Examples of AuthenticationResponse

Examples of com.google.enterprise.connector.spi.AuthenticationResponse

61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
      User user =
          connectorSession.getUserGroupManager().getUserByGsaName(gsaName);
      if (user == null) {
        LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
            gsaName + " user is not authenticated");
        return new AuthenticationResponse(false, null);
      }
      LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
          user.getNotesName() + " user is authenticated");

      // Find the user in Notes.
      NotesSession notesSession = connectorSession.createNotesSession();
      NotesDatabase notesDirectory = null;
      NotesView notesUsersView = null;
      NotesDocument notesUserDoc = null;
      boolean hasValidPassword = false;
      try {
        notesDirectory = notesSession.getDatabase(
            connectorSession.getServer(), connectorSession.getDirectory());
        notesUsersView = notesDirectory.getView(NCCONST.DIRVIEW_USERS);
        notesUserDoc =
            notesUsersView.getDocumentByKey(user.getNotesName(), true);
        if (notesUserDoc == null) {
          LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
              "Username not found in Notes directory");
          return new AuthenticationResponse(false, null);
        }
        if (id.getPassword() != null) {
          String hashedPassword =
              notesUserDoc.getItemValueString("HTTPPassword");
          hasValidPassword =
              notesSession.verifyPassword(id.getPassword(), hashedPassword);
        }
      } finally {
        Util.recycle(notesUserDoc);
        Util.recycle(notesUsersView);
        Util.recycle(notesDirectory);
        connectorSession.closeNotesSession(notesSession);
      }

      Collection<String> groupsAndRoles = user.getGroupsAndRoles();
      Collection<String> prefixedGroups = GsaUtil.getGsaGroups(
          groupsAndRoles, connectorSession.getGsaGroupPrefix());
      Collection<Principal> principalGroups = null;
      if (prefixedGroups.size() != 0) {
        principalGroups = new ArrayList<Principal>(prefixedGroups.size());
        for (String group : prefixedGroups) {
          Principal principal = new Principal(PrincipalType.UNQUALIFIED,
              connectorSession.getConnector().getLocalNamespace(),
              group, CaseSensitivityType.EVERYTHING_CASE_INSENSITIVE);
          principalGroups.add(principal);
        }
      }
      String idLog = getIdentityLog(gsaName, user.getNotesName(),
          groupsAndRoles, prefixedGroups);
      if (id.getPassword() != null) {
        if (hasValidPassword) {
          LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
              "User succesfully authenticated: " + idLog);
          return new AuthenticationResponse(true, null, principalGroups);
        } else {
          LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
              "User failed authentication: " + idLog);
          return new AuthenticationResponse(false, null, principalGroups);
        }
      } else {
        LOGGER.logp(Level.FINE, CLASS_NAME, METHOD,
            "No password; returning groups only: " + idLog);
        // Although we don't actually know that the entity that
        // submitted this username has a valid password, we have
        // to return true because the GSA will refute the
        // identity otherwise. This situation occurs when the GSA
        // uses another authentication mechanism and uses the
        // connector for group resolution only.
        LOGGER.fine("principalgroups: " + principalGroups);
        return new AuthenticationResponse(true, null, principalGroups);
      }
    } catch (Exception e) {
      LOGGER.log(Level.SEVERE, CLASS_NAME, e);
    } finally {
      LOGGER.exiting(CLASS_NAME, METHOD);
    }
    return new AuthenticationResponse(false, null);
  }
View Full Code Here

Examples of com.google.enterprise.connector.spi.AuthenticationResponse

57
58
59
60
61
62
63
64
65
66
67
68
    try {
      IUser user = uc.authenticate(username, id.getPassword());
      List<Principal> principalGroups = FileUtil.getPrincipals(
          PrincipalType.UNKNOWN, globalNamespace, user.getGroupNames(),
          CaseSensitivityType.EVERYTHING_CASE_INSENSITIVE);
      return new AuthenticationResponse(true, "", principalGroups);
    } catch (Throwable e) {
      logger.log(Level.WARNING, "Authentication failed for user "
          + username, e);
      return new AuthenticationResponse(false, "");
    }
  }
View Full Code Here

Examples of com.google.enterprise.connector.spi.AuthenticationResponse

38
39
40
41
42
43
44
45
46
47
48
49
50
51
    FileAuthenticationManager fatm = (FileAuthenticationManager) fs.getAuthenticationManager();

