📄 ldapauthserviceimpl.java
字号:
protected boolean checkUserPassword(String username, String password, HashMap attributes, XWikiContext context) throws XWikiException {
LDAPConnection lc = new LDAPConnection();
boolean result = false;
boolean notinLDAP = false;
String foundDN = null;
try {
int ldapPort = getLDAPPort(context);
int ldapVersion = LDAPConnection.LDAP_V3;
String ldapHost = getParam("ldap_server", context);
String bindDNFormat = getParam("ldap_bind_DN",context);
String bindPasswordFormat = getParam("ldap_bind_pass",context);
int checkLevel = GetCheckLevel(context);
Object[] arguments = {
username,
password
};
String bindDN = MessageFormat.format(bindDNFormat, arguments);
String bindPassword = MessageFormat.format(bindPasswordFormat, arguments);
String baseDN = getParam("ldap_base_DN",context);
lc.connect( ldapHost, ldapPort );
// authenticate to the server
result = Bind(bindDN, bindPassword, lc, ldapVersion);
if (result && checkLevel > 0)
{
LDAPSearchResults searchResults =
lc.search( baseDN,
LDAPConnection.SCOPE_SUB ,
"("+ getParam("ldap_UID_attr",context) +
"=" + username + ")",
null, // return all attributes
false); // return attrs and values
if (searchResults.hasMore())
{
LDAPEntry nextEntry = searchResults.next();
foundDN = nextEntry.getDN();
if (checkLevel > 1)
{
LDAPAttribute attr = new LDAPAttribute(
"userPassword", password );
result = lc.compare( foundDN, attr );
}
if (result)
{
LDAPAttributeSet attributeSet = nextEntry.getAttributeSet();
Iterator allAttributes = attributeSet.iterator();
while(allAttributes.hasNext()) {
LDAPAttribute attribute =
(LDAPAttribute)allAttributes.next();
String attributeName = attribute.getName();
Enumeration allValues = attribute.getStringValues();
if( allValues != null) {
while(allValues.hasMoreElements()) {
String Value = (String) allValues.nextElement();
attributes.put(attributeName, Value);
}
}
}
attributes.put("dn", foundDN);
}
}
else
notinLDAP = true;
if (log.isDebugEnabled()) {
if (result)
log.debug("(debug) Password check for user " + username + " successfull");
else
log.debug("(debug) Password check for user " + username + " failed");
}
}
}
catch( LDAPException e ) {
if ( e.getResultCode() == LDAPException.NO_SUCH_OBJECT ) {
notinLDAP = true;
} else if ( e.getResultCode() ==
LDAPException.NO_SUCH_ATTRIBUTE ) {
notinLDAP = true;
}
}
catch (Throwable e) {
e.printStackTrace();
}
finally
{
try {
lc.disconnect();
} catch (LDAPException e) {
e.printStackTrace();
}
}
if (notinLDAP)
{
// Use XWiki password if user not in LDAP
result = checkPassword(username, password, context);
foundDN = null;
}
return result;
}
private String getParam(String name, XWikiContext context) {
String param = "";
try {
param = context.getWiki().getXWikiPreference(name,context);
} catch (Exception e) {}
if (param == null || "".equals(param))
{
try{
param = context.getWiki().Param("xwiki.authentication." + StringUtils.replace(name, "ldap_","ldap."));
} catch (Exception e) {}
}
if (param == null)
param = "";
return param;
}
protected int GetCheckLevel(XWikiContext context)
{
String checkLevel = getParam("ldap_check_level", context);
int val = 2;
if ("1".equals(checkLevel))
val = 1;
else if ("0".equals(checkLevel))
val = 0;
return val;
}
private int getLDAPPort(XWikiContext context) {
try {
return context.getWiki().getXWikiPreferenceAsInt("ldap_port", context);
} catch (Exception e) {
return (int)context.getWiki().ParamAsLong("xwiki.authentication.ldap.port", LDAPConnection.DEFAULT_PORT);
}
}
protected boolean checkDNPassword(String DN, String username, String password, XWikiContext context) throws XWikiException {
LDAPConnection lc = new LDAPConnection();
boolean result = false;
boolean notinLDAP = false;
try {
int ldapPort = getLDAPPort(context);
int ldapVersion = LDAPConnection.LDAP_V3;
String ldapHost = getParam("ldap_server", context);
String bindDN = getParam("ldap_bind_DN",context);
String bindPassword = getParam("ldap_bind_pass",context);
String baseDN = getParam("ldap_base_DN",context);
lc.connect( ldapHost, ldapPort );
// authenticate to the server
result = Bind(DN, password, lc, ldapVersion);
if (log.isDebugEnabled()) {
if (result)
log.debug("(debug) Password check for user " + DN + " successfull");
else
log.debug("(debug) Password check for user " + DN + " failed");
}
}
catch( LDAPException e ) {
if ( e.getResultCode() == LDAPException.NO_SUCH_OBJECT ) {
notinLDAP = true;
} else if ( e.getResultCode() ==
LDAPException.NO_SUCH_ATTRIBUTE ) {
notinLDAP = true;
}
}
catch (Throwable e) {
e.printStackTrace();
}
finally
{
try {
lc.disconnect();
} catch (LDAPException e) {
e.printStackTrace();
}
}
if (notinLDAP)
{
// Use XWiki password if user not in LDAP
result = checkPassword(username, password, context);
}
return result;
}
private boolean Bind(String bindDN, String bindPassword, LDAPConnection lc, int ldapVersion) throws UnsupportedEncodingException {
boolean bound = false;
if (bindDN != null && bindDN.length() > 0 && bindPassword != null)
{
try
{
lc.bind( ldapVersion, bindDN, bindPassword.getBytes("UTF8") );
bound = true;
}
catch(LDAPException e) { };
}
return bound;
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -