Class JNDIConnectionImpl
java.lang.Object
de.hybris.platform.ldap.connection.JNDIConnectionImpl
- All Implemented Interfaces:
LDAPConnection
- Direct Known Subclasses:
ActiveDirectoryConnectionImpl,EDirectoryConnectionImpl
An LDAPConnection implementation that runs in a standard JDK 1.4.1 (or greater) environment.
Supports fail-over to multiple servers.
This implementation will use the ordered list of servers in LDAPConfigProxyItem.
Ordered means that all requests will go the the first server in the configured list as long as it is available.
If that server fails it will go to the next in the list until it finds an available server.
Afterwards it will retry the servers at the top of the list to see if they have returned to life.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected final ConnectionDataprotected final JNDIConnectionManagerprotected static final Stringprotected LdapContextprotected int -
Method Summary
Modifier and TypeMethodDescriptionprotected StringappendRootDN(String base) voidchangePassword(DirContext ctx, String argRDN, String oldPassword, String newPassword) changes the user passwordbooleancheckPassword(String searchbase, String login, char[] plainPassword) content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)voidclose()Close the LDAPConnection once the operation is performed.protected byte[]encodePassword(String pass) Returns a handle to the currently active DirContext.static NamegetNameFromSearchResult(SearchResult iDirectoryEntry, Name iBaseDN) getNameFromSearchResultstatic NamegetNameFromString(String iDN) getNameFromStringreturns the next level of a directory tree, returning a Enumeration of the results, *relative* to the SearchBase (i.e.protected CollectionrawSearchBaseEntry(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) This is the core method for all base entry searches.protected Collection<LDAPGenericObject>rawSearchOneLevel(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) Method that calls the actual search on the jndi context.protected Collection<LDAPGenericObject>rawSearchSubTree(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) TODO parameter searchscope && followReferral !!!Reads all the attribute type and values for the given entry.Reads all the attribute type and values for the given entry.protected LdapContextretryConnection(Exception reasonForRetry) searchBaseEntry(String searchbase, String filter, int limit, int timeout) Performs a base object search (i.e.searchBaseEntry(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) Performs a base object search (i.e.searchOneLevel(String searchbase, String filter, int limit, int timeout) Performs a one-level directory search (i.e.searchOneLevel(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) Performs a one-level directory search (i.e.searchSubTree(String searchbase, String filter, int limit, int timeout) Performs a directory sub tree search (i.e.searchSubTree(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) Performs a directory sub tree search (i.e.booleansee PLA-11864protected voidwipePassword(char[] password, Hashtable env)
-
Field Details
-
maxRetries
protected int maxRetries -
ldapConnection
-
connectionManager
-
connectionData
-
LDAP_RETRY_ERROR
- See Also:
-
-
Method Details
-
checkPassword
content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)- Specified by:
checkPasswordin interfaceLDAPConnection
-
appendRootDN
-
wipePassword
-
close
public void close()Close the LDAPConnection once the operation is performed.- Specified by:
closein interfaceLDAPConnection
-
retryConnection
protected LdapContext retryConnection(Exception reasonForRetry) throws LDAPUnavailableException, NamingException -
getCurrentInitialLdapContext
Returns a handle to the currently active DirContext. This method does not exist in the LDAPConnection interface, so an instance of LDAPConnection must be upcast to a JNDIConnectionImpl class before this method can be used.- Returns:
- ldapContext
-
searchOneLevel
public Collection<LDAPGenericObject> searchOneLevel(String searchbase, String filter, int limit, int timeout) throws LDAPOperationException, LDAPUnavailableException, NamingException Performs a one-level directory search (i.e. a search of immediate children), returning object classes if possible, otherwise just the names.- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the search- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
searchOneLevel
public Collection<LDAPGenericObject> searchOneLevel(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, NamingException Performs a one-level directory search (i.e. a search of immediate children)- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the searchreturnAttributes- an array of strings containing the names of attributes to search. (null = all, empty array = none)- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
rawSearchOneLevel
protected Collection<LDAPGenericObject> rawSearchOneLevel(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, NamingException Method that calls the actual search on the jndi context.- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from. content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the searchreturnAttributes- an array of strings containing the names of attributes to search. (null = all, empty array = none)- Returns:
- searchresult
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
searchSubTree
public Collection<LDAPGenericObject> searchSubTree(String searchbase, String filter, int limit, int timeout) throws LDAPOperationException, LDAPUnavailableException, NamingException Performs a directory sub tree search (i.e. of the next level and all subsequent levels below), returning just dns);- Specified by:
