Re: username and password comparison on LDAP
Re: username and password comparison on LDAP
- Subject: Re: username and password comparison on LDAP
- From: Valerio Luccio <email@hidden>
- Date: Fri, 07 Oct 2005 15:57:12 -0400
I'll give you my solution (I authenticate against an OSX 10.3 server):
--
Valerio Luccio (212) 998-8736
Center for Brain Imaging 4 Washington Place, Room 158
New York University New York, NY 10003
"In an open world, who needs windows or gates?"
//
// UserData.java: Class file for WO Component 'UserData'
//
// Created by valerio on Wed Jul 28 2004
//
import com.webobjects.foundation.*;
import com.webobjects.appserver.*;
import com.webobjects.eocontrol.*;
import com.webobjects.eoaccess.*;
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import com.webobjects.foundation.NSForwardException;
public class UserData {
protected String login_;
protected String fullName_;
protected Integer uid_;
protected String group_;
protected Integer gid_;
public boolean CanAuthenticate(String thePassword)
{
boolean canAuthenticate = false;
Hashtable ldapEnvironment = new Hashtable();
ldapEnvironment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
ldapEnvironment.put(Context.PROVIDER_URL, "ldap://hahn.cbi.fas.nyu.edu:389";);
ldapEnvironment.put(Context.SECURITY_AUTHENTICATION, "simple");
ldapEnvironment.put(Context.SECURITY_PRINCIPAL, "uid=" + login_ + ",cn=users,dc=nyu,dc=edu");
ldapEnvironment.put(Context.SECURITY_CREDENTIALS, thePassword);
try
{
DirContext ctx = new InitialDirContext(ldapEnvironment);
canAuthenticate = true;
ctx.close();
}
catch (NamingException e)
{
if (e.getRootCause() instanceof java.net.ConnectException)
{
throw new NSForwardException(e, "Failed to contact LDAP server");
}
else
{
throw new NSForwardException(e);
}
}
return canAuthenticate;
}
public UserData(EOEditingContext ec, String theName)
throws EOObjectNotAvailableException, EOUtilities.MoreThanOneException
{
login_ = theName;
FillUserInfo(ec);
}
public UserData(EOEditingContext ec, String theName, String thePassword)
throws EOObjectNotAvailableException, EOUtilities.MoreThanOneException
{
login_ = theName;
if ( ! CanAuthenticate(thePassword) )
{
throw new EOObjectNotAvailableException("Failed to authenticate");
}
FillUserInfo(ec);
}
private void FillUserInfo(EOEditingContext ec)
throws EOObjectNotAvailableException
{
NSArray fetchResult;
EOQualifier fetchQual;
EOFetchSpecification fetchSpec;
EOGenericRecord fetchRecord;
NSMutableArray fetchArg = new NSMutableArray();
// Find user's uid, primary gid and full name
fetchArg.addObject(login_);
fetchQual = EOQualifier.qualifierWithQualifierFormat("uid = %s", fetchArg);
fetchSpec = new EOFetchSpecification("posixAccount", fetchQual, null);
fetchResult = ec.objectsWithFetchSpecification(fetchSpec);
if (fetchResult.count() == 0) throw new EOObjectNotAvailableException("No such user");
fetchRecord = (EOGenericRecord)fetchResult.objectAtIndex(0);
gid_ = (Integer)fetchRecord.valueForKey("gidNumber");
uid_ = (Integer)fetchRecord.valueForKey("uidNumber");
fullName_ = (String)fetchRecord.valueForKey("cn");
// Find user's primary group name
fetchArg.removeAllObjects();
fetchArg.addObject(gid_.toString());
fetchQual = EOQualifier.qualifierWithQualifierFormat("gidNumber = %s", fetchArg);
fetchSpec = new EOFetchSpecification("posixGroup", fetchQual, null);
fetchResult = ec.objectsWithFetchSpecification(fetchSpec);
fetchRecord = (EOGenericRecord)fetchResult.objectAtIndex(0);
group_ = (String)fetchRecord.valueForKey("cn");
}
public String Login() { return login_; }
public String FullName() { return fullName_; }
public String Group() { return group_; }
public Integer UID() { return uid_; }
public Integer GID() { return gid_; }
}
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden