LOG.debug( "Nexus succeeded on bind operation." );
// bind succeeded if we got this far
// TODO - authentication level not being set
LdapPrincipal principal = new LdapPrincipal( schemaManager, bindContext.getDn(), AuthenticationLevel.SIMPLE );
CoreSession session = new DefaultCoreSession( principal, directoryService );
bindContext.setSession( session );
// remove creds so there is no security risk
bindContext.setCredentials( null );
return;
}
boolean isPPolicyReqCtrlPresent = bindContext.hasRequestControl( PasswordPolicy.OID );
PasswordPolicyDecorator pwdRespCtrl =
new PasswordPolicyDecorator( directoryService.getLdapCodecService(), true );
boolean authenticated = false;
PasswordPolicyException ppe = null;
// TODO : we should refactor that.
// try each authenticator
for ( Authenticator authenticator : authenticators )
{
try
{
// perform the authentication
LdapPrincipal principal = authenticator.authenticate( bindContext );
LdapPrincipal clonedPrincipal = ( LdapPrincipal ) ( principal.clone() );
// remove creds so there is no security risk
bindContext.setCredentials( null );
clonedPrincipal.setUserPassword( StringConstants.EMPTY_BYTES );
// authentication was successful
CoreSession session = new DefaultCoreSession( clonedPrincipal, directoryService );
bindContext.setSession( session );
authenticated = true;
// break out of the loop if the authentication succeeded