Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added MessageSource support for LDAP provider classes.

This commit is contained in:
Luke Taylor 2006-01-03 20:31:19 +00:00
parent e81be72bd7
commit 56bccf6070
7 changed files with 64 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
core/src/main/java/org/acegisecurity/providers/ldap/DefaultInitialDirContextFactory.java
View File

@ -24,9 +24,12 @@ import javax.naming.CommunicationException;
import javax.naming.directory.InitialDirContext; import javax.naming.directory.InitialDirContext;
import javax.naming.directory.DirContext; import javax.naming.directory.DirContext;
import org.springframework.dao.DataAccessResourceFailureException;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import org.springframework.context.MessageSourceAware;
import org.springframework.context.MessageSource;
import org.springframework.context.support.MessageSourceAccessor;
import org.acegisecurity.BadCredentialsException; import org.acegisecurity.BadCredentialsException;
import org.acegisecurity.AcegiMessageSource;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
@ -60,7 +63,8 @@ import org.apache.commons.logging.LogFactory;
* @version $Id$ * @version $Id$
* *
*/ */
public class DefaultInitialDirContextFactory implements InitialDirContextFactory { public class DefaultInitialDirContextFactory implements InitialDirContextFactory,
MessageSourceAware {
//~ Static fields/initializers ============================================= //~ Static fields/initializers =============================================
@ -72,6 +76,8 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory
//~ Instance fields ======================================================== //~ Instance fields ========================================================
protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
/** /**
* The LDAP url of the server (and root context) to connect to. * The LDAP url of the server (and root context) to connect to.
* TODO: Allow a backup URL for a replication server. * TODO: Allow a backup URL for a replication server.
@ -213,11 +219,17 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory
return new InitialDirContext(env); return new InitialDirContext(env);
} catch(CommunicationException ce) { } catch(CommunicationException ce) {
throw new DataAccessResourceFailureException("Unable to connect to LDAP Server.", ce); throw new LdapDataAccessException(messages.getMessage(
"DefaultIntitalDirContextFactory.communicationFailure",
"Unable to connect to LDAP server"), ce);
} catch(javax.naming.AuthenticationException ae) { } catch(javax.naming.AuthenticationException ae) {
throw new BadCredentialsException("Authentication to LDAP server failed.", ae); throw new BadCredentialsException(messages.getMessage(
"DefaultIntitalDirContextFactory.badCredentials",
"Bad credentials"), ae);
} catch (NamingException nx) { } catch (NamingException nx) {
throw new LdapDataAccessException("Failed to obtain InitialDirContext", nx); throw new LdapDataAccessException(messages.getMessage(
"DefaultIntitalDirContextFactory.unexpectedException",
"Failed to obtain InitialDirContext due to unexpected exception"), nx);
} }
} }
@ -265,4 +277,8 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory
Assert.notNull(extraEnvVars, "Extra environment map cannot be null."); Assert.notNull(extraEnvVars, "Extra environment map cannot be null.");
this.extraEnvVars = extraEnvVars; this.extraEnvVars = extraEnvVars;
} }
public void setMessageSource(MessageSource messageSource) {
this.messages = new MessageSourceAccessor(messageSource);
}
} }

6
core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java
View File

@ -138,10 +138,12 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
} }
protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
logger.debug("Retrieving user " + username); if(logger.isDebugEnabled()) {
logger.debug("Retrieving user " + username);
}
String password = (String)authentication.getCredentials(); String password = (String)authentication.getCredentials();
Assert.notNull(password, "Null password was supplied in authentication token"); Assert.hasLength(password, "Null or empty password was supplied in authentication token");
LdapUserInfo ldapUser = authenticator.authenticate(username, password); LdapUserInfo ldapUser = authenticator.authenticate(username, password);

12
core/src/main/java/org/acegisecurity/providers/ldap/authenticator/AbstractLdapAuthenticator.java
View File

@ -18,8 +18,12 @@ package org.acegisecurity.providers.ldap.authenticator;
import org.acegisecurity.providers.ldap.LdapAuthenticator; import org.acegisecurity.providers.ldap.LdapAuthenticator;
import org.acegisecurity.providers.ldap.InitialDirContextFactory; import org.acegisecurity.providers.ldap.InitialDirContextFactory;
import org.acegisecurity.providers.ldap.LdapUserSearch; import org.acegisecurity.providers.ldap.LdapUserSearch;
import org.acegisecurity.AcegiMessageSource;
import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.context.MessageSourceAware;
import org.springframework.context.MessageSource;
import java.text.MessageFormat; import java.text.MessageFormat;
import java.util.List; import java.util.List;
@ -32,10 +36,11 @@ import java.util.ArrayList;
* @version $Id$ * @version $Id$
*/ */
public abstract class AbstractLdapAuthenticator implements LdapAuthenticator, public abstract class AbstractLdapAuthenticator implements LdapAuthenticator,
InitializingBean { InitializingBean, MessageSourceAware {
//~ Instance fields ======================================================== //~ Instance fields ========================================================
protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
private InitialDirContextFactory initialDirContextFactory; private InitialDirContextFactory initialDirContextFactory;
//private String[] userDnPattern = null; //private String[] userDnPattern = null;
@ -139,6 +144,11 @@ public abstract class AbstractLdapAuthenticator implements LdapAuthenticator,
return initialDirContextFactory; return initialDirContextFactory;
} }
public void setMessageSource(MessageSource messageSource) {
Assert.notNull("Message source must not be null");
this.messages = new MessageSourceAccessor(messageSource);
}
public void afterPropertiesSet() throws Exception { public void afterPropertiesSet() throws Exception {
Assert.isTrue(userDnFormat != null || userSearch != null, Assert.isTrue(userDnFormat != null || userSearch != null,
"Either an LdapUserSearch or DN pattern (or both) must be supplied."); "Either an LdapUserSearch or DN pattern (or both) must be supplied.");

