JNDIConnectionImpl (hybris Commerce Suite 18.11)

java.lang.Object
- de.hybris.platform.ldap.connection.JNDIConnectionImpl

All Implemented Interfaces:

LDAPConnection

Direct Known Subclasses:

ActiveDirectoryConnectionImpl, EDirectoryConnectionImpl
```
public class JNDIConnectionImpl
extends java.lang.Object
implements LDAPConnection
```
An LDAPConnection implementation that runs in a standard JDK 1.4.1 (or greater) environment.
Supports fail-over to multiple servers.
This implementation will use the ordered list of servers in LDAPConfigProxyItem.
Ordered means that all requests will go the the first server in the configured list as long as it is available.
If that server fails it will go to the next in the list until it finds an available server.
Afterwards it will retry the servers at the top of the list to see if they have returned to life.

Field Summary

Fields
Modifier and Type	Field and Description
`protected ConnectionData`	`connectionData`
`protected JNDIConnectionManager`	`connectionManager`
`protected static java.lang.String`	`LDAP_RETRY_ERROR`
`protected javax.naming.ldap.LdapContext`	`ldapConnection`
`protected int`	`maxRetries`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected java.lang.String`	`appendRootDN(java.lang.String base)`
`void`	`changePassword(javax.naming.directory.DirContext ctx, java.lang.String argRDN, java.lang.String oldPassword, java.lang.String newPassword)` changes the user password CAUTION: In order to change/modify password attr.
`boolean`	`checkPassword(java.lang.String searchbase, java.lang.String login, char[] plainPassword)` content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)
`void`	`close()` Close the LDAPConnection once the operation is performed.
`protected byte[]`	`encodePassword(java.lang.String pass)`
`JNDIConnectionManager`	`getConnectionManager()`
`javax.naming.ldap.LdapContext`	`getCurrentInitialLdapContext()` Returns a handle to the currently active DirContext.
`static javax.naming.Name`	`getNameFromSearchResult(javax.naming.directory.SearchResult iDirectoryEntry, javax.naming.Name iBaseDN)` getNameFromSearchResult Given a SearchResult object and Base DN, work out the complete DN of the entry, parse it into a Name object and return it.
`static javax.naming.Name`	`getNameFromString(java.lang.String iDN)` getNameFromString Convert DN String into JNDI Name,
`java.util.Collection<LDAPGenericObject>`	`list(java.lang.String searchbase)` returns the next level of a directory tree, returning a Enumeration of the results, relative to the SearchBase (i.e.
`protected java.util.Collection`	`rawSearchBaseEntry(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)` This is the core method for all base entry searches.
`protected java.util.Collection<LDAPGenericObject>`	`rawSearchOneLevel(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)` Method that calls the actual search on the jndi context.
`protected java.util.Collection<LDAPGenericObject>`	`rawSearchSubTree(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)` TODO parameter searchscope && followReferral !!!
`javax.naming.directory.Attributes`	`read(java.lang.String distinguishedName)` Reads all the attribute type and values for the given entry.
`javax.naming.directory.Attributes`	`read(java.lang.String distinguishedName, java.lang.String[] returnAttributes)` Reads all the attribute type and values for the given entry.
`protected javax.naming.ldap.LdapContext`	`retryConnection(java.lang.Exception reasonForRetry)`
`java.util.Collection`	`searchBaseEntry(java.lang.String searchbase, java.lang.String filter, int limit, int timeout)` Performs a base object search (i.e.
`java.util.Collection`	`searchBaseEntry(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)` Performs a base object search (i.e.
`java.util.Collection<LDAPGenericObject>`	`searchOneLevel(java.lang.String searchbase, java.lang.String filter, int limit, int timeout)` Performs a one-level directory search (i.e.
`java.util.Collection<LDAPGenericObject>`	`searchOneLevel(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)` Performs a one-level directory search (i.e.
`java.util.Collection<LDAPGenericObject>`	`searchSubTree(java.lang.String searchbase, java.lang.String filter, int limit, int timeout)` Performs a directory sub tree search (i.e.
`java.util.Collection<LDAPGenericObject>`	`searchSubTree(java.lang.String searchbase, java.lang.String filter, int limit, int timeout, java.lang.String[] returnAttributes)` Performs a directory sub tree search (i.e.
`boolean`	`sendingEmptyBaseDNsearchQueries()` see PLA-11864
`protected void`	`wipePassword(char[] password, java.util.Hashtable env)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

maxRetries
```
protected int maxRetries
```

ldapConnection

protected javax.naming.ldap.LdapContext ldapConnection

connectionManager

protected final JNDIConnectionManager connectionManager

connectionData

protected final ConnectionData connectionData

LDAP_RETRY_ERROR

protected static final java.lang.String LDAP_RETRY_ERROR

See Also:: Constant Field Values

Method Detail

checkPassword
```
public boolean checkPassword(java.lang.String searchbase,
                             java.lang.String login,
                             char[] plainPassword)
```
content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)

