Return-Path: 
 <cloudstack-commits-return-458-apmail-incubator-cloudstack-commits-archive=incubator.apache.org@incubator.apache.org>
X-Original-To: apmail-incubator-cloudstack-commits-archive@minotaur.apache.org
Delivered-To: apmail-incubator-cloudstack-commits-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id A73E8987E
	for <apmail-incubator-cloudstack-commits-archive@minotaur.apache.org>;
 Tue, 26 Jun 2012 02:26:58 +0000 (UTC)
Received: (qmail 44660 invoked by uid 500); 26 Jun 2012 02:26:58 -0000
Delivered-To: apmail-incubator-cloudstack-commits-archive@incubator.apache.org
Received: (qmail 44631 invoked by uid 500); 26 Jun 2012 02:26:58 -0000
Mailing-List: contact cloudstack-commits-help@incubator.apache.org;
 run by ezmlm
Precedence: bulk
List-Help: <mailto:cloudstack-commits-help@incubator.apache.org>
List-Unsubscribe: <mailto:cloudstack-commits-unsubscribe@incubator.apache.org>
List-Post: <mailto:cloudstack-commits@incubator.apache.org>
List-Id: <cloudstack-commits.incubator.apache.org>
Reply-To: cloudstack-dev@incubator.apache.org
Delivered-To: mailing list cloudstack-commits@incubator.apache.org
Received: (qmail 44622 invoked by uid 99); 26 Jun 2012 02:26:58 -0000
Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org)
 (140.211.11.114)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 26 Jun 2012 02:26:58 +0000
Received: by tyr.zones.apache.org (Postfix, from userid 65534)
	id CEAB47407; Tue, 26 Jun 2012 02:26:57 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: muralireddy@apache.org
To: cloudstack-commits@incubator.apache.org
X-Mailer: ASF-Git Admin Mailer
Subject: git commit: moving LDAP authenticator to
 plugins/user-authenticators/ldap
Message-Id: <20120626022657.CEAB47407@tyr.zones.apache.org>
Date: Tue, 26 Jun 2012 02:26:57 +0000 (UTC)

Updated Branches:
  refs/heads/master 974ad65b0 -> 1a6102be1


moving LDAP authenticator to plugins/user-authenticators/ldap


Project: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/commit/1a6102be
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/tree/1a6102be
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/diff/1a6102be

Branch: refs/heads/master
Commit: 1a6102be1e37930af9a786a5841ca76fdc019353
Parents: 974ad65
Author: Murali reddy <Murali.Reddy@citrix.com>
Authored: Mon Jun 25 19:30:00 2012 -0700
Committer: Murali reddy <Murali.Reddy@citrix.com>
Committed: Mon Jun 25 19:30:00 2012 -0700

----------------------------------------------------------------------
 build/build-cloud.xml                              |   12 +-
 plugins/user-authenticators/ldap/.classpath        |   10 +
 plugins/user-authenticators/ldap/.project          |   17 ++
 .../ldap/LDAPUserAuthenticator.java                |  159 +++++++++++++++
 plugins/user-authenticators/ldap/build.xml         |  128 ++++++++++++
 .../cloud/server/auth/LDAPUserAuthenticator.java   |  159 ---------------
 6 files changed, 323 insertions(+), 162 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1a6102be/build/build-cloud.xml
----------------------------------------------------------------------
diff --git a/build/build-cloud.xml b/build/build-cloud.xml
index 0fdc4f3..f95768a 100755
--- a/build/build-cloud.xml
+++ b/build/build-cloud.xml
@@ -479,7 +479,7 @@
 
   <target name="build-servers" depends="-init, build-server" />
 
-  <target name="build-opensource" depends="-init, build-server, build-agent, build-scripts, build-ui, build-console-proxy, build-ovm, package-oss-systemvm-iso, build-netscaler, build-f5, build-srx, build-dp-user-dispersing, build-dp-user-concentrated-pod, build-host-allocator-random">
+  <target name="build-opensource" depends="-init, build-server, build-agent, build-scripts, build-ui, build-console-proxy, build-ovm, package-oss-systemvm-iso, build-netscaler, build-f5, build-srx, build-dp-user-dispersing, build-dp-user-concentrated-pod, build-host-allocator-random, build-user-authenticator-ldap">
     <copy overwrite="true" todir="${dist.dir}">
       <fileset dir="${base.dir}/build/deploy/">
         <include name="deploy-agent.sh" />
@@ -586,7 +586,7 @@
     <delete dir="${unittest.dir}"/>
   </target>
 
