directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kayyag...@apache.org
Subject svn commit: r1546933 - /directory/escimo/trunk/ldap/src/main/java/org/apache/directory/scim/ldap/LdapResourceProvider.java
Date Mon, 02 Dec 2013 09:22:22 GMT
Author: kayyagari
Date: Mon Dec  2 09:22:22 2013
New Revision: 1546933

URL: http://svn.apache.org/r1546933
Log:
improved authentication handling

Modified:
    directory/escimo/trunk/ldap/src/main/java/org/apache/directory/scim/ldap/LdapResourceProvider.java

Modified: directory/escimo/trunk/ldap/src/main/java/org/apache/directory/scim/ldap/LdapResourceProvider.java
URL: http://svn.apache.org/viewvc/directory/escimo/trunk/ldap/src/main/java/org/apache/directory/scim/ldap/LdapResourceProvider.java?rev=1546933&r1=1546932&r2=1546933&view=diff
==============================================================================
--- directory/escimo/trunk/ldap/src/main/java/org/apache/directory/scim/ldap/LdapResourceProvider.java
(original)
+++ directory/escimo/trunk/ldap/src/main/java/org/apache/directory/scim/ldap/LdapResourceProvider.java
Mon Dec  2 09:22:22 2013
@@ -54,6 +54,7 @@ import org.apache.directory.api.ldap.mod
 import org.apache.directory.api.ldap.model.entry.DefaultEntry;
 import org.apache.directory.api.ldap.model.entry.Entry;
 import org.apache.directory.api.ldap.model.entry.Value;
+import org.apache.directory.api.ldap.model.exception.LdapAuthenticationException;
 import org.apache.directory.api.ldap.model.exception.LdapEntryAlreadyExistsException;
 import org.apache.directory.api.ldap.model.exception.LdapException;
 import org.apache.directory.api.ldap.model.filter.ExprNode;
@@ -274,7 +275,8 @@ public class LdapResourceProvider implem
             return;
         }
 
-        if ( adminConnection == null )
+        if ( ( adminConnection == null ) || 
+            ( ! ( adminConnection.isAuthenticated() || adminConnection.isConnected() ) )
)
         {
             createConnection();
         }
@@ -409,11 +411,22 @@ public class LdapResourceProvider implem
 
         if( userDn == null )
         {
-            return null;
+            // do not reveal that the user does not exist
+            throw new UnauthorizedException( "Cannot authenticate user " + userName );
         }
         
         LdapConnection conn = new LdapNetworkConnection( config );
-        conn.bind( userDn, password );
+        try
+        {
+            conn.bind( userDn, password );
+        }
+        catch( LdapAuthenticationException e )
+        {
+            UnauthorizedException ue = new UnauthorizedException( "Cannot authenticate user
" + userName + " : " + e.getMessage() );
+            ue.initCause( e );
+            throw ue;
+        }
+        
         conn.setSchemaManager( ldapSchema );
         
         String sessionId = UUID.randomUUID().toString();



Mime
View raw message