Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-07 11:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1036: Removed further reference to SpringSecurityContextSource in ntlm package.

Browse Source
This commit is contained in:
Luke Taylor 2008-11-30 16:33:30 +00:00
parent 781b09e889
commit 4736d736ae
1 changed files with 57 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
ntlm/src/main/java/org/springframework/security/ui/ntlm/ldap/authenticator/NtlmAwareLdapAuthenticator.java
View File

@ -3,19 +3,18 @@
*/ */
package org.springframework.security.ui.ntlm.ldap.authenticator; package org.springframework.security.ui.ntlm.ldap.authenticator;
import org.springframework.security.Authentication; import java.util.Iterator;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.ldap.SpringSecurityContextSource;
import org.springframework.security.ldap.SpringSecurityLdapTemplate;
import org.springframework.security.providers.ldap.authenticator.BindAuthenticator;
import org.springframework.security.ui.ntlm.NtlmUsernamePasswordAuthenticationToken;
import org.springframework.ldap.NameNotFoundException;
import org.springframework.ldap.core.DirContextOperations;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.springframework.ldap.NameNotFoundException;
import java.util.Iterator; import org.springframework.ldap.core.DirContextOperations;
import org.springframework.ldap.core.support.BaseLdapPathContextSource;
import org.springframework.security.Authentication;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.ldap.SpringSecurityLdapTemplate;
import org.springframework.security.providers.ldap.authenticator.BindAuthenticator;
import org.springframework.security.ui.ntlm.NtlmUsernamePasswordAuthenticationToken;
/** /**
* Loads the UserDetails if authentication was already performed by NTLM (indicated by the type of authentication * Loads the UserDetails if authentication was already performed by NTLM (indicated by the type of authentication
@ -32,38 +31,38 @@ public class NtlmAwareLdapAuthenticator extends BindAuthenticator {
//~ Constructors =================================================================================================== //~ Constructors ===================================================================================================
public NtlmAwareLdapAuthenticator(SpringSecurityContextSource contextSource) { public NtlmAwareLdapAuthenticator(BaseLdapPathContextSource contextSource) {
super(contextSource); super(contextSource);
} }
//~ Methods ======================================================================================================== //~ Methods ========================================================================================================
/** /**
* Loads the user context information without binding. * Loads the user context information without binding.
*/ */
protected DirContextOperations loadUser(String aUserDn, String aUserName) { protected DirContextOperations loadUser(String aUserDn, String aUserName) {
SpringSecurityLdapTemplate template = new SpringSecurityLdapTemplate(getContextSource()); SpringSecurityLdapTemplate template = new SpringSecurityLdapTemplate(getContextSource());
try { try {
DirContextOperations user = template.retrieveEntry(aUserDn, getUserAttributes()); DirContextOperations user = template.retrieveEntry(aUserDn, getUserAttributes());
return user; return user;
} catch (NameNotFoundException e) { } catch (NameNotFoundException e) {
// This will be thrown if an invalid user name is used and the method may // This will be thrown if an invalid user name is used and the method may
// be called multiple times to try different names, so we trap the exception. // be called multiple times to try different names, so we trap the exception.
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Failed to load user " + aUserDn + ": " + e.getMessage(), e); logger.debug("Failed to load user " + aUserDn + ": " + e.getMessage(), e);
} }
} }
return null; return null;
} }
/** /**
* If the supplied <tt>Authentication</tt> object is of type <tt>NtlmUsernamePasswordAuthenticationToken</tt>, * If the supplied <tt>Authentication</tt> object is of type <tt>NtlmUsernamePasswordAuthenticationToken</tt>,
* the information stored in the user's directory entry is loaded without attempting to authenticate them. * the information stored in the user's directory entry is loaded without attempting to authenticate them.
* Otherwise the parent class is called to perform a bind operation to authenticate the user. * Otherwise the parent class is called to perform a bind operation to authenticate the user.
*/ */
public DirContextOperations authenticate(Authentication authentication) { public DirContextOperations authenticate(Authentication authentication) {
if (!(authentication instanceof NtlmUsernamePasswordAuthenticationToken)) { if (!(authentication instanceof NtlmUsernamePasswordAuthenticationToken)) {
// Not NTLM authenticated, so call the base class to authenticate the user. // Not NTLM authenticated, so call the base class to authenticate the user.
return super.authenticate(authentication); return super.authenticate(authentication);
@ -74,36 +73,36 @@ public class NtlmAwareLdapAuthenticator extends BindAuthenticator {
} }
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("authenticate(NtlmUsernamePasswordAuthenticationToken) - start"); //$NON-NLS-1$ logger.debug("authenticate(NtlmUsernamePasswordAuthenticationToken) - start"); //$NON-NLS-1$
} }
final String userName = authentication.getName(); final String userName = authentication.getName();
DirContextOperations user = null; DirContextOperations user = null;
// If DN patterns are configured, try authenticating with them directly // If DN patterns are configured, try authenticating with them directly
Iterator myDns = getUserDns(userName).iterator(); Iterator myDns = getUserDns(userName).iterator();
// tries them all until we found something // tries them all until we found something
while (myDns.hasNext() && (user == null)) { while (myDns.hasNext() && (user == null)) {
user = loadUser((String) myDns.next(), userName); user = loadUser((String) myDns.next(), userName);
} }
// Otherwise use the configured locator to find the user // Otherwise use the configured locator to find the user
// and authenticate with the returned DN. // and authenticate with the returned DN.
if ((user == null) && (getUserSearch() != null)) { if ((user == null) && (getUserSearch() != null)) {
DirContextOperations userFromSearch = getUserSearch().searchForUser(userName); DirContextOperations userFromSearch = getUserSearch().searchForUser(userName);
// lancer l'identificvation // lancer l'identificvation
user = loadUser(userFromSearch.getDn().toString(), userName); user = loadUser(userFromSearch.getDn().toString(), userName);
} }
// Failed to locate the user in the LDAP directory // Failed to locate the user in the LDAP directory
if (user == null) { if (user == null) {
throw new BadCredentialsException(messages.getMessage("BindAuthenticator.badCredentials", "Bad credentials")); throw new BadCredentialsException(messages.getMessage("BindAuthenticator.badCredentials", "Bad credentials"));
} }
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("authenticate(NtlmUsernamePasswordAuthenticationToken) - end"); //$NON-NLS-1$ logger.debug("authenticate(NtlmUsernamePasswordAuthenticationToken) - end"); //$NON-NLS-1$
} }
return user; return user;
} }
} }