-  <target name="compile-all" description="Compile all of the jars" depends="compile-utils, compile-api, compile-core, compile-server, compile-ovm, compile-netscaler, compile-f5, compile-srx, compile-dp-user-dispersing, compile-dp-user-concentrated-pod, compile-host-allocator-random"/>
+  <target name="compile-all" description="Compile all of the jars" depends="compile-utils, compile-api, compile-core, compile-server, compile-ovm, compile-netscaler, compile-f5, compile-srx, compile-dp-user-dispersing, compile-dp-user-concentrated-pod, compile-host-allocator-random, compile-host-allocator-random"/>
 
   <target name="clean-all" depends="clean, clean-awsapi" description="Clean all of the generated files, including dependency cache and javadoc">
     <delete dir="${target.dir}" />
@@ -610,12 +610,18 @@
   </target>
   <target name="build-dp-user-concentrated-pod" depends="compile-dp-user-concentrated-pod" />
  
-  <!-- =====================compile-host-allocator-random.jar ===================== -->
+  <!-- =====================cloud-host-allocator-random.jar ===================== -->
   <target name="compile-host-allocator-random" depends="-init, compile-server" description="Compile ">
   	<ant antfile="${base.dir}/plugins/host-allocators/random/build.xml" target="build"/>
   </target>
   <target name="build-host-allocator-random" depends="compile-host-allocator-random" />
 
+  <!-- =====================cloud-user-authenticator-ldap.jar ===================== -->
+  <target name="compile-user-authenticator-ldap" depends="-init, compile-server" description="Compile ">
+  	<ant antfile="${base.dir}/plugins/user-authenticators/ldap/build.xml" target="build"/>
+  </target>
+  <target name="build-user-authenticator-ldap" depends="compile-user-authenticator-ldap" />
+
  <!-- ===================== Cloud-Plugin-Netscaler.Jar ===================== -->
   <target name="compile-netscaler" depends="-init, compile-server" description="Compile NetScaler plugin">
   	<ant antfile="${base.dir}/plugins/network-elements/netscaler/build.xml" target="build"/>

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1a6102be/plugins/user-authenticators/ldap/.classpath
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/.classpath b/plugins/user-authenticators/ldap/.classpath
new file mode 100755
index 0000000..e39771a
--- /dev/null
+++ b/plugins/user-authenticators/ldap/.classpath
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" path="src"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+	<classpathentry combineaccessrules="false" kind="src" path="/api"/>
+	<classpathentry combineaccessrules="false" kind="src" path="/core"/>
+	<classpathentry combineaccessrules="false" kind="src" path="/server"/>
+	<classpathentry combineaccessrules="false" kind="src" path="/utils"/>
+	<classpathentry kind="output" path="bin"/>
+</classpath>

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1a6102be/plugins/user-authenticators/ldap/.project
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/.project b/plugins/user-authenticators/ldap/.project
new file mode 100755
index 0000000..2f43179
--- /dev/null
+++ b/plugins/user-authenticators/ldap/.project
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>ldap-user-authenticator</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+	</natures>
+</projectDescription>

