Hi Jeff.
Here is an example one can use to authenticate against LDAP. You might want
to use this as an option for jUDDI users.
+++++++++++++++++++++++++++++++++++++++++++++++++++
package org.apache.juddi.v3.auth;
import javax.naming.ldap.Control;
public class LdapFastBindConnectionControl implements Control {
private static final long serialVersionUID = 7847083714026112317L;
public byte[] getEncodedValue() {
return null;
}
public String getID() {
return "1.2.840.113556.1.4.1781";
}
public boolean isCritical() {
return true;
}
}
+++++++++++++++++++++++++++++++++++++++++++++++++++
import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.persistence.EntityManager;
import javax.persistence.EntityTransaction;
import org.apache.juddi.config.PersistenceManager;
import org.apache.juddi.model.Publisher;
import org.apache.juddi.model.UddiEntityPublisher;
import org.apache.juddi.v3.error.AuthenticationException;
import org.apache.juddi.v3.error.ErrorMessage;
import org.apache.juddi.v3.error.FatalErrorException;
import org.apache.juddi.v3.error.UnknownUserException;
import org.apache.log4j.Logger;
public class LdapFastBindAuthenticator implements Authenticator {
private Logger log = Logger.getLogger(this.getClass());
private Hashtable<String, String> env = null;
private LdapContext ctx = null;
private Control[] connCtls = null;
public LdapFastBindAuthenticator(String url) throws NamingException {
env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.PROVIDER_URL, url); // organization ldap url,
example ldap://localhost:389
connCtls = new Control[] { new LdapFastBindConnectionControl() };
try {
ctx = new InitialLdapContext(env, connCtls);
} catch (NamingException e) {
log.error("Naming exception " + e);
throw e;
}
}
public String authenticate(String authorizedName, String cred)
throws AuthenticationException, FatalErrorException {
if (authorizedName == null || "".equals(authorizedName)) {
throw new UnknownUserException(new
ErrorMessage("errors.auth.NoPublisher", authorizedName));
}
boolean isLdapUser = false;
try {
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL,
authorizedName);
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, cred);
ctx.reconnect(connCtls);
log.info(authorizedName + " is authenticated");
/* if we don't want search ldap any further we set isLdap as
true, and skip the code between START HERE and END HERE */
/* Here is possible to make some more extensive search in ldap
to see if the user is part of some group only allowed to access the
registry. */
/* START HERE */
//Create the search controls
SearchControls searchCtls = new SearchControls();
//Specify the search scope
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
//specify the LDAP search filter
String searchFilter = "(&(objectClass=user)(mail=
[email protected])(department=foo))";
//Specify the Base for the search
String searchBase = "DC=domain,DC=com";
//initialize counter to total the group members
int totalResults = 0;
//Specify the attributes to return
String returnedAtts[]={"memberOf"};
searchCtls.setReturningAttributes(returnedAtts);
//Search for objects using the filter
NamingEnumeration<?> answer = ctx.search(searchBase,
searchFilter, searchCtls);
//Loop through the search results
while (answer.hasMoreElements()) {
SearchResult sr = (SearchResult)answer.next();
//Print out the groups
Attributes attrs = sr.getAttributes();
if (attrs != null) {
try {
for (NamingEnumeration<?> ae =
attrs.getAll();ae.hasMore();) {
Attribute attr = (Attribute)ae.next();
for (NamingEnumeration<?> e =
attr.getAll();e.hasMore();totalResults++) {
//System.out.println(" " + totalResults +
". " + e.next());
String tmp = e.next().toString();
if
(tmp.equalsIgnoreCase("CN=Foo,OU=Bar,OU=Bleh,OU=Doh,DC=domain,DC=com")) {
System.out.println(true);
System.out.println("Authentication
Success!");
isLdapUser = true;
break;
} else if
(tmp.equalsIgnoreCase("CN=Foo,OU=Bar,OU=Bleh,OU=Doh,DC=domain,DC=com")) {
System.out.println(true);
System.out.println("Authentication
Success!");
isLdapUser = true;
break;
} else {
continue;
}
}
}
} catch (NamingException e) {
throw new UnknownUserException(new
ErrorMessage("errors.auth.NoPublisher", authorizedName));
}
}
}
/* END HERE */
