/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at
* trunk/opends/resource/legal-notices/OpenDS.LICENSE
* or https://OpenDS.dev.java.net/OpenDS.LICENSE.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at
* trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
* add the following below this CDDL HEADER, with the fields enclosed
* by brackets "[]" replaced with your own identifying information:
* Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*
*
* Copyright 2008-2010 Sun Microsystems, Inc.
* Portions Copyright 2013 ForgeRock AS
*/
package org.opends.server.admin.client.ldap;
import java.util.Collection;
import java.util.Hashtable;
import java.util.LinkedList;
import java.util.List;
import javax.naming.Context;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import org.opends.admin.ads.util.BlindTrustManager;
import org.opends.admin.ads.util.ConnectionUtils;
import org.opends.admin.ads.util.TrustedSocketFactory;
import org.opends.server.admin.client.AuthenticationException;
import org.opends.server.admin.client.AuthenticationNotSupportedException;
import org.opends.server.admin.client.CommunicationException;
import org.opends.server.schema.SchemaConstants;
/**
* An LDAP connection adaptor which maps LDAP requests onto an
* underlying JNDI connection context.
*/
public final class JNDIDirContextAdaptor extends LDAPConnection {
/**
* Adapts the provided JNDI <code>DirContext</code>.
*
* @param dirContext
* The JNDI connection.
* @return Returns a new JNDI connection adaptor.
*/
public static JNDIDirContextAdaptor adapt(DirContext dirContext) {
return new JNDIDirContextAdaptor(dirContext);
}
/**
* Creates a new JNDI connection adaptor by performing a simple bind
* operation to the specified LDAP server.
*
* @param host
* The host.
* @param port
* The port.
* @param name
* The LDAP bind DN.
* @param password
* The LDAP bind password.
* @return Returns a new JNDI connection adaptor.
* @throws CommunicationException
* If the client cannot contact the server due to an
* underlying communication problem.
* @throws AuthenticationNotSupportedException
* If the server does not support simple authentication.
* @throws AuthenticationException
* If authentication failed for some reason, usually due
* to invalid credentials.
*/
public static JNDIDirContextAdaptor simpleBind(String host, int port,
String name, String password) throws CommunicationException,
AuthenticationNotSupportedException, AuthenticationException {
Hashtable<String, Object> env = new Hashtable<String, Object>();
env
.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
String hostname = ConnectionUtils.getHostNameForLdapUrl(host) ;
env.put(Context.PROVIDER_URL, "ldap://" + hostname + ":" + port);
env.put(Context.SECURITY_PRINCIPAL, name);
env.put(Context.SECURITY_CREDENTIALS, password);
DirContext ctx;
try {
ctx = new InitialLdapContext(env, null);
} catch (javax.naming.CommunicationException e) {
throw new CommunicationException(e);
} catch (javax.naming.AuthenticationException e) {
throw new AuthenticationException(e);
} catch (javax.naming.AuthenticationNotSupportedException e) {
throw new AuthenticationNotSupportedException(e);
} catch (NamingException e) {
// Assume some kind of communication problem.
throw new CommunicationException(e);
}
return new JNDIDirContextAdaptor(ctx);
}
/**
* Creates a new JNDI connection adaptor by performing a simple bind
* operation to the specified LDAP server.
*
* @param host
* The host.
* @param port
* The port.
* @param name
* The LDAP bind DN.
* @param password
* The LDAP bind password.
* @return Returns a new JNDI connection adaptor.
* @throws CommunicationException
* If the client cannot contact the server due to an
* underlying communication problem.
* @throws AuthenticationNotSupportedException
* If the server does not support simple authentication.
* @throws AuthenticationException
* If authentication failed for some reason, usually due
* to invalid credentials.
