summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cmscore/ldapconn/LdapAuthInfo.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/ldapconn/LdapAuthInfo.java')
-rw-r--r--pki/base/common/src/com/netscape/cmscore/ldapconn/LdapAuthInfo.java121
1 files changed, 61 insertions, 60 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/ldapconn/LdapAuthInfo.java b/pki/base/common/src/com/netscape/cmscore/ldapconn/LdapAuthInfo.java
index b499dd07e..d2761e791 100644
--- a/pki/base/common/src/com/netscape/cmscore/ldapconn/LdapAuthInfo.java
+++ b/pki/base/common/src/com/netscape/cmscore/ldapconn/LdapAuthInfo.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.ldapconn;
-
import java.util.Hashtable;
import netscape.ldap.LDAPConnection;
@@ -29,7 +28,6 @@ import com.netscape.certsrv.base.IConfigStore;
import com.netscape.certsrv.ldap.ILdapAuthInfo;
import com.netscape.cmsutil.password.IPasswordStore;
-
/**
* class for reading ldap authentication info from config store
*/
@@ -60,24 +58,24 @@ public class LdapAuthInfo implements ILdapAuthInfo {
* the password by attempting to connect to the server.
*/
public LdapAuthInfo(IConfigStore config, String host, int port, boolean secure)
- throws EBaseException {
+ throws EBaseException {
init(config, host, port, secure);
}
- public String getPasswordFromStore (String prompt) {
+ public String getPasswordFromStore(String prompt) {
String pwd = null;
CMS.debug("LdapAuthInfo: getPasswordFromStore: try to get it from password store");
-// hey - should use password store interface to allow different implementations
-// but the problem is, other parts of the system just go directly to the file
-// so calling CMS.getPasswordStore() will give you an outdated one
-/*
- IConfigStore mainConfig = CMS.getConfigStore();
- String pwdFile = mainConfig.getString("passwordFile");
- FileConfigStore pstore = new FileConfigStore(pwdFile);
-*/
+ // hey - should use password store interface to allow different implementations
+ // but the problem is, other parts of the system just go directly to the file
+ // so calling CMS.getPasswordStore() will give you an outdated one
+ /*
+ IConfigStore mainConfig = CMS.getConfigStore();
+ String pwdFile = mainConfig.getString("passwordFile");
+ FileConfigStore pstore = new FileConfigStore(pwdFile);
+ */
IPasswordStore pwdStore = CMS.getPasswordStore();
- CMS.debug("LdapAuthInfo: getPasswordFromStore: about to get from passwored store: "+prompt);
+ CMS.debug("LdapAuthInfo: getPasswordFromStore: about to get from passwored store: " + prompt);
// support publishing dirsrv with different pwd than internaldb
@@ -85,18 +83,18 @@ public class LdapAuthInfo implements ILdapAuthInfo {
if (pwdStore != null) {
CMS.debug("LdapAuthInfo: getPasswordFromStore: password store available");
pwd = pwdStore.getPassword(prompt);
-// pwd = pstore.getString(prompt);
- if ( pwd == null) {
- CMS.debug("LdapAuthInfo: getPasswordFromStore: password for "+prompt+
- " not found, trying internaldb");
+ // pwd = pstore.getString(prompt);
+ if (pwd == null) {
+ CMS.debug("LdapAuthInfo: getPasswordFromStore: password for " + prompt +
+ " not found, trying internaldb");
-// pwd = pstore.getString("internaldb");
+ // pwd = pstore.getString("internaldb");
- pwd = pwdStore.getPassword("internaldb"); // last resort
+ pwd = pwdStore.getPassword("internaldb"); // last resort
} else
- CMS.debug("LdapAuthInfo: getPasswordFromStore: password found for prompt in password store");
+ CMS.debug("LdapAuthInfo: getPasswordFromStore: password found for prompt in password store");
} else
- CMS.debug("LdapAuthInfo: getPasswordFromStore: password store not available: pwdStore is null");
+ CMS.debug("LdapAuthInfo: getPasswordFromStore: password store not available: pwdStore is null");
return pwd;
}
@@ -110,19 +108,19 @@ public class LdapAuthInfo implements ILdapAuthInfo {
/**
* initialize this class from the config store, and verify the password.
- *
+ *
* @param host The host that the directory server is running on.
- * This will be used to verify the password by attempting to connect.
- * If it is <code>null</code>, the password will not be verified.
+ * This will be used to verify the password by attempting to connect.
+ * If it is <code>null</code>, the password will not be verified.
* @param port The port that the directory server is running on.
*/
public void init(IConfigStore config, String host, int port, boolean secure)
- throws EBaseException {
+ throws EBaseException {
CMS.debug("LdapAuthInfo: init()");
- if (mInited) {
+ if (mInited) {
CMS.debug("LdapAuthInfo: already initialized");
- return; // XXX throw exception here ?
+ return; // XXX throw exception here ?