Specified by:

checkPassword in interface LDAPConnection

appendRootDN

protected java.lang.String appendRootDN(java.lang.String base)

wipePassword

protected void wipePassword(char[] password,
                            java.util.Hashtable env)

close
```
public void close()
```
Close the LDAPConnection once the operation is performed.

Specified by:

close in interface LDAPConnection

retryConnection

protected javax.naming.ldap.LdapContext retryConnection(java.lang.Exception reasonForRetry)
                                                 throws LDAPUnavailableException,
                                                        javax.naming.NamingException

Throws:: LDAPUnavailableException; javax.naming.NamingException

getCurrentInitialLdapContext
```
public javax.naming.ldap.LdapContext getCurrentInitialLdapContext()
```
Returns a handle to the currently active DirContext. This method does not exist in the LDAPConnection interface, so an instance of LDAPConnection must be upcast to a JNDIConnectionImpl class before this method can be used.

Returns:

ldapContext

searchOneLevel

public java.util.Collection<LDAPGenericObject> searchOneLevel(java.lang.String searchbase,
                                                              java.lang.String filter,
                                                              int limit,
                                                              int timeout)
                                                       throws LDAPOperationException,
                                                              LDAPUnavailableException,
                                                              javax.naming.NamingException

Performs a one-level directory search (i.e. a search of immediate children), returning object classes if possible, otherwise just the names.

Parameters:: searchbase - the domain name (relative to initial context in ldap) to seach from.; filter - the non-null filter to use for the search; limit - the maximum number of results to return; timeout - the maximum time to wait before abandoning the search
Returns:: list of search results ('LDAPGenericObject's); entries matching the search filter.
Throws:: LDAPOperationException; LDAPUnavailableException; javax.naming.NamingException

searchOneLevel

public java.util.Collection<LDAPGenericObject> searchOneLevel(java.lang.String searchbase,
                                                              java.lang.String filter,
                                                              int limit,
                                                              int timeout,
                                                              java.lang.String[] returnAttributes)
                                                       throws LDAPOperationException,
                                                              LDAPUnavailableException,
                                                              javax.naming.NamingException

Performs a one-level directory search (i.e. a search of immediate children)

Parameters:: searchbase - the domain name (relative to initial context in ldap) to seach from.; filter - the non-null filter to use for the search; limit - the maximum number of results to return; timeout - the maximum time to wait before abandoning the search; returnAttributes - an array of strings containing the names of attributes to search. (null = all, empty array = none)
Returns:: list of search results ('LDAPGenericObject's); entries matching the search filter.
Throws:: LDAPOperationException; LDAPUnavailableException; javax.naming.NamingException

rawSearchOneLevel

protected java.util.Collection<LDAPGenericObject> rawSearchOneLevel(java.lang.String searchbase,
                                                                    java.lang.String filter,
                                                                    int limit,
                                                                    int timeout,
                                                                    java.lang.String[] returnAttributes)
                                                             throws LDAPOperationException,
                                                                    LDAPUnavailableException,
                                                                    javax.naming.NamingException

Method that calls the actual search on the jndi context.

Parameters:: searchbase - the domain name (relative to initial context in ldap) to seach from. content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml); filter - the non-null filter to use for the search; limit - the maximum number of results to return; timeout - the maximum time to wait before abandoning the search; returnAttributes - an array of strings containing the names of attributes to search. (null = all, empty array = none)
Returns:: searchresult
Throws:: LDAPOperationException; LDAPUnavailableException; javax.naming.NamingException

searchSubTree

public java.util.Collection<LDAPGenericObject> searchSubTree(java.lang.String searchbase,
                                                             java.lang.String filter,
                                                             int limit,
                                                             int timeout)
                                                      throws LDAPOperationException,
                                                             LDAPUnavailableException,
                                                             javax.naming.NamingException

Performs a directory sub tree search (i.e. of the next level and all subsequent levels below), returning just dns);

