]>
Commit | Line | Data |
---|---|---|
da643419 JR |
1 | diff -urN apache-tomcat-6.0.29-src.orig/java/org/apache/catalina/startup/UserConfig.java apache-tomcat-6.0.29-src/java/org/apache/catalina/startup/UserConfig.java |
2 | --- apache-tomcat-6.0.29-src.orig/java/org/apache/catalina/startup/UserConfig.java 2010-07-19 15:02:32.000000000 +0200 | |
3 | +++ apache-tomcat-6.0.29-src/java/org/apache/catalina/startup/UserConfig.java 2010-11-18 22:02:22.953623269 +0100 | |
4 | @@ -83,6 +83,65 @@ | |
336b6ea8 JR |
5 | |
6 | ||
7 | /** | |
8 | + * The connection URL for the LDAP server we will contact. | |
9 | + */ | |
10 | + private String connectionURL = null; | |
11 | + | |
12 | + | |
13 | + /** | |
14 | + * The connection username for the LDAP server we will contact. | |
15 | + */ | |
16 | + private String connectionName = null; | |
17 | + | |
18 | + | |
19 | + /** | |
20 | + * The connection password for the LDAP server we will contact. | |
21 | + */ | |
22 | + private String connectionPassword = null; | |
23 | + | |
24 | + | |
25 | + /** | |
26 | + * The type of authentication to use | |
27 | + */ | |
28 | + private String authentication = null; | |
29 | + | |
da643419 JR |
30 | + |
31 | + /** | |
32 | + * The page size for paged LDAP query. | |
33 | + */ | |
34 | + private int pageSize = 0; | |
35 | + | |
36 | + | |
336b6ea8 JR |
37 | + /** |
38 | + * The base element for user searches. | |
39 | + */ | |
40 | + private String searchBase = ""; | |
41 | + | |
42 | + | |
43 | + /** | |
44 | + * The message format used to search for users. | |
45 | + */ | |
46 | + private String searchFilter = "(objectClass=posixAccount)"; | |
47 | + | |
48 | + | |
49 | + /** | |
50 | + * Should we search the entire subtree for matching users? | |
51 | + */ | |
52 | + private boolean searchSubtree = false; | |
53 | + | |
54 | + | |
55 | + /** | |
56 | + * The attibute that denotes user name(s). | |
57 | + */ | |
58 | + private String userAttr = "uid"; | |
59 | + | |
60 | + | |
61 | + /** | |
62 | + * The attibute that denotes user home directory. | |
63 | + */ | |
64 | + private String homeAttr = "homeDirectory"; | |
65 | + | |
66 | + /** | |
67 | * The string resources for this package. | |
68 | */ | |
69 | private static final StringManager sm = | |
da643419 | 70 | @@ -186,6 +245,167 @@ |
336b6ea8 JR |
71 | |
72 | } | |
73 | ||
74 | + | |
75 | + /** | |
76 | + * The connection URL for the LDAP server we will contact. | |
77 | + */ | |
78 | + public String getConnectionURL() { | |
79 | + | |
80 | + return (this.connectionURL); | |
81 | + | |
82 | + } | |
83 | + public void setConnectionURL(String connectionURL) { | |
84 | + | |
85 | + this.connectionURL = connectionURL; | |
86 | + | |
87 | + } | |
88 | + | |
89 | + | |
90 | + /** | |
91 | + * The connection username for the LDAP server we will contact. | |
92 | + */ | |
93 | + public String getConnectionName() { | |
94 | + | |
95 | + return (this.connectionName); | |
96 | + | |
97 | + } | |
98 | + public void setConnectionName(String connectionName) { | |
99 | + | |
100 | + this.connectionName = connectionName; | |
101 | + | |
102 | + } | |
103 | + | |
104 | + | |
105 | + /** | |
106 | + * The connection password for the LDAP server we will contact. | |
107 | + */ | |
108 | + public String getConnectionPassword() { | |
109 | + | |
110 | + return (this.connectionPassword); | |
111 | + | |
112 | + } | |
113 | + public void setConnectionPassword(String connectionPassword) { | |
114 | + | |
115 | + this.connectionPassword = connectionPassword; | |
116 | + | |
117 | + } | |
118 | + | |
119 | + /** | |
120 | + * Return the type of authentication to use. | |
121 | + */ | |
122 | + public String getAuthentication() { | |
123 | + | |
124 | + return (this.authentication); | |
125 | + | |
126 | + } | |
127 | + | |
128 | + /** | |
129 | + * Set the type of authentication to use. | |
