manifoldcf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kwri...@apache.org
Subject svn commit: r1755084 - in /manifoldcf/trunk: ./ connectors/ldap/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/ldap/
Date Wed, 03 Aug 2016 12:34:27 GMT
Author: kwright
Date: Wed Aug  3 12:34:26 2016
New Revision: 1755084

URL: http://svn.apache.org/viewvc?rev=1755084&view=rev
Log:
Fix for CONNECTORS-1330.  Committed on behalf of Furkan KAMACI.

Added:
    manifoldcf/trunk/connectors/ldap/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/ldap/LDAPProtocolEnum.java
Modified:
    manifoldcf/trunk/CHANGES.txt
    manifoldcf/trunk/connectors/ldap/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/ldap/LDAPAuthority.java

Modified: manifoldcf/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/manifoldcf/trunk/CHANGES.txt?rev=1755084&r1=1755083&r2=1755084&view=diff
==============================================================================
--- manifoldcf/trunk/CHANGES.txt (original)
+++ manifoldcf/trunk/CHANGES.txt Wed Aug  3 12:34:26 2016
@@ -3,6 +3,9 @@ $Id$
 
 ======================= 2.5-dev =====================
 
+CONNECTORS-1330: Minor refactoring of LDAP connector.
+(Furkan KAMACI)
+
 CONNECTORS-1329: Add logging to LDAP connector.
 (Furkan KAMACI)
 

Modified: manifoldcf/trunk/connectors/ldap/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/ldap/LDAPAuthority.java
URL: http://svn.apache.org/viewvc/manifoldcf/trunk/connectors/ldap/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/ldap/LDAPAuthority.java?rev=1755084&r1=1755083&r2=1755084&view=diff
==============================================================================
--- manifoldcf/trunk/connectors/ldap/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/ldap/LDAPAuthority.java
(original)
+++ manifoldcf/trunk/connectors/ldap/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/ldap/LDAPAuthority.java
Wed Aug  3 12:34:26 2016
@@ -149,6 +149,7 @@ public class LDAPAuthority extends org.a
     throws ManifoldCFException {
 
     try {
+      LDAPProtocolEnum ldapProtocol = retrieveLDAPProtocol();
       if (session == null) {
         if (serverName == null || serverName.length() == 0) {
           Logging.authorityConnectors.error("Server name parameter missing but required");
@@ -192,30 +193,13 @@ public class LDAPAuthority extends org.a
         } else {
           sslKeystore = KeystoreManagerFactory.make("");
         }
-        
-        // Set thread local for keystore stuff
-        LDAPSSLSocketFactory.setSocketFactoryProducer(sslKeystore);
-
-        final String protocolToUse;
-        final boolean useTls;
-        if (serverProtocol == null || serverProtocol.length() == 0) {
-          protocolToUse = "ldap";
-          useTls = false;
-        } else {
-          int plusIndex = serverProtocol.indexOf("+");
-          if (plusIndex == -1) {
-            plusIndex = serverProtocol.length();
-            useTls = false;
-          } else {
-            useTls = true;
-          }
-          protocolToUse = serverProtocol.substring(0,plusIndex);
-        }
 
         final Hashtable env = new Hashtable();
         env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
         env.put(Context.PROVIDER_URL, "ldap://" + serverName + ":" + serverPort + "/" + serverBase);
-        if (protocolToUse.equals("ldaps")) {
+        if (LDAPProtocolEnum.LDAPS.equals(ldapProtocol)) {
+          // Set thread local for keystore stuff
+          LDAPSSLSocketFactory.setSocketFactoryProducer(sslKeystore);
           env.put(Context.SECURITY_PROTOCOL, "ssl");
           env.put("java.naming.ldap.factory.socket", "org.apache.manifoldcf.core.common.LDAPSSLSocketFactory");
         }
@@ -229,7 +213,7 @@ public class LDAPAuthority extends org.a
         Logging.authorityConnectors.info("LDAP Context environment properties: " + Arrays.toString(env.entrySet().toArray()));
         session = new InitialLdapContext(env, null);
         
-        if (useTls) {
+        if (isLDAPTLS(ldapProtocol)) {
           // Start TLS
           StartTlsResponse tls = (StartTlsResponse) session.extendedOperation(new StartTlsRequest());
           tls.negotiate(sslKeystore.getSecureSocketFactory());
@@ -271,6 +255,56 @@ public class LDAPAuthority extends org.a
   }
 