Specified by:: searchSubTree in interface LDAPConnection
Parameters:: searchbase - the domain name (relative to initial context in ldap) to seach from.; filter - the non-null filter to use for the search; limit - the maximum number of results to return; timeout - the maximum time to wait before abandoning the search
Returns:: list of search results ('LDAPGenericObject's); entries matching the search filter.
Throws:: LDAPOperationException; LDAPUnavailableException; javax.naming.NamingException

searchSubTree

public java.util.Collection<LDAPGenericObject> searchSubTree(java.lang.String searchbase,
                                                             java.lang.String filter,
                                                             int limit,
                                                             int timeout,
                                                             java.lang.String[] returnAttributes)
                                                      throws LDAPOperationException,
                                                             LDAPUnavailableException,
                                                             javax.naming.NamingException

Performs a directory sub tree search (i.e. of the next level and all subsequent levels below).

Specified by:: searchSubTree in interface LDAPConnection
Parameters:: searchbase - the domain name (relative to initial context in ldap) to seach from.; filter - the non-null filter to use for the search; limit - the maximum number of results to return; timeout - the maximum time to wait before abandoning the search; returnAttributes - an array of strings containing the names of attributes to search. (null = all, empty array = none)
Returns:: list of search results ('LDAPGenericObject's); entries matching the search filter.
Throws:: LDAPOperationException; LDAPUnavailableException; javax.naming.NamingException

rawSearchSubTree

protected java.util.Collection<LDAPGenericObject> rawSearchSubTree(java.lang.String searchbase,
                                                                   java.lang.String filter,
                                                                   int limit,
                                                                   int timeout,
                                                                   java.lang.String[] returnAttributes)
                                                            throws LDAPOperationException,
                                                                   LDAPUnavailableException,
                                                                   javax.naming.NamingException

TODO parameter searchscope && followReferral !!!

Parameters:: searchbase - content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml); filter -; limit -; timeout -; returnAttributes -
Throws:: LDAPOperationException; LDAPUnavailableException; javax.naming.NamingException

searchBaseEntry
```
public java.util.Collection searchBaseEntry(java.lang.String searchbase,
                                            java.lang.String filter,
                                            int limit,
                                            int timeout)
                                     throws LDAPOperationException,
                                            LDAPUnavailableException,
                                            javax.naming.NamingException
```
Performs a base object search (i.e. just a search of the current entry, nothing below it), returning no attributes (i.e. just DNs);

Specified by:

searchBaseEntry in interface LDAPConnection

Parameters:

searchbase - the domain name (relative to initial context in ldap) to seach from.

filter - the non-null filter to use for the search

limit - the maximum number of results to return

timeout - the maximum time to wait before abandoning the search

Returns:

list of search results ('LDAPGenericObject's); entries matching the search filter.

Throws:

LDAPOperationException

LDAPUnavailableException

javax.naming.NamingException

searchBaseEntry
```
public java.util.Collection searchBaseEntry(java.lang.String searchbase,
                                            java.lang.String filter,
                                            int limit,
                                            int timeout,
                                            java.lang.String[] returnAttributes)
                                     throws LDAPOperationException,
                                            LDAPUnavailableException,
                                            javax.naming.NamingException
```
Performs a base object search (i.e. just a search of the current entry, nothing below it).

Specified by:

searchBaseEntry in interface LDAPConnection

Parameters:

searchbase - the domain name (relative to initial context in ldap) to seach from.

filter - the non-null filter to use for the search

limit - the maximum number of results to return

timeout - the maximum time to wait before abandoning the search

returnAttributes - an array of strings containing the names of attributes to search. (null = all, empty array = none)

Returns:

list of search results ('LDAPGenericObject's); entries matching the search filter.

Throws:

LDAPOperationException

LDAPUnavailableException

javax.naming.NamingException

rawSearchBaseEntry
```
protected java.util.Collection rawSearchBaseEntry(java.lang.String searchbase,
                                                  java.lang.String filter,
                                                  int limit,
                                                  int timeout,
                                                  java.lang.String[] returnAttributes)
                                           throws LDAPOperationException,
                                                  LDAPUnavailableException,
                                                  javax.naming.NamingException
```
This is the core method for all base entry searches.

Parameters:

searchbase - the domain name (relative to initial context in ldap) to search from. content of 'searchbase' will be filtered by the configured implementation of LDAPInputFilter (@see ldap-spring.xml)

filter - the non-null filter to use for the search

limit - the maximum number of results to return

timeout - the maximum time to wait before abandoning the search

returnAttributes - an array of strings containing the names of attributes to search. (null = all, empty array = none)

Returns:

list of search results ('SearchResult's); entries matching the search filter.

