private SearchControls createSearchControls() { SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(searchScope); searchControls.setTimeLimit(identityMapping.searchTimeLimit); if (returningAttributes == null) { searchControls.setReturningAttributes(new String[]{}); } else { searchControls.setReturningAttributes(returningAttributes.toArray(new String[returningAttributes.size()])); } return searchControls; }
private SearchControls createSearchControls() { SearchControls searchControls = new SearchControls(); String searchScope = config.getProperty(SEARCH_SCOPE); if (searchScope != null) { searchControls.setSearchScope(parseSearchScope(searchScope)); } return searchControls; }
public NamingEnumeration<SearchResult> executeSearch(DirContext ctx) throws NamingException { DistinguishedName fullDn = LdapUtils.getFullDn(dn, ctx); SearchControls ctrls = new SearchControls(); ctrls.setReturningAttributes(new String[] { groupRoleAttributeName }); return ctx.search(groupSearchBase, groupSearchFilter, new String[] { fullDn.toUrl(), username }, ctrls); } };
private SearchResult lookupUser(String accountName) throws NamingException { InitialDirContext context = initContext(); String searchString = searchFilter.replace(":login", accountName); SearchControls searchControls = new SearchControls(); String[] attributeFilter = {idAttribute, nameAttribute, mailAttribute}; searchControls.setReturningAttributes(attributeFilter); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration<SearchResult> results = context.search(searchBase, searchString, searchControls); SearchResult searchResult = null; if (results.hasMoreElements()) { searchResult = results.nextElement(); if (results.hasMoreElements()) { LOGGER.warn("Matched multiple users for the accountName: " + accountName); return null; } } return searchResult; }
public List<Attributes> searchByFilter(String dn, String filter){ try { LdapContext context = connectionService.getContext(); NamingEnumeration<SearchResult> searchResults = context.search(dn, filter, new SearchControls()); List<Attributes> attributesList = new ArrayList<>(); while (searchResults.hasMore()) { SearchResult searchResult = searchResults.next(); attributesList.add(searchResult.getAttributes()); } return attributesList; } catch (NamingException ex) { throw new CukesRuntimeException(ex); } finally { connectionService.close(); } }
private void checkForGroupMembership(String user, DirContext context) { if (!groupAuthorizationSearchPattern.isPresent()) { return; } String userBase = userBaseDistinguishedName.orElseThrow(VerifyException::new); String searchFilter = replaceUser(groupAuthorizationSearchPattern.get(), user); SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); boolean authorized; try { NamingEnumeration<SearchResult> search = context.search(userBase, searchFilter, searchControls); authorized = search.hasMoreElements(); search.close(); } catch (NamingException e) { log.debug("Authentication error for user [%s]: %s", user, e.getMessage()); throw new RuntimeException("Authentication error"); } if (!authorized) { String message = format("User [%s] not a member of the authorized group", user); log.debug(message); throw new AccessDeniedException(message); } }
entries.clear(); final SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); try { processQueryResults(newMap, currentContext.search(queueSearchBase, getFilterForPermissionType(permissionType), constraints), DestinationType.QUEUE, permissionType); } catch (Exception e) { try { processQueryResults(newMap, currentContext.search(topicSearchBase, getFilterForPermissionType(permissionType), constraints), DestinationType.TOPIC, permissionType); } catch (Exception e) { try { processQueryResults(newMap, currentContext.search(tempSearchBase, getFilterForPermissionType(permissionType), constraints), DestinationType.TEMP, permissionType); } catch (Exception e) {
try { LdapContext ctx = new InitialLdapContext(env, null); ctx.setRequestControls(null); NamingEnumeration<?> namingEnum = ctx.search("ou=people,dc=example,dc=com", "(objectclass=user)", getSimpleSearchControls()); while (namingEnum.hasMore ()) { SearchResult result = (SearchResult) namingEnum.next (); Attributes attrs = result.getAttributes (); System.out.println(attrs.get("cn")); } namingEnum.close(); } catch (Exception e) { e.printStackTrace(); } private SearchControls getSimpleSearchControls() { SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); searchControls.setTimeLimit(30000); //String[] attrIDs = {"objectGUID"}; //searchControls.setReturningAttributes(attrIDs); return searchControls; }
public Set<GroupPrincipal> getTempDestinationWriteACLs() { try { context = open(); } catch (NamingException e) { LOG.error(e.toString()); return new HashSet<GroupPrincipal>(); } SearchControls constraints = new SearchControls(); constraints.setReturningAttributes(new String[] {writeAttribute}); return getACLs(tempSearchBase, constraints, writeBase, writeAttribute); }
private boolean isAdmin(String accountName) { if (this.adminFilter != null) { try { InitialDirContext context = initContext(); String searchString = adminFilter.replace(":login", accountName); SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); NamingEnumeration<SearchResult> results = context.search(searchBase, searchString, searchControls); if (results.hasMoreElements()) { results.nextElement(); if (results.hasMoreElements()) { LOGGER.warn("Matched multiple users for the accountName: " + accountName); return false; } return true; } } catch (NamingException e) { return false; } } return false; }
