userldapservice.java

java 写的一个新闻发布系统

package org.jahia.services.ldap;

import java.io.*;
import java.util.*;
import javax.naming.*;
import javax.naming.directory.*;
import java.util.Hashtable;

import org.jahia.exceptions.*;
import org.jahia.settings.*;
import org.jahia.utils.*;


/**
 * This class manages LDAP persistance for users. For the moment it's main use
 * is to authentificate the user on an LDAP repository.
 * @author Serge Huber
 * @version 1.0
 */
public class UserLDAPService extends LDAPService {

    private static UserLDAPService m_Instance;

    private static String DEFAULT_CONFIGURATION_FILE = "users.ldap.properties";

    private static String CONTEXT_FACTORY_PROP = "users.ldap.context.factory";
    private static String LDAP_URL_PROP = "users.ldap.url";
    private static String AUTHENTIFICATION_MODE_PROP = "users.ldap.authentification.mode";
    private static String PUBLIC_BIND_DN_PROP = "users.ldap.public.bind.dn";
    private static String UID_SEARCH_ATTRIBUTE_PROP = "users.ldap.uid.search.attribute";
    private static String UID_SEARCH_NAME_PROP = "users.ldap.uid.search.name";
    private static String DN_IDENTIFIER_ATTRIBUTE_PROP = "users.ldap.dn.identifier.attribute";

    private Properties ldapProperties = null;

    /**
     * return the singleton instance
     */
    public static synchronized UserLDAPService getInstance(){

        if ( m_Instance == null ){
            m_Instance = new UserLDAPService();
        }

        return m_Instance;
    }

    public void init( JahiaPrivateSettings jSettings )
    throws JahiaInitializationException {
        String configPath = jSettings.jahiaLdapDiskPath;
        String configFileName;

        File configFile = new File(configPath + File.separator + DEFAULT_CONFIGURATION_FILE);
        if (configFile.exists()) {

            configFileName = configPath + File.separator + DEFAULT_CONFIGURATION_FILE;

            try {
                File ldapPropFile = new File (configFileName);
                FileInputStream ldapPropInputStr = new FileInputStream(ldapPropFile);
                ldapProperties = new Properties();
                ldapProperties.load(ldapPropInputStr);
                ldapPropInputStr.close();
            } catch (FileNotFoundException fnfe) {
                JahiaConsole.printe("UserLDAPService.init", fnfe);
            } catch (IOException ioe) {
                JahiaConsole.printe("UserLDAPService.init", ioe);
            }

        } else {
            JahiaConsole.println("UserLDAPService.init",
                                 "Config file not found in " + configPath + File.separator + DEFAULT_CONFIGURATION_FILE);
        }
        JahiaConsole.println("UserLDAPService.init", "Initialized");
    }

    private UserLDAPService () {
    }


    /**
     *
     */
    public String login(String userID, String userPassword) {
    String personName = null;

    try {
        DirContext publicCtx = connectToPublicDir();
        if (publicCtx != null) {
            personName = findNamebyUID(publicCtx, userID);
        }
        disconnectDir(publicCtx);

        DirContext privateCtx = null;
        privateCtx = connectToPrivateDir(personName, userPassword);
        if (privateCtx != null) {
        } else {
            personName = null;
        }
        disconnectDir(privateCtx);
    } catch (NamingException e) {
        personName = null;
    }
    return personName;
    }

    private DirContext connectToPublicDir()
    throws NamingException {
    // Identify service provider to use
    Hashtable publicEnv = new Hashtable(11);
    publicEnv.put(Context.INITIAL_CONTEXT_FACTORY,
             ldapProperties.getProperty(CONTEXT_FACTORY_PROP));
    publicEnv.put(Context.PROVIDER_URL,
                 ldapProperties.getProperty(LDAP_URL_PROP));
    publicEnv.put(Context.SECURITY_AUTHENTICATION,
                 ldapProperties.getProperty(AUTHENTIFICATION_MODE_PROP));
    publicEnv.put(Context.SECURITY_PRINCIPAL,
                 ldapProperties.getProperty(PUBLIC_BIND_DN_PROP));

    DirContext ctx = null;
    // Create the initial directory context
    ctx = new InitialDirContext(publicEnv);
    return ctx;
    }

    private DirContext connectToPrivateDir(String personName, String personPassword)
    throws NamingException {
    // Identify service provider to use
    Hashtable privateEnv = new Hashtable(11);
    privateEnv.put(Context.INITIAL_CONTEXT_FACTORY,
                  ldapProperties.getProperty(CONTEXT_FACTORY_PROP));
    privateEnv.put(Context.PROVIDER_URL,
                  ldapProperties.getProperty(LDAP_URL_PROP));
    privateEnv.put(Context.SECURITY_AUTHENTICATION,
                  ldapProperties.getProperty(AUTHENTIFICATION_MODE_PROP));
    privateEnv.put(Context.SECURITY_PRINCIPAL,
                  personName+","+
                  ldapProperties.getProperty(UID_SEARCH_NAME_PROP));
    privateEnv.put(Context.SECURITY_CREDENTIALS,
                  personPassword);

    // Create the initial directory context
    DirContext ctx = new InitialDirContext(privateEnv);
    return ctx;
    }

    private void disconnectDir(DirContext ctx)
    throws NamingException {
    ctx.close();
    }

    private String findNamebyUID(DirContext ctx, String uid)
    throws NamingException {
        String personName = null;

    // Search for objects that have those matching attributes
    SearchControls searchCtl = new SearchControls();
    searchCtl.setSearchScope(SearchControls.SUBTREE_SCOPE);
    NamingEnumeration answer = ctx.search(ldapProperties.getProperty(UID_SEARCH_NAME_PROP),
                          ldapProperties.getProperty(UID_SEARCH_ATTRIBUTE_PROP) + "=" + uid,
                          searchCtl);

    if (answer.hasMore()) {
        // we only take the first value if there are multiple answers, which
        // should normally NOT happend if the uid is unique !!
        SearchResult sr = (SearchResult)answer.next();
        Attributes attrs = sr.getAttributes();
        personName = (String) attrs.get(ldapProperties.getProperty(DN_IDENTIFIER_ATTRIBUTE_PROP)).get();
        personName = sr.getName();
    }
    return personName;
    }

}