1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.server.core.jndi;
21
22
23 import java.util.Hashtable;
24
25 import javax.naming.ConfigurationException;
26 import javax.naming.Context;
27 import javax.naming.NamingException;
28
29 import org.apache.directory.api.ldap.model.constants.AuthenticationLevel;
30 import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
31 import org.apache.directory.api.ldap.model.name.Dn;
32 import org.apache.directory.api.util.Strings;
33 import org.apache.directory.server.i18n.I18n;
34
35
36
37
38
39
40
41
42 public class LdapJndiProperties
43 {
44 private static final String SASL_AUTHID = "java.naming.security.sasl.authorizationId";
45
46 private Dn providerDn;
47 private Dn bindDn;
48 private String saslAuthId;
49 private AuthenticationLevel level;
50 private String saslMechanism;
51 private byte[] credentials;
52
53
54 public static AuthenticationLevel getAuthenticationLevel( Hashtable env ) throws NamingException
55 {
56 AuthenticationLevel level;
57 Object credobj = env.get( Context.SECURITY_CREDENTIALS );
58 Object authentication = env.get( Context.SECURITY_AUTHENTICATION );
59
60
61
62
63
64 if ( authentication == null )
65 {
66
67 if ( credobj == null )
68 {
69 level = AuthenticationLevel.NONE;
70 }
71 else
72 {
73 level = AuthenticationLevel.SIMPLE;
74 }
75 }
76 else if ( !( authentication instanceof String ) )
77 {
78 throw new ConfigurationException( I18n.err( I18n.ERR_483, authentication.getClass(),
79 Context.SECURITY_AUTHENTICATION ) );
80 }
81 else
82 {
83 if ( AuthenticationLevel.NONE.toString().equals( authentication ) )
84 {
85 level = AuthenticationLevel.NONE;
86 }
87 else if ( AuthenticationLevel.SIMPLE.toString().equals( authentication ) )
88 {
89 level = AuthenticationLevel.SIMPLE;
90 }
91 else
92 {
93 level = AuthenticationLevel.STRONG;
94 }
95 }
96
97 return level;
98 }
99
100
101 public static LdapJndiProperties getLdapJndiProperties( Hashtable env ) throws NamingException
102 {
103 if ( env == null )
104 {
105 throw new ConfigurationException( "environment cannot be null" );
106 }
107
108 LdapJndiPropertiesjndi/LdapJndiProperties.html#LdapJndiProperties">LdapJndiProperties props = new LdapJndiProperties();
109 Object principal = env.get( Context.SECURITY_PRINCIPAL );
110 Object credobj = env.get( Context.SECURITY_CREDENTIALS );
111 Object authentication = env.get( Context.SECURITY_AUTHENTICATION );
112
113
114
115
116
117 if ( !env.containsKey( Context.PROVIDER_URL ) )
118 {
119 String msg = I18n.err( I18n.ERR_484, Context.PROVIDER_URL );
120 throw new ConfigurationException( msg );
121 }
122
123 String url = ( String ) env.get( Context.PROVIDER_URL );
124
125 if ( url == null )
126 {
127 String msg = I18n.err( I18n.ERR_485, Context.PROVIDER_URL );
128 throw new ConfigurationException( msg );
129 }
130
131 if ( url.trim().equals( "" ) )
132 {
133 props.providerDn = Dn.ROOT_DSE;
134 }
135 else
136 {
137 try
138 {
139 props.providerDn = new Dn( url );
140 }
141 catch ( LdapInvalidDnException lide )
142 {
143 String msg = I18n.err( I18n.ERR_733, url );
144 throw new ConfigurationException( msg );
145 }
146 }
147
148
149
150
151
152 if ( authentication == null )
153 {
154
155 if ( credobj == null )
156 {
157 props.level = AuthenticationLevel.NONE;
158 }
159 else
160 {
161 props.level = AuthenticationLevel.SIMPLE;
162 }
163 }
164 else if ( !( authentication instanceof String ) )
165 {
166 throw new ConfigurationException( I18n.err( I18n.ERR_483, authentication.getClass(),
167 Context.SECURITY_AUTHENTICATION ) );
168 }
169 else
170 {
171 if ( AuthenticationLevel.NONE.toString().equals( authentication ) )
172 {
173 props.level = AuthenticationLevel.NONE;
174 }
175 else if ( AuthenticationLevel.SIMPLE.toString().equals( authentication ) )
176 {
177 props.level = AuthenticationLevel.SIMPLE;
178 }
179 else
180 {
181 props.level = AuthenticationLevel.STRONG;
182 props.saslMechanism = ( String ) authentication;
183 }
184 }
185
186
187
188
189
190 if ( principal == null && props.level == AuthenticationLevel.SIMPLE )
191 {
192 throw new ConfigurationException( I18n.err( I18n.ERR_487, Context.SECURITY_PRINCIPAL ) );
193 }
194 else if ( principal == null && props.level == AuthenticationLevel.NONE )
195 {
196 props.bindDn = Dn.EMPTY_DN;
197 }
198 else if ( !( principal instanceof String ) )
199 {
200 throw new ConfigurationException( I18n.err( I18n.ERR_483, principal.getClass(), Context.SECURITY_PRINCIPAL ) );
201 }
202 else if ( ( ( String ) principal ).trim().equals( "" ) )
203 {
204 props.bindDn = Dn.EMPTY_DN;
205 }
206 else
207 {
208 try
209 {
210 props.providerDn = new Dn( ( String ) principal );
211 }
212 catch ( LdapInvalidDnException lide )
213 {
214 String msg = I18n.err( I18n.ERR_733, principal );
215 throw new ConfigurationException( msg );
216 }
217
218 }
219
220 if ( env.get( SASL_AUTHID ) != null && props.level == AuthenticationLevel.STRONG )
221 {
222 Object obj = env.get( SASL_AUTHID );
223 if ( obj instanceof String )
224 {
225 props.saslAuthId = ( String ) obj;
226 }
227 else
228 {
229 throw new ConfigurationException( I18n.err( I18n.ERR_483, obj.getClass(), SASL_AUTHID ) );
230 }
231 props.saslAuthId = ( String ) principal;
232 }
233
234
235
236
237
238 if ( props.level == AuthenticationLevel.SIMPLE && credobj == null )
239 {
240 throw new ConfigurationException( I18n.err( I18n.ERR_489 ) );
241 }
242 else if ( credobj != null )
243 {
244 if ( credobj instanceof String )
245 {
246 props.credentials = Strings.getBytesUtf8( ( String ) credobj );
247 }
248 else if ( credobj instanceof byte[] )
249 {
250 props.credentials = ( byte[] ) credobj;
251 }
252 else
253 {
254 throw new ConfigurationException( I18n.err( I18n.ERR_483, credobj.getClass(),
255 Context.SECURITY_CREDENTIALS ) );
256 }
257 }
258
259 return props;
260 }
261
262
263 public Dn getBindDn()
264 {
265 return bindDn;
266 }
267
268
269 public Dn getProviderDn()
270 {
271 return providerDn;
272 }
273
274
275 public String getSaslAuthId()
276 {
277 return saslAuthId;
278 }
279
280
281 public AuthenticationLevel getAuthenticationLevel()
282 {
283 return level;
284 }
285
286
287 public String getSaslMechanism()
288 {
289 return saslMechanism;
290 }
291
292
293 public byte[] getCredentials()
294 {
295 return credentials;
296 }
297 }