Class JNDIConnectionImpl
- java.lang.Object
-
- de.hybris.platform.ldap.connection.JNDIConnectionImpl
-
- All Implemented Interfaces:
LDAPConnection
- Direct Known Subclasses:
ActiveDirectoryConnectionImpl,EDirectoryConnectionImpl
public class JNDIConnectionImpl extends java.lang.Object implements LDAPConnection
An LDAPConnection implementation that runs in a standard JDK 1.4.1 (or greater) environment. Supports fail-over to multiple servers. This implementation will use the ordered list of servers in LDAPConfigProxyItem. Ordered means that all requests will go the the first server in the configured list as long as it is available. If that server fails it will go to the next in the list until it finds an available server. Afterwards it will retry the servers at the top of the list to see if they have returned to life.
-
-
Field Summary
Fields Modifier and Type Field Description protected ConnectionDataconnectionDataprotected JNDIConnectionManagerconnectionManagerprotected static java.lang.StringLDAP_RETRY_ERRORprotected javax.naming.ldap.LdapContextldapConnectionprotected intmaxRetries
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description protected java.lang.StringappendRootDN(java.lang.String base)voidchangePassword(javax.naming.directory.DirContext ctx, java.lang.String argRDN, java.lang.String oldPassword, java.lang.String newPassword)changes the user passwordbooleancheckPassword(java.lang.String searchbase, java.lang.String login, char[] plainPassword)content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)voidclose()Close the LDAPConnection once the operation is performed.protected byte[]encodePassword(java.lang.String pass)JNDIConnectionManagergetConnectionManager()javax.naming.ldap.LdapContextgetCurrentInitialLdapContext()Returns a handle to the currently active DirContext.static javax.naming.NamegetNameFromSearchResult(javax.naming.directory.SearchResult iDirectoryEntry, javax.naming.Name iBaseDN)getNameFromSearchResultstatic javax.naming.NamegetNameFromString(java.lang.String iDN)getNameFromStringjava.util.Collection<LDAPGenericObject>list(java.lang.String searchbase)returns the next level of a directory tree, returning a Enumeration of the results, *relative* to the SearchBase (i.e.protected java.util.CollectionrawSearchBaseEntry(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)This is the core method for all base entry searches.protected java.util.Collection<LDAPGenericObject>rawSearchOneLevel(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)Method that calls the actual search on the jndi context.protected java.util.Collection<LDAPGenericObject>rawSearchSubTree(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)TODO parameter searchscope && followReferral !!!javax.naming.directory.Attributesread(java.lang.String distinguishedName)Reads all the attribute type and values for the given entry.javax.naming.directory.Attributesread(java.lang.String distinguishedName, java.lang.String[] returnAttributes)Reads all the attribute type and values for the given entry.protected javax.naming.ldap.LdapContextretryConnection(java.lang.Exception reasonForRetry)java.util.CollectionsearchBaseEntry(java.lang.String searchbase, java.lang.String filter, int limit, int timeout)Performs a base object search (i.e.java.util.CollectionsearchBaseEntry(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)Performs a base object search (i.e.java.util.Collection<LDAPGenericObject>searchOneLevel(java.lang.String searchbase, java.lang.String filter, int limit, int timeout)Performs a one-level directory search (i.e.java.util.Collection<LDAPGenericObject>searchOneLevel(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)Performs a one-level directory search (i.e.java.util.Collection<LDAPGenericObject>searchSubTree(java.lang.String searchbase, java.lang.String filter, int limit, int timeout)Performs a directory sub tree search (i.e.java.util.Collection<LDAPGenericObject>searchSubTree(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)Performs a directory sub tree search (i.e.booleansendingEmptyBaseDNsearchQueries()see PLA-11864protected voidwipePassword(char[] password, java.util.Hashtable env)
-
-
-
Field Detail
-
maxRetries
protected int maxRetries
-
ldapConnection
protected javax.naming.ldap.LdapContext ldapConnection
-
connectionManager
protected final JNDIConnectionManager connectionManager
-
connectionData
protected final ConnectionData connectionData
-
LDAP_RETRY_ERROR
protected static final java.lang.String LDAP_RETRY_ERROR
- See Also:
- Constant Field Values
-
-
Method Detail
-
checkPassword