}
CMS.debug("LdapAuthInfo: init begins");
@@ -144,30 +142,30 @@ public class LdapAuthInfo implements ILdapAuthInfo {
if (prompt == null) {
prompt = "LDAP Authentication";
- CMS.debug("LdapAuthInfo: init: prompt is null, change to "+prompt);
+ CMS.debug("LdapAuthInfo: init: prompt is null, change to " + prompt);
} else
- CMS.debug("LdapAuthInfo: init: prompt is "+prompt);
+ CMS.debug("LdapAuthInfo: init: prompt is " + prompt);
if (mParms[1] == null) {
CMS.debug("LdapAuthInfo: init: try getting from memory cache");
mParms[1] = (String) passwords.get(prompt);
-if (mParms[1] != null) {
- inMem = true;
-CMS.debug("LdapAuthInfo: init: got password from memory");
-} else
-CMS.debug("LdapAuthInfo: init: password not in memory");
+ if (mParms[1] != null) {
+ inMem = true;
+ CMS.debug("LdapAuthInfo: init: got password from memory");
+ } else
+ CMS.debug("LdapAuthInfo: init: password not in memory");
} else
-CMS.debug("LdapAuthInfo: init: found password from config");
+ CMS.debug("LdapAuthInfo: init: found password from config");
if (mParms[1] == null) {
mParms[1] = getPasswordFromStore(prompt);
- } else {
+ } else {
CMS.debug("LdapAuthInfo: init: password found for prompt.");
- }
+ }
// verify the password
- if ((mParms[1]!= null) && (!mParms[1].equals("")) && (host == null ||
- authInfoOK(host, port, secure, mParms[0], mParms[1]))) {
+ if ((mParms[1] != null) && (!mParms[1].equals("")) && (host == null ||
+ authInfoOK(host, port, secure, mParms[0], mParms[1]))) {
// The password is OK or uncheckable
CMS.debug("LdapAuthInfo: password ok: store in memory cache");
passwords.put(prompt, mParms[1]);
@@ -176,16 +174,16 @@ CMS.debug("LdapAuthInfo: init: found password from config");
CMS.debug("LdapAuthInfo: password not found");
else {
CMS.debug("LdapAuthInfo: password does not work");
-/* what do you know? Our IPasswordStore does not have a remove function.
- pstore.remove("internaldb");
-*/
+ /* what do you know? Our IPasswordStore does not have a remove function.
+ pstore.remove("internaldb");
+ */
if (inMem) {
// this is for the case when admin changes pwd
// from console
mParms[1] = getPasswordFromStore(prompt);
- if(authInfoOK(host, port, secure, mParms[0], mParms[1])) {
- CMS.debug("LdapAuthInfo: password ok: store in memory cache");
- passwords.put(prompt, mParms[1]);
+ if (authInfoOK(host, port, secure, mParms[0], mParms[1])) {
+ CMS.debug("LdapAuthInfo: password ok: store in memory cache");
+ passwords.put(prompt, mParms[1]);
}
}
}
@@ -212,16 +210,17 @@ CMS.debug("LdapAuthInfo: init: found password from config");
/**
* Verifies the distinguished name and password by attempting to
- * authenticate to the server. If we connect to the server but cannot
+ * authenticate to the server. If we connect to the server but cannot
* authenticate, we conclude that the DN or password is invalid. If
* we cannot connect at all, we don't know, so we return true
* (there's no sense asking for the password again since we can't verify
- * it anyway). If we connect and authenticate successfully, we know
+ * it anyway). If we connect and authenticate successfully, we know
* the DN and password are correct, so we return true.
*/
private static LDAPConnection conn = new LDAPConnection();
+
private static boolean
- authInfoOK(String host, int port, boolean secure, String dn, String pw) {
+ authInfoOK(String host, int port, boolean secure, String dn, String pw) {
// We dont perform auth checking if we are in SSL mode.
if (secure)
@@ -239,15 +238,15 @@ CMS.debug("LdapAuthInfo: init: found password from config");
/**
* There is a bug in LDAP SDK. VM will crash on NT if
- * we connect and disconnect too many times.
+ * we connect and disconnect too many times.
**/
-
+
/**
- if( connected ) {
- try {
- conn.disconnect();
- } catch( LDAPException e ) { }
- }
+ * if( connected ) {
+ * try {
+ * conn.disconnect();
+ * } catch( LDAPException e ) { }
+ * }
**/
if (connected && !authenticated) {
@@ -258,10 +257,11 @@ CMS.debug("LdapAuthInfo: init: found password from config");
}
/**
- * get authentication type.
+ * get authentication type.
+ *
* @return one of: <br>
- * LdapAuthInfo.LDAP_AUTHTYPE_BASICAUTH or
- * LdapAuthInfo.LDAP_AUTHTYPE_SSLCLIENTAUTH
+ * LdapAuthInfo.LDAP_AUTHTYPE_BASICAUTH or
+ * LdapAuthInfo.LDAP_AUTHTYPE_SSLCLIENTAUTH
*/
public int getAuthType() {
return mType;
@@ -269,6 +269,7 @@ CMS.debug("LdapAuthInfo: init: found password from config");
/**
* get params for authentication
+ *
* @return array of parameters for this authentication.
*/
public String[] getParms() {
@@ -281,7 +282,7 @@ CMS.debug("LdapAuthInfo: init: found password from config");
public void addPassword(String prompt, String pw) {
try {
passwords.put(prompt, pw);
- }catch (Exception e) {
+ } catch (Exception e) {
}
}
@@ -291,7 +292,7 @@ CMS.debug("LdapAuthInfo: init: found password from config");
public void removePassword(String prompt) {
try {
passwords.remove(prompt);
- }catch (Exception e) {
+ } catch (Exception e) {
}
}
}
generated by cgit (git 2.34.1) at 2024-06-30 19:22:51 +0000