AnsweredAssumed Answered

LDAP Auth (Multiple OU)

Question asked by darienalvarez on Aug 6, 2008
Hello every body:

I made this code to authenticate in LDAP with multiples OU …….


package org.alfresco.repo.security.authentication.ldap;

import java.util.Map;

import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

import org.alfresco.repo.security.authentication.AbstractAuthenticationComponent;
import org.alfresco.repo.security.authentication.AuthenticationException;

/**
* @author Darien J. Alvarez de la Cruz mailto:dalvarez@uci.cu
*
*/
public class MyLDAPAuthenticationComponentImpl extends AbstractAuthenticationComponent {
   
    private LDAPInitialDirContextFactory ldapInitialContextFactory;   
    private static String principalName;
    private static String principalPass;

    private String userNameFormat;
   
    public MyLDAPAuthenticationComponentImpl() {
        super();
    }
   
    public void setUserNameFormat(String userNameFormat)
    {
        this.userNameFormat = userNameFormat;
    }

    public void setLDAPInitialDirContextFactory(LDAPInitialDirContextFactory ldapInitialDirContextFactory) {
        this.ldapInitialContextFactory = ldapInitialDirContextFactory;
    }

    public void authenticate(String userName, char[] password) throws AuthenticationException {

        InitialDirContext ctx = null;

        try {
           Map<String, String> env = ((LDAPInitialDirContextFactoryImpl)ldapInitialContextFactory).getInitialDirContextEnvironment();
           
           if (principalName == null) {
              principalName = env.get(Context.SECURITY_PRINCIPAL);
              principalPass = env.get(Context.SECURITY_CREDENTIALS);
           }
           
           env.put( Context.SECURITY_PRINCIPAL, principalName);
           env.put( Context.SECURITY_CREDENTIALS, principalPass);
           
            ctx = ldapInitialContextFactory.getDefaultIntialDirContext();
           
            SearchControls searchControls = new SearchControls();
         searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
         
         NamingEnumeration<SearchResult> searchResult = ctx.search("", "(objectclass=*)", searchControls);
         
         SearchResult result = null;
         String resultName = "";
         
         while(searchResult.hasMore()){
            result = searchResult.next();
            resultName =result.getName();
            
            if (resultName != null && resultName != "") {
               
               if (resultName.startsWith("ou")) {
                  
                  resultName = resultName.substring(resultName.indexOf("=")+1);
  
                    try {
                       ctx = ldapInitialContextFactory.getInitialDirContext ( String.format(userNameFormat, new Object[]{userName + ",ou=" + resultName}) , String.valueOf(password) );

                       setCurrentUser(userName);
                  } catch ( Exception e ) {   }
               }
            }
         }           
        } catch (NamingException e) {
           throw new AuthenticationException("Failed Authenticate", e);
      }
        finally {

            if (ctx != null) {

                try {

                    ctx.close();

                } catch (NamingException e) {

                    clearCurrentSecurityContext();

                    throw new AuthenticationException("Failed to close connection", e);
                }
            }
        }
    }

    protected boolean implementationAllowsGuestLogin() {

        return false;
    }

}

It WORKS OK!!!!!!!!!!! When the user name and password are OK.

but, when i put wrong UserName or Password, i get this error ………… HELP ME!!!!! Any ideas???

javax.faces.FacesException: Error calling action method of component with id loginForm:submit
caused by:
javax.faces.el.EvaluationException: Exception while invoking expression #{LoginBean.login}
caused by:
net.sf.acegisecurity.AuthenticationCredentialsNotFoundException: A valid SecureContext was not provided in the RequestContext

javax.faces.FacesException: Error calling action method of component with id loginForm:submit
at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:72)
at javax.faces.component.UICommand.broadcast(UICommand.java:109)
at javax.faces.component.UIViewRoot._broadcastForPhase(UIViewRoot.java:97)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:171)
at org.apache.myfaces.lifecycle.InvokeApplicationExecutor.execute(InvokeApplicationExecutor.java:32)
at org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:95)
at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:70)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:139)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.alfresco.web.app.servlet.AuthenticationFilter.doFilter(AuthenticationFilter.java:94)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)

Outcomes