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1a6102be/plugins/user-authenticators/ldap/LDAPUserAuthenticator.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/LDAPUserAuthenticator.java b/plugins/user-authenticators/ldap/LDAPUserAuthenticator.java
new file mode 100644
index 0000000..8a056cc
--- /dev/null
+++ b/plugins/user-authenticators/ldap/LDAPUserAuthenticator.java
@@ -0,0 +1,159 @@
+// Copyright 2012 Citrix Systems, Inc. Licensed under the
+// Apache License, Version 2.0 (the "License"); you may not use this
+// file except in compliance with the License.  Citrix Systems, Inc.
+// reserves all rights not expressly granted by the License.
+// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// 
+// Automatically generated by addcopyright.py at 04/03/2012
+package com.cloud.server.auth;
+
+import java.util.HashMap;
+import java.util.Hashtable;
+import java.util.Map;
+
+import javax.ejb.Local;
+import javax.naming.AuthenticationException;
+import javax.naming.ConfigurationException;
+import javax.naming.Context;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+
+import org.apache.log4j.Logger;
+
+import com.cloud.api.ApiConstants.LDAPParams;
+import com.cloud.configuration.Config;
+import com.cloud.configuration.dao.ConfigurationDao;
+import com.cloud.server.ManagementServer;
+import com.cloud.user.UserAccount;
+import com.cloud.user.dao.UserAccountDao;
+import com.cloud.utils.component.ComponentLocator;
+import com.cloud.utils.crypt.DBEncryptionUtil;
+
+
+@Local(value={UserAuthenticator.class})
+public class LDAPUserAuthenticator extends DefaultUserAuthenticator {
+    public static final Logger s_logger = Logger.getLogger(LDAPUserAuthenticator.class);
+
+    private ConfigurationDao _configDao;
+    private UserAccountDao _userAccountDao;
+    
+    @Override
+    public boolean authenticate(String username, String password, Long domainId, Map<String, Object[]> requestParameters ) {
+        if (s_logger.isDebugEnabled()) {
+            s_logger.debug("Retrieving user: " + username);
+        }
+        UserAccount user = _userAccountDao.getUserAccount(username, domainId);
+        if (user == null) {
+            s_logger.debug("Unable to find user with " + username + " in domain " + domainId);
+            return false;
+        }
+
+        String url = _configDao.getValue(LDAPParams.hostname.toString());
+        if (url==null){
+            s_logger.debug("LDAP authenticator is not configured.");
+            return false;
+        }
+        String port = _configDao.getValue(LDAPParams.port.toString());
+        String queryFilter = _configDao.getValue(LDAPParams.queryfilter.toString());
+        String searchBase = _configDao.getValue(LDAPParams.searchbase.toString());
+        String useSSL = _configDao.getValue(LDAPParams.usessl.toString());
+        String bindDN = _configDao.getValue(LDAPParams.dn.toString());
+        String bindPasswd = _configDao.getValue(LDAPParams.passwd.toString());
+        String trustStore = _configDao.getValue(LDAPParams.truststore.toString());
+        String trustStorePassword = _configDao.getValue(LDAPParams.truststorepass.toString());
+        
+        try {
+            // get all params
+            Hashtable<String, String> env = new Hashtable<String, String>(11);
+            env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
+            String protocol = "ldap://" ;
+            if (new Boolean(useSSL)){
+            	env.put(Context.SECURITY_PROTOCOL, "ssl");
+                protocol="ldaps://" ;
+                System.setProperty("javax.net.ssl.trustStore", trustStore);
+                System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
+            }
+            env.put(Context.PROVIDER_URL, protocol + url  + ":" + port);
+
+            if (bindDN != null && bindPasswd != null){
+                env.put(Context.SECURITY_PRINCIPAL, bindDN);
+                env.put(Context.SECURITY_CREDENTIALS, bindPasswd);
+            }
+            else {
+            	// Use anonymous authentication
+            	env.put(Context.SECURITY_AUTHENTICATION, "none");
+            }
+           // Create the initial context
+            DirContext ctx = new InitialDirContext(env);
+            // use this context to search
+
+            // substitute the queryFilter with this user info
+            queryFilter = queryFilter.replaceAll("\\%u", username);
+            queryFilter = queryFilter.replaceAll("\\%n", user.getFirstname() + " " + user.getLastname());
+            queryFilter = queryFilter.replaceAll("\\%e", user.getEmail());
+            
+
+            SearchControls sc = new SearchControls();
+            String[] searchFilter = { "dn" };
+            sc.setReturningAttributes(new String[0]); //return no attributes
+            sc.setReturningAttributes(searchFilter);
+            sc.setSearchScope(SearchControls.SUBTREE_SCOPE);
+            sc.setCountLimit(1);
+            
+            // Search for objects with those matching attributes
+            NamingEnumeration<SearchResult> answer = ctx.search(searchBase, queryFilter,  sc);
+            SearchResult sr = (SearchResult)answer.next();
+            String cn = sr.getName();
+            answer.close();
+            ctx.close();
+            
+            s_logger.info("DN from LDAP =" + cn);
+            
+            // check the password
+            env = new Hashtable<String, String>(11);
+            env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
+            protocol = "ldap://" ;
+            if (new Boolean(useSSL)){
+            	env.put(Context.SECURITY_PROTOCOL, "ssl");
+                protocol="ldaps://" ;
+            }
+            env.put(Context.PROVIDER_URL, protocol + url  + ":" + port);
+            env.put(Context.SECURITY_PRINCIPAL, cn + "," + searchBase);
+            env.put(Context.SECURITY_CREDENTIALS, password);
+            // Create the initial context
+            ctx = new InitialDirContext(env);
+            ctx.close();
+            
+        } catch (NamingException ne) {
+            ne.printStackTrace();
+            s_logger.warn("Authentication failed due to " + ne.getMessage());
+            return false;
+        }
+        catch (Exception e){
+        	e.printStackTrace();
+            s_logger.warn("Unknown error encountered " + e.getMessage());
+            return false;
+        }
+        
+        // authenticate
+        return true;
+    }
+
+    public boolean configure(String name, Map<String, Object> params)
+            throws ConfigurationException {
+        super.configure(name, params);
+        ComponentLocator locator = ComponentLocator.getLocator(ManagementServer.Name);
+        _configDao = locator.getDao(ConfigurationDao.class);
+        _userAccountDao = locator.getDao(UserAccountDao.class);
+        return true;
+    }
+}