Throws:

LDAPOperationException

LDAPUnavailableException

javax.naming.NamingException

read

public javax.naming.directory.Attributes read(java.lang.String distinguishedName)
                                       throws LDAPOperationException,
                                              LDAPUnavailableException,
                                              javax.naming.NamingException

Reads all the attribute type and values for the given entry.

Specified by:: read in interface LDAPConnection
Parameters:: distinguishedName - the ldap string distinguished name of entry to be read
Returns:: an 'Attributes' object containing a list of all Attribute objects.
Throws:: LDAPOperationException; LDAPUnavailableException; javax.naming.NamingException

read

public javax.naming.directory.Attributes read(java.lang.String distinguishedName,
                                              java.lang.String[] returnAttributes)
                                       throws LDAPOperationException,
                                              LDAPUnavailableException,
                                              javax.naming.NamingException

Reads all the attribute type and values for the given entry.

Parameters:: distinguishedName - the ldap string distinguished name of entry to be read; returnAttributes - a list of specific attributes to return.
Returns:: an 'Attributes' object containing a list of all Attribute objects.
Throws:: LDAPOperationException; LDAPUnavailableException; javax.naming.NamingException

list
```
public java.util.Collection<LDAPGenericObject> list(java.lang.String searchbase)
                                             throws LDAPOperationException,
                                                    LDAPUnavailableException,
                                                    javax.naming.NamingException
```
returns the next level of a directory tree, returning a Enumeration of the results, *relative* to the SearchBase (i.e. not as absolute DNs), along with their object classes if possible.

WARNING - due to jndi wierdness, sometimes the entries are *not* relative, but are full DNs.

Parameters:

searchbase - the node in the tree to expand

Returns:

list of results (NameClassPair); the next layer of the tree...

Throws:

LDAPOperationException

LDAPUnavailableException

javax.naming.NamingException

getNameFromString
```
public static javax.naming.Name getNameFromString(java.lang.String iDN)
                                           throws javax.naming.NamingException
```
getNameFromString
Convert DN String into JNDI Name,

Parameters:

iDN - DN in String.

Returns:

the resulting name

Throws:

javax.naming.NamingException

getNameFromSearchResult
```
public static javax.naming.Name getNameFromSearchResult(javax.naming.directory.SearchResult iDirectoryEntry,
                                                        javax.naming.Name iBaseDN)
                                                 throws javax.naming.InvalidNameException,
                                                        javax.naming.NamingException
```
getNameFromSearchResult
Given a SearchResult object and Base DN, work out the complete DN of the entry, parse it into a Name object and return it.

Parameters:

iDirectoryEntry - JNDI SearchResult object containing a Directory entry.

iBaseDN - Name object with the Base DN used for the search (may be empty).

Returns:

Name object containing the complete DN of the entry.

Throws:

javax.naming.InvalidNameException

javax.naming.NamingException

changePassword
```
public void changePassword(javax.naming.directory.DirContext ctx,
                           java.lang.String argRDN,
                           java.lang.String oldPassword,
                           java.lang.String newPassword)
                    throws javax.naming.NamingException
```
changes the user password CAUTION: In order to change/modify password attr. in AD you MUST use SSL (LDAPS) to do so

Specified by:

changePassword in interface LDAPConnection

Parameters:

ctx - directory context

argRDN - the name of the object whose attributes will be updated

oldPassword -

newPassword -

Throws:

javax.naming.NamingException

encodePassword

protected byte[] encodePassword(java.lang.String pass)
                         throws java.io.UnsupportedEncodingException

Throws:: java.io.UnsupportedEncodingException

getConnectionManager

public JNDIConnectionManager getConnectionManager()

sendingEmptyBaseDNsearchQueries

public boolean sendingEmptyBaseDNsearchQueries()

see PLA-11864

Class JNDIConnectionImpl

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

maxRetries

ldapConnection

connectionManager

connectionData

LDAP_RETRY_ERROR

Method Detail

checkPassword

appendRootDN

wipePassword

close

retryConnection

getCurrentInitialLdapContext

searchOneLevel

searchOneLevel

rawSearchOneLevel

searchSubTree

searchSubTree

rawSearchSubTree

searchBaseEntry

searchBaseEntry

rawSearchBaseEntry

read

read

list

getNameFromString

getNameFromSearchResult

changePassword

encodePassword

getConnectionManager

sendingEmptyBaseDNsearchQueries