    //    Check FileAuthenticationManager
    SimpleAuthenticationIdentity fai = new SimpleAuthenticationIdentity(
        TestConnection.username, TestConnection.password);
    AuthenticationResponse ar = fatm.authenticate(fai);
    assertEquals(true, ar.isValid());
    assertTrue(ar.getGroups().size() > 0);

    //    Check FileAuthenticationManager for a wrong user
    SimpleAuthenticationIdentity faiWrong = new SimpleAuthenticationIdentity(TestConnection.username, TestConnection.wrongPassword);
    AuthenticationResponse arWrong = fatm.authenticate(faiWrong);
    assertEquals(false, arWrong.isValid());
  }
View Full Code Here

Examples of com.google.enterprise.connector.spi.AuthenticationResponse

103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
    try {
      List<HashMap<String, Object>> users = db.select(query, sqlIdentity);
      if (users.size() == 0) {
        LOGGER.warning("User not found in the database ["
            + username + "] domain [" + domain + "]");
        return new AuthenticationResponse(false, "", null);
      } else if (users.size() > 1) {
        StringBuffer sb = new StringBuffer("Multiple users found in the "
            + "database matching [" + domain + "]\\[" + username + "]: ");
        for (HashMap<String, Object> u : users) {
          sb.append("[").append(u.get("dn")).append("] ");
        }
        LOGGER.warning(sb.toString());
        return new AuthenticationResponse(false, "", null);
      }
      HashMap<String, Object>user = users.get(0);
      List<Principal> groups =
          getAllGroupsForTheUser((Number) user.get(AdConstants.DB_ENTITYID));
      if (password != null && !authenticateUser(
              (String) user.get(AdConstants.DB_DNSROOT),
              (String) user.get(AdConstants.DB_NETBIOSNAME)
                  + AdConstants.BACKSLASH
                  + (String) user.get(AdConstants.DB_SAMACCOUNTNAME),
              password)) {
        return new AuthenticationResponse(false, "", null);
      }
      if (LOGGER.isLoggable(Level.INFO)) {
        StringBuffer sb = new StringBuffer("Resolved ").append(groups.size())
            .append(" AD group(s) for user [").append(username).append("]")
            .append(" domain [").append(domain).append("]: ");
        for (Principal group : groups) {
          sb.append("[").append(group.getName()).append("] ");
        }
        LOGGER.info(sb.toString());
      }
      if (identity instanceof MutableIdentity) {
        MutableIdentity mutable = (MutableIdentity) identity;
        mutable.setDomain((String) user.get(AdConstants.DB_NETBIOSNAME));
        mutable.setUsername((String) user.get(AdConstants.DB_SAMACCOUNTNAME));
        LOGGER.fine("New identity: [" + domain + "\\" + username
            + "] Active Directory: [" + identity.getDomain()
            + "\\" + identity.getUsername() + "]");
      }
      LOGGER.log(Level.INFO, "Elapsed time for Active Directory authentication "
          + "of user [{0}\\{1}] = [{2}ms]"new Object[] {domain, username,
            System.currentTimeMillis() - startAuthN});
      return new AuthenticationResponse(true, "", groups);
    } catch (SQLException e) {
      LOGGER.log(Level.WARNING,
          "Failed to retrieve information about user from database ["
          + username + "] domain [" + domain + "].", e);
      return new AuthenticationResponse(false, "", null);
    }
  }
View Full Code Here

Examples of com.google.enterprise.connector.spi.AuthenticationResponse

40
41
42
43
44
45
46
47
48
49
50
    Session s = con.login();
    s.getTraversalManager().startTraversal();
    AuthenticationManager am = s.getAuthenticationManager();
    String username = TestConfiguration.d1principal.split("\\\\")[1];
    AuthenticationResponse response = am.authenticate(
        new SimpleAuthenticationIdentity(username));
    assertNotNull(response);

    Collection<Principal> principals = getGroups(response);
    assertNotNull(principals);
View Full Code Here