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1a6102be/plugins/user-authenticators/ldap/build.xml
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/ldap/build.xml b/plugins/user-authenticators/ldap/build.xml
new file mode 100755
index 0000000..c0ae8b8
--- /dev/null
+++ b/plugins/user-authenticators/ldap/build.xml
@@ -0,0 +1,128 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+
+
+<project name="Cloud Stack LDAP User Authenticator" default="help" basedir=".">
+  <description>
+		Cloud Stack ant build file
+    </description>
+
+  <dirname property="user-authenticator-ldap.base.dir" file="${ant.file.Cloud Stack LDAP User Authenticator}/"/>
+  <!-- This directory must be set -->
+  <property name="top.dir" location="${user-authenticator-ldap.base.dir}/../../.."/>
+  <property name="build.dir" location="${top.dir}/build"/>
+	
+	<echo message="build.dir=${build.dir}; top.dir=${top.dir}; user-authenticator-ldap.base.dir=${user-authenticator-ldap.base.dir}"/>
+
+  <!-- Import anything that the user wants to set-->
+  <!-- Import properties files and environment variables here -->
+
+  <property environment="env" />
+
+  <condition property="build-cloud.properties.file" value="${build.dir}/override/build-cloud.properties" else="${build.dir}/build-cloud.properties">
+    <available file="${build.dir}/override/build-cloud.properties" />
+  </condition>
+
+  <condition property="cloud.properties.file" value="${build.dir}/override/cloud.properties" else="${build.dir}/cloud.properties">
+    <available file="${build.dir}/override/cloud.properties" />
+  </condition>
+
+  <condition property="override.file" value="${build.dir}/override/replace.properties" else="${build.dir}/replace.properties">
+    <available file="${build.dir}/override/replace.properties" />
+  </condition>
+
+  <echo message="Using build parameters from ${build-cloud.properties.file}" />
+  <property file="${build-cloud.properties.file}" />
+
+  <echo message="Using company info from ${cloud.properties.file}" />
+  <property file="${cloud.properties.file}" />
+
+  <echo message="Using override file from ${override.file}" />
+  <property file="${override.file}" />
+
+  <property file="${build.dir}/build.number" />
+
+  <!-- In case these didn't get defined in the build-cloud.properties -->
+  <property name="branding.name" value="default" />
+  <property name="deprecation" value="off" />
+  <property name="target.compat.version" value="1.6" />
+  <property name="source.compat.version" value="1.6" />
+  <property name="debug" value="true" />
+  <property name="debuglevel" value="lines,source"/>
+
+  <echo message="target.dir=${target.dir}; top.dir=${top.dir}"/>
+  <!-- directories for build and distribution -->
+  <property name="target.dir" location="${top.dir}/target" />
+  <property name="classes.dir" location="${target.dir}/classes" />
+  <property name="jar.dir" location="${target.dir}/jar" />
+  <property name="dep.cache.dir" location="${target.dir}/dep-cache" />
+  <property name="build.log" location="${target.dir}/ant_verbose.txt" />
+
+  <property name="deps.dir" location="${top.dir}/deps" />
+  
+  <property name="user-authenticator-ldap.jar" value="cloud-user-authenticator-ldap.jar" />
+  <property name="user-authenticator-ldap-scripts.dir" location="${user-authenticator-ldap.base.dir}/scripts" />
+	
+  <import file="${build.dir}/build-common.xml"/>
+
+  <echo message="target.dir=${target.dir}; top.dir=${top.dir}"/>
+	
+  <!-- This section needs to be replaced by some kind of dependency library-->
+  <path id="deps.classpath">
+    <!--filelist files="${deps.classpath}" /-->
+    <fileset dir="${deps.dir}" erroronmissingdir="false">
+      <include name="*.jar" />
+    </fileset>
+  </path>
+	
+  <path id="cloudstack.classpath">
+  	<fileset dir="${jar.dir}">
+  	  <include name="*.jar"/>
+    </fileset>
+  </path>
+	
+  <path id="user-authenticator-ldap.classpath">
+	<path refid="deps.classpath"/>
+  	<path refid="cloudstack.classpath"/>
+  </path>
+	
+  <!-- This section needs to be replaced by some kind of dependency library-->
+	
+	
+  <target name="init" description="Initialize binaries directory">
+  	<mkdir dir="${classes.dir}/${user-authenticator-ldap.jar}"/>
+  	<mkdir dir="${jar.dir}"/>
+  </target>
+	
+  <target name="compile-user-authenticator-ldap" depends="init" description="Compile user-authenticator-ldap">
+    <compile-java jar.name="${user-authenticator-ldap.jar}" top.dir="${user-authenticator-ldap.base.dir}" classpath="user-authenticator-ldap.classpath" />
+  </target>
+	
+  <target name="help" description="help">
+    <echo level="info" message="This is the build file for user-authenticator-ldap"/>
+    <echo level="info" message="You can do a build by doing ant build or clean by ant clean" />
+  </target>
+
+  <target name="clean-user-authenticator-ldap">
+    <delete dir="${classes.dir}/${user-authenticator-ldap.jar}"/>
+  </target>
+	
+  <target name="build" depends="compile-user-authenticator-ldap"/>
+  <target name="clean" depends="clean-user-authenticator-ldap"/>
+	
+</project>