} catch (NamingException e) {
log.error(authorizedName + " is not authenticated");
throw new UnknownUserException(new
ErrorMessage("errors.auth.NoPublisher", authorizedName));
} finally {
try {
ctx.close();
} catch (NamingException e) {
log.error("Context close failure " + e);
}
}
if (isLdapUser) {
EntityManager em = PersistenceManager.getEntityManager();
EntityTransaction tx = em.getTransaction();
try {
tx.begin();
Publisher publisher = em.find(Publisher.class,
authorizedName);
if (publisher == null) {
log.warn("Publisher was not found, adding the publisher
in on the fly.");
publisher = new Publisher();
publisher.setAuthorizedName(authorizedName);
publisher.setIsAdmin("false");
publisher.setIsEnabled("true");
publisher.setMaxBindingsPerService(199);
publisher.setMaxBusinesses(100);
publisher.setMaxServicesPerBusiness(100);
publisher.setMaxTmodels(100);
publisher.setPublisherName("Unknown");
em.persist(publisher);
tx.commit();
}
} finally {
if (tx.isActive()) {
tx.rollback();
}
em.close();
}
} else {
throw new UnknownUserException(new
ErrorMessage("errors.auth.NoPublisher", authorizedName));
}
return authorizedName;
}
public UddiEntityPublisher identify(String authInfo, String
authorizedName) throws AuthenticationException, FatalErrorException {
EntityManager em = PersistenceManager.getEntityManager();
EntityTransaction tx = em.getTransaction();
try {
tx.begin();
Publisher publisher = em.find(Publisher.class, authorizedName);
if (publisher == null)
throw new UnknownUserException(new
ErrorMessage("errors.auth.NoPublisher", authorizedName));
return publisher;
} finally {
if (tx.isActive()) {
tx.rollback();
}
em.close();
}
}
}
+++++++++++++++++++++++++++++++++++++++++++++++++++
Thanks.
-Gunnlaugur
On Wed, Apr 28, 2010 at 5:32 PM, Jeff Faath <[email protected]> wrote:
> Is this a compiler error or a runtime error? Maybe if you tried to
> implement something in those methods where an exception was actually thrown?
>
>
>
> *From:* Gunnlaugur Sigurðsson [mailto:[email protected]]
> *Sent:* Wednesday, April 28, 2010 10:05 AM
>
> *To:* [email protected]
> *Subject:* Re: Authenticator implementation
>
>
>
> Hi Jeff.
>
> I have a project I created in eclipse where I have the core juddi jar on
> the jave build path.
> Is there a better way for me to create the authenticator, than in my own
> project? Like within the juddi code bundle and build it there?
>
> Thanks.
>
> -Gunnlaugur
>
>
>
> On Wed, Apr 28, 2010 at 2:51 PM, Jeff Faath <[email protected]> wrote:
>
> Gunnlaugur,
>
>
>
> That error seems to be something to do with the environment. Is the core
> jUDDI jar in the classpath where the authenticator is being executed?
>
>
>
> -Jeff
>
>
>
> *From:* Gunnlaugur Sigurðsson [mailto:[email protected]]
> *Sent:* Wednesday, April 28, 2010 5:12 AM
> *To:* [email protected]
> *Subject:* Authenticator implementation
>
>
>
> Hello.
>
> I'm implementing the Authenticator interface to authenticate users against
> Active Directory in my workplace.
>
> But I keep getting errors on the exceptions classes thrown by authenticate
> and identify functions.
>
> The following error comes up.
> No exception of type AuthenticationException can be thrown; an exception
> type must be a subclass of Throwable
>
> Same error occurs whit the FatalErrorException class.
>
>
> Here is my unimplemented JUDDIActiveDirectoryAuthhenticaton class.
>
> public class JUDDIActiveDirectoryAuthhenticaton implements Authenticator {
>
> public String authenticate(String arg0, String arg1) throws
> AuthenticationException, FatalErrorException {
>
> // TODO Auto-generated method stub
> return null;
> }
>
> public UddiEntityPublisher identify(String arg0, String arg1) throws
> AuthenticationException, FatalErrorException {
>
> // TODO Auto-generated method stub
> return null;
> }
> }
>
> Any idea why I get this error?
>
> Thanks.
>
> --
>
> Kveðja/Regards
> Gunnlaugur Sigurðsson
> [email protected]
> Mobile: (+354) 896-7963
> Home: (+354) 565-5229
>
>
>
>
> --
>
> Kveðja/Regards
> Gunnlaugur Sigurðsson
> [email protected]
> Mobile: (+354) 896-7963
> Home: (+354) 565-5229
>
--
Kveðja/Regards
Gunnlaugur Sigurðsson
[email protected]
Mobile: (+354) 896-7963
Home: (+354) 565-5229
