KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > caucho > server > security > LdapAuthenticator


1 /*
2  * Copyright (c) 1998-2006 Caucho Technology -- all rights reserved
3  *
4  * This file is part of Resin(R) Open Source
5  *
6  * Each copy or derived work must preserve the copyright notice and this
7  * notice unmodified.
8  *
9  * Resin Open Source is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 2 of the License, or
12  * (at your option) any later version.
13  *
14  * Resin Open Source is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE, or any warranty
17  * of NON-INFRINGEMENT. See the GNU General Public License for more
18  * details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with Resin Open Source; if not, write to the
22  * Free SoftwareFoundation, Inc.
23  * 59 Temple Place, Suite 330
24  * Boston, MA 02111-1307 USA
25  *
26  * @author Scott Ferguson
27  */
28
29 package com.caucho.server.security;
30
31 import com.caucho.config.types.InitParam;
32 import com.caucho.security.BasicPrincipal;
33
34 import javax.annotation.PostConstruct;
35 import javax.naming.Context JavaDoc;
36 import javax.naming.NamingException JavaDoc;
37 import javax.naming.directory.Attribute JavaDoc;
38 import javax.naming.directory.Attributes JavaDoc;
39 import javax.naming.directory.InitialDirContext JavaDoc;
40 import javax.servlet.ServletContext JavaDoc;
41 import javax.servlet.ServletException JavaDoc;
42 import javax.servlet.http.HttpServletRequest JavaDoc;
43 import javax.servlet.http.HttpServletResponse JavaDoc;
44 import java.security.Principal JavaDoc;
45 import java.util.Hashtable JavaDoc;
46 import java.util.logging.Level JavaDoc;
47
48 /**
49  * The LDAP authenticator uses the underlying LDAP.
50  */
51 public class LdapAuthenticator extends AbstractAuthenticator {
52   private String JavaDoc _userAttribute = "uid";
53   private String JavaDoc _passwordAttribute = "userPassword";
54   private String JavaDoc _dnPrefix;
55   private String JavaDoc _dnSuffix;
56   
57   private Hashtable JavaDoc<String JavaDoc,String JavaDoc> _jndiEnv =
58     new Hashtable JavaDoc<String JavaDoc,String JavaDoc>();
59
60   public LdapAuthenticator()
61   {
62     _jndiEnv.put(Context.INITIAL_CONTEXT_FACTORY,
63          "com.sun.jndi.ldap.LdapCtxFactory");
64     _jndiEnv.put(Context.PROVIDER_URL,
65          "ldap://localhost:389");
66   }
67   
68   public void setDNPrefix(String JavaDoc prefix)
69   {
70     _dnPrefix = prefix;
71   }
72   
73   public void setDNSuffix(String JavaDoc suffix)
74   {
75     _dnSuffix = suffix;
76   }
77   
78   public void addJNDIEnv(InitParam init)
79   {
80     _jndiEnv.putAll(init.getParameters());
81   }
82
83   public void setUserAttribute(String JavaDoc user)
84   {
85     _userAttribute = user;
86   }
87
88   public void setPasswordAttribute(String JavaDoc password)
89   {
90     _passwordAttribute = password;
91   }
92
93   /**
94    * Initialize the authenticator.
95    */
96   @PostConstruct
97   public synchronized void init()
98     throws ServletException JavaDoc
99   {
100     super.init();
101   }
102   
103   /**
104    * Authenticate (login) the user.
105    */
106   protected Principal loginImpl(HttpServletRequest JavaDoc request,
107                                 HttpServletResponse JavaDoc response,
108                                 ServletContext JavaDoc application,
109                                 String JavaDoc userName, String JavaDoc password)
110     throws ServletException JavaDoc
111   {
112     try {
113       Hashtable JavaDoc env = new Hashtable JavaDoc();
114
115       env.putAll(_jndiEnv);
116
117       InitialDirContext JavaDoc ic = new InitialDirContext JavaDoc(env);
118
119       String JavaDoc query = _userAttribute + '=' + userName;
120
121       if (_dnPrefix != null && ! _dnPrefix.equals(""))
122     query = _dnPrefix + ',' + query;
123
124       if (_dnSuffix != null && ! _dnSuffix.equals(""))
125     query = query + ',' + _dnSuffix;
126
127       Attributes JavaDoc attributes = ic.getAttributes(query);
128
129       if (log.isLoggable(Level.FINE))
130     log.fine("ldap-authenticator: " + query + "->" + (attributes != null));
131
132       if (attributes == null)
133     return null;
134
135       Attribute JavaDoc passwordAttr = attributes.get(_passwordAttribute);
136
137       if (passwordAttr == null)
138     return null;
139       
140       String JavaDoc ldapPassword = (String JavaDoc) passwordAttr.get();
141
142       if (! password.equals(ldapPassword))
143     return null;
144
145       return new BasicPrincipal(userName);
146     } catch (NamingException JavaDoc e) {
147       log.log(Level.FINE, e.toString(), e);
148
149       return null;
150     } catch (Throwable JavaDoc e) {
151       throw new ServletException JavaDoc(e);
152     }
153   }
154
155   /**
156    * Returns true if the user plays the named role.
157    *
158    * @param request the servlet request
159    * @param user the user to test
160    * @param role the role to test
161    */
162   public boolean isUserInRole(HttpServletRequest JavaDoc request,
163                               HttpServletResponse JavaDoc response,
164                               ServletContext JavaDoc application,
165                               Principal principal, String JavaDoc role)
166     throws ServletException JavaDoc
167   {
168     return principal != null;
169   }
170 }
171
Popular Tags