private SearchControls createSearchControl(String[] returningAttributes) { SearchControls controls = new SearchControls(); controls.setSearchScope(searchScope); controls.setTimeLimit(searchTimeLimit); controls.setReturningAttributes(returningAttributes); return controls; }
public List<Attributes> searchByFilter(String dn, String filter){ try { LdapContext context = connectionService.getContext(); NamingEnumeration<SearchResult> searchResults = context.search(dn, filter, new SearchControls()); List<Attributes> attributesList = new ArrayList<>(); while (searchResults.hasMore()) { SearchResult searchResult = searchResults.next(); attributesList.add(searchResult.getAttributes()); } return attributesList; } catch (NamingException ex) { throw new CukesRuntimeException(ex); } finally { connectionService.close(); } }
private void checkForGroupMembership(String user, DirContext context) { if (!groupAuthorizationSearchPattern.isPresent()) { return; } String searchFilter = replaceUser(groupAuthorizationSearchPattern.get(), user); SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); boolean authorized; NamingEnumeration<SearchResult> search = null; try { search = context.search(userBaseDistinguishedName.get(), searchFilter, searchControls); authorized = search.hasMoreElements(); } catch (NamingException e) { log.debug("Authentication failed", e.getMessage()); throw new RakamException("Authentication failed: " + e.getMessage(), INTERNAL_SERVER_ERROR); } finally { if (search != null) { try { search.close(); } catch (NamingException ignore) { } } } if (!authorized) { String message = format("Unauthorized user: User %s not a member of the authorized group", user); log.debug("Authorization failed for user. " + message); throw new RakamException(message, UNAUTHORIZED); } log.debug("Authorization succeeded for user %s", user); }
private DirContextOperations searchForUser(DirContext context, String username) throws NamingException { SearchControls searchControls = new SearchControls(); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); String bindPrincipal = createBindPrincipal(username); String searchRoot = rootDn != null ? rootDn : searchRootFromPrincipal(bindPrincipal); try { return SpringSecurityLdapTemplate.searchForSingleEntryInternal(context, searchControls, searchRoot, searchFilter, new Object[] { bindPrincipal, username }); } catch (IncorrectResultSizeDataAccessException incorrectResults) { // Search should never return multiple results if properly configured - just // rethrow if (incorrectResults.getActualSize() != 0) { throw incorrectResults; } // If we found no results, then the username/password did not match UsernameNotFoundException userNameNotFoundException = new UsernameNotFoundException( "User " + username + " not found in directory.", incorrectResults); throw badCredentials(userNameNotFoundException); } }
public NamingEnumeration<SearchResult> search(String baseDN, String filter) { try { SearchControls cons = new SearchControls(); cons.setSearchScope(SearchControls.SUBTREE_SCOPE); cons.setReturningObjFlag(true); return this.context.search(baseDN, filter, cons); } catch (NamingException e) { throw new RuntimeException(e); } }
public Set<GroupPrincipal> getTempDestinationReadACLs() { try { context = open(); } catch (NamingException e) { LOG.error(e.toString()); return new HashSet<GroupPrincipal>(); } SearchControls constraints = new SearchControls(); constraints.setReturningAttributes(new String[] {readAttribute}); return getACLs(tempSearchBase, constraints, readBase, readAttribute); }
SearchControls constraints = new SearchControls(); if (subTreeSearch) { constraints.setSearchScope (SearchControls.SUBTREE_SCOPE); constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE); constraints.setReturningAttributes(new String[] { usernameField }); NamingEnumeration answer = ctx.search("", princSearchFilter, new String[] {LdapManager.sanitizeSearchFilter(principal)}, constraints); return principal; Attributes atrs = ((SearchResult)answer.next()).getAttributes(); Attribute usernameAttribute = atrs.get(usernameField); username = (String) usernameAttribute.get();
SearchControls ctls = new SearchControls(); ctls.setSearchScope(searchControls.getSearchScope()); ctls.setReturningAttributes(attributeNames != null && attributeNames.length > 0 ? attributeNames : null);
eventContext = ((EventDirContext) context.lookup("")); final SearchControls constraints = new SearchControls(); constraints.setSearchScope(SearchControls.SUBTREE_SCOPE); eventContext.addNamingListener(queueSearchBase, "cn=*", new SearchControls(), this.new CachedLDAPAuthorizationMapNamespaceChangeListener( DestinationType.QUEUE, null)); eventContext.addNamingListener(topicSearchBase, "cn=*", new SearchControls(), this.new CachedLDAPAuthorizationMapNamespaceChangeListener( DestinationType.TOPIC, null));
public Set<GroupPrincipal> getTempDestinationAdminACLs() { try { context = open(); } catch (NamingException e) { LOG.error(e.toString()); return new HashSet<GroupPrincipal>(); } SearchControls constraints = new SearchControls(); constraints.setReturningAttributes(new String[] {adminAttribute}); return getACLs(tempSearchBase, constraints, adminBase, adminAttribute); }