xmlBlaster 2.2.0 API

org.xmlBlaster.authentication.plugins.ldap
Class LdapGateway

java.lang.Object
  extended by org.xmlBlaster.authentication.plugins.ldap.LdapGateway

public class LdapGateway
extends java.lang.Object

The constructor of this class connects to the specified LDAP server, thereafter you can check the password of a user.

Access of all accessible attributes for the specified login name (user) is possible as well (demo code).

Configuration of the LDAP plugin in xmlBlaster.properties:

  ldap.serverUrl=ldap://localhost:389/o=xmlBlaster,c=ORG
  ldap.rootDN=cn=Manager,o=xmlBlaster,c=ORG
  ldap.rootPwd=secret
  ldap.loginFieldName=cn
 
You may set these settings on command line as well:
  java -jar lib/xmlBlaster.jar \
        -ldap.serverUrl "ldap://localhost:389/o=xmlBlaster,c=ORG" \
        -ldap.rootDN "cn=Manager,o=xmlBlaster,c=ORG" \
        -ldap.rootPwd "secret" \
        -ldap.loginFieldName "cn"
 
NOTE: Authorization for actions is not supported with this plugin, xmlBlaster logs warnings to notify you about this. If you want to implement authorization, please subclass
        org.xmlBlaster.authentication.plugins.ldap.Session
 
and implement the method:
   public boolean isAuthorized(String actionKey, String key)
   {
      DirContext ctx = ldap.getRootContext();
      // ... your LDAP queries to authorize the user action ...
      // return true if user may do this.
   }
 

Author:
Marcel Ruff.

Field Summary
private  java.lang.String CONTEXT_FACTORY
          Specify the initial context implementation to use.
private  Global glob
           
private static java.util.logging.Logger log
           
private  java.lang.String loginFieldName
          The name in the LDAP server which represents the loginName, here we use 'cn'
private static java.lang.String ME
           
private  javax.naming.directory.DirContext rootCtx
           
private  java.lang.String rootDN
          The application xmlBlaster has sort of a super user, you may specify it in xmlBlaster.properties or on command line.
private  java.lang.String rootPwd
           
private  java.lang.String serverUrl
           
 
Constructor Summary
LdapGateway(Global glob, java.lang.String serverUrl, java.lang.String rootDN, java.lang.String rootPwd, java.lang.String loginFieldName)
          Connects to the LDAP server.
 
Method Summary
 boolean checkPassword(java.lang.String loginName, java.lang.String userPassword)
          Check password
 void close()
          Clean up resources
 java.util.Hashtable getAllAttributes(java.lang.String loginName, java.lang.String password, java.lang.String lookupUserId)
          Get all attributes of this 'Person' objectclass
 java.lang.String getBaseName()
          Extract "o=xmlBlaster,c=ORG" from "ldap://localhost:389/o=xmlBlaster,c=ORG":
 java.lang.String getPassword(javax.naming.directory.Attributes result)
          We assume that only one password is specified.
 javax.naming.directory.DirContext getRootContext()
           
 java.lang.String getServerUrl()
           
private  javax.naming.directory.DirContext getUserContext(java.lang.String loginName, java.lang.String userPassword)
          Please close the given Context after usage.
private  java.lang.String getUserDN(java.lang.String loginName)
          Searches the loginName in LDAP and returns its distinguishable name DN, e.g.
static void main(java.lang.String[] args)
          For testing only

java org.xmlBlaster.authentication.plugins.ldap.LdapGateway -loginName tim -userPassword tim -logging FINE

private  javax.naming.NamingEnumeration search(javax.naming.directory.DirContext ctx, java.lang.String filter)
          Do a ldap query.
 boolean userExists(java.lang.String loginName, java.lang.String password, java.lang.String loginNameToCheck)
          Check if given user exists
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ME

private static final java.lang.String ME
See Also:
Constant Field Values

log

private static java.util.logging.Logger log

glob

private Global glob

CONTEXT_FACTORY

private final java.lang.String CONTEXT_FACTORY
Specify the initial context implementation to use. This could also be set by using the -D option to the java program. For example, java -Djava.naming.factory.initial=com.ibm.jndi.LDAPCtxFactory LdapGateway

See Also:
Constant Field Values

rootDN

private final java.lang.String rootDN
The application xmlBlaster has sort of a super user, you may specify it in xmlBlaster.properties or on command line.


rootPwd

private final java.lang.String rootPwd

rootCtx

private javax.naming.directory.DirContext rootCtx

loginFieldName

private java.lang.String loginFieldName
The name in the LDAP server which represents the loginName, here we use 'cn'


serverUrl

private final java.lang.String serverUrl
Constructor Detail

LdapGateway

public LdapGateway(Global glob,
                   java.lang.String serverUrl,
                   java.lang.String rootDN,
                   java.lang.String rootPwd,
                   java.lang.String loginFieldName)
            throws XmlBlasterException
Connects to the LDAP server.

