From 32150d3ee32f8ac27118af7c792794b538c78a2f Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Wed, 7 Dec 2011 16:58:12 -0500 Subject: Formatting Formatted project according to eclipse project settings --- .../authentication/UidPwdDirAuthentication.java | 145 +++++++++++---------- 1 file changed, 73 insertions(+), 72 deletions(-) (limited to 'pki/base/common/src/com/netscape/cms/authentication/UidPwdDirAuthentication.java') diff --git a/pki/base/common/src/com/netscape/cms/authentication/UidPwdDirAuthentication.java b/pki/base/common/src/com/netscape/cms/authentication/UidPwdDirAuthentication.java index e97fee8b..9619e20f 100644 --- a/pki/base/common/src/com/netscape/cms/authentication/UidPwdDirAuthentication.java +++ b/pki/base/common/src/com/netscape/cms/authentication/UidPwdDirAuthentication.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.authentication; - // ldap java sdk import java.util.Enumeration; import java.util.Locale; @@ -47,46 +46,38 @@ import com.netscape.certsrv.property.Descriptor; import com.netscape.certsrv.property.IDescriptor; import com.netscape.certsrv.request.IRequest; - /** * uid/pwd directory based authentication manager *

- * + * * @version $Revision$, $Date$ */ -public class UidPwdDirAuthentication extends DirBasedAuthentication - implements IProfileAuthenticator { +public class UidPwdDirAuthentication extends DirBasedAuthentication implements + IProfileAuthenticator { /* required credentials to authenticate. uid and pwd are strings. */ public static final String CRED_UID = "uid"; public static final String CRED_PWD = "pwd"; protected static String[] mRequiredCreds = { CRED_UID, CRED_PWD }; - /* Holds configuration parameters accepted by this implementation. - * This list is passed to the configuration console so configuration - * for instances of this implementation can be configured through the - * console. + /* + * Holds configuration parameters accepted by this implementation. This list + * is passed to the configuration console so configuration for instances of + * this implementation can be configured through the console. */ - protected static String[] mConfigParams = - new String[] { PROP_DNPATTERN, - PROP_LDAPSTRINGATTRS, - PROP_LDAPBYTEATTRS, - "ldap.ldapconn.host", - "ldap.ldapconn.port", - "ldap.ldapconn.secureConn", - "ldap.ldapconn.version", - "ldap.basedn", - "ldap.minConns", - "ldap.maxConns", - }; + protected static String[] mConfigParams = new String[] { PROP_DNPATTERN, + PROP_LDAPSTRINGATTRS, PROP_LDAPBYTEATTRS, "ldap.ldapconn.host", + "ldap.ldapconn.port", "ldap.ldapconn.secureConn", + "ldap.ldapconn.version", "ldap.basedn", "ldap.minConns", + "ldap.maxConns", }; static { - mExtendedPluginInfo.add(IExtendedPluginInfo.HELP_TEXT + - ";Authenticate the username and password provided " + - "by the user against an LDAP directory. Works with the " + - "Dir Based Enrollment HTML form"); - mExtendedPluginInfo.add(IExtendedPluginInfo.HELP_TOKEN + - ";configuration-authrules-uidpwddirauth"); + mExtendedPluginInfo.add(IExtendedPluginInfo.HELP_TEXT + + ";Authenticate the username and password provided " + + "by the user against an LDAP directory. Works with the " + + "Dir Based Enrollment HTML form"); + mExtendedPluginInfo.add(IExtendedPluginInfo.HELP_TOKEN + + ";configuration-authrules-uidpwddirauth"); }; /** @@ -102,12 +93,10 @@ public class UidPwdDirAuthentication extends DirBasedAuthentication * @param authCreds The authentication credentials. * @return The user's ldap entry dn. * @exception EInvalidCredentials If the uid and password are not valid - * @exception EBaseException If an internal error occurs. + * @exception EBaseException If an internal error occurs. */ - protected String authenticate(LDAPConnection conn, - IAuthCredentials authCreds, - AuthToken token) - throws EBaseException { + protected String authenticate(LDAPConnection conn, + IAuthCredentials authCreds, AuthToken token) throws EBaseException { String userdn = null; String uid = null; @@ -117,36 +106,42 @@ public class UidPwdDirAuthentication extends DirBasedAuthentication uid = (String) authCreds.get(CRED_UID); CMS.debug("Authenticating UID=" + uid); if (uid == null) { - throw new EMissingCredential(CMS.getUserMessage("CMS_AUTHENTICATION_NULL_CREDENTIAL", CRED_UID)); + throw new EMissingCredential(CMS.getUserMessage( + "CMS_AUTHENTICATION_NULL_CREDENTIAL", CRED_UID)); } - + // get the password. String pwd = (String) authCreds.get(CRED_PWD); if (pwd == null) { - throw new EMissingCredential(CMS.getUserMessage("CMS_AUTHENTICATION_NULL_CREDENTIAL",CRED_PWD)); + throw new EMissingCredential(CMS.getUserMessage( + "CMS_AUTHENTICATION_NULL_CREDENTIAL", CRED_PWD)); } if (pwd.equals("")) { // anonymous binding not allowed - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMS_AUTH_EMPTY_PASSWORD", uid)); - throw new EInvalidCredentials(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMS_AUTH_EMPTY_PASSWORD", uid)); + throw new