AnsweredAssumed Answered

Multiple branches LDAP authentication

Question asked by fbertos on Jun 9, 2006
Hi,

I've changed LDAPAuthenticationComponentImpl class for authenticating in multiple LDAP branchs. The code is:

package es.intecna.alfresco.authentication.ldap;

import java.util.StringTokenizer;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;

import org.alfresco.repo.security.authentication.AbstractAuthenticationComponent;
import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.repo.security.authentication.ldap.*;

/**

* Currently expects the cn name of the user which is in a fixed location.
*
* @author Andy Hind (updated by Fernando Bertos Matilla (Intecna Soluciones Software Engineer 9/6/2006)
*/

public class LDAPAuthenticationComponentImpl extends AbstractAuthenticationComponent
{
    private String userNameFormat;
    private LDAPInitialDirContextFactory ldapInitialContextFactory;

    public LDAPAuthenticationComponentImpl()
    {
        super();
    }

    public void setLDAPInitialDirContextFactory(LDAPInitialDirContextFactory ldapInitialDirContextFactory)
    {
        this.ldapInitialContextFactory = ldapInitialDirContextFactory;
    }

    public void setUserNameFormat(String userNameFormat)
    {
        this.userNameFormat = userNameFormat;
    }

    private String[] splitNameFormats(String userNameFormats)
    {
       try
       {
         String tmp = userNameFormats;
         Pattern pattern = Pattern.compile("(\\((.*)\\)+)");
                       Matcher matcher = pattern.matcher(tmp);
           String output = "";

           if (matcher.find())
           {
              StringTokenizer st = new StringTokenizer(tmp, ")");
              boolean into = false;

              while (st.hasMoreTokens())
              {
                 String token = st.nextToken();
                 int i = token.indexOf("(");
                 token = token.substring(i+1).trim();
                 output = output + token + ")";
                 into = true;
               }

              if (into)
                 output = output.substring(0, output.length()-1);

              return output.split("\\)");
           }
           else
           {
              return new String[] {tmp};
           }
       }
       catch (Exception e)
       {
          e.printStackTrace();
          return null;
       }
    }

    /**
     * Implement the authentication method
     */
    public void authenticate(String userName, char[] password) throws AuthenticationException
    {
        InitialDirContext ctx = null;
        String[] userNameFormats = splitNameFormats(userNameFormat);

        try
        {
           for (int i=0; i<userNameFormats.length; i++)
           {
              try
              {
                 System.out.println("Authenticating " + String.format(userNameFormats, new Object[]{userName}) + "…");
                    ctx = ldapInitialContextFactory.getInitialDirContext(String.format(userNameFormats, new Object[]{userName}), new String(password));
                    break;
              }
              catch (AuthenticationException e)
              {
                 if (i == userNameFormats.length-1)
                    throw e;
              }
           }

            // Authentication has been successful.
            // Set the current user, they are now authenticated.
            setCurrentUser(userName);        
        }
        finally
        {
            if(ctx != null)
            {
                try
                {
                    ctx.close();
                }
                catch (NamingException e)
                {
                    clearCurrentSecurityContext();
                    throw new AuthenticationException("Failed to close connection", e);
                }
            }
        }
    }

    @Override
    protected boolean implementationAllowsGuestLogin()
    {
        InitialDirContext ctx = null;

        try
        {
            ctx = ldapInitialContextFactory.getDefaultIntialDirContext();
            return true;      
        }
        catch(Exception e)
        {
            return false;
        }
        finally
        {
            if(ctx != null)
            {
                try
                {
                    ctx.close();
                }
                catch (NamingException e)
                {
                    throw new AuthenticationException("Failed to close connection", e);
                }
            }
        }
    }
}

We need modify the authentication-services-context.xml for adding the branches:
    <bean id="authenticationComponentImpl" class="es.intecna.alfresco.authentication.ldap.LDAPAuthenticationComponentImpl">
   <property name="LDAPInitialDirContextFactory">
           <ref bean="ldapInitialDirContextFactory" />
        </property>
        <property name="userNameFormat">
           <value>(uid=%s,ou=people,dc=intecna,dc=es)(uid=%s,ou=people,dc=alcaudete,dc=org)</value>
        </property>
    </bean>

Cheers!!

fbertos

Outcomes