searchSubTreein interfaceLDAPConnection- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the search- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
searchSubTree
public Collection<LDAPGenericObject> searchSubTree(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, NamingException Performs a directory sub tree search (i.e. of the next level and all subsequent levels below).- Specified by:
searchSubTreein interfaceLDAPConnection- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the searchreturnAttributes- an array of strings containing the names of attributes to search. (null = all, empty array = none)- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
rawSearchSubTree
protected Collection<LDAPGenericObject> rawSearchSubTree(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, NamingException TODO parameter searchscope && followReferral !!!- Parameters:
searchbase- content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)filter-limit-timeout-returnAttributes-- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
searchBaseEntry
public Collection searchBaseEntry(String searchbase, String filter, int limit, int timeout) throws LDAPOperationException, LDAPUnavailableException, NamingException Performs a base object search (i.e. just a search of the current entry, nothing below it), returning no attributes (i.e. just DNs);- Specified by:
searchBaseEntryin interfaceLDAPConnection- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the search- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
searchBaseEntry
public Collection searchBaseEntry(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, NamingException Performs a base object search (i.e. just a search of the current entry, nothing below it).- Specified by:
searchBaseEntryin interfaceLDAPConnection- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the searchreturnAttributes- an array of strings containing the names of attributes to search. (null = all, empty array = none)- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
rawSearchBaseEntry
protected Collection rawSearchBaseEntry(String searchbase, String filter, int limit, int timeout, String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, NamingException This is the core method for all base entry searches.- Parameters:
searchbase- the domain name (relative to initial context in ldap) to search from. content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the searchreturnAttributes- an array of strings containing the names of attributes to search. (null = all, empty array = none)- Returns:
- list of search results ('SearchResult's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
read
public Attributes read(String distinguishedName) throws LDAPOperationException, LDAPUnavailableException, NamingException Reads all the attribute type and values for the given entry.- Specified by:
readin interfaceLDAPConnection- Parameters:
distinguishedName- the ldap string distinguished name of entry to be read- Returns:
- an 'Attributes' object containing a list of all Attribute objects.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
read
public Attributes read(String distinguishedName, String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, NamingException Reads all the attribute type and values for the given entry.- Parameters:
distinguishedName- the ldap string distinguished name of entry to be readreturnAttributes- a list of specific attributes to return.- Returns:
- an 'Attributes' object containing a list of all Attribute objects.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
list
public Collection<LDAPGenericObject> list(String searchbase) throws LDAPOperationException, LDAPUnavailableException, NamingException returns the next level of a directory tree, returning a Enumeration of the results, *relative* to the SearchBase (i.e. not as absolute DNs), along with their object classes if possible.WARNING - due to jndi wierdness, sometimes the entries are *not* relative, but are full DNs.
- Parameters:
searchbase- the node in the tree to expand- Returns:
- list of results (NameClassPair); the next layer of the tree...
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionNamingException
-
getNameFromString
getNameFromString Convert DN String into JNDI Name,- Parameters:
iDN- DN in String.- Returns:
- the resulting name
- Throws:
NamingException
-
getNameFromSearchResult
public static Name getNameFromSearchResult(SearchResult iDirectoryEntry, Name iBaseDN) throws InvalidNameException, NamingException getNameFromSearchResult Given a SearchResult object and Base DN, work out the complete DN of the entry, parse it into a Name object and return it.- Parameters:
iDirectoryEntry- JNDI SearchResult object containing a Directory entry.iBaseDN- Name object with the Base DN used for the search (may be empty).- Returns:
- Name object containing the complete DN of the entry.
- Throws:
InvalidNameExceptionNamingException
-
changePassword
public void changePassword(DirContext ctx, String argRDN, String oldPassword, String newPassword) throws NamingException changes the user passwordCAUTION: In order to change/modify password attr. in AD you MUST use SSL (LDAPS) to do so
- Specified by:
changePasswordin interfaceLDAPConnection- Parameters:
ctx- directory contextargRDN- the name of the object whose attributes will be updatedoldPassword-newPassword-- Throws:
NamingException
-
encodePassword
- Throws:
UnsupportedEncodingException
-
getConnectionManager
-
sendingEmptyBaseDNsearchQueries
public boolean sendingEmptyBaseDNsearchQueries()see PLA-11864
-