http://git-wip-us.apache.org/repos/asf/incubator-cloudstack/blob/1a6102be/server/src/com/cloud/server/auth/LDAPUserAuthenticator.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/server/auth/LDAPUserAuthenticator.java b/server/src/com/cloud/server/auth/LDAPUserAuthenticator.java
deleted file mode 100644
index 8a056cc..0000000
--- a/server/src/com/cloud/server/auth/LDAPUserAuthenticator.java
+++ /dev/null
@@ -1,159 +0,0 @@
-// Copyright 2012 Citrix Systems, Inc. Licensed under the
-// Apache License, Version 2.0 (the "License"); you may not use this
-// file except in compliance with the License.  Citrix Systems, Inc.
-// reserves all rights not expressly granted by the License.
-// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-// 
-// Automatically generated by addcopyright.py at 04/03/2012
-package com.cloud.server.auth;
-
-import java.util.HashMap;
-import java.util.Hashtable;
-import java.util.Map;
-
-import javax.ejb.Local;
-import javax.naming.AuthenticationException;
-import javax.naming.ConfigurationException;
-import javax.naming.Context;
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.InitialDirContext;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
-
-import org.apache.log4j.Logger;
-
-import com.cloud.api.ApiConstants.LDAPParams;
-import com.cloud.configuration.Config;
-import com.cloud.configuration.dao.ConfigurationDao;
-import com.cloud.server.ManagementServer;
-import com.cloud.user.UserAccount;
-import com.cloud.user.dao.UserAccountDao;
-import com.cloud.utils.component.ComponentLocator;
-import com.cloud.utils.crypt.DBEncryptionUtil;
-
-
-@Local(value={UserAuthenticator.class})
-public class LDAPUserAuthenticator extends DefaultUserAuthenticator {
-    public static final Logger s_logger = Logger.getLogger(LDAPUserAuthenticator.class);
-
-    private ConfigurationDao _configDao;
-    private UserAccountDao _userAccountDao;
-    
-    @Override
-    public boolean authenticate(String username, String password, Long domainId, Map<String, Object[]> requestParameters ) {
-        if (s_logger.isDebugEnabled()) {
-            s_logger.debug("Retrieving user: " + username);
-        }
-        UserAccount user = _userAccountDao.getUserAccount(username, domainId);
-        if (user == null) {
-            s_logger.debug("Unable to find user with " + username + " in domain " + domainId);
-            return false;
-        }
-
-        String url = _configDao.getValue(LDAPParams.hostname.toString());
-        if (url==null){
-            s_logger.debug("LDAP authenticator is not configured.");
-            return false;
-        }
-        String port = _configDao.getValue(LDAPParams.port.toString());
-        String queryFilter = _configDao.getValue(LDAPParams.queryfilter.toString());
-        String searchBase = _configDao.getValue(LDAPParams.searchbase.toString());
-        String useSSL = _configDao.getValue(LDAPParams.usessl.toString());
-        String bindDN = _configDao.getValue(LDAPParams.dn.toString());
-        String bindPasswd = _configDao.getValue(LDAPParams.passwd.toString());
-        String trustStore = _configDao.getValue(LDAPParams.truststore.toString());
-        String trustStorePassword = _configDao.getValue(LDAPParams.truststorepass.toString());
-        
-        try {
-            // get all params
-            Hashtable<String, String> env = new Hashtable<String, String>(11);
-            env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