*/
public static JNDIDirContextAdaptor simpleSSLBind(String host, int port,
String name, String password) throws CommunicationException,
AuthenticationNotSupportedException, AuthenticationException {
Hashtable<String, Object> env = new Hashtable<String, Object>();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
String hostname = ConnectionUtils.getHostNameForLdapUrl(host) ;
env.put(Context.PROVIDER_URL, "ldaps://" + hostname + ":" + port);
env.put(Context.SECURITY_PRINCIPAL, name);
env.put(Context.SECURITY_CREDENTIALS, password);
env.put(Context.SECURITY_AUTHENTICATION, "simple");
// Specify SSL
env.put(Context.SECURITY_PROTOCOL, "ssl");
env.put("java.naming.ldap.factory.socket",
org.opends.admin.ads.util.TrustedSocketFactory.class.getName());
TrustedSocketFactory.setCurrentThreadTrustManager(new BlindTrustManager(),
null);
DirContext ctx;
try {
ctx = new InitialLdapContext(env, null);
} catch (javax.naming.CommunicationException e) {
throw new CommunicationException(e);
} catch (javax.naming.AuthenticationException e) {
throw new AuthenticationException(e);
} catch (javax.naming.AuthenticationNotSupportedException e) {
throw new AuthenticationNotSupportedException(e);
} catch (NamingException e) {
// Assume some kind of communication problem.
throw new CommunicationException(e);
}
return new JNDIDirContextAdaptor(ctx);
}
// The JNDI connection context.
private final DirContext dirContext;
// Create a new JNDI connection adaptor using the provider JNDI
// DirContext.
private JNDIDirContextAdaptor(DirContext dirContext) {
this.dirContext = dirContext;
}
/**
* {@inheritDoc}
*/
@Override
public void createEntry(LdapName dn, Attributes attributes)
throws NamingException {
dirContext.createSubcontext(dn, attributes).close();
}
/**
* {@inheritDoc}
*/
@Override
public void deleteSubtree(LdapName dn) throws NamingException {
// Delete the children first.
for (LdapName child : listEntries(dn, null)) {
deleteSubtree(child);
}
// Delete the named entry.
dirContext.destroySubcontext(dn);
}
/**
* {@inheritDoc}
*/
@Override
public boolean entryExists(LdapName dn) throws NamingException {
boolean entryExists = false;
String filter = "(objectClass=*)";
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.OBJECT_SCOPE);
controls
.setReturningAttributes(new String[] { SchemaConstants.NO_ATTRIBUTES });
try {
NamingEnumeration<SearchResult> results = dirContext.search(dn, filter,
controls);
try
{
while (results.hasMore()) {
// To avoid having a systematic abandon in the server.
results.next();
entryExists = true;
}
}
finally
{
results.close();
}
} catch (NameNotFoundException e) {
// Fall through - entry not found.
}
return entryExists;
}
/**
* {@inheritDoc}
*/
@Override
public Collection<LdapName> listEntries(LdapName dn, String filter)
throws NamingException {
if (filter == null) {
filter = "(objectClass=*)";
}
SearchControls controls = new SearchControls();
controls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
List<LdapName> children = new LinkedList<LdapName>();
NamingEnumeration<SearchResult> results = dirContext.search(dn, filter,
controls);
try
{
while (results.hasMore()) {
SearchResult sr = results.next();
LdapName child = new LdapName(dn.getRdns());
child.add(new Rdn(sr.getName()));
children.add(child);
}
}
finally
{
results.close();
}
return children;
}
/**
* {@inheritDoc}
*/
@Override
public void modifyEntry(LdapName dn, Attributes mods) throws NamingException {
ModificationItem[] modList = new ModificationItem[mods.size()];
NamingEnumeration<? extends Attribute> ne = mods.getAll();
for (int i = 0; ne.hasMore(); i++) {
ModificationItem modItem = new ModificationItem(
DirContext.REPLACE_ATTRIBUTE, ne.next());
modList[i] = modItem;
}
dirContext.modifyAttributes(dn, modList);
}
/**
* {@inheritDoc}
*/
@Override
public Attributes readEntry(LdapName dn, Collection<String> attrIds)
throws NamingException {
String[] attrIdList = attrIds.toArray(new String[attrIds.size()]);
return dirContext.getAttributes(dn, attrIdList);
}
/**
* {@inheritDoc}
*/
@Override
public void unbind() {
try {
dirContext.close();
} catch (NamingException e) {
// nothing to do
}
}
}