Pekny den.
U zakaznika se nam objevil problem s autentikaci pres LDAP. Nase
aplikace bezi na serveru (Sun Solaris s JDK 1.5). Klienti se overuji
pomoci LDAP (viz nize). Vsechno funguje jak ma az do okamziku, kdy nekdo
restartuje LDAP server (Lotus Domino). Pak se z autorizacni rutiny uz
nic nevrati a ceka se a ceka... :( . Pomuze az restart serveru. Mam
takovy pocit, jako by se spojeni na LDAP nejak kesovalo a po padu LDAP
serveru se neobnovilo.
Netusite kde by mohl byt problem? Jak pr(i autentikaci sde(lit aby
spojení navázal znovu?
S pozdravem
Petr Srajer.
PS: Autentikacni kod vypada takto...
import java.net.*;
import java.io.*;
import java.util.*;
import javax.naming.*;
import javax.naming.directory.*;
import cz.ais.sirael.common.Utils;
import cz.ais.sirael.common.auth.Authorizer;
/**
* Trida slouzici k autorizaci pomoci <code>LDAP</code>.
* V konfiguracnim souboru hleda property <b>LDAPAuthorizeServerURL</b>.
* Toto url obsahuje url serveru LDAP a jeho pripadna nastaveni.
* Napriklad ldap://192.168.3.1:389/o=Zakaznik . dale muze obsahovat property
* <b>LDAPAuthorizeServerPrincipalAddons</b> obsahujici pridavne
parametry pro principal.
* <b>LDAPAuthorizeServerSecurityAuthentication</b> definuje typ autentikace.
* Implicitni je <b>simple</b>.
*
* @author Petr Srajer
* @version $Revision: 1.3 $ $Date: 2006/10/20 10:46:29 $
*/
public class LDAPServerAuthorizer extends Object implements Authorizer {
/** URL pro pripojeni k LDAP serveru. */
private String url;
/** Principal addons */
private String principalAddOns = "";
/** Security authentication */
private String securityAuthentication = "simple";
/**
* Provede autorizaci pomoci LDAP erveru na zaklade
* predaneho uzivatelskeho jmena a hesla.
*
* @param userName uzivatelske jmeno.
* @param password heslo.
* @return boolean probehla autorizace uspesne?
*/
public boolean authorize (String userName, String password) {
if ((userName == null) || (password == null)) {
throw new NullPointerException ("userName == null || password == null");
}
//Pokud neni zadne heslo, at to zahlasi chybu
if (password.equals("")) {
return false;
}
try {
// Set up the environment for creating the initial context
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, url);
String principalAddOnsTmp = principalAddOns;
// Authenticate as User and password
if (!principalAddOnsTmp.trim().equals("")) {
principalAddOnsTmp = " ," + principalAddOnsTmp;
}
env.put(Context.SECURITY_AUTHENTICATION, securityAuthentication);
env.put(Context.SECURITY_PRINCIPAL, "cn=" + userName + principalAddOnsTmp);
env.put(Context.SECURITY_CREDENTIALS, password);
// Create the initial context
try {
DirContext ctx = new InitialDirContext(env);
} catch (AuthenticationException ae) {
return false;
} catch (NamingException ne) {
System.err.println(ne.getMessage());
ne.printStackTrace(System.err);
}
return true;
} catch (Exception ex) {
System.err.println (ex.getMessage());
ex.printStackTrace (System.err);
throw new IllegalArgumentException (ex.getMessage());
}
}
/**
* Prazdny konstruktor objektu.
*/
public LDAPServerAuthorizer() {
super();
url = Utils.getProperty ("LDAPAuthorizeServerURL");
principalAddOns = Utils.getProperty
("LDAPAuthorizeServerPrincipalAddons", "");
securityAuthentication = Utils.getProperty
("LDAPAuthorizeServerSecurityAuthentication", "simple");
}
}
