Attachment 2506 Details for Bug 11210 – JNDIRealm patch to support iPlanet/Netscape LDAP provider

[patch] JNDIRealm patch to support iPlanet/Netscape LDAP provider

pch2 (text/plain), 6.68 KB, created by John Holman on 2002-07-27 15:07:25 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: John Holman

Created: 2002-07-27 15:07:25 UTC

Size: 6.68 KB

patch

obsolete

>Index: JNDIRealm.java
>===================================================================
>RCS file: /home/cvspublic/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/realm/JNDIRealm.java,v
>retrieving revision 1.8
>diff -u -r1.8 JNDIRealm.java
>--- JNDIRealm.java	11 Jun 2002 15:32:28 -0000	1.8
>+++ JNDIRealm.java	27 Jul 2002 13:50:01 -0000
>@@ -78,10 +78,10 @@
> import javax.naming.AuthenticationException;
> import javax.naming.directory.Attribute;
> import javax.naming.directory.Attributes;
>-import javax.naming.directory.DirContext;
>-import javax.naming.directory.InitialDirContext;
> import javax.naming.directory.SearchControls;
> import javax.naming.directory.SearchResult;
>+import javax.naming.ldap.LdapContext;
>+import javax.naming.ldap.InitialLdapContext;
> import org.apache.catalina.LifecycleException;
> import org.apache.catalina.Realm;
> import org.apache.catalina.util.StringManager;
>@@ -210,7 +210,7 @@
>     /**
>      * The directory context linking us to our directory server.
>      */
>-    protected DirContext context = null;
>+    protected LdapContext context = null;
> 
> 
>     /**
>@@ -660,7 +660,7 @@
>      */
>     public Principal authenticate(String username, String credentials) {
> 
>-        DirContext context = null;
>+        LdapContext context = null;
> 
>         try {
> 
>@@ -711,7 +711,7 @@
>      *
>      * @exception NamingException if a directory server error occurs
>      */
>-    public synchronized Principal authenticate(DirContext context,
>+    public synchronized Principal authenticate(LdapContext context,
>                                                String username,
>                                                String credentials)
>         throws NamingException {
>@@ -754,7 +754,7 @@
>      *
>      * @exception NamingException if a directory server error occurs
>      */
>-    protected User getUser(DirContext context, String username)
>+    protected User getUser(LdapContext context, String username)
>         throws NamingException {
>         
>         User user = null;
>@@ -792,7 +792,7 @@
>      *
>      * @exception NamingException if a directory server error occurs
>      */
>-    protected User getUserByPattern(DirContext context,
>+    protected User getUserByPattern(LdapContext context,
>                                               String username,
>                                               String[] attrIds)
>         throws NamingException {
>@@ -848,7 +848,7 @@
>      *
>      * @exception NamingException if a directory server error occurs
>      */
>-    protected User getUserBySearch(DirContext context,
>+    protected User getUserBySearch(LdapContext context,
>                                            String username,
>                                            String[] attrIds)
>         throws NamingException {
>@@ -946,7 +946,7 @@
>      *
>      * @exception NamingException if a directory server error occurs
>      */
>-    protected boolean checkCredentials(DirContext context,
>+    protected boolean checkCredentials(LdapContext context,
>                                      User user,
>                                      String credentials)
>          throws NamingException {
>@@ -983,7 +983,7 @@
>      *
>      * @exception NamingException if a directory server error occurs
>      */
>-    protected boolean compareCredentials(DirContext context,
>+    protected boolean compareCredentials(LdapContext context,
>                                          User info,
>                                          String credentials)
>         throws NamingException {
>@@ -1020,12 +1020,14 @@
>      *
>      * @exception NamingException if a directory server error occurs
>      */
>-     protected boolean bindAsUser(DirContext context,
>+     protected boolean bindAsUser(LdapContext context,
>                                   User user,
>                                   String credentials)
>          throws NamingException {
>          Attributes attr;
> 
>+	 boolean validated = false;
>+
>          if (credentials == null || user == null)
>              return (false);
>          
>@@ -1034,21 +1036,16 @@
>              return (false);
>  
>          // Validate the credentials specified by the user
>-         if (debug >= 3) {
>-             log("  validating credentials by binding as the user");
>+         if (debug > 2) {
>+             log("  validating credentials by binding with dn " + dn);
>         }
>  
>         // Set up security environment to bind as the user
>         context.addToEnvironment(Context.SECURITY_PRINCIPAL, dn);
>         context.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials);
>  
>-        // Elicit an LDAP bind operation
>-        boolean validated = false;
>         try {
>-            if (debug > 2) {
>-                log("  binding as "  + dn);
>-            }
>-            attr = context.getAttributes("", null);
>+	    context.reconnect(null);
>             validated = true;
>         }
>         catch (AuthenticationException e) {
>@@ -1071,6 +1068,9 @@
>         else {
>             context.removeFromEnvironment(Context.SECURITY_CREDENTIALS);
>         }
>+
>+	// and force an immediate rebind 
>+	context.reconnect(null);
>  
>         return (validated);
>      }
>@@ -1087,7 +1087,7 @@
>      *
>      * @exception NamingException if a directory server error occurs
>      */
>-    protected List getRoles(DirContext context, User user)
>+    protected List getRoles(LdapContext context, User user)
>         throws NamingException {
> 
>         if (user == null)
>@@ -1221,7 +1221,7 @@
>      *
>      * @param context The directory context to be closed
>      */
>-    protected void close(DirContext context) {
>+    protected void close(LdapContext context) {
> 
>         // Do nothing if there is no opened connection
>         if (context == null)
>@@ -1277,7 +1277,7 @@
>      *
>      * @exception NamingException if a directory server error occurs
>      */
>-    protected DirContext open() throws NamingException {
>+    protected LdapContext open() throws NamingException {
> 
>         // Do nothing if there is a directory server connection already open
>         if (context != null)
>@@ -1294,7 +1294,7 @@
>             env.put(Context.SECURITY_CREDENTIALS, connectionPassword);
>         if (connectionURL != null)
>             env.put(Context.PROVIDER_URL, connectionURL);
>-        context = new InitialDirContext(env);
>+        context = new InitialLdapContext(env, null);
>         return (context);
> 
>     }
>@@ -1305,7 +1305,7 @@
>      *
>      * @param context The directory context to release
>      */
>-    protected void release(DirContext context) {
>+    protected void release(LdapContext context) {
> 
>         ; // NO-OP since we are not pooling anything
>

Actions: View | Diff

Attachments on bug 11210: 2506