Examples of com.google.enterprise.connector.spi.AuthenticationResponse

141
142
143
144
145
146
147
148
149
150
151
152
      // Ask for attributes to ensure that the server is
      // contacted. JNDI allows lazy initialization of
      // contexts, so we have to use it, not just create
      // it.
      ctx.getAttributes("");
      return new AuthenticationResponse(true, null);
    } catch (NamingException e) {
      LOGGER.warning("Authentication failed for " +
          identity.getUsername() + "; " + e.toString());
      return new AuthenticationResponse(false, null);
    }
  }
View Full Code Here

Examples of com.google.enterprise.connector.spi.AuthenticationResponse

78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
    public AuthenticationResponse authenticate(AuthenticationIdentity identity)
            throws RepositoryLoginException, RepositoryException {
        if (LOGGER.isLoggable(Level.FINE))
            LOGGER.fine("AUTHENTICATE: " + identity.getUsername());

        AuthenticationResponse response = null;
        for (AuthenticationManager authn : authenticationManagers) {
            try {
                if (LOGGER.isLoggable(Level.FINER))
                    LOGGER.finer("Trying authentication manager " + authn);
                response = authn.authenticate(identity);
                if (response.isValid())
                    break;
            }
            catch (RepositoryException e) {
                LOGGER.warning("Authentication failed for " +
                    identity.getUsername() + "; " + e.getMessage());
                response = new AuthenticationResponse(false, null);
            }
        }
        return response;
    }
View Full Code Here

Examples of com.google.enterprise.connector.spi.AuthenticationResponse

128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
  //groups against AD only if necessary
  private AuthenticationResponse authenticateAgainstActiveDirectory(
      final AuthenticationIdentity identity) throws RepositoryLoginException,
      RepositoryException {
    long startAuthN = System.currentTimeMillis();
    AuthenticationResponse adAuthResult =
        adGroupsAuthenticationManager.authenticate(identity);
    if (!adAuthResult.isValid()) {
      return adAuthResult;
    }

    long startSharePoint = System.currentTimeMillis();
    @SuppressWarnings("unchecked")
    Collection<Principal> adGroups =
        (Collection<Principal>) adAuthResult.getGroups();
    String strUserName =
        addUserNameFormatForTheSearchUser(identity.getUsername(), identity.getDomain());
    Set<Principal> spGroups = sharepointClientContext
        .getUserDataStoreDAO().getSharePointGroupsForSearchUserAndLdapGroups(
            sharepointClientContext.getGoogleLocalNamespace(), adGroups,
            strUserName);

    Collection<Principal> groups = new ArrayList<Principal>();
    groups.addAll(adGroups);
    groups.addAll(spGroups);
    LOGGER.log(Level.INFO, "Authentication Duration [{0}] : Total = [{1}ms] "
        + "SharePoint = [{2}ms] AD = [{3}ms]", new Object[] {strUserName,
          (System.currentTimeMillis() - startAuthN),
          (System.currentTimeMillis() - startSharePoint),
          (startSharePoint - startAuthN)});

    return new AuthenticationResponse(
        adAuthResult.isValid(), adAuthResult.getData(), groups);
  }
View Full Code Here

Examples of com.google.enterprise.connector.spi.AuthenticationResponse

220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
          return getAllGroupsForTheUser(user);
        } else {
          // Handle the cases when connector should just return true
          // indicating successfull authN
          LOGGER.config("No group resolution has been attempted as connector is not set to feed ACL");
          return new AuthenticationResponse(true, "", null);
        }
      }
    } else {
      LOGGER.config("AuthN was not attempted as password is empty and groups are being returned.");
      return getAllGroupsForTheUser(user);
    }
    LOGGER.log(Level.WARNING, "Authentication failed for " + user);
    return new AuthenticationResponse(false, "", null);
  }
View Full Code Here

Examples of com.google.enterprise.connector.spi.AuthenticationResponse

253
254
255
256
257
258
259
260
261
262
263
264
265
      // Should return true if there is at least one group returned by
      // LDAP service.
      LOGGER.log(Level.INFO, "Group resolution returned following groups "
          + "for the search user: {0}\n{1}",
          new Object[] { searchUser, allSearchUserGroups.toString() });
      return new AuthenticationResponse(true, "", allSearchUserGroups);
    } else {
      LOGGER.info("Group resolution returned no groups for the search user: "
          + searchUser);
      // Should return true with null groups.
      return new AuthenticationResponse(true, "", null);
    }
  }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.