public boolean checkPassword(java.lang.String searchbase, java.lang.String login, char[] plainPassword)content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)- Specified by:
checkPasswordin interfaceLDAPConnection
-
appendRootDN
protected java.lang.String appendRootDN(java.lang.String base)
-
wipePassword
protected void wipePassword(char[] password, java.util.Hashtable env)
-
close
public void close()
Close the LDAPConnection once the operation is performed.- Specified by:
closein interfaceLDAPConnection
-
retryConnection
protected javax.naming.ldap.LdapContext retryConnection(java.lang.Exception reasonForRetry) throws LDAPUnavailableException, javax.naming.NamingException- Throws:
LDAPUnavailableExceptionjavax.naming.NamingException
-
getCurrentInitialLdapContext
public javax.naming.ldap.LdapContext getCurrentInitialLdapContext()
Returns a handle to the currently active DirContext. This method does not exist in the LDAPConnection interface, so an instance of LDAPConnection must be upcast to a JNDIConnectionImpl class before this method can be used.- Returns:
- ldapContext
-
searchOneLevel
public java.util.Collection<LDAPGenericObject> searchOneLevel(java.lang.String searchbase, java.lang.String filter, int limit, int timeout) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingException
Performs a one-level directory search (i.e. a search of immediate children), returning object classes if possible, otherwise just the names.- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the search- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
searchOneLevel
public java.util.Collection<LDAPGenericObject> searchOneLevel(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingException
Performs a one-level directory search (i.e. a search of immediate children)- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the searchreturnAttributes- an array of strings containing the names of attributes to search. (null = all, empty array = none)- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
rawSearchOneLevel
protected java.util.Collection<LDAPGenericObject> rawSearchOneLevel(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingException
Method that calls the actual search on the jndi context.- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from. content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the searchreturnAttributes- an array of strings containing the names of attributes to search. (null = all, empty array = none)- Returns:
- searchresult
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
searchSubTree
public java.util.Collection<LDAPGenericObject> searchSubTree(java.lang.String searchbase, java.lang.String filter, int limit, int timeout) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingException
Performs a directory sub tree search (i.e. of the next level and all subsequent levels below), returning just dns);- Specified by:
searchSubTreein interfaceLDAPConnection- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the search- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
searchSubTree
public java.util.Collection<LDAPGenericObject> searchSubTree(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingException
Performs a directory sub tree search (i.e. of the next level and all subsequent levels below).- Specified by:
searchSubTreein interfaceLDAPConnection- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the searchreturnAttributes- an array of strings containing the names of attributes to search. (null = all, empty array = none)- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
rawSearchSubTree
protected java.util.Collection<LDAPGenericObject> rawSearchSubTree(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingException
TODO parameter searchscope && followReferral !!!- Parameters:
searchbase- content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)filter-limit-timeout-returnAttributes-- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
searchBaseEntry
public java.util.Collection searchBaseEntry(java.lang.String searchbase, java.lang.String filter, int limit, int timeout) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingExceptionPerforms a base object search (i.e. just a search of the current entry, nothing below it), returning no attributes (i.e. just DNs);- Specified by:
searchBaseEntryin interfaceLDAPConnection- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the search- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
searchBaseEntry
public java.util.Collection searchBaseEntry(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingExceptionPerforms a base object search (i.e. just a search of the current entry, nothing below it).- Specified by:
