This closes #629
This commit is contained in:
Clebert Suconic
commit
08ab1f7082
|
|
@ -145,12 +145,15 @@ public class LDAPLoginModule implements LoginModule {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected void close(DirContext context) {
|
protected void closeContext() {
|
||||||
try {
|
if (context != null) {
|
||||||
context.close();
|
try {
|
||||||
}
|
context.close();
|
||||||
catch (Exception e) {
|
context = null;
|
||||||
ActiveMQServerLogger.LOGGER.error(e.toString());
|
}
|
||||||
|
catch (Exception e) {
|
||||||
|
ActiveMQServerLogger.LOGGER.error(e.toString());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -159,13 +162,11 @@ public class LDAPLoginModule implements LoginModule {
|
||||||
MessageFormat userSearchMatchingFormat;
|
MessageFormat userSearchMatchingFormat;
|
||||||
boolean userSearchSubtreeBool;
|
boolean userSearchSubtreeBool;
|
||||||
|
|
||||||
DirContext context = null;
|
|
||||||
|
|
||||||
if (logger.isDebugEnabled()) {
|
if (logger.isDebugEnabled()) {
|
||||||
logger.debug("Create the LDAP initial context.");
|
logger.debug("Create the LDAP initial context.");
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
context = open();
|
openContext();
|
||||||
}
|
}
|
||||||
catch (NamingException ne) {
|
catch (NamingException ne) {
|
||||||
FailedLoginException ex = new FailedLoginException("Error opening LDAP connection");
|
FailedLoginException ex = new FailedLoginException("Error opening LDAP connection");
|
||||||
|
|
@ -246,7 +247,7 @@ public class LDAPLoginModule implements LoginModule {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
catch (URISyntaxException e) {
|
catch (URISyntaxException e) {
|
||||||
close(context);
|
closeContext();
|
||||||
FailedLoginException ex = new FailedLoginException("Error parsing absolute name as URI.");
|
FailedLoginException ex = new FailedLoginException("Error parsing absolute name as URI.");
|
||||||
ex.initCause(e);
|
ex.initCause(e);
|
||||||
throw ex;
|
throw ex;
|
||||||
|
|
@ -282,12 +283,13 @@ public class LDAPLoginModule implements LoginModule {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
catch (CommunicationException e) {
|
catch (CommunicationException e) {
|
||||||
|
closeContext();
|
||||||
FailedLoginException ex = new FailedLoginException("Error contacting LDAP");
|
FailedLoginException ex = new FailedLoginException("Error contacting LDAP");
|
||||||
ex.initCause(e);
|
ex.initCause(e);
|
||||||
throw ex;
|
throw ex;
|
||||||
}
|
}
|
||||||
catch (NamingException e) {
|
catch (NamingException e) {
|
||||||
close(context);
|
closeContext();
|
||||||
FailedLoginException ex = new FailedLoginException("Error contacting LDAP");
|
FailedLoginException ex = new FailedLoginException("Error contacting LDAP");
|
||||||
ex.initCause(e);
|
ex.initCause(e);
|
||||||
throw ex;
|
throw ex;
|
||||||
|
|
@ -453,34 +455,36 @@ public class LDAPLoginModule implements LoginModule {
|
||||||
return values;
|
return values;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected DirContext open() throws NamingException {
|
protected void openContext() throws NamingException {
|
||||||
try {
|
if (context == null) {
|
||||||
Hashtable<String, String> env = new Hashtable<>();
|
try {
|
||||||
env.put(Context.INITIAL_CONTEXT_FACTORY, getLDAPPropertyValue(INITIAL_CONTEXT_FACTORY));
|
Hashtable<String, String> env = new Hashtable<>();
|
||||||
if (isLoginPropertySet(CONNECTION_USERNAME)) {
|
env.put(Context.INITIAL_CONTEXT_FACTORY, getLDAPPropertyValue(INITIAL_CONTEXT_FACTORY));
|
||||||
env.put(Context.SECURITY_PRINCIPAL, getLDAPPropertyValue(CONNECTION_USERNAME));
|
if (isLoginPropertySet(CONNECTION_USERNAME)) {
|
||||||
}
|
env.put(Context.SECURITY_PRINCIPAL, getLDAPPropertyValue(CONNECTION_USERNAME));
|
||||||
else {
|
}
|
||||||
throw new NamingException("Empty username is not allowed");
|
else {
|
||||||
}
|
throw new NamingException("Empty username is not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
if (isLoginPropertySet(CONNECTION_PASSWORD)) {
|
if (isLoginPropertySet(CONNECTION_PASSWORD)) {
|
||||||
env.put(Context.SECURITY_CREDENTIALS, getLDAPPropertyValue(CONNECTION_PASSWORD));
|
env.put(Context.SECURITY_CREDENTIALS, getLDAPPropertyValue(CONNECTION_PASSWORD));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
throw new NamingException("Empty password is not allowed");
|
throw new NamingException("Empty password is not allowed");
|
||||||
}
|
}
|
||||||
env.put(Context.SECURITY_PROTOCOL, getLDAPPropertyValue(CONNECTION_PROTOCOL));
|
env.put(Context.SECURITY_PROTOCOL, getLDAPPropertyValue(CONNECTION_PROTOCOL));
|
||||||
env.put(Context.PROVIDER_URL, getLDAPPropertyValue(CONNECTION_URL));
|
env.put(Context.PROVIDER_URL, getLDAPPropertyValue(CONNECTION_URL));
|
||||||
env.put(Context.SECURITY_AUTHENTICATION, getLDAPPropertyValue(AUTHENTICATION));
|
env.put(Context.SECURITY_AUTHENTICATION, getLDAPPropertyValue(AUTHENTICATION));
|
||||||
context = new InitialDirContext(env);
|
context = new InitialDirContext(env);
|
||||||
|
|
||||||
|
}
|
||||||
|
catch (NamingException e) {
|
||||||
|
closeContext();
|
||||||
|
ActiveMQServerLogger.LOGGER.error(e.toString());
|
||||||
|
throw e;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
catch (NamingException e) {
|
|
||||||
ActiveMQServerLogger.LOGGER.error(e.toString());
|
|
||||||
throw e;
|
|
||||||
}
|
|
||||||
return context;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private String getLDAPPropertyValue(String propertyName) {
|
private String getLDAPPropertyValue(String propertyName) {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue