We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
fess
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix #2185 add ldap.auth.validation

Shinsuke Sugaya 6 years ago
parent
68690b7782
commit
a3c1895aff
4 changed files with 70 additions and 6 deletions
Unified View Show Diff Stats
  1. 25 0
      src/main/java/org/codelibs/fess/exception/LdapConfigurationException.java
  2. 18 6
      src/main/java/org/codelibs/fess/ldap/LdapManager.java
  3. 26 0
      src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java
  4. 1 0
      src/main/resources/fess_config.properties

+ 25 - 0
src/main/java/org/codelibs/fess/exception/LdapConfigurationException.java
View File 

@@ -0,0 +1,25 @@
 
+/*
 
+ * Copyright 2012-2019 CodeLibs Project and the Others.
 
+ *
 
+ * Licensed under the Apache License, Version 2.0 (the "License");
 
+ * you may not use this file except in compliance with the License.
 
+ * You may obtain a copy of the License at
 
+ *
 
+ *     http://www.apache.org/licenses/LICENSE-2.0
 
+ *
 
+ * Unless required by applicable law or agreed to in writing, software
 
+ * distributed under the License is distributed on an "AS IS" BASIS,
 
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
 
+ * either express or implied. See the License for the specific language
 
+ * governing permissions and limitations under the License.
 
+ */
 
+package org.codelibs.fess.exception;
 
+
 
+public class LdapConfigurationException extends FessSystemException {
 
+
 
+    private static final long serialVersionUID = 1L;
 
+
 
+    public LdapConfigurationException(final String message) {
 
+        super(message);
 
+    }
 
+}

+ 18 - 6
src/main/java/org/codelibs/fess/ldap/LdapManager.java
View File 

@@ -49,6 +49,7 @@ import org.codelibs.fess.entity.FessUser;
 
 import org.codelibs.fess.es.user.exentity.Group;
 
 import org.codelibs.fess.es.user.exentity.Group;
 
 import org.codelibs.fess.es.user.exentity.Role;
 
 import org.codelibs.fess.es.user.exentity.Role;
 
 import org.codelibs.fess.es.user.exentity.User;
 
 import org.codelibs.fess.es.user.exentity.User;
 
+import org.codelibs.fess.exception.LdapConfigurationException;
 
 import org.codelibs.fess.exception.LdapOperationException;
 
 import org.codelibs.fess.exception.LdapOperationException;
 
 import org.codelibs.fess.helper.SystemHelper;
 
 import org.codelibs.fess.helper.SystemHelper;
 
 import org.codelibs.fess.mylasta.direction.FessConfig;
 
 import org.codelibs.fess.mylasta.direction.FessConfig;
 
@@ -76,17 +77,24 @@ public class LdapManager {
 
     protected Hashtable<String, String> createEnvironment(final String initialContextFactory, final String securityAuthentication,
 
     protected Hashtable<String, String> createEnvironment(final String initialContextFactory, final String securityAuthentication,
 
             final String providerUrl, final String principal, final String credntials) {
 
             final String providerUrl, final String principal, final String credntials) {
 
         final Hashtable<String, String> env = new Hashtable<>();
 
         final Hashtable<String, String> env = new Hashtable<>();
 
-        env.put(Context.INITIAL_CONTEXT_FACTORY, initialContextFactory);
 
-        env.put(Context.SECURITY_AUTHENTICATION, securityAuthentication);
 
-        env.put(Context.PROVIDER_URL, providerUrl);
 
-        env.put(Context.SECURITY_PRINCIPAL, principal);
 
-        env.put(Context.SECURITY_CREDENTIALS, credntials);
 
+        putEnv(env, Context.INITIAL_CONTEXT_FACTORY, initialContextFactory);
 
+        putEnv(env, Context.SECURITY_AUTHENTICATION, securityAuthentication);
 
+        putEnv(env, Context.PROVIDER_URL, providerUrl);
 
+        putEnv(env, Context.SECURITY_PRINCIPAL, principal);
 
+        putEnv(env, Context.SECURITY_CREDENTIALS, credntials);
 
         if (providerUrl != null && providerUrl.startsWith("ldaps://")) {
 
         if (providerUrl != null && providerUrl.startsWith("ldaps://")) {
 
-            env.put(Context.SECURITY_PROTOCOL, "ssl");
 
+            putEnv(env, Context.SECURITY_PROTOCOL, "ssl");
 
         }
 
         }
 
         return env;
 
         return env;
 
     }
 
     }
 
 
 
+    protected void putEnv(final Hashtable<String, String> env, final String key, final String value) {
 
+        if (value == null) {
 
+            throw new LdapConfigurationException(key + " is null.");
 
+        }
 
+        env.put(key, value);
 
+    }
 
+
 
     protected Hashtable<String, String> createAdminEnv() {
 
     protected Hashtable<String, String> createAdminEnv() {
 
         return createEnvironment(//
 
         return createEnvironment(//
 
                 fessConfig.getLdapInitialContextFactory(), //
 
                 fessConfig.getLdapInitialContextFactory(), //
 
@@ -117,6 +125,10 @@ public class LdapManager {
 
 
 
     protected boolean validate() {
 
     protected boolean validate() {
 
         if (!isBind) {
 
         if (!isBind) {
 
+            if (fessConfig.getLdapAdminSecurityPrincipal() == null || fessConfig.getLdapAdminSecurityCredentials() == null) {
 
