipse/osee/framework/authentication/ldap/core/LDAPAuthenticationProvider.java index d112644d701..3604207d7fd 100644 --- a/plugins/org.eclipse.osee.framework.authentication.ldap.core/src/org/eclipse/osee/framework/authentication/ldap/core/LDAPAuthenticationProvider.java +++ b/plugins/org.eclipse.osee.framework.authentication.ldap.core/src/org/eclipse/osee/framework/authentication/ldap/core/LDAPAuthenticationProvider.java @@ -6,7 +6,6 @@ package org.eclipse.osee.framework.authentication.ldap.core; import java.util.Hashtable; -import java.util.logging.Level; import javax.naming.Context; import org.eclipse.core.runtime.IConfigurationElement; import org.eclipse.core.runtime.Platform; @@ -15,7 +14,6 @@ import org.eclipse.osee.framework.authentication.ldap.core.service.ILDAPService; import org.eclipse.osee.framework.core.data.IUserToken; import org.eclipse.osee.framework.core.data.OseeCredential; import org.eclipse.osee.framework.core.server.AbstractAuthenticationProvider; -import org.eclipse.osee.framework.logging.OseeLog; import org.osgi.framework.Bundle; /** @@ -65,8 +63,7 @@ public class LDAPAuthenticationProvider extends AbstractAuthenticationProvider { boolean authLDAP = checkLDAPAuthenticated(credential); if (!authLDAP) { - - OseeLog.logf(Activator.class, Level.SEVERE, Messages.LDAPAuthenticationFailed, (Object) null); + getLogger().error(Messages.LDAPAuthenticationFailed); } return authLDAP; @@ -100,7 +97,7 @@ public class LDAPAuthenticationProvider extends AbstractAuthenticationProvider { if (this.connector == null) { Hashtable<String, String> props = createLDAPContextProperies(ldapService); - this.connector = new LDAPConnector(props, ldapService.getLDAPSearchBase()); + this.connector = new LDAPConnector(getLogger(), props, ldapService.getLDAPSearchBase()); } /** @@ -116,7 +113,7 @@ public class LDAPAuthenticationProvider extends AbstractAuthenticationProvider { } /** - * This method creates the environement properites required for LDAPContext + * This method creates the environment properties required for LDAPContext * * @param ldapService * @return @@ -167,9 +164,7 @@ public class LDAPAuthenticationProvider extends AbstractAuthenticationProvider { } } } catch (Exception ex) { - - OseeLog.logf(Activator.class, Level.SEVERE, ex.getMessage(), (Object) null); - + getLogger().error(ex, "Error reading LDAPServiceExtensionPoints"); } return null; } diff --git a/plugins/org.eclipse.osee.framework.authentication.ldap.core/src/org/eclipse/osee/framework/authentication/ldap/core/internal/LDAPConnector.java b/plugins/org.eclipse.osee.framework.authentication.ldap.core/src/org/eclipse/osee/framework/authentication/ldap/core/internal/LDAPConnector.java index 8518c0a1595..4558c11638b 100644 --- a/plugins/org.eclipse.osee.framework.authentication.ldap.core/src/org/eclipse/osee/framework/authentication/ldap/core/internal/LDAPConnector.java +++ b/plugins/org.eclipse.osee.framework.authentication.ldap.core/src/org/eclipse/osee/framework/authentication/ldap/core/internal/LDAPConnector.java @@ -6,8 +6,6 @@ package org.eclipse.osee.framework.authentication.ldap.core.internal; import java.util.Hashtable; -import java.util.logging.Level; - import javax.naming.NamingEnumeration; import javax.naming.NamingException; import javax.naming.directory.Attribute; @@ -16,9 +14,7 @@ import javax.naming.directory.SearchControls; import javax.naming.directory.SearchResult; import javax.naming.ldap.InitialLdapContext; import javax.naming.ldap.LdapContext; - -import org.eclipse.osee.framework.authentication.ldap.core.Activator; -import org.eclipse.osee.framework.logging.OseeLog; +import org.eclipse.osee.logger.Log; /** * This is class responsible for making connection to LDAP.<br> @@ -29,119 +25,127 @@ import org.eclipse.osee.framework.logging.OseeLog; */ public class LDAPConnector { - /** - * String to store the searchBase - */ - private final String searchBase; - /** - * LDAP Context - */ - private LdapContext ctx; - /** - * environment properties for LDAP context - */ - Hashtable<String, String> env = null; - - - /** - * Constructor of the LDAPConnector class - * - * @param env Hashtable of envinorment properties required for LDAPContext - * @param searchBase String containing DC values required for searching LDAP e.g., "DC=eclipse,DC=com" - */ - public LDAPConnector(final Hashtable<String, String> env, final String searchBase) { - this.env = env; - this.searchBase = searchBase; - } - - /** - * Initializes the LDAP context with the values as in the env table. <br> - * The env table should have all the necessary info like LDAPCntxFactory,<br> - * LDAP Secutiry credentials, LDAP Security Prinicipal (user name) <br> - * LDAP Authentication type, etc .. - * - * @throws NamingException incase if the LDAPContext could not be created. - */ - public void init() throws NamingException { - - try { - - this.ctx = new InitialLdapContext(this.env, null); - } - catch (NamingException e) { - OseeLog.logf(Activator.class, Level.SEVERE, "Failed to establish LDAP connection", (Object) null); - - } - if (this.ctx != null) { - OseeLog.logf(Activator.class, Level.INFO, "LDAP connection established", (Object) null); - - } - - } - - /** - * Searches the user in the LDAP directory and returns true if present and false if not present - * - * @param username UserName in the form of sAMAccountName of user in LDAP Server - * @return search result true if given username exisits in LDAP User Directory otherwise false - */ - public boolean isLDAPUSer(final