Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactoring of BindAuthenticator to allow an extended version which uses ppolicy controls. Added no-cause constructor in LdapDataAccessException for use in data parsing errors.

This commit is contained in:
Luke Taylor 2006-02-08 02:17:44 +00:00
parent ca1bf5cc21
commit 2daea069f9
2 changed files with 24 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
core/src/main/java/org/acegisecurity/providers/ldap/LdapDataAccessException.java
View File

@ -18,13 +18,18 @@ package org.acegisecurity.providers.ldap;
import org.acegisecurity.AuthenticationServiceException;
/**
* Used to wrap unexpected NamingExceptions while accessing the LDAP server.
* Used to wrap unexpected NamingExceptions while accessing the LDAP server
* or for other LDAP-related data problems such as data we can't handle.
*
* @author Luke Taylor
* @version $Id$
*/
public class LdapDataAccessException extends AuthenticationServiceException {
public LdapDataAccessException(String msg) {
super(msg);
}
public LdapDataAccessException(String msg, Throwable ex) {
super(msg, ex);
}

30
core/src/main/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticator.java
View File

@ -33,7 +33,7 @@ import java.util.Iterator;
* @author Luke Taylor
* @version $Id$
*/
public final class BindAuthenticator extends AbstractLdapAuthenticator {
public class BindAuthenticator extends AbstractLdapAuthenticator {
//~ Static fields/initializers =============================================
@ -55,14 +55,14 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
Iterator dns = getUserDns(username).iterator();
while(dns.hasNext() && user == null) {
user = authenticateWithDn((String)dns.next(), password);
user = bindWithDn((String)dns.next(), password);
}
// Otherwise use the configured locator to find the user
// and authenticate with the returned DN.
if (user == null && getUserSearch() != null) {
LdapUserInfo userFromSearch = getUserSearch().searchForUser(username);
user = authenticateWithDn(userFromSearch.getDn(), password);
user = bindWithDn(userFromSearch.getDn(), password);
}
if(user == null) {
@ -75,10 +75,9 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
}
private LdapUserInfo authenticateWithDn(String userDn, String password) {
LdapUserInfo bindWithDn(String userDn, String password) {
DirContext ctx = null;
LdapUserInfo user = null;
Attributes attributes = null;
if (logger.isDebugEnabled()) {
logger.debug("Attempting to bind with DN = " + userDn);
@ -86,15 +85,9 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
try {
ctx = getInitialDirContextFactory().newInitialDirContext(userDn, password);
attributes = ctx.getAttributes(
LdapUtils.getRelativeName(userDn, ctx),
getUserAttributes());
Attributes attributes = loadAttributes(ctx, userDn);
user = new LdapUserInfo(userDn, attributes);
} catch(NamingException ne) {
throw new LdapDataAccessException(messages.getMessage(
"BindAuthenticator.failedToLoadAttributes", new String[] {userDn},
"Failed to load attributes for user {0}"), ne);
} catch(BadCredentialsException e) {
// This will be thrown if an invalid user name is used and the method may
// be called multiple times to try different names, so we trap the exception.
@ -108,4 +101,17 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
return user;
}
Attributes loadAttributes(DirContext ctx, String userDn) {
try {
return ctx.getAttributes(
LdapUtils.getRelativeName(userDn, ctx),
getUserAttributes());
} catch(NamingException ne) {
throw new LdapDataAccessException(messages.getMessage(
"BindAuthenticator.failedToLoadAttributes", new String[] {userDn},
"Failed to load attributes for user {0}"), ne);
}
}
}