Examples of org.nasutekds.server.types.AuthenticationInfo

org.nasutekds.server.types.AuthenticationInfo
This class defines a data structure that may be used to store information about an authenticated user. Note that structures in this class allow for multiple authentication types for the same user, which is not currently supported by LDAP but may be offered through some type of extension.

      }
    }


    if (authenticationInfo == null)
    {
      this.authenticationInfo = new AuthenticationInfo();
      updatePrivileges(null, false);
    }
    else
    {
      this.authenticationInfo = authenticationInfo;

View Full Code Here

   * authentication info structure to an empty default, as well as
   * setting the size and time limit values to their defaults.
   */
  public void setUnauthenticated()
  {
    setAuthenticationInfo(new AuthenticationInfo());
    this.sizeLimit = networkGroup.getSizeLimit();
    this.timeLimit = networkGroup.getTimeLimit();
  }

View Full Code Here

          authzDN = actualAuthzDN;
        }


        if (! authzDN.equals(userEntry.getDN()))
        {
          AuthenticationInfo tempAuthInfo =
            new AuthenticationInfo(userEntry,
                     DirectoryServer.isRootDN(userEntry.getDN()));
          InternalClientConnection tempConn =
               new InternalClientConnection(tempAuthInfo);
          if (! tempConn.hasPrivilege(Privilege.PROXIED_AUTH, bindOperation))
          {
            bindOperation.setResultCode(ResultCode.INVALID_CREDENTIALS);


            Message message = ERR_SASLPLAIN_AUTHZID_INSUFFICIENT_PRIVILEGES.get(
                    String.valueOf(userEntry.getDN()));
            bindOperation.setAuthFailureReason(message);
            return;
          }


          if (authzDN.isNullDN())
          {
            authZEntry = null;
          }
          else
          {
            try
            {
              authZEntry = DirectoryServer.getEntry(authzDN);
              if (authZEntry == null)
              {
                bindOperation.setResultCode(ResultCode.INVALID_CREDENTIALS);


                Message message = ERR_SASLPLAIN_AUTHZID_NO_SUCH_ENTRY.get(
                        String.valueOf(authzDN));
                bindOperation.setAuthFailureReason(message);
                return;
              }
            }
            catch (DirectoryException de)
            {
              if (debugEnabled())
              {
                TRACER.debugCaught(DebugLogLevel.ERROR, de);
              }


              bindOperation.setResultCode(ResultCode.INVALID_CREDENTIALS);


              Message message = ERR_SASLPLAIN_AUTHZID_CANNOT_GET_ENTRY.get(
                      String.valueOf(authzDN),
                      de.getMessageObject());
              bindOperation.setAuthFailureReason(message);
              return;
            }
          }
        }
      }
      else
      {
        String idStr;
        if (lowerAuthzID.startsWith("u:"))
        {
          idStr = authzID.substring(2);
        }
        else
        {
          idStr = authzID;
        }


        if (idStr.length() == 0)
        {
          authZEntry = null;
        }
        else
        {
          try
          {
            authZEntry = identityMapper.getEntryForID(idStr);
            if (authZEntry == null)
            {
              bindOperation.setResultCode(ResultCode.INVALID_CREDENTIALS);


              Message message = ERR_SASLPLAIN_AUTHZID_NO_MAPPED_ENTRY.get(
                      authzID);
              bindOperation.setAuthFailureReason(message);
              return;
            }
          }
          catch (DirectoryException de)
          {
            if (debugEnabled())
            {
              TRACER.debugCaught(DebugLogLevel.ERROR, de);
            }


            bindOperation.setResultCode(ResultCode.INVALID_CREDENTIALS);


            Message message = ERR_SASLPLAIN_AUTHZID_CANNOT_MAP_AUTHZID.get(
                    authzID, de.getMessageObject());
            bindOperation.setAuthFailureReason(message);
            return;
          }
        }


        if ((authZEntry == null) ||
            (! authZEntry.getDN().equals(userEntry.getDN())))
        {
          AuthenticationInfo tempAuthInfo =
            new AuthenticationInfo(userEntry,
                     DirectoryServer.isRootDN(userEntry.getDN()));
          InternalClientConnection tempConn =
               new InternalClientConnection(tempAuthInfo);
          if (! tempConn.hasPrivilege(Privilege.PROXIED_AUTH, bindOperation))
          {
            bindOperation.setResultCode(ResultCode.INVALID_CREDENTIALS);


            Message message = ERR_SASLPLAIN_AUTHZID_INSUFFICIENT_PRIVILEGES.get(
                    String.valueOf(userEntry.getDN()));
            bindOperation.setAuthFailureReason(message);
            return;
          }
        }
      }
    }




    // Get the password policy for the user and use it to determine if the
    // provided password was correct.
    try
    {
      PasswordPolicyState pwPolicyState =
           new PasswordPolicyState(userEntry, false);
      if (! pwPolicyState.passwordMatches(ByteString.valueOf(password)))
      {
        bindOperation.setResultCode(ResultCode.INVALID_CREDENTIALS);


        Message message = ERR_SASLPLAIN_INVALID_PASSWORD.get();
        bindOperation.setAuthFailureReason(message);
        return;
      }
    }
    catch (Exception e)
    {
      if (debugEnabled())
      {
        TRACER.debugCaught(DebugLogLevel.ERROR, e);
      }


      bindOperation.setResultCode(ResultCode.INVALID_CREDENTIALS);


      Message message = ERR_SASLPLAIN_CANNOT_CHECK_PASSWORD_VALIDITY.get(
              String.valueOf(userEntry.getDN()),
              String.valueOf(e));
      bindOperation.setAuthFailureReason(message);
      return;
    }




    // If we've gotten here, then the authentication was successful.
    bindOperation.setResultCode(ResultCode.SUCCESS);


    AuthenticationInfo authInfo =
         new AuthenticationInfo(userEntry, authZEntry, SASL_MECHANISM_PLAIN,
                                bindOperation.getSASLCredentials(),
                                DirectoryServer.isRootDN(userEntry.getDN()));
    bindOperation.setAuthenticationInfo(authInfo);
    return;
  }

View Full Code Here

0 1

TOP

Related Classes of org.nasutekds.server.types.AuthenticationInfo

org.nasutekds.server.api.ClientConnection

org.nasutekds.server.authorization.dseecompat.AciHandler

org.nasutekds.server.core.networkgroups.AuthMethodConnectionCriteria

org.nasutekds.server.core.networkgroups.MockClientConnection

org.nasutekds.server.core.networkgroups.NetworkGroupTest

org.nasutekds.server.extensions.AnonymousSASLMechanismHandler

org.nasutekds.server.extensions.CRAMMD5SASLMechanismHandler

org.nasutekds.server.extensions.PlainSASLMechanismHandler

org.nasutekds.server.loggers.TextAccessLogPublisher

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.