1 7 package org.cofax.cms.login; 8 9 import java.util.HashMap ; 10 11 import javax.servlet.ServletConfig ; 12 13 import org.cofax.DataStore; 14 import org.cofax.cms.CofaxToolsDbUtils; 15 import org.cofax.cms.CofaxToolsUtil; 16 import org.cofax.util.digest.DigestHandlerFactory; 17 import org.cofax.util.digest.IDigestHandler; 18 19 import com.novell.ldap.LDAPConnection; 20 import com.novell.ldap.LDAPEntry; 21 import com.novell.ldap.LDAPException; 22 import com.novell.ldap.LDAPSearchResults; 23 24 29 public class LDAPLogin implements ILoginHandler { 30 31 private String ldapLogin = "cn"; 32 33 private String ldapPassword = "userPassword"; 34 35 private int ldapVersion = LDAPConnection.LDAP_V3; 36 37 private int ldapPort = 389; 38 39 private String ldapHost = ""; 40 41 private String adminDn = ""; 42 43 private String adminPassword = ""; 44 45 private String searchBase = ""; 46 47 private String objectClass = ""; 48 49 54 public void init(ServletConfig config) { 55 56 objectClass = config.getInitParameter("ldapObjectClass"); 57 ldapLogin = config.getInitParameter("ldapLogin"); 58 ldapPassword = config.getInitParameter("ldapPassword"); 59 ldapHost = config.getInitParameter("ldapHost"); 60 ldapPort = Integer.parseInt(config.getInitParameter("ldapPort")); 61 adminDn = config.getInitParameter("ldapAdminDn"); 62 adminPassword = config.getInitParameter("ldapAdminPassword"); 63 searchBase = config.getInitParameter("ldapSearchBase"); 64 65 int ldapVersion = Integer.parseInt(config.getInitParameter("ldapVersion")); 66 if (ldapVersion == 3) 67 ldapVersion = LDAPConnection.LDAP_V3; 68 69 if (ldapVersion == 2) 70 ldapVersion = LDAPConnection.LDAP_V2; 71 72 } 73 74 80 public HashMap getUserHash(DataStore db, String login, String password) { 81 HashMap userInfoHash = new HashMap (); 82 83 try { 84 if (checkLdapUser(login, password)) { 85 String tag = CofaxToolsDbUtils.fillTag(db, "getUserInfoByLogin"); 86 HashMap fillReq = new HashMap (); 87 fillReq.put("login", login); 88 89 userInfoHash = CofaxToolsDbUtils.getNameValuePackageHash(db, fillReq, tag); 90 } 91 } catch (LDAPException e) { 92 CofaxToolsUtil.log("LDAP : " + e); 93 } 94 95 return userInfoHash; 96 } 97 98 private boolean checkLdapUser(String login, String password) throws LDAPException { 99 100 boolean correctPassword = false; 101 102 LDAPConnection lc = new LDAPConnection(); 103 104 try { 105 lc.connect(ldapHost, ldapPort); 106 107 CofaxToolsUtil.log("Connexion LDAP OK."); 108 109 lc.bind(ldapVersion, adminDn, adminPassword); 110 111 CofaxToolsUtil.log("Bind LDAP OK."); 112 113 int searchScope = LDAPConnection.SCOPE_SUB; 114 115 String [] attrs = { ldapLogin, ldapPassword }; 116 boolean attributeNameOnly = false; 117 118 String searchFilter = "(&(objectClass=" + objectClass + ")(" + ldapLogin + "=" + login + "))"; 120 121 CofaxToolsUtil.log("searchFilter= " + searchFilter); 122 123 LDAPSearchResults searchResults = lc.search(searchBase, searchScope, searchFilter, attrs, attributeNameOnly); 124 125 LDAPEntry userEntry = null; 126 if (searchResults.hasMore()) { 127 userEntry = searchResults.next(); 129 130 String passwordDigest = userEntry.getAttribute(ldapPassword).getStringValue(); 132 133 IDigestHandler digest = DigestHandlerFactory.getDigest(passwordDigest); 135 correctPassword = digest.checkPassword(password, passwordDigest); 136 } 137 138 } catch (LDAPException e) { 139 CofaxToolsUtil.log("LDAP : " + e); 140 throw e; 141 } finally { 142 try { 143 lc.disconnect(); 145 } catch (LDAPException e) { 146 CofaxToolsUtil.log("LDAP : " + e); 147 } 148 } 149 150 CofaxToolsUtil.log("correctPassword= " + correctPassword); 151 152 return correctPassword; 153 } 154 155 } 156 | Popular Tags |