portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r502784 - /portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java
Date Fri, 02 Feb 2007 22:46:11 GMT
Author: ate
Date: Fri Feb  2 14:46:10 2007
New Revision: 502784

URL: http://svn.apache.org/viewvc?view=rev&rev=502784
Log:
Fix authenticating ldap user which is/can be stored somewhere in a subtree (also need searchScope
sub-tree for that).
Just appending a userFilterBase won't work in that case (and probably other features either,
but so far I only need authentication).
The simple solution is using the returned dn from lookupUid which will have the correct user
dn (if found).

Modified:
    portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java

Modified: portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java?view=diff&rev=502784&r1=502783&r2=502784
==============================================================================
--- portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java
(original)
+++ portals/jetspeed-2/trunk/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java
Fri Feb  2 14:46:10 2007
@@ -116,20 +116,18 @@
 			//String savedPassword = String.valueOf(getPassword(uid));
 			String oldCredential = (String)env.get(Context.SECURITY_CREDENTIALS);
 			String oldUsername = (String)env.get(Context.SECURITY_PRINCIPAL);
-			
-			
-			String principal = getEntryPrefix() + "=" + uid;
-			
-			if (!StringUtils.isEmpty(getUserFilterBase()))
-				principal+="," + getUserFilterBase();
-			if (!StringUtils.isEmpty(getRootContext()))
-				principal+="," + getRootContext();
-			
-			if (lookupByUid(uid)==null)
+						
+			String dn = lookupByUid(uid);
+            if ( dn == null )
 				throw new SecurityException(new KeyedMessage("User " + uid + " not found"));
+            
+            // Build user dn using lookup value, just appending the user filter after the
uid won't work when users
+            // are/can be stored in a subtree (searchScope sub-tree)
+            // The looked up dn though is/should always be correct, just need to append the
root context.
+            if (!StringUtils.isEmpty(getRootContext()))
+                dn +="," + getRootContext();
 			
-			
-			env.put(Context.SECURITY_PRINCIPAL,principal);
+			env.put(Context.SECURITY_PRINCIPAL,dn);
 			env.put(Context.SECURITY_CREDENTIALS,password);
 			new InitialContext(env);
 			env.put(Context.SECURITY_PRINCIPAL,oldUsername);
@@ -244,25 +242,34 @@
      */
     private char[] convertRawPassword(Attribute attr) throws NamingException
     {
-        byte[] rawPass = (byte[]) attr.getAll().next();
-        char[] charPass = new char[rawPass.length];
-
-        for (int i = 0; i < rawPass.length; i++)
+        char[] charPass = null;
+        
+        if ( attr != null )
         {
-            if (logger.isDebugEnabled())
-            {
-                logger.debug(new String("password byte[" + i + "]:" + rawPass[i]));
-            }
-
-            Byte passByte = new Byte(rawPass[i]);
+            byte[] rawPass = (byte[]) attr.getAll().next();
+            charPass = new char[rawPass.length];
 
-            logger.debug("password byte[" + i + "] short value:" + passByte.shortValue());
-            // I know I lose the sign and this is only good for ascii text.
-            charPass[i] = (char) rawPass[i];           
-            if (logger.isDebugEnabled())
+            for (int i = 0; i < rawPass.length; i++)
             {
-                logger.debug("passchar char[" + i + "]:" + charPass[i]);
+                if (logger.isDebugEnabled())
+                {
+                    logger.debug(new String("password byte[" + i + "]:" + rawPass[i]));
+                }
+
+                Byte passByte = new Byte(rawPass[i]);
+
+                logger.debug("password byte[" + i + "] short value:" + passByte.shortValue());
+                // I know I lose the sign and this is only good for ascii text.
+                charPass[i] = (char) rawPass[i];           
+                if (logger.isDebugEnabled())
+                {
+                    logger.debug("passchar char[" + i + "]:" + charPass[i]);
+                }
             }
+        }
+        else
+        {
+            charPass = new char[0];
         }
         return charPass;
     }



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message