ASF Bugzilla – Attachment 2506 Details for
Bug 11210
JNDIRealm successfully authenticated a non-existing user on iPlanet Directory Server
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
JNDIRealm patch to support iPlanet/Netscape LDAP provider
pch2 (text/plain), 6.68 KB, created by
John Holman
on 2002-07-27 15:07:25 UTC
(
hide
)
Description:
JNDIRealm patch to support iPlanet/Netscape LDAP provider
Filename:
MIME Type:
Creator:
John Holman
Created:
2002-07-27 15:07:25 UTC
Size:
6.68 KB
patch
obsolete
>Index: JNDIRealm.java >=================================================================== >RCS file: /home/cvspublic/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v >retrieving revision 1.8 >diff -u -r1.8 JNDIRealm.java >--- JNDIRealm.java 11 Jun 2002 15:32:28 -0000 1.8 >+++ JNDIRealm.java 27 Jul 2002 13:50:01 -0000 >@@ -78,10 +78,10 @@ > import javax.naming.AuthenticationException; > import javax.naming.directory.Attribute; > import javax.naming.directory.Attributes; >-import javax.naming.directory.DirContext; >-import javax.naming.directory.InitialDirContext; > import javax.naming.directory.SearchControls; > import javax.naming.directory.SearchResult; >+import javax.naming.ldap.LdapContext; >+import javax.naming.ldap.InitialLdapContext; > import org.apache.catalina.LifecycleException; > import org.apache.catalina.Realm; > import org.apache.catalina.util.StringManager; >@@ -210,7 +210,7 @@ > /** > * The directory context linking us to our directory server. > */ >- protected DirContext context = null; >+ protected LdapContext context = null; > > > /** >@@ -660,7 +660,7 @@ > */ > public Principal authenticate(String username, String credentials) { > >- DirContext context = null; >+ LdapContext context = null; > > try { > >@@ -711,7 +711,7 @@ > * > * @exception NamingException if a directory server error occurs > */ >- public synchronized Principal authenticate(DirContext context, >+ public synchronized Principal authenticate(LdapContext context, > String username, > String credentials) > throws NamingException { >@@ -754,7 +754,7 @@ > * > * @exception NamingException if a directory server error occurs > */ >- protected User getUser(DirContext context, String username) >+ protected User getUser(LdapContext context, String username) > throws NamingException { > > User user = null; >@@ -792,7 +792,7 @@ > * > * @exception NamingException if a directory server error occurs > */ >- protected User getUserByPattern(DirContext context, >+ protected User getUserByPattern(LdapContext context, > String username, > String[] attrIds) > throws NamingException { >@@ -848,7 +848,7 @@ > * > * @exception NamingException if a directory server error occurs > */ >- protected User getUserBySearch(DirContext context, >+ protected User getUserBySearch(LdapContext context, > String username, > String[] attrIds) > throws NamingException { >@@ -946,7 +946,7 @@ > * > * @exception NamingException if a directory server error occurs > */ >- protected boolean checkCredentials(DirContext context, >+ protected boolean checkCredentials(LdapContext context, > User user, > String credentials) > throws NamingException { >@@ -983,7 +983,7 @@ > * > * @exception NamingException if a directory server error occurs > */ >- protected boolean compareCredentials(DirContext context, >+ protected boolean compareCredentials(LdapContext context, > User info, > String credentials) > throws NamingException { >@@ -1020,12 +1020,14 @@ > * > * @exception NamingException if a directory server error occurs > */ >- protected boolean bindAsUser(DirContext context, >+ protected boolean bindAsUser(LdapContext context, > User user, > String credentials) > throws NamingException { > Attributes attr; > >+ boolean validated = false; >+ > if (credentials == null || user == null) > return (false); > >@@ -1034,21 +1036,16 @@ > return (false); > > // Validate the credentials specified by the user >- if (debug >= 3) { >- log(" validating credentials by binding as the user"); >+ if (debug > 2) { >+ log(" validating credentials by binding with dn " + dn); > } > > // Set up security environment to bind as the user > context.addToEnvironment(Context.SECURITY_PRINCIPAL, dn); > context.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials); > >- // Elicit an LDAP bind operation >- boolean validated = false; > try { >- if (debug > 2) { >- log(" binding as " + dn); >- } >- attr = context.getAttributes("", null); >+ context.reconnect(null); > validated = true; > } > catch (AuthenticationException e) { >@@ -1071,6 +1068,9 @@ > else { > context.removeFromEnvironment(Context.SECURITY_CREDENTIALS); > } >+ >+ // and force an immediate rebind >+ context.reconnect(null); > > return (validated); > } >@@ -1087,7 +1087,7 @@ > * > * @exception NamingException if a directory server error occurs > */ >- protected List getRoles(DirContext context, User user) >+ protected List getRoles(LdapContext context, User user) > throws NamingException { > > if (user == null) >@@ -1221,7 +1221,7 @@ > * > * @param context The directory context to be closed > */ >- protected void close(DirContext context) { >+ protected void close(LdapContext context) { > > // Do nothing if there is no opened connection > if (context == null) >@@ -1277,7 +1277,7 @@ > * > * @exception NamingException if a directory server error occurs > */ >- protected DirContext open() throws NamingException { >+ protected LdapContext open() throws NamingException { > > // Do nothing if there is a directory server connection already open > if (context != null) >@@ -1294,7 +1294,7 @@ > env.put(Context.SECURITY_CREDENTIALS, connectionPassword); > if (connectionURL != null) > env.put(Context.PROVIDER_URL, connectionURL); >- context = new InitialDirContext(env); >+ context = new InitialLdapContext(env, null); > return (context); > > } >@@ -1305,7 +1305,7 @@ > * > * @param context The directory context to release > */ >- protected void release(DirContext context) { >+ protected void release(LdapContext context) { > > ; // NO-OP since we are not pooling anything >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 11210
: 2506