Java Code Examples for org.ldaptive.LdapEntry#getAttribute()
The following examples show how to use
org.ldaptive.LdapEntry#getAttribute() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: LDAPAuthorizationBackend2.java From deprecated-security-advanced-modules with Apache License 2.0 | 6 votes |
|
private String getRoleFromEntry(final Connection ldapConnection, final LdapName ldapName, final String role) {
if (ldapName == null || Strings.isNullOrEmpty(role)) {
return null;
}
if("dn".equalsIgnoreCase(role)) {
return ldapName.toString();
}
try {
final LdapEntry roleEntry = LdapHelper.lookup(ldapConnection, ldapName.toString());
if(roleEntry != null) {
final LdapAttribute roleAttribute = roleEntry.getAttribute(role);
if(roleAttribute != null) {
return Utils.getSingleStringValue(roleAttribute);
}
}
} catch (LdapException e) {
log.error("Unable to handle role {} because of ",ldapName, e.toString(), e);
}
return null;
}
Example 2
| Source File: LDAPAuthorizationBackend.java From deprecated-security-advanced-modules with Apache License 2.0 | 6 votes |
|
private String getRoleFromEntry(final Connection ldapConnection, final LdapName ldapName, final String role) {
if (ldapName == null || Strings.isNullOrEmpty(role)) {
return null;
}
if("dn".equalsIgnoreCase(role)) {
return ldapName.toString();
}
try {
final LdapEntry roleEntry = LdapHelper.lookup(ldapConnection, ldapName.toString());
if(roleEntry != null) {
final LdapAttribute roleAttribute = roleEntry.getAttribute(role);
if(roleAttribute != null) {
return Utils.getSingleStringValue(roleAttribute);
}
}
} catch (LdapException e) {
log.error("Unable to handle role {} because of ",ldapName, e.toString(), e);
}
return null;
}
Example 3
| Source File: LdapUtils.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
|
/**
* Reads a String value from the LdapEntry.
*
* @param entry the ldap entry
* @param attribute the attribute name
* @param nullValue the value which should be returning in case of a null value
* @return the string
*/
public static String getString(final LdapEntry entry, final String attribute, final String nullValue) {
final LdapAttribute attr = entry.getAttribute(attribute);
if (attr == null) {
return nullValue;
}
String v = null;
if (attr.isBinary()) {
final byte[] b = attr.getBinaryValue();
v = new String(b, Charset.forName("UTF-8"));
} else {
v = attr.getStringValue();
}
if (StringUtils.isNotBlank(v)) {
return v;
}
return nullValue;
}
Example 4
| Source File: LdaptiveResourceCRLFetcher.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
|
/**
* Downloads a CRL from given LDAP url.
*
* @param r the resource that is the ldap url.
* @return the x 509 cRL
* @throws Exception if connection to ldap fails, or attribute to get the revocation list is unavailable
*/
protected X509CRL fetchCRLFromLdap(final Object r) throws Exception {
try {
final String ldapURL = r.toString();
logger.debug("Fetching CRL from ldap {}", ldapURL);
final Response<SearchResult> result = performLdapSearch(ldapURL);
if (result.getResultCode() == ResultCode.SUCCESS) {
final LdapEntry entry = result.getResult().getEntry();
final LdapAttribute attribute = entry.getAttribute();
logger.debug("Located entry [{}]. Retrieving first attribute [{}]",
entry, attribute);
return fetchX509CRLFromAttribute(attribute);
} else {
logger.debug("Failed to execute the search [{}]", result);
}
throw new CertificateException("Failed to establish a connection ldap and search.");
} catch (final LdapException e) {
logger.error(e.getMessage(), e);
throw new CertificateException(e);
}
}
Example 5
| Source File: LdapAuthenticationHandler.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
|
/**
* Creates a CAS principal with attributes if the LDAP entry contains principal attributes.
*
* @param username Username that was successfully authenticated which is used for principal ID when
* {@link #setPrincipalIdAttribute(String)} is not specified.
* @param ldapEntry LDAP entry that may contain principal attributes.
*
* @return Principal if the LDAP entry contains at least a principal ID attribute value, null otherwise.
*
* @throws LoginException On security policy errors related to principal creation.
