View | Details | Raw Unified | Return to bug 11210
Collapse All | Expand All

(-)JNDIRealm.java (-24 / +24 lines)
Lines 78-87 Link Here
78
import javax.naming.AuthenticationException;
78
import javax.naming.AuthenticationException;
79
import javax.naming.directory.Attribute;
79
import javax.naming.directory.Attribute;
80
import javax.naming.directory.Attributes;
80
import javax.naming.directory.Attributes;
81
import javax.naming.directory.DirContext;
82
import javax.naming.directory.InitialDirContext;
83
import javax.naming.directory.SearchControls;
81
import javax.naming.directory.SearchControls;
84
import javax.naming.directory.SearchResult;
82
import javax.naming.directory.SearchResult;
83
import javax.naming.ldap.LdapContext;
84
import javax.naming.ldap.InitialLdapContext;
85
import org.apache.catalina.LifecycleException;
85
import org.apache.catalina.LifecycleException;
86
import org.apache.catalina.Realm;
86
import org.apache.catalina.Realm;
87
import org.apache.catalina.util.StringManager;
87
import org.apache.catalina.util.StringManager;
Lines 210-216 Link Here
210
    /**
210
    /**
211
     * The directory context linking us to our directory server.
211
     * The directory context linking us to our directory server.
212
     */
212
     */
213
    protected DirContext context = null;
213
    protected LdapContext context = null;
214
214
215
215
216
    /**
216
    /**
Lines 660-666 Link Here
660
     */
660
     */
661
    public Principal authenticate(String username, String credentials) {
661
    public Principal authenticate(String username, String credentials) {
662
662
663
        DirContext context = null;
663
        LdapContext context = null;
664
664
665
        try {
665
        try {
666
666
Lines 711-717 Link Here
711
     *
711
     *
712
     * @exception NamingException if a directory server error occurs
712
     * @exception NamingException if a directory server error occurs
713
     */
713
     */
714
    public synchronized Principal authenticate(DirContext context,
714
    public synchronized Principal authenticate(LdapContext context,
715
                                               String username,
715
                                               String username,
716
                                               String credentials)
716
                                               String credentials)
717
        throws NamingException {
717
        throws NamingException {
Lines 754-760 Link Here
754
     *
754
     *
755
     * @exception NamingException if a directory server error occurs
755
     * @exception NamingException if a directory server error occurs
756
     */
756
     */
757
    protected User getUser(DirContext context, String username)
757
    protected User getUser(LdapContext context, String username)
758
        throws NamingException {
758
        throws NamingException {
759
        
759
        
760
        User user = null;
760
        User user = null;
Lines 792-798 Link Here
792
     *
792
     *
793
     * @exception NamingException if a directory server error occurs
793
     * @exception NamingException if a directory server error occurs
794
     */
794
     */
795
    protected User getUserByPattern(DirContext context,
795
    protected User getUserByPattern(LdapContext context,
796
                                              String username,
796
                                              String username,
797
                                              String[] attrIds)
797
                                              String[] attrIds)
798
        throws NamingException {
798
        throws NamingException {
Lines 848-854 Link Here
848
     *
848
     *
849
     * @exception NamingException if a directory server error occurs
849
     * @exception NamingException if a directory server error occurs
850
     */
850
     */
851
    protected User getUserBySearch(DirContext context,
851
    protected User getUserBySearch(LdapContext context,
852
                                           String username,
852
                                           String username,
853
                                           String[] attrIds)
853
                                           String[] attrIds)
854
        throws NamingException {
854
        throws NamingException {
Lines 946-952 Link Here
946
     *
946
     *
947
     * @exception NamingException if a directory server error occurs
947
     * @exception NamingException if a directory server error occurs
948
     */
948
     */
949
    protected boolean checkCredentials(DirContext context,
949
    protected boolean checkCredentials(LdapContext context,
950
                                     User user,
950
                                     User user,
951
                                     String credentials)
951
                                     String credentials)
952
         throws NamingException {
952
         throws NamingException {
Lines 983-989 Link Here
983
     *
983
     *
984
     * @exception NamingException if a directory server error occurs
984
     * @exception NamingException if a directory server error occurs
985
     */
985
     */
986
    protected boolean compareCredentials(DirContext context,
986
    protected boolean compareCredentials(LdapContext context,
987
                                         User info,
987
                                         User info,
988
                                         String credentials)
988
                                         String credentials)
989
        throws NamingException {
989
        throws NamingException {
Lines 1020-1031 Link Here
1020
     *
1020
     *
1021
     * @exception NamingException if a directory server error occurs
1021
     * @exception NamingException if a directory server error occurs
1022
     */
1022
     */
1023
     protected boolean bindAsUser(DirContext context,
1023
     protected boolean bindAsUser(LdapContext context,
1024
                                  User user,
1024
                                  User user,
1025
                                  String credentials)
1025
                                  String credentials)
1026
         throws NamingException {
1026
         throws NamingException {
1027
         Attributes attr;
1027
         Attributes attr;
1028
1028
1029
	 boolean validated = false;
1030
1029
         if (credentials == null || user == null)
1031
         if (credentials == null || user == null)
1030
             return (false);
1032
             return (false);
1031
         