String username) { - boolean searchResultFlag = false; - String searchFilter = "(&(objectCategory=person)(sAMAccountName=" + username + "))"; - SearchControls searchControls = new SearchControls(); - searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); - try { - init(); - NamingEnumeration<SearchResult> results = this.ctx.search(this.searchBase, searchFilter, searchControls); - if (results == null) { - return false; - } - SearchResult searchResult = null; - Attributes attribs = null; - @SuppressWarnings("rawtypes") - NamingEnumeration allMembers = null; - String accoutnName = null; - - while (results.hasMoreElements()) { - searchResult = results.nextElement(); - attribs = searchResult.getAttributes(); - - if (attribs.size() > 0) { - - Attribute attribute = attribs.get("sAMAccountName"); - allMembers = attribute.getAll(); - while ((allMembers != null) && allMembers.hasMoreElements()) { - accoutnName = (String) allMembers.next(); - if (accoutnName.equalsIgnoreCase(username)) { - searchResultFlag = true; - break; + public static final String DEFAULT_ACCOUNT_SEARCH_FILTER = "(&(objectCategory=person)(sAMAccountName=%s))"; + public static final String DEFAULT_ACCOUNT_FIELD = "sAMAccountName"; + + private final Log logger; + + /** + * String to store the searchBase + */ + private final String searchBase; + + /** + * environment properties for LDAP context + */ + private final Hashtable<String, String> env; + + /** + * Account search pattern + */ + private final String accountSearchFilter; + + /** + * Account attributes field + */ + private final String accountField; + + /** + * Constructor of the LDAPConnector class + * + * @param logger logging object + * @param env Hashtable of environment properties required for LDAPContext + * @param searchBase String containing DC values required for searching LDAP e.g., "DC=eclipse,DC=com" + */ + public LDAPConnector(final Log logger, final Hashtable<String, String> env, final String searchBase) { + this(logger, env, searchBase, DEFAULT_ACCOUNT_SEARCH_FILTER, DEFAULT_ACCOUNT_FIELD); + } + + /** + * Constructor of the LDAPConnector class + * + * @param logger logging object + * @param env Hashtable of environment properties required for LDAPContext + * @param searchBase String containing DC values required for searching LDAP e.g., "DC=eclipse,DC=com" + * @param accountSearchFilter user account search pattern filter + * @param accountField user account attribute field name + */ + public LDAPConnector(final Log logger, final Hashtable<String, String> env, final String searchBase, final String accountSearchFilter, final String accountField) { + this.logger = logger; + this.env = env; + this.searchBase = searchBase; + this.accountSearchFilter = accountSearchFilter; + this.accountField = accountField; + } + + /** + * Creates the LDAP context with the values as in the env table <br> + * and searches for the user account matching the username. <br> + * The env table should have all the necessary info like LDAPCntxFactory,<br> + * LDAP Security credentials, LDAP Security Principal (user name) <br> + * LDAP Authentication type, etc .. + * + * @return accountName + * @throws NamingException incase if the LDAPContext could not be created. + */ + public String findAccountNameForUser(String username) throws NamingException { + String toReturn = null; + String searchFilter = String.format(accountSearchFilter, username); + SearchControls searchControls = new SearchControls(); + searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); + + LdapContext ldapContext = null; + try { + ldapContext = new InitialLdapContext(env, null); + logger.info("LDAP connection established"); + + NamingEnumeration<SearchResult> results = ldapContext.search(searchBase, searchFilter, searchControls); + if (results != null) { + while (results.hasMoreElements()) { + SearchResult searchResult = results.nextElement(); + Attributes attribs = searchResult.getAttributes(); + if (attribs.size() > 0) { + Attribute attribute = attribs.get(accountField); + NamingEnumeration<?> allMembers = attribute.getAll(); + while ((allMembers != null) && allMembers.hasMoreElements()) { + String accountName = (String) allMembers.next(); + if (username.equalsIgnoreCase(accountName)) { + toReturn = accountName; + break; + } + } + } + if (toReturn != null) { + break; + } } - } - } - if (searchResultFlag) { - break; - } - + } + } finally { + if (ldapContext != null) { + try { + ldapContext.close(); + } catch (NamingException e) { + logger.info(e, "Error closing LDAP context"); + } + } } - - } - - catch (NamingException e) { - OseeLog.logf(Activator.class, Level.INFO, e.getMessage(), (Object) null); - } - finally { - if (this.ctx != null) { - try { - this.ctx.close(); - } - catch (NamingException e) { - - OseeLog.logf(Activator.class, Level.INFO, e.getMessage(), (Object) null); - } + return toReturn; + } + + /** + * Searches the user in the LDAP directory and returns true if present and false if not present + * + * @param username UserName in the form of sAMAccountName of user in LDAP Server + * @return search result true if given username exists in LDAP User Directory otherwise false + */ + public boolean isLDAPUSer(final String username) { + boolean result = false; + try { + String accountName = findAccountNameForUser(username); + result = accountName != null; + } catch (NamingException ex) { + logger.info(ex, "Error authenticating LDAP user [%s]", username); } - } - return searchResultFlag; - } - - + return result; + } } |