*/
protected Principal createPrincipal(final String username, final LdapEntry ldapEntry) throws LoginException {
final String id;
if (this.principalIdAttribute != null) {
final LdapAttribute principalAttr = ldapEntry.getAttribute(this.principalIdAttribute);
if (principalAttr == null || principalAttr.size() == 0) {
throw new LoginException(this.principalIdAttribute + " attribute not found for " + username);
}
if (principalAttr.size() > 1) {
if (this.allowMultiplePrincipalAttributeValues) {
logger.warn(
"Found multiple values for principal ID attribute: {}. Using first value={}.",
principalAttr,
principalAttr.getStringValue());
} else {
throw new LoginException("Multiple principal values not allowed: " + principalAttr);
}
}
id = principalAttr.getStringValue();
} else {
id = username;
}
final Map<String, Object> attributeMap = new LinkedHashMap<>(this.principalAttributeMap.size());
for (final Map.Entry<String, String> ldapAttr : this.principalAttributeMap.entrySet()) {
final LdapAttribute attr = ldapEntry.getAttribute(ldapAttr.getKey());
if (attr != null) {
logger.debug("Found principal attribute: {}", attr);
final String principalAttrName = ldapAttr.getValue();
if (attr.size() > 1) {
attributeMap.put(principalAttrName, attr.getStringValues());
} else {
attributeMap.put(principalAttrName, attr.getStringValue());
}
}
}
return this.principalFactory.createPrincipal(id, attributeMap);
}
Example 6
| Source File: DefaultLdapRegisteredServiceMapper.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
|
/**
* Gets the attribute values if more than one, otherwise an empty list.
*
* @param entry the entry
* @param attrName the attr name
* @return the collection of attribute values
*/
private Collection<String> getMultiValuedAttributeValues(@NotNull final LdapEntry entry, @NotNull final String attrName) {
final LdapAttribute attrs = entry.getAttribute(attrName);
if (attrs != null) {
return attrs.getStringValues();
}
return Collections.emptyList();
}
Example 7
| Source File: LdapSpnegoKnownClientSystemsFilterAction.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
|
/**
* Verify spnego attribute value.
*
* @param searchResult the search result
* @return true if attribute value exists and has a value
*/
protected boolean processSpnegoAttribute(final Response<SearchResult> searchResult) {
final SearchResult result = searchResult.getResult();
if (result == null || result.getEntries().isEmpty()) {
logger.debug("Spnego attribute is not found in the search results");
return false;
}
final LdapEntry entry = result.getEntry();
final LdapAttribute attribute = entry.getAttribute(this.spnegoAttributeName);
return verifySpnegyAttributeValue(attribute);
}
Example 8
| Source File: LdapAuthenticationHandler.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
|
/**
* Creates a CAS principal with attributes if the LDAP entry contains principal attributes.
*
* @param username Username that was successfully authenticated which is used for principal ID when
* {@link #setPrincipalIdAttribute(String)} is not specified.
* @param ldapEntry LDAP entry that may contain principal attributes.
*
* @return Principal if the LDAP entry contains at least a principal ID attribute value, null otherwise.
*
* @throws LoginException On security policy errors related to principal creation.
*/
protected Principal createPrincipal(final String username, final LdapEntry ldapEntry) throws LoginException {
final String id;
if (this.principalIdAttribute != null) {
final LdapAttribute principalAttr = ldapEntry.getAttribute(this.principalIdAttribute);
if (principalAttr == null || principalAttr.size() == 0) {
throw new LoginException(this.principalIdAttribute + " attribute not found for " + username);
}
if (principalAttr.size() > 1) {
if (this.allowMultiplePrincipalAttributeValues) {
logger.warn(
"Found multiple values for principal ID attribute: {}. Using first value={}.",
principalAttr,
principalAttr.getStringValue());
} else {
throw new LoginException("Multiple principal values not allowed: " + principalAttr);
}
}
id = principalAttr.getStringValue();
} else {
id = username;
}
final Map<String, Object> attributeMap = new LinkedHashMap<String, Object>(this.principalAttributeMap.size());
for (String ldapAttrName : this.principalAttributeMap.keySet()) {
final LdapAttribute attr = ldapEntry.getAttribute(ldapAttrName);
if (attr != null) {
logger.debug("Found principal attribute: {}", attr);
final String principalAttrName = this.principalAttributeMap.get(ldapAttrName);
if (attr.size() > 1) {
attributeMap.put(principalAttrName, attr.getStringValues());
} else {
attributeMap.put(principalAttrName, attr.getStringValue());
}
}
}
return new SimplePrincipal(id, attributeMap);
}
Example 9
| Source File: LdapUtils.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
|
/**
* Reads a String value from the LdapEntry.