130 | + * | |
131 | + * @param authentication The authentication | |
132 | + */ | |
133 | + public void setAuthentication(String authentication) { | |
134 | + | |
135 | + this.authentication = authentication; | |
136 | + | |
137 | + } | |
138 | + | |
139 | + | |
140 | + /** | |
da643419 JR |
141 | + * Return the page size for paged LDAP query. |
142 | + */ | |
143 | + public int getPageSize() { | |
144 | + | |
145 | + return (this.pageSize); | |
146 | + | |
147 | + } | |
148 | + | |
149 | + /** | |
150 | + * Set the page size for paged LDAP query. | |
151 | + * | |
152 | + * @param pagesize The page size | |
153 | + */ | |
154 | + public void setPageSize(int pageSize) { | |
155 | + | |
156 | + this.pageSize = pageSize; | |
157 | + | |
158 | + } | |
159 | + | |
160 | + | |
161 | + /** | |
336b6ea8 JR |
162 | + * The base element for user searches. |
163 | + */ | |
164 | + public String getSearchBase() { | |
165 | + | |
166 | + return (this.searchBase); | |
167 | + | |
168 | + } | |
169 | + public void setSearchBase(String searchBase) { | |
170 | + | |
171 | + this.searchBase = searchBase; | |
172 | + | |
173 | + } | |
174 | + | |
175 | + | |
176 | + /** | |
177 | + * The message format used to search for users. | |
178 | + */ | |
179 | + public String getSearchFilter() { | |
180 | + | |
181 | + return (this.searchFilter); | |
182 | + | |
183 | + } | |
184 | + public void setSearchFilter(String searchFilter) { | |
185 | + | |
186 | + this.searchFilter = searchFilter; | |
187 | + | |
188 | + } | |
189 | + | |
190 | + | |
191 | + /** | |
192 | + * Should we search the entire subtree for matching users? | |
193 | + */ | |
194 | + public boolean getSearchSubtree() { | |
195 | + | |
196 | + return (this.searchSubtree); | |
197 | + | |
198 | + } | |
81e3baae | 199 | + public void setSearchSubtree(boolean searchSubtree) { |
336b6ea8 JR |
200 | + |
201 | + this.searchSubtree = searchSubtree; | |
202 | + | |
203 | + } | |
204 | + | |
205 | + | |
206 | + /** | |
207 | + * The attibute that denotes user name(s). | |
208 | + */ | |
209 | + public String getUserAttr() { | |
210 | + | |
211 | + return (this.userAttr); | |
212 | + | |
213 | + } | |
214 | + public void setUserAttr(String userAttr) { | |
215 | + | |
216 | + this.userAttr = userAttr; | |
217 | + | |
218 | + } | |
219 | + | |
220 | + | |
221 | + /** | |
222 | + * The attibute that denotes user home directory. | |
223 | + */ | |
224 | + public String getHomeAttr() { | |
225 | + | |
226 | + return (this.homeAttr); | |
227 | + | |
228 | + } | |
229 | + public void setHomeAttr(String homeAttr) { | |
230 | + | |
231 | + this.homeAttr = homeAttr; | |
232 | + | |
233 | + } | |
234 | + | |
235 | ||
236 | /** | |
237 | * Return the user database class name for this component. | |
da643419 JR |
238 | diff -urN apache-tomcat-6.0.29-src.orig/java/org/apache/catalina/startup/LDAPUserDatabase.java apache-tomcat-6.0.29-src/java/org/apache/catalina/startup/LDAPUserDatabase.java |
239 | --- apache-tomcat-6.0.29-src.orig/java/org/apache/catalina/startup/LDAPUserDatabase.java 1970-01-01 01:00:00.000000000 +0100 | |
240 | +++ apache-tomcat-6.0.29-src/java/org/apache/catalina/startup/LDAPUserDatabase.java 2010-11-18 22:09:07.816261633 +0100 | |
241 | @@ -0,0 +1,196 @@ | |
336b6ea8 JR |
242 | +/* |
243 | + * Licensed to the Apache Software Foundation (ASF) under one or more | |
244 | + * contributor license agreements. See the NOTICE file distributed with | |
245 | + * this work for additional information regarding copyright ownership. | |
246 | + * The ASF licenses this file to You under the Apache License, Version 2.0 | |
247 | + * (the "License"); you may not use this file except in compliance with | |
248 | + * the License. You may obtain a copy of the License at | |
249 | + * | |
250 | + * http://www.apache.org/licenses/LICENSE-2.0 | |
251 | + * | |