searchBaseEntryin interfaceLDAPConnection- Parameters:
searchbase- the domain name (relative to initial context in ldap) to seach from.filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the searchreturnAttributes- an array of strings containing the names of attributes to search. (null = all, empty array = none)- Returns:
- list of search results ('LDAPGenericObject's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
rawSearchBaseEntry
protected java.util.Collection rawSearchBaseEntry(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingExceptionThis is the core method for all base entry searches.- Parameters:
searchbase- the domain name (relative to initial context in ldap) to search from. content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)filter- the non-null filter to use for the searchlimit- the maximum number of results to returntimeout- the maximum time to wait before abandoning the searchreturnAttributes- an array of strings containing the names of attributes to search. (null = all, empty array = none)- Returns:
- list of search results ('SearchResult's); entries matching the search filter.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
read
public javax.naming.directory.Attributes read(java.lang.String distinguishedName) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingExceptionReads all the attribute type and values for the given entry.- Specified by:
readin interfaceLDAPConnection- Parameters:
distinguishedName- the ldap string distinguished name of entry to be read- Returns:
- an 'Attributes' object containing a list of all Attribute objects.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
read
public javax.naming.directory.Attributes read(java.lang.String distinguishedName, java.lang.String[] returnAttributes) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingExceptionReads all the attribute type and values for the given entry.- Parameters:
distinguishedName- the ldap string distinguished name of entry to be readreturnAttributes- a list of specific attributes to return.- Returns:
- an 'Attributes' object containing a list of all Attribute objects.
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
list
public java.util.Collection<LDAPGenericObject> list(java.lang.String searchbase) throws LDAPOperationException, LDAPUnavailableException, javax.naming.NamingException
returns the next level of a directory tree, returning a Enumeration of the results, *relative* to the SearchBase (i.e. not as absolute DNs), along with their object classes if possible.WARNING - due to jndi wierdness, sometimes the entries are *not* relative, but are full DNs.
- Parameters:
searchbase- the node in the tree to expand- Returns:
- list of results (NameClassPair); the next layer of the tree...
- Throws:
LDAPOperationExceptionLDAPUnavailableExceptionjavax.naming.NamingException
-
getNameFromString
public static javax.naming.Name getNameFromString(java.lang.String iDN) throws javax.naming.NamingExceptiongetNameFromString Convert DN String into JNDI Name,- Parameters:
iDN- DN in String.- Returns:
- the resulting name
- Throws:
javax.naming.NamingException
-
getNameFromSearchResult
public static javax.naming.Name getNameFromSearchResult(javax.naming.directory.SearchResult iDirectoryEntry, javax.naming.Name iBaseDN) throws javax.naming.InvalidNameException, javax.naming.NamingExceptiongetNameFromSearchResult Given a SearchResult object and Base DN, work out the complete DN of the entry, parse it into a Name object and return it.- Parameters:
iDirectoryEntry- JNDI SearchResult object containing a Directory entry.iBaseDN- Name object with the Base DN used for the search (may be empty).- Returns:
- Name object containing the complete DN of the entry.
- Throws:
javax.naming.InvalidNameExceptionjavax.naming.NamingException
-
changePassword
public void changePassword(javax.naming.directory.DirContext ctx, java.lang.String argRDN, java.lang.String oldPassword, java.lang.String newPassword) throws javax.naming.NamingExceptionchanges the user passwordCAUTION: In order to change/modify password attr. in AD you MUST use SSL (LDAPS) to do so
- Specified by:
changePasswordin interfaceLDAPConnection- Parameters:
ctx- directory contextargRDN- the name of the object whose attributes will be updatedoldPassword-newPassword-- Throws:
javax.naming.NamingException
-
encodePassword
protected byte[] encodePassword(java.lang.String pass) throws java.io.UnsupportedEncodingException- Throws:
java.io.UnsupportedEncodingException
-
getConnectionManager
public JNDIConnectionManager getConnectionManager()
-
sendingEmptyBaseDNsearchQueries
public boolean sendingEmptyBaseDNsearchQueries()
see PLA-11864
-
-