-            String protocol = "ldap://" ;
-            if (new Boolean(useSSL)){
-            	env.put(Context.SECURITY_PROTOCOL, "ssl");
-                protocol="ldaps://" ;
-                System.setProperty("javax.net.ssl.trustStore", trustStore);
-                System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
-            }
-            env.put(Context.PROVIDER_URL, protocol + url  + ":" + port);
-
-            if (bindDN != null && bindPasswd != null){
-                env.put(Context.SECURITY_PRINCIPAL, bindDN);
-                env.put(Context.SECURITY_CREDENTIALS, bindPasswd);
-            }
-            else {
-            	// Use anonymous authentication
-            	env.put(Context.SECURITY_AUTHENTICATION, "none");
-            }
-           // Create the initial context
-            DirContext ctx = new InitialDirContext(env);
-            // use this context to search
-
-            // substitute the queryFilter with this user info
-            queryFilter = queryFilter.replaceAll("\\%u", username);
-            queryFilter = queryFilter.replaceAll("\\%n", user.getFirstname() + " " + user.getLastname());
-            queryFilter = queryFilter.replaceAll("\\%e", user.getEmail());
-            
-
-            SearchControls sc = new SearchControls();
-            String[] searchFilter = { "dn" };
-            sc.setReturningAttributes(new String[0]); //return no attributes
-            sc.setReturningAttributes(searchFilter);
-            sc.setSearchScope(SearchControls.SUBTREE_SCOPE);
-            sc.setCountLimit(1);
-            
-            // Search for objects with those matching attributes
-            NamingEnumeration<SearchResult> answer = ctx.search(searchBase, queryFilter,  sc);
-            SearchResult sr = (SearchResult)answer.next();
-            String cn = sr.getName();
-            answer.close();
-            ctx.close();
-            
-            s_logger.info("DN from LDAP =" + cn);
-            
-            // check the password
-            env = new Hashtable<String, String>(11);
-            env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
-            protocol = "ldap://" ;
-            if (new Boolean(useSSL)){
-            	env.put(Context.SECURITY_PROTOCOL, "ssl");
-                protocol="ldaps://" ;
-            }
-            env.put(Context.PROVIDER_URL, protocol + url  + ":" + port);
-            env.put(Context.SECURITY_PRINCIPAL, cn + "," + searchBase);
-            env.put(Context.SECURITY_CREDENTIALS, password);
-            // Create the initial context
-            ctx = new InitialDirContext(env);
-            ctx.close();
-            
-        } catch (NamingException ne) {
-            ne.printStackTrace();
-            s_logger.warn("Authentication failed due to " + ne.getMessage());
-            return false;
-        }
-        catch (Exception e){
-        	e.printStackTrace();
-            s_logger.warn("Unknown error encountered " + e.getMessage());
-            return false;
-        }
-        
-        // authenticate
-        return true;
-    }
-
-    public boolean configure(String name, Map<String, Object> params)
-            throws ConfigurationException {
-        super.configure(name, params);
-        ComponentLocator locator = ComponentLocator.getLocator(ManagementServer.Name);
-        _configDao = locator.getDao(ConfigurationDao.class);
-        _userAccountDao = locator.getDao(UserAccountDao.class);
-        return true;
-    }
-}