252 | + * Unless required by applicable law or agreed to in writing, software | |
253 | + * distributed under the License is distributed on an "AS IS" BASIS, | |
254 | + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
255 | + * See the License for the specific language governing permissions and | |
256 | + * limitations under the License. | |
257 | + */ | |
258 | + | |
259 | + | |
260 | +package org.apache.catalina.startup; | |
261 | + | |
336b6ea8 | 262 | +import java.util.Enumeration; |
bc0d3b1f | 263 | +import java.util.Hashtable; |
da643419 JR |
264 | + |
265 | +import javax.naming.Context; | |
266 | +import javax.naming.NamingEnumeration; | |
267 | +import javax.naming.NamingException; | |
336b6ea8 JR |
268 | +import javax.naming.directory.Attribute; |
269 | +import javax.naming.directory.Attributes; | |
270 | +import javax.naming.directory.SearchControls; | |
271 | +import javax.naming.directory.SearchResult; | |
da643419 JR |
272 | +import javax.naming.ldap.Control; |
273 | +import javax.naming.ldap.InitialLdapContext; | |
274 | +import javax.naming.ldap.LdapContext; | |
275 | +import javax.naming.ldap.PagedResultsControl; | |
276 | +import javax.naming.ldap.PagedResultsResponseControl; | |
277 | + | |
336b6ea8 JR |
278 | + |
279 | +/** | |
280 | + * Concrete implementation of the <code>UserDatabase</code> interface | |
281 | + * that retrieves user data from LDAP server. | |
282 | + * | |
283 | + * @author Jan Rękorajski | |
284 | + * @version 0.1 | |
285 | + */ | |
286 | + | |
287 | +public final class LDAPUserDatabase | |
288 | + implements UserDatabase { | |
289 | + | |
290 | + // --------------------------------------------------------- Constructors | |
291 | + | |
292 | + /** | |
293 | + * Initialize a new instance of this user database component. | |
294 | + */ | |
295 | + public LDAPUserDatabase() { | |
296 | + super(); | |
297 | + } | |
298 | + | |
299 | + // --------------------------------------------------- Instance Variables | |
300 | + | |
301 | + /** | |
302 | + * The set of home directories for all defined users, keyed by username. | |
303 | + */ | |
bc0d3b1f | 304 | + private Hashtable<String,String> homes = new Hashtable<String,String>(); |
336b6ea8 JR |
305 | + |
306 | + /** | |
307 | + * The UserConfig listener with which we are associated. | |
308 | + */ | |
309 | + private UserConfig userConfig = null; | |
310 | + | |
311 | + // ----------------------------------------------------------- Properties | |
312 | + | |
313 | + /** | |
314 | + * Return the UserConfig listener with which we are associated. | |
315 | + */ | |
316 | + public UserConfig getUserConfig() { | |
317 | + return (this.userConfig); | |
318 | + } | |
319 | + | |
320 | + /** | |
321 | + * Set the UserConfig listener with which we are associated. | |
322 | + * | |
323 | + * @param userConfig The new UserConfig listener | |
324 | + */ | |
325 | + public void setUserConfig(UserConfig userConfig) { | |
326 | + this.userConfig = userConfig; | |
327 | + init(); | |
328 | + } | |
329 | + | |
330 | + // ------------------------------------------------------- Public Methods | |
331 | + | |
332 | + /** | |
333 | + * Return an absolute pathname to the home directory for the specified user. | |
334 | + * | |
335 | + * @param user User for which a home directory should be retrieved | |
336 | + */ | |
337 | + public String getHome(String user) { | |
bc0d3b1f | 338 | + return homes.get(user); |
336b6ea8 JR |
339 | + } |
340 | + | |
341 | + | |
342 | + /** | |
343 | + * Return an enumeration of the usernames defined on this server. | |
344 | + */ | |
bc0d3b1f | 345 | + public Enumeration<String> getUsers() { |
336b6ea8 JR |
346 | + return (homes.keys()); |
347 | + } | |
348 | + | |
349 | + // ------------------------------------------------------ Private Methods | |
350 | + | |
351 | + | |
352 | + /** | |
353 | + * Initialize our set of users and home directories. | |
