}
public Principal authActiveDirectory(Config config, String username, String password) throws ArchivaException {
logger.debug("authenticating user to web console using active directory {username='"+username+"'}");
// if there are no role maps defined default to ADMIN access
ADIdentity identity = config.getADIdentity();
if (identity.getRoleMaps().size()==0) {
logger.info("SECURITY WARNING!! there are no role mappings defined for AD authentication. anonymous user is granted admin rights.");
return new MailArchivaPrincipal(username,"administrator",null,null);
}
ArrayList<AttributeValue> attributeValues = getADAttributes(identity, username, password);
int userRole = getRole(identity,attributeValues);
if (userRole==0)
throw new ArchivaException("failed to authenticate user as no role could be assigned {username='"+username+"'}",logger);
else {
List<String> emailAddresses = getEmailAddresses(identity,attributeValues);
return new MailArchivaPrincipal(username,identity.getRoleFromID(userRole),emailAddresses);
}
}