1 package com.tdsecurities.itracker.security; 2 3 import java.util.Hashtable ; 4 5 import javax.naming.AuthenticationException ; 6 import javax.naming.Context ; 7 import javax.naming.NamingEnumeration ; 8 import javax.naming.NamingException ; 9 import javax.naming.directory.DirContext ; 10 import javax.naming.directory.InitialDirContext ; 11 import javax.naming.directory.SearchControls ; 12 import javax.naming.directory.SearchResult ; 13 14 16 public class LdapAuthenticate 17 { 18 public static final int LOGIN_SUCCESS = 0; 19 public static final int USER_NOT_EXIST = 1; 20 public static final int WRONG_PASSWORD = 2; 21 public static final int UNKNOWN_ERROR = 3; 22 23 public static final String [] PROVIDER_URL = 25 { 26 "ldap://ldap1.com:389", 27 "ldap://ldap2.com:389", 28 "ldap://ldap3.com:389", 29 "ldap://ldap4.com:389", 30 }; 31 private static final int CYCLE = 2; 33 private static final boolean DEBUG = false; 35 36 public static String SECURITY_PRINCIPAL = ""; 38 public static String SECURITY_CREDENTIALS = ""; 39 public static String SEARCH_DOMAIN = ""; 40 41 private int active = 0; 43 private DirContext dirctx = null; 44 private DirContext ctx = null; 45 46 50 public LdapAuthenticate() 51 { 52 SECURITY_PRINCIPAL = "cn=svc,ou=serviceaccounts,ou=bc,dc=corp,dc=acme,dc=com"; 54 SECURITY_CREDENTIALS = "cred"; 55 SEARCH_DOMAIN = "dc=corp,dc=acme,dc=com"; 56 } 57 58 61 private void initDirContext() 62 throws NamingException 63 { 64 for (int j = 0; j < CYCLE; j++) 66 { 67 for (int i = 0; i < PROVIDER_URL.length; i++) 69 { 70 active = i; 71 try 72 { 73 log ("Trying LDAP Server: " + PROVIDER_URL[active] + " ..."); 74 dirctx = getDirContext( 75 PROVIDER_URL[active], SECURITY_PRINCIPAL, SECURITY_CREDENTIALS); 76 log ("Successfully connected to LDAP Server: " + PROVIDER_URL[active]); 77 return; 78 } 79 catch( NamingException e ) 80 { 81 log ("Failed to connect to LDAP Server #" + i + ": " + PROVIDER_URL[active]); 82 log ("Reason:" + e); 83 closeDirContext(); 84 } 85 } 86 } 87 log ("None of the LDAP server can be connected."); 88 throw new NamingException ( 89 "None of the LDAP server can be connected"); 90 } 91 92 96 private void closeDirContext() 97 { 98 try 99 { 100 if (dirctx != null) 101 { 102 dirctx.close(); 103 } 104 if (ctx != null) 105 { 106 ctx.close(); 107 } 108 } 109 catch(NamingException e) 110 { 111 log("Could not close the connection to LDAP server - " + e ); 112 } 113 } 114 115 122 private DirContext getDirContext( 123 String ldap_url, String login, String passwd) 124 throws NamingException 125 { 126 Hashtable env = new Hashtable (); 128 env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); 129 env.put( Context.SECURITY_AUTHENTICATION, "simple"); 130 env.put( "com.sun.indi.ldap.trace.ber", System.err ); 131 132 env.put( Context.PROVIDER_URL, ldap_url); 133 env.put( Context.SECURITY_PRINCIPAL, login); 134 env.put( Context.SECURITY_CREDENTIALS, passwd); 135 136 return new InitialDirContext ( env ); 137 } 138 139 146 public int doAuthentication(String login, String password) 147 throws NamingException 148 { 149 int result = UNKNOWN_ERROR; 150 log ("Start searching for user " + login); 151 152 try 153 { 154 initDirContext(); 155 SearchControls searchControls = new SearchControls (); 156 searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); 157 NamingEnumeration answer = dirctx.search( 159 SEARCH_DOMAIN, "(&(sAMAccountName=" + login + "))", searchControls); 160 161 if (answer.hasMore()) 162 { 163 SearchResult searchResult = (SearchResult )answer.next(); 164 String userName = searchResult.getName(); 165 log("User found : " + userName); 166 ctx = getDirContext( 167 PROVIDER_URL[active], userName + "," + SEARCH_DOMAIN, password); 168 result = LOGIN_SUCCESS; 169 } 170 else 171 { 172 log("User NOT found."); 173 result = USER_NOT_EXIST; 174 } 175 } 176 catch( AuthenticationException e ) 177 { 178 log("Invalid password. Logon failed." ); 179 result = WRONG_PASSWORD; 180 } 181 finally 182 { 183 closeDirContext(); 184 } 185 return result; 186 } 187 188 public LdapDistinguishedName getAttributesFromLoginId(String login) 189 throws NamingException 190 { 191 LdapDistinguishedName ldapName = null; 192 193 if (login == null) 194 { 195 return null; 196 } 197 198 try 199 { 200 initDirContext(); 201 SearchControls ctls = new SearchControls (); 202 ctls.setSearchScope(SearchControls.SUBTREE_SCOPE); 203 204 NamingEnumeration answer = 206 dirctx.search(SEARCH_DOMAIN, "(&(sAMAccountName=" + login + "))", ctls); 207 208 if(answer.hasMore()) 209 { 210 SearchResult searchResult = (SearchResult ) answer.next(); 211 ldapName = new LdapDistinguishedName(searchResult.getAttributes()); 212 log(ldapName.toString()); 213 } 214 } 215 finally 216 { 217 closeDirContext(); 218 } 219 return ldapName; 220 } 221 222 225 protected void log (String s) 226 { 227 if (DEBUG) 228 { 229 System.out.println("<LDAPAuthenticate> - " + s); 230 } 231 } 232 } 233 | Popular Tags |