EInvalidCredentials( + CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); } // get user dn. - CMS.debug("Authenticating: Searching for UID=" + uid + - " base DN=" + mBaseDN); - LDAPSearchResults res = conn.search(mBaseDN, - LDAPv2.SCOPE_SUB, "(uid=" + uid + ")", null, false); + CMS.debug("Authenticating: Searching for UID=" + uid + " base DN=" + + mBaseDN); + LDAPSearchResults res = conn.search(mBaseDN, LDAPv2.SCOPE_SUB, + "(uid=" + uid + ")", null, false); if (res.hasMoreElements()) { - //LDAPEntry entry = (LDAPEntry)res.nextElement(); + // LDAPEntry entry = (LDAPEntry)res.nextElement(); LDAPEntry entry = res.next(); userdn = entry.getDN(); CMS.debug("Authenticating: Found User DN=" + userdn); } else { - log(ILogger.LL_SECURITY, CMS.getLogMessage("CMS_AUTH_USER_NOT_EXIST", uid)); - throw new EInvalidCredentials(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); + log(ILogger.LL_SECURITY, + CMS.getLogMessage("CMS_AUTH_USER_NOT_EXIST", uid)); + throw new EInvalidCredentials( + CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); } // bind as user dn and pwd - authenticates user with pwd. @@ -156,38 +151,44 @@ public class UidPwdDirAuthentication extends DirBasedAuthentication return userdn; } catch (ELdapException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CANNOT_CONNECT_LDAP", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CANNOT_CONNECT_LDAP", e.toString())); throw e; } catch (LDAPException e) { switch (e.getLDAPResultCode()) { - case LDAPException.NO_SUCH_OBJECT: - case LDAPException.LDAP_PARTIAL_RESULTS: - log(ILogger.LL_SECURITY, CMS.getLogMessage("USER_NOT_EXIST", uid)); - throw new EInvalidCredentials(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); + case LDAPException.NO_SUCH_OBJECT: + case LDAPException.LDAP_PARTIAL_RESULTS: + log(ILogger.LL_SECURITY, + CMS.getLogMessage("USER_NOT_EXIST", uid)); + throw new EInvalidCredentials( + CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); case LDAPException.INVALID_CREDENTIALS: - log(ILogger.LL_SECURITY, CMS.getLogMessage("CMS_AUTH_BAD_PASSWORD", uid)); - throw new EInvalidCredentials(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); + log(ILogger.LL_SECURITY, + CMS.getLogMessage("CMS_AUTH_BAD_PASSWORD", uid)); + throw new EInvalidCredentials( + CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL")); case LDAPException.SERVER_DOWN: log(ILogger.LL_FAILURE, CMS.getLogMessage("LDAP_SERVER_DOWN")); - throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_SERVER_UNAVAILABLE", conn.getHost(), "" + conn.getPort())); - - default: - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.getMessage())); - throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_OTHER_LDAP_EXCEPTION", - e.errorCodeToString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_SERVER_UNAVAILABLE", conn.getHost(), "" + + conn.getPort())); + + default: + log(ILogger.LL_FAILURE, + CMS.getLogMessage("OPERATION_ERROR", e.getMessage())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_OTHER_LDAP_EXCEPTION", e.errorCodeToString())); } - } + } } /** - * Returns a list of configuration parameter names. - * The list is passed to the configuration console so instances of - * this implementation can be configured through the console. - * + * Returns a list of configuration parameter names. The list is passed to + * the configuration console so instances of this implementation can be + * configured through the console. + * * @return String array of configuration parameter names. */ public String[] getConfigParams() { @@ -196,6 +197,7 @@ public class UidPwdDirAuthentication extends DirBasedAuthentication /** * Returns array of required credentials for this authentication manager. + * * @return Array of required credentials. */ public String[] getRequiredCreds() { @@ -203,9 +205,9 @@ public class UidPwdDirAuthentication extends DirBasedAuthentication } // Profile-related methods - + public void init(IProfile profile, IConfigStore config) - throws EProfileException { + throws EProfileException { } /** @@ -243,23 +245,22 @@ public class UidPwdDirAuthentication extends DirBasedAuthentication } /** - * Retrieves the descriptor of the given value - * parameter by name. + * Retrieves the descriptor of the given value parameter by name. */ public IDescriptor getValueDescriptor(Locale locale, String name) { - if (name.equals(CRED_UID)) { + if (name.equals(CRED_UID)) { return new Descriptor(IDescriptor.STRING, null, null, CMS.getUserMessage(locale, "CMS_AUTHENTICATION_LDAP_UID")); } else if (name.equals(CRED_PWD)) { return new Descriptor(IDescriptor.PASSWORD, null, null, CMS.getUserMessage(locale, "CMS_AUTHENTICATION_LDAP_PWD")); - + } return null; } - public void populate(IAuthToken token, IRequest request) - throws EProfileException { + public void populate(IAuthToken token, IRequest request) + throws EProfileException { request.setExtData(IProfileAuthenticator.AUTHENTICATED_NAME, token.getInString(USER_DN)); } -- cgit