354 | + */ | |
355 | + private void init() { | |
336b6ea8 JR |
356 | + String connectionURL = userConfig.getConnectionURL(); |
357 | + String connectionName = userConfig.getConnectionName(); | |
358 | + String connectionPassword = userConfig.getConnectionPassword(); | |
359 | + String authentication = userConfig.getAuthentication(); | |
360 | + String searchBase = userConfig.getSearchBase(); | |
361 | + String searchFilter = userConfig.getSearchFilter(); | |
362 | + boolean searchSubtree = userConfig.getSearchSubtree(); | |
363 | + String userAttr = userConfig.getUserAttr(); | |
364 | + String homeAttr = userConfig.getHomeAttr(); | |
da643419 | 365 | + int pageSize = userConfig.getPageSize(); |
336b6ea8 JR |
366 | + |
367 | + try { | |
368 | + Hashtable<String,String> env = new Hashtable<String,String>(); | |
369 | + | |
da643419 | 370 | + env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); |
336b6ea8 JR |
371 | + if (connectionName != null) |
372 | + env.put(Context.SECURITY_PRINCIPAL, connectionName); | |
373 | + if (connectionPassword != null) | |
374 | + env.put(Context.SECURITY_CREDENTIALS, connectionPassword); | |
375 | + if (connectionURL != null) | |
376 | + env.put(Context.PROVIDER_URL, connectionURL); | |
377 | + if (authentication != null) | |
378 | + env.put(Context.SECURITY_AUTHENTICATION, authentication); | |
379 | + | |
da643419 | 380 | + LdapContext ctx = new InitialLdapContext(env, null); |
336b6ea8 JR |
381 | + |
382 | + SearchControls constraints = new SearchControls(); | |
da643419 JR |
383 | + String returnAttrs[] = { userAttr, homeAttr }; |
384 | + constraints.setReturningAttributes(returnAttrs); | |
336b6ea8 JR |
385 | + if (searchSubtree) { |
386 | + constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); | |
387 | + } else { | |
388 | + constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE); | |
389 | + } | |
da643419 JR |
390 | + |
391 | + // Request the paged results control | |
392 | + if (pageSize > 0) { | |
393 | + Control[] ctls = new Control[]{ new PagedResultsControl(pageSize, Control.NONCRITICAL) }; | |
394 | + ctx.setRequestControls(ctls); | |
395 | + } | |
396 | + | |
397 | + byte[] cookie = null; | |
398 | + do { | |
399 | + NamingEnumeration results = ctx.search(searchBase, searchFilter, constraints); | |
400 | + while (results != null && results.hasMore()) { | |
401 | + SearchResult sr = (SearchResult)results.next(); | |
402 | + String username = null; | |
403 | + String home = null; | |
404 | + Attributes attr = sr.getAttributes(); | |
405 | + Attribute a = attr.get(homeAttr); | |
406 | + if (a != null && a.size() == 1) | |
407 | + home = (String)a.get(); | |
408 | + a = attr.get(userAttr); | |
409 | + if ((home != null) && (a != null)) { | |
410 | + // Add all possible names of this user and corresponding directory | |
411 | + for (int i = 0; i < a.size(); i++) { | |
412 | + username = (String)a.get(i); | |
413 | + if (username != null) { | |
414 | + homes.put(username, home); | |
415 | + } | |
81e3baae | 416 | + } |
336b6ea8 | 417 | + } |
da643419 JR |
418 | + } |
419 | + cookie = null; | |
420 | + Control[] controls = ctx.getResponseControls(); | |
421 | + if (controls != null) { | |
422 | + for (int i = 0; i < controls.length; i++) { | |
423 | + if (controls[i] instanceof PagedResultsResponseControl) { | |
424 | + PagedResultsResponseControl prrc = (PagedResultsResponseControl)controls[i]; | |
425 | + cookie = prrc.getCookie(); | |
426 | + } | |
427 | + } | |
428 | + } | |
429 | + if (cookie != null) { | |
430 | + ctx.setRequestControls(new Control[]{ new PagedResultsControl(pageSize, cookie, Control.CRITICAL) }); | |
431 | + } | |
432 | + } while ((cookie != null) && (cookie.length != 0)); | |
336b6ea8 | 433 | + } catch (Exception e) { |
bc0d3b1f | 434 | + e.printStackTrace(); |
336b6ea8 JR |
435 | + } |
436 | + } | |
437 | +} |