001: /*
002: * Copyright (c) JForum Team
003: * All rights reserved.
004: *
005: * Redistribution and use in source and binary forms,
006: * with or without modification, are permitted provided
007: * that the following conditions are met:
008: *
009: * 1) Redistributions of source code must retain the above
010: * copyright notice, this list of conditions and the
011: * following disclaimer.
012: * 2) Redistributions in binary form must reproduce the
013: * above copyright notice, this list of conditions and
014: * the following disclaimer in the documentation and/or
015: * other materials provided with the distribution.
016: * 3) Neither the name of "Rafael Steil" nor
017: * the names of its contributors may be used to endorse
018: * or promote products derived from this software without
019: * specific prior written permission.
020: *
021: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT
022: * HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
023: * EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
024: * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
025: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR
026: * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
027: * THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
028: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
029: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES
030: * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
031: * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA,
032: * OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
033: * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
034: * IN CONTRACT, STRICT LIABILITY, OR TORT
035: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
036: * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
037: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE
038: *
039: * Created on Jun 2, 2005 5:41:11 PM
040: * The JForum Project
041: * http://www.jforum.net
042: */
043: package net.jforum.sso;
044:
045: import java.util.Hashtable;
046: import java.util.Map;
047:
048: import javax.naming.AuthenticationException;
049: import javax.naming.Context;
050: import javax.naming.NamingException;
051: import javax.naming.directory.Attribute;
052: import javax.naming.directory.DirContext;
053: import javax.naming.directory.InitialDirContext;
054:
055: import net.jforum.dao.UserDAO;
056: import net.jforum.entities.User;
057: import net.jforum.util.preferences.ConfigKeys;
058: import net.jforum.util.preferences.SystemGlobals;
059:
060: /**
061: * Authenticate users against a LDAP server.
062: *
063: * @author Rafael Steil
064: * @version $Id: LDAPAuthenticator.java,v 1.8 2006/08/20 22:47:43 rafaelsteil Exp $
065: */
066: public class LDAPAuthenticator implements LoginAuthenticator {
067: private Hashtable prepareEnvironment() {
068: Hashtable h = new Hashtable();
069:
070: h.put(Context.INITIAL_CONTEXT_FACTORY, SystemGlobals
071: .getValue(ConfigKeys.LDAP_FACTORY));
072: h.put(Context.PROVIDER_URL, SystemGlobals
073: .getValue(ConfigKeys.LDAP_SERVER_URL));
074:
075: String protocol = SystemGlobals
076: .getValue(ConfigKeys.LDAP_SECURITY_PROTOCOL);
077:
078: if (protocol != null && !"".equals(protocol.trim())) {
079: h.put(Context.SECURITY_PROTOCOL, protocol);
080: }
081:
082: String authentication = SystemGlobals
083: .getValue(ConfigKeys.LDAP_AUTHENTICATION);
084:
085: if (authentication != null && !"".equals(authentication.trim())) {
086: h.put(Context.SECURITY_AUTHENTICATION, authentication);
087: }
088:
089: return h;
090: }
091:
092: /**
093: * @see net.jforum.sso.LoginAuthenticator#validateLogin(java.lang.String, java.lang.String, java.util.Map)
094: */
095: public User validateLogin(String username, String password,
096: Map extraParams) {
097: Hashtable environment = this .prepareEnvironment();
098:
099: StringBuffer principal = new StringBuffer(256)
100: .append(
101: SystemGlobals
102: .getValue(ConfigKeys.LDAP_LOGIN_PREFIX))
103: .append(username)
104: .append(',')
105: .append(
106: SystemGlobals
107: .getValue(ConfigKeys.LDAP_LOGIN_SUFFIX));
108:
109: environment.put(Context.SECURITY_PRINCIPAL, principal
110: .toString());
111: environment.put(Context.SECURITY_CREDENTIALS, password);
112:
113: DirContext dir = null;
114:
115: try {
116: dir = new InitialDirContext(environment);
117:
118: String lookupPrefix = SystemGlobals
119: .getValue(ConfigKeys.LDAP_LOOKUP_PREFIX);
120: String lookupSuffix = SystemGlobals
121: .getValue(ConfigKeys.LDAP_LOOKUP_SUFFIX);
122:
123: if (lookupPrefix == null || lookupPrefix.length() == 0) {
124: lookupPrefix = SystemGlobals
125: .getValue(ConfigKeys.LDAP_LOGIN_PREFIX);
126: }
127:
128: if (lookupSuffix == null || lookupSuffix.length() == 0) {
129: lookupSuffix = SystemGlobals
130: .getValue(ConfigKeys.LDAP_LOGIN_SUFFIX);
131: }
132:
133: String lookupPrincipal = lookupPrefix + username + ","
134: + lookupSuffix;
135:
136: Attribute att = dir
137: .getAttributes(lookupPrincipal)
138: .get(
139: SystemGlobals
140: .getValue(ConfigKeys.LDAP_FIELD_EMAIL));
141:
142: SSOUtils utils = new SSOUtils();
143:
144: if (!utils.userExists(username)) {
145: String email = att != null ? (String) att.get()
146: : "noemail";
147: utils.register("ldap", email);
148: }
149:
150: return utils.getUser();
151: } catch (AuthenticationException e) {
152: return null;
153: } catch (NamingException e) {
154: return null;
155: } finally {
156: if (dir != null) {
157: try {
158: dir.close();
159: } catch (NamingException e) {
160: //close jndi context
161: }
162: }
163: }
164: }
165:
166: /**
167: * @see net.jforum.sso.LoginAuthenticator#setUserModel(net.jforum.dao.UserDAO)
168: */
169: public void setUserModel(UserDAO dao) {
170: }
171: }
|