private void validateEnvironment(String certificatePrincipal) throws NamingException { String ou = getLDAPAttribute(certificatePrincipal, OU); LOGGER.debug("OU from certificate: ", ou); String location = getLDAPAttribute(certificatePrincipal, LOCATION); LOGGER.debug("Location from certificate: ", location); if(StringUtils.isBlank(ou)) { throw new NoSuchAttributeException("No ou in dn, you may need to update your certificate: " + certificatePrincipal); } else { if(allAccessOu.equalsIgnoreCase(StringUtils.replace(ou, " ", ""))){ LOGGER.debug("Skipping environment validation, user ou matches {} ", allAccessOu); } else { //if dn not from allAccessOu, verify the location (l) field //in the cert matches the configured environment if(StringUtils.isBlank(location)) { throw new NoSuchAttributeException("No location in dn, you may need to update your certificate: " + certificatePrincipal); } else if(!locationMatchesEnvironment(location)){ throw new NoSuchAttributeException("Invalid location from dn, expected " + environment + " but found l=" + location); } } } }
public void validate(String certificatePrincipal) throws NamingException { if (StringUtils.isBlank(getEnvironment())) { LOGGER.debug("No environment configured. Skipping Environment Cert verification."); return; } String ou = getLDAPAttribute(certificatePrincipal, OU); LOGGER.debug("OU from certificate: ", ou); String location = getLDAPAttribute(certificatePrincipal, LOCATION); LOGGER.debug("Location from certificate: ", location); if(StringUtils.isBlank(ou)) { throw new NoSuchAttributeException("No ou in dn, you may need to update your certificate: " + certificatePrincipal); } else { if(getAllAccessOu() != null && getAllAccessOu().equalsIgnoreCase(StringUtils.replace(ou, " ", ""))){ LOGGER.debug("Skipping environment validation, user ou matches {} ", getAllAccessOu()); } else { //if dn not from allAccessOu, verify the location (l) field //in the cert matches the configured environment if(StringUtils.isBlank(location)) { throw new NoSuchAttributeException("No location in dn, you may need to update your certificate: " + certificatePrincipal); } else if(!locationMatchesEnvironment(location)){ throw new NoSuchAttributeException("Invalid location from dn, expected " + getEnvironment() + " but found l=" + location); } } } }
ne = new NoSuchAttributeException( t.getLocalizedMessage() );
ne = new NoSuchAttributeException( t.getLocalizedMessage() );
ne = new NoSuchAttributeException( t.getLocalizedMessage() );
ne = new NoSuchAttributeException( t.getLocalizedMessage() );
assertThat( LdapUtils.convertLdapException( new javax.naming.directory.NoSuchAttributeException()).getClass()) .isEqualTo(org.springframework.ldap.NoSuchAttributeException.class); assertThat(