in redback-authentication/redback-authentication-providers/redback-authentication-ldap/src/main/java/org/apache/archiva/redback/authentication/ldap/LdapBindAuthenticator.java [83:177]
public AuthenticationResult authenticate( AuthenticationDataSource s )
throws AuthenticationException
{
PasswordBasedAuthenticationDataSource source = (PasswordBasedAuthenticationDataSource) s;
if ( !config.getBoolean( UserConfigurationKeys.LDAP_BIND_AUTHENTICATOR_ENABLED ) || (
!config.getBoolean( UserConfigurationKeys.LDAP_BIND_AUTHENTICATOR_ALLOW_EMPTY_PASSWORDS, false )
&& StringUtils.isEmpty( source.getPassword() ) ) )
{
return new AuthenticationResult( false, source.getUsername(), null );
}
SearchControls ctls = new SearchControls();
ctls.setCountLimit( 1 );
ctls.setDerefLinkFlag( true );
ctls.setSearchScope( SearchControls.SUBTREE_SCOPE );
String filter = "(&(objectClass=" + mapper.getUserObjectClass() + ")" + ( mapper.getUserFilter() != null
? mapper.getUserFilter()
: "" ) + "(" + mapper.getUserIdAttribute() + "=" + LdapUtils.encodeFilterValue( source.getUsername() ) + "))";
log.debug( "Searching for users with filter: '{}' from base dn: {}", filter, mapper.getUserBaseDn() );
LdapConnection ldapConnection = null;
LdapConnection authLdapConnection = null;
NamingEnumeration<SearchResult> results = null;
try
{
ldapConnection = getLdapConnection();
// check the cache for user's userDn in the ldap server
String userDn = ldapCacheService.getLdapUserDn( source.getUsername() );
if ( userDn == null )
{
log.debug( "userDn for user {} not found in cache. Retrieving from ldap server..",
source.getUsername() );
DirContext context = ldapConnection.getDirContext();
results = context.search( mapper.getUserBaseDn(), filter, ctls );
boolean moreElements = results.hasMoreElements();
log.debug( "Found user '{}': {}", source.getUsername(), moreElements );
if ( moreElements )
{
try {
SearchResult result = results.nextElement();
userDn = result.getNameInNamespace();
log.debug("Adding userDn {} for user {} to the cache..", userDn, source.getUsername());
// REDBACK-289/MRM-1488 cache the ldap user's userDn to lessen calls to ldap server
ldapCacheService.addLdapUserDn(source.getUsername(), userDn);
} catch (Exception e) {
log.error("Error occured on LDAP result retrieval: {}, {}", userDn, e.getMessage());
return new AuthenticationResult( false, source.getUsername(), e);
}
}
else
{
return new AuthenticationResult( false, source.getUsername(), null );
}
}
log.debug( "Attempting Authenication: {}", userDn );
authLdapConnection = connectionFactory.getConnection( userDn, source.getPassword() );
log.info( "user '{}' authenticated", source.getUsername() );
return new AuthenticationResult( true, source.getUsername(), null );
}
catch ( LdapException e )
{
return new AuthenticationResult( false, source.getUsername(), e );
}
catch ( NamingException e )
{
return new AuthenticationResult( false, source.getUsername(), e );
}
finally
{
closeNamingEnumeration( results );
closeLdapConnection( ldapConnection );
if ( authLdapConnection != null )
{
closeLdapConnection( authLdapConnection );
}
}
}