*
* @param ctx the ldap entry
* @param attribute the attribute name
* @param nullValue the value which should be returning in case of a null value
*/
public static String getString(final LdapEntry ctx, final String attribute, final String nullValue) {
final LdapAttribute attr = ctx.getAttribute(attribute);
if (attr == null) {
return nullValue;
}
final String v = attr.getStringValue();
if (v != null) {
return v;
}
return nullValue;
}
Example 10
| Source File: DefaultLdapServiceMapper.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
|
@Override
public RegisteredService mapToRegisteredService(final LdapEntry entry) {
final LdapAttribute attr = entry.getAttribute(this.serviceIdAttribute);
if (attr != null) {
final AbstractRegisteredService s = getRegisteredService(attr.getStringValue());
if (s != null) {
s.setId(LdapUtils.getLong(entry, this.idAttribute, Long.valueOf(entry.getDn().hashCode())));
s.setServiceId(LdapUtils.getString(entry, this.serviceIdAttribute));
s.setName(LdapUtils.getString(entry, this.serviceNameAttribute));
s.setDescription(LdapUtils.getString(entry, this.serviceDescriptionAttribute));
s.setEnabled(LdapUtils.getBoolean(entry, this.serviceEnabledAttribute));
s.setTheme(LdapUtils.getString(entry, this.serviceThemeAttribute));
s.setEvaluationOrder(LdapUtils.getLong(entry, this.evaluationOrderAttribute).intValue());
s.setUsernameAttribute(LdapUtils.getString(entry, this.usernameAttribute));
s.setAllowedToProxy(LdapUtils.getBoolean(entry, this.serviceAllowedToProxyAttribute));
s.setAnonymousAccess(LdapUtils.getBoolean(entry, this.serviceAnonymousAccessAttribute));
s.setSsoEnabled(LdapUtils.getBoolean(entry, this.serviceSsoEnabledAttribute));
s.setAllowedAttributes(new ArrayList<String>(getMultiValuedAttributeValues(entry, this.serviceAllowedAttributesAttribute)));
s.setIgnoreAttributes(LdapUtils.getBoolean(entry, this.ignoreAttributesAttribute));
s.setRequiredHandlers(new HashSet<String>(getMultiValuedAttributeValues(entry, this.requiredHandlersAttribute)));
}
return s;
}
return null;
}
Example 11
| Source File: DefaultLdapServiceMapper.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
|
private Collection<String> getMultiValuedAttributeValues(@NotNull final LdapEntry entry, @NotNull final String attrName) {
final LdapAttribute attrs = entry.getAttribute(attrName);
if (attrs != null) {
return attrs.getStringValues();
}
return Collections.emptyList();
}
Example 12
| Source File: LdapUserIdNormalizer.java From codenvy with Eclipse Public License 1.0 | 5 votes |
|
/**
* Normalizes user identifier by modifying a {@link LdapEntry}, does nothing if the entry doesn't
* contain id attribute.
*
* @param entry the entry to normalize
*/
public void normalize(@Nullable LdapEntry entry) {
if (entry != null) {
final LdapAttribute idAttr = entry.getAttribute(idAttributeName);
if (idAttr != null) {
final String normalizedId = normalize(idAttr.getStringValue());
idAttr.clear();
idAttr.addStringValue(normalizedId);
}
}
}
Example 13
| Source File: LdapUserIdNormalizer.java From codenvy with Eclipse Public License 1.0 | 5 votes |
|
/**
* Retrieves user identifier from the given {@code entry} and returns a normalized value of it.
*
* @param entry the entry to retrieve id from
* @return normalized id value or null if {@code entry} is null or id is missing from entry
*/
@Nullable
public String retrieveAndNormalize(@Nullable LdapEntry entry) {
if (entry == null) {
return null;
}
final LdapAttribute idAttr = entry.getAttribute(idAttributeName);
if (idAttr == null) {
return null;
}
return normalize(idAttr.getStringValue());
}
Example 14
| Source File: UserMapper.java From codenvy with Eclipse Public License 1.0 | 5 votes |
|
@Override
public UserImpl apply(LdapEntry entry) {
return new UserImpl(
entry.getAttribute(idAttr) != null ? entry.getAttribute(idAttr).getStringValue() : null,
entry.getAttribute(mailAttr) != null ? entry.getAttribute(mailAttr).getStringValue() : null,
entry.getAttribute(nameAttr) != null
? entry.getAttribute(nameAttr).getStringValue()
: null);
}
Example 15
| Source File: ProfileMapper.java From codenvy with Eclipse Public License 1.0 | 5 votes |
|
@Override
public ProfileImpl apply(LdapEntry entry) {
final ProfileImpl profile = new ProfileImpl();
profile.setUserId(entry.getAttribute(idAttr).getStringValue());
for (Map.Entry<String, String> attrMapping : appToLdapAttrNames.entrySet()) {
final LdapAttribute ldapAttr = entry.getAttribute(attrMapping.getValue());
if (ldapAttr != null) {
profile.getAttributes().put(attrMapping.getKey(), ldapAttr.getStringValue());
}
}
return profile;
}