   /**
+   * Retrieves LDAPProtocol from serverProtocol String
+   *
+   * @return LDAPProtocolEnum
+   */
+  private LDAPProtocolEnum retrieveLDAPProtocol() {
+    if (serverProtocol == null || serverProtocol.length() == 0) {
+      return  LDAPProtocolEnum.LDAP;
+    }
+
+    final LDAPProtocolEnum ldapProtocol;
+    switch (serverProtocol.toUpperCase(Locale.ENGLISH)){
+      case "LDAP":
+        ldapProtocol = LDAPProtocolEnum.LDAP;
+        break;
+      case "LDAPS":
+        ldapProtocol = LDAPProtocolEnum.LDAPS;
+        break;
+      case "LDAP+TLS":
+        ldapProtocol = LDAPProtocolEnum.LDAP_TLS;
+        break;
+      case "LDAPS+TLS":
+        ldapProtocol = LDAPProtocolEnum.LDAPS_TLS;
+        break;
+      default:
+        ldapProtocol = LDAPProtocolEnum.LDAP;
+    }
+    return ldapProtocol;
+  }
+
+  /**
+   * Checks whether TLS is enabled for given LDAP Protocol
+   *
+   * @param ldapProtocol to check
+   * @return whether TLS is enabled or not
+   */
+  private boolean isLDAPTLS (LDAPProtocolEnum ldapProtocol){
+    return LDAPProtocolEnum.LDAP_TLS.equals(ldapProtocol) || LDAPProtocolEnum.LDAPS_TLS.equals(ldapProtocol);
+  }
+
+  /**
+   * Checks whether LDAPS or LDAPS with TLS is enabled for given LDAP Protocol
+   *
+   * @param ldapProtocol to check
+   * @return whether LDAPS or LDAPS with TLS is enabled or not
+   */
+  private boolean isLDAPS (LDAPProtocolEnum ldapProtocol){
+    return LDAPProtocolEnum.LDAPS.equals(ldapProtocol) || LDAPProtocolEnum.LDAPS_TLS.equals(ldapProtocol);
+  }
+
+  /**
    * Check connection for sanity.
    */
   @Override
@@ -468,10 +502,11 @@ public class LDAPAuthority extends org.a
 
     } catch (NameNotFoundException e) {
       // This means that the user doesn't exist
-      Logging.authorityConnectors.error("Response Unreachable: "+e.getMessage(),e);
+      Logging.authorityConnectors.error("User does not exists: "+e.getMessage(), e);
       return RESPONSE_USERNOTFOUND;
     } catch (NamingException e) {
       // Unreachable
+      Logging.authorityConnectors.error("Response Unreachable: "+e.getMessage(), e);
       return RESPONSE_UNREACHABLE;
     }
   }
@@ -805,7 +840,8 @@ public class LDAPAuthority extends org.a
    * @param userName (Domain Logon Name) is the user name or identifier.
    * DC=qa-ad-76,DC=metacarta,DC=com)
    * @return SearchResult for given domain user logon name. (Should throws an
-   * exception if user is not found.)   */
+   * exception if user is not found.)
+   */
   protected SearchResult getUserEntry(LdapContext ctx, String userName)
     throws ManifoldCFException {
     String searchFilter = userSearch.replaceAll("\\{0\\}", escapeDN(userName.split("@")[0]));

Added: manifoldcf/trunk/connectors/ldap/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/ldap/LDAPProtocolEnum.java
URL: http://svn.apache.org/viewvc/manifoldcf/trunk/connectors/ldap/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/ldap/LDAPProtocolEnum.java?rev=1755084&view=auto
==============================================================================
--- manifoldcf/trunk/connectors/ldap/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/ldap/LDAPProtocolEnum.java
(added)
+++ manifoldcf/trunk/connectors/ldap/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/ldap/LDAPProtocolEnum.java
Wed Aug  3 12:34:26 2016
@@ -0,0 +1,25 @@
+/* $Id$ */
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with this
+ * work for additional information regarding copyright ownership. The ASF
+ * licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.manifoldcf.authorities.authorities.ldap;
+
+enum LDAPProtocolEnum {
+    LDAP,
+    LDAPS,
+    LDAP_TLS,
+    LDAPS_TLS
+}



Mime
View raw message