1033
         
Lines 1034-1054 Link Here
1034
             return (false);
1036
             return (false);
1035
 
1037
 
1036
         // Validate the credentials specified by the user
1038
         // Validate the credentials specified by the user
1037
         if (debug >= 3) {
1039
         if (debug > 2) {
1038
             log("  validating credentials by binding as the user");
1040
             log("  validating credentials by binding with dn " + dn);
1039
        }
1041
        }
1040
 
1042
 
1041
        // Set up security environment to bind as the user
1043
        // Set up security environment to bind as the user
1042
        context.addToEnvironment(Context.SECURITY_PRINCIPAL, dn);
1044
        context.addToEnvironment(Context.SECURITY_PRINCIPAL, dn);
1043
        context.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials);
1045
        context.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials);
1044
 
1046
 
1045
        // Elicit an LDAP bind operation
1046
        boolean validated = false;
1047
        try {
1047
        try {
1048
            if (debug > 2) {
1048
	    context.reconnect(null);
1049
                log("  binding as "  + dn);
1050
            }
1051
            attr = context.getAttributes("", null);
1052
            validated = true;
1049
            validated = true;
1053
        }
1050
        }
1054
        catch (AuthenticationException e) {
1051
        catch (AuthenticationException e) {
Lines 1071-1076 Link Here
1071
        else {
1068
        else {
1072
            context.removeFromEnvironment(Context.SECURITY_CREDENTIALS);
1069
            context.removeFromEnvironment(Context.SECURITY_CREDENTIALS);
1073
        }
1070
        }
1071
1072
	// and force an immediate rebind 
1073
	context.reconnect(null);
1074
 
1074
 
1075
        return (validated);
1075
        return (validated);
1076
     }
1076
     }
Lines 1087-1093 Link Here
1087
     *
1087
     *
1088
     * @exception NamingException if a directory server error occurs
1088
     * @exception NamingException if a directory server error occurs
1089
     */
1089
     */
1090
    protected List getRoles(DirContext context, User user)
1090
    protected List getRoles(LdapContext context, User user)
1091
        throws NamingException {
1091
        throws NamingException {
1092
1092
1093
        if (user == null)
1093
        if (user == null)
Lines 1221-1227 Link Here
1221
     *
1221
     *
1222
     * @param context The directory context to be closed
1222
     * @param context The directory context to be closed
1223
     */
1223
     */
1224
    protected void close(DirContext context) {
1224
    protected void close(LdapContext context) {
1225
1225
1226
        // Do nothing if there is no opened connection
1226
        // Do nothing if there is no opened connection
1227
        if (context == null)
1227
        if (context == null)
Lines 1277-1283 Link Here
1277
     *
1277
     *
1278
     * @exception NamingException if a directory server error occurs
1278
     * @exception NamingException if a directory server error occurs
1279
     */
1279
     */
1280
    protected DirContext open() throws NamingException {
1280
    protected LdapContext open() throws NamingException {
1281
1281
1282
        // Do nothing if there is a directory server connection already open
1282
        // Do nothing if there is a directory server connection already open
1283
        if (context != null)
1283
        if (context != null)
Lines 1294-1300 Link Here
1294
            env.put(Context.SECURITY_CREDENTIALS, connectionPassword);
1294
            env.put(Context.SECURITY_CREDENTIALS, connectionPassword);
1295
        if (connectionURL != null)
1295
        if (connectionURL != null)
1296
            env.put(Context.PROVIDER_URL, connectionURL);
1296
            env.put(Context.PROVIDER_URL, connectionURL);
1297
        context = new InitialDirContext(env);
1297
        context = new InitialLdapContext(env, null);
1298
        return (context);
1298
        return (context);
1299
1299
1300
    }
1300
    }
Lines 1305-1311 Link Here
1305
     *
1305
     *
1306
     * @param context The directory context to release
1306
     * @param context The directory context to release
1307
     */
1307
     */
1308
    protected void release(DirContext context) {
1308
    protected void release(LdapContext context) {
1309
1309
1310
        ; // NO-OP since we are not pooling anything
1310
        ; // NO-OP since we are not pooling anything
1311
1311

Return to bug 11210