12
core/src/main/java/org/acegisecurity/providers/ldap/authenticator/BindAuthenticator.java
View File

@ -66,7 +66,9 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
} }
if(user == null) { if(user == null) {
throw new BadCredentialsException("Failed to authenticate as " + username); throw new BadCredentialsException(messages.getMessage(
"BindAuthenticator.badCredentials",
"Bad credentials"));
} }
return user; return user;
@ -90,11 +92,15 @@ public final class BindAuthenticator extends AbstractLdapAuthenticator {
user = new LdapUserInfo(userDn, attributes); user = new LdapUserInfo(userDn, attributes);
} catch(NamingException ne) { } catch(NamingException ne) {
throw new LdapDataAccessException("Failed to load attributes for user " + userDn, ne); throw new LdapDataAccessException(messages.getMessage(
"BindAuthenticator.failedToLoadAttributes", new String[] {userDn},
"Failed to load attributes for user {0}"), ne);
} catch(BadCredentialsException e) { } catch(BadCredentialsException e) {
// This will be thrown if an invalid user name is used and the method may // This will be thrown if an invalid user name is used and the method may
// be called multiple times to try different names, so we trap the exception. // be called multiple times to try different names, so we trap the exception.
logger.debug("Failed to bind as " + userDn + ", " + e.getMessage()); if(logger.isDebugEnabled()) {
logger.debug("Failed to bind as " + userDn + ": " + e.getCause());
}
} finally { } finally {
LdapUtils.closeContext(ctx); LdapUtils.closeContext(ctx);
} }

10
core/src/main/java/org/acegisecurity/providers/ldap/authenticator/PasswordComparisonAuthenticator.java
View File

@ -110,7 +110,9 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic
} }
if(!verifyPassword(password, (String)retrievedPassword)) { if(!verifyPassword(password, (String)retrievedPassword)) {
throw new BadCredentialsException("Invalid password."); throw new BadCredentialsException(messages.getMessage(
"PasswordComparisonAuthenticator.badCredentials",
"Bad credentials"));
} }
} else { } else {
@ -161,7 +163,9 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic
new Object[]{passwordBytes}, ctls); new Object[]{passwordBytes}, ctls);
if(!results.hasMore()) { if(!results.hasMore()) {
throw new BadCredentialsException("Password comparison failed"); throw new BadCredentialsException(messages.getMessage(
"PasswordComparisonAuthenticator.badCredentials",
"Bad credentials"));
} }
} }
@ -172,7 +176,7 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic
} }
public void setPasswordEncoder(PasswordEncoder passwordEncoder) { public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
Assert.notNull(passwordEncoder, "Password Encoder must not be null."); Assert.notNull(passwordEncoder, "passwordEncoder must not be null.");
this.passwordEncoder = passwordEncoder; this.passwordEncoder = passwordEncoder;
} }
} }

5
core/src/main/java/org/acegisecurity/providers/ldap/authenticator/package.html Normal file
View File

@ -0,0 +1,5 @@
<html>
<body>
LDAP authenticator implementations.
</body>
</html>

6
core/src/main/resources/org/acegisecurity/messages.properties
View File

@ -37,3 +37,9 @@ SwitchUserProcessingFilter.disabled=User is disabled
SwitchUserProcessingFilter.expired=User account has expired SwitchUserProcessingFilter.expired=User account has expired
SwitchUserProcessingFilter.credentialsExpired=User credentials have expired SwitchUserProcessingFilter.credentialsExpired=User credentials have expired
AbstractAccessDecisionManager.accessDenied=Access is denied AbstractAccessDecisionManager.accessDenied=Access is denied
DefaultIntitalDirContextFactory.communicationFailure=Unable to connect to LDAP server
DefaultIntitalDirContextFactory.badCredentials=Bad credentials
DefaultIntitalDirContextFactory.unexpectedException=Failed to obtain InitialDirContext due to unexpected exception
PasswordComparisonAuthenticator.badCredentials=Bad credentials
BindAuthenticator.badCredentials=Bad credentials
BindAuthenticator.failedToLoadAttributes=Bad credentials