To test use your browser and try something like

   ldap://localhost:389/o=xmlBlaster,c=ORG??sub
 

Parameters:
serverUrl - For example "ldap://localhost:389/o=xmlBlaster,c=ORG"
rootDN - The distinguishable name of the application super user e.g. "cn=Manager,o=xmlBlaster,c=ORG"
rootPwd - The password e.g. "topsecret"
loginFieldName - The fieldname where the loginName in LDAP lies (here 'cn') (used for later login as a normal user)
Throws:
XmlBlasterException
Method Detail

close

public void close()
Clean up resources


getRootContext

public javax.naming.directory.DirContext getRootContext()
                                                 throws XmlBlasterException
Parameters:
rootDN - "cn=Manager,o=xmlBlaster,c=ORG"
rootPwd - "secret"
Returns:
The LDAP connection as master
Throws:
XmlBlasterException

getUserDN

private java.lang.String getUserDN(java.lang.String loginName)
                            throws XmlBlasterException
Searches the loginName in LDAP and returns its distinguishable name DN, e.g. cn=mrf -> returns "cn=mrf, ou=Employee, ou=096, o=xmlBlaster,c=ORG"

Parameters:
The - cn (user identifier == xmlBlaster login name) to look for
A - valid DN for the given cn or an exception
Throws:
XmlBlasterException

getUserContext

private javax.naming.directory.DirContext getUserContext(java.lang.String loginName,
                                                         java.lang.String userPassword)
                                                  throws XmlBlasterException
Please close the given Context after usage.

Parameters:
loginName - the user uid
userPassword - The users password
Returns:
The LDAP connection for this user
Throws:
XmlBlasterException

getBaseName

public java.lang.String getBaseName()
Extract "o=xmlBlaster,c=ORG" from "ldap://localhost:389/o=xmlBlaster,c=ORG":


getServerUrl

public java.lang.String getServerUrl()

getAllAttributes

public java.util.Hashtable getAllAttributes(java.lang.String loginName,
                                            java.lang.String password,
                                            java.lang.String lookupUserId)
                                     throws XmlBlasterException
Get all attributes of this 'Person' objectclass

Parameters:
loginName - The user who does the query (his login name)
If loginName==null, we use the ldap.rootDN which was specified on startup
password - His password
If loginName==null, we use the ldap.rootPwd which was specified on startup
password -
lookupUserId - The user we want to examine (can be the same as userId)
Returns:
A hashtable with all attributes for the given user (loginName )
Throws:
XmlBlasterException

getPassword

public java.lang.String getPassword(javax.naming.directory.Attributes result)
                             throws XmlBlasterException
We assume that only one password is specified. NOTE: The password is not clear text

Throws:
XmlBlasterException

userExists

public boolean userExists(java.lang.String loginName,
                          java.lang.String password,
                          java.lang.String loginNameToCheck)
                   throws XmlBlasterException
Check if given user exists

Parameters:
loginName - The user which wants to know this.
If loginName==null, we use the ldap.rootDN which was specified on startup
password - His password
If loginName==null, we use the ldap.rootPwd which was specified on startup
loginNameToCheck - The user to check
Returns:
true User is known
Throws:
XmlBlasterException

checkPassword

public boolean checkPassword(java.lang.String loginName,
                             java.lang.String userPassword)
                      throws XmlBlasterException
Check password

Parameters:
userPassword - The clear text password
Returns:
true The password is valid
Throws:
XmlBlasterException

search

private javax.naming.NamingEnumeration search(javax.naming.directory.DirContext ctx,
                                              java.lang.String filter)
                                       throws XmlBlasterException
Do a ldap query.

Parameters:
ctx - The connection to ldap
filter - Filter to use when searching: "(objectclass=*)" -> finds all
Returns:
The results
Throws:
XmlBlasterException

main

public static void main(java.lang.String[] args)
For testing only

java org.xmlBlaster.authentication.plugins.ldap.LdapGateway -loginName tim -userPassword tim -logging FINE


xmlBlaster 2.2.0 API

Copyright © 1999-2014 The xmlBlaster.org contributers.