+                // no credentials
 
+                return !fessConfig.isLdapAuthValidation();
 
+            }
 
             final Hashtable<String, String> env = createAdminEnv();
 
             final Hashtable<String, String> env = createAdminEnv();
 
             try (DirContextHolder holder = getDirContext(() -> env)) {
 
             try (DirContextHolder holder = getDirContext(() -> env)) {
 
                 final DirContext context = holder.get();
 
                 final DirContext context = holder.get();

+ 26 - 0
src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java
View File 

@@ -1301,6 +1301,9 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
 
     /** The key of the configuration. e.g. true */
 
     /** The key of the configuration. e.g. true */
 
     String LDAP_ADMIN_SYNC_PASSWORD = "ldap.admin.sync.password";
 
     String LDAP_ADMIN_SYNC_PASSWORD = "ldap.admin.sync.password";
 
 
 
+    /** The key of the configuration. e.g. true */
 
+    String LDAP_AUTH_VALIDATION = "ldap.auth.validation";
 
+
 
     /** The key of the configuration. e.g. -1 */
 
     /** The key of the configuration. e.g. -1 */
 
     String LDAP_MAX_USERNAME_LENGTH = "ldap.max.username.length";
 
     String LDAP_MAX_USERNAME_LENGTH = "ldap.max.username.length";
 
 
 
@@ -5581,6 +5584,20 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
 
      */
 
      */
 
     boolean isLdapAdminSyncPassword();
 
     boolean isLdapAdminSyncPassword();
 
 
 
+    /**
 
+     * Get the value for the key 'ldap.auth.validation'. <br>
 
+     * The value is, e.g. true <br>
 
+     * @return The value of found property. (NotNull: if not found, exception but basically no way)
 
+     */
 
+    String getLdapAuthValidation();
 
+
 
+    /**
 
+     * Is the property for the key 'ldap.auth.validation' true? <br>
 
+     * The value is, e.g. true <br>
 
+     * @return The determination, true or false. (if not found, exception but basically no way)
 
+     */
 
+    boolean isLdapAuthValidation();
 
+
 
     /**
 
     /**
 
      * Get the value for the key 'ldap.max.username.length'. <br>
 
      * Get the value for the key 'ldap.max.username.length'. <br>
 
      * The value is, e.g. -1 <br>
 
      * The value is, e.g. -1 <br>
 
@@ -8077,6 +8094,14 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
 
             return is(FessConfig.LDAP_ADMIN_SYNC_PASSWORD);
 
             return is(FessConfig.LDAP_ADMIN_SYNC_PASSWORD);
 
         }
 
         }
 
 
 
+        public String getLdapAuthValidation() {
 
+            return get(FessConfig.LDAP_AUTH_VALIDATION);
 
+        }
 
+
 
+        public boolean isLdapAuthValidation() {
 
+            return is(FessConfig.LDAP_AUTH_VALIDATION);
 
+        }
 
+
 
         public String getLdapMaxUsernameLength() {
 
         public String getLdapMaxUsernameLength() {
 
             return get(FessConfig.LDAP_MAX_USERNAME_LENGTH);
 
             return get(FessConfig.LDAP_MAX_USERNAME_LENGTH);
 
         }
 
         }
 
@@ -8652,6 +8677,7 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
 
             defaultMap.put(FessConfig.LDAP_ADMIN_GROUP_BASE_DN, "ou=Group,dc=fess,dc=codelibs,dc=org");
 
             defaultMap.put(FessConfig.LDAP_ADMIN_GROUP_BASE_DN, "ou=Group,dc=fess,dc=codelibs,dc=org");
 
             defaultMap.put(FessConfig.LDAP_ADMIN_GROUP_OBJECT_CLASSES, "groupOfNames");
 
             defaultMap.put(FessConfig.LDAP_ADMIN_GROUP_OBJECT_CLASSES, "groupOfNames");
 
             defaultMap.put(FessConfig.LDAP_ADMIN_SYNC_PASSWORD, "true");
 
             defaultMap.put(FessConfig.LDAP_ADMIN_SYNC_PASSWORD, "true");
 
+            defaultMap.put(FessConfig.LDAP_AUTH_VALIDATION, "true");
 
             defaultMap.put(FessConfig.LDAP_MAX_USERNAME_LENGTH, "-1");
 
             defaultMap.put(FessConfig.LDAP_MAX_USERNAME_LENGTH, "-1");
 
             defaultMap.put(FessConfig.LDAP_IGNORE_NETBIOS_NAME, "true");
 
             defaultMap.put(FessConfig.LDAP_IGNORE_NETBIOS_NAME, "true");
 
             defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_USER_ENABLED, "true");
 
             defaultMap.put(FessConfig.LDAP_ROLE_SEARCH_USER_ENABLED, "true");

+ 1 - 0
src/main/resources/fess_config.properties
View File 

@@ -656,6 +656,7 @@ ldap.admin.group.base.dn=ou\=Group,dc\=fess,dc\=codelibs,dc\=org
 
 ldap.admin.group.object.classes=groupOfNames
 
 ldap.admin.group.object.classes=groupOfNames
 
 ldap.admin.sync.password=true
 
 ldap.admin.sync.password=true
 
 
 
+ldap.auth.validation=true
 
 ldap.max.username.length=-1
 
 ldap.max.username.length=-1
 
 ldap.ignore.netbios.name=true
 
 ldap.ignore.netbios.name=true

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5