From 7f142d2c0dfbbcabee028da5ed7b7226899b3577 Mon Sep 17 00:00:00 2001 From: Mario Enrico Ragucci Date: Wed, 7 Jan 2015 07:41:41 +0100 Subject: [PATCH 1/3] Introducing "Enable SSL" option on LDAP settings --- src/main/scala/app/SystemSettingsController.scala | 1 + src/main/scala/service/SystemSettingsService.scala | 4 ++++ src/main/scala/util/LDAPUtil.scala | 12 ++++++++++-- src/main/twirl/admin/system.scala.html | 7 +++++++ 4 files changed, 22 insertions(+), 2 deletions(-) diff --git a/src/main/scala/app/SystemSettingsController.scala b/src/main/scala/app/SystemSettingsController.scala index f323347d1..c5fcb0fcb 100644 --- a/src/main/scala/app/SystemSettingsController.scala +++ b/src/main/scala/app/SystemSettingsController.scala @@ -41,6 +41,7 @@ trait SystemSettingsControllerBase extends ControllerBase { "fullNameAttribute" -> trim(label("Full name attribute", optional(text()))), "mailAttribute" -> trim(label("Mail address attribute", optional(text()))), "tls" -> trim(label("Enable TLS", optional(boolean()))), + "ssl" -> trim(label("Enable SSL", optional(boolean()))), "keystore" -> trim(label("Keystore", optional(text()))) )(Ldap.apply)) )(SystemSettings.apply).verifying { settings => diff --git a/src/main/scala/service/SystemSettingsService.scala b/src/main/scala/service/SystemSettingsService.scala index 14bc5315b..d0d536d15 100644 --- a/src/main/scala/service/SystemSettingsService.scala +++ b/src/main/scala/service/SystemSettingsService.scala @@ -42,6 +42,7 @@ trait SystemSettingsService { ldap.fullNameAttribute.foreach(x => props.setProperty(LdapFullNameAttribute, x)) ldap.mailAttribute.foreach(x => props.setProperty(LdapMailAddressAttribute, x)) ldap.tls.foreach(x => props.setProperty(LdapTls, x.toString)) + ldap.ssl.foreach(x => props.setProperty(LdapSsl, x.toString)) ldap.keystore.foreach(x => props.setProperty(LdapKeystore, x)) } } @@ -92,6 +93,7 @@ trait SystemSettingsService { getOptionValue(props, LdapFullNameAttribute, None), getOptionValue(props, LdapMailAddressAttribute, None), getOptionValue[Boolean](props, LdapTls, None), + getOptionValue[Boolean](props, LdapSsl, None), getOptionValue(props, LdapKeystore, None))) } else { None @@ -134,6 +136,7 @@ object SystemSettingsService { fullNameAttribute: Option[String], mailAttribute: Option[String], tls: Option[Boolean], + ssl: Option[Boolean], keystore: Option[String]) case class Smtp( @@ -174,6 +177,7 @@ object SystemSettingsService { private val LdapFullNameAttribute = "ldap.fullname_attribute" private val LdapMailAddressAttribute = "ldap.mail_attribute" private val LdapTls = "ldap.tls" + private val LdapSsl = "ldap.ssl" private val LdapKeystore = "ldap.keystore" private def getValue[A: ClassTag](props: java.util.Properties, key: String, default: A): A = diff --git a/src/main/scala/util/LDAPUtil.scala b/src/main/scala/util/LDAPUtil.scala index ae578bd9b..66cb5e2f1 100644 --- a/src/main/scala/util/LDAPUtil.scala +++ b/src/main/scala/util/LDAPUtil.scala @@ -48,6 +48,7 @@ object LDAPUtil { dn = ldapSettings.bindDN.getOrElse(""), password = ldapSettings.bindPassword.getOrElse(""), tls = ldapSettings.tls.getOrElse(false), + ssl = ldapSettings.ssl.getOrElse(false), keystore = ldapSettings.keystore.getOrElse(""), error = "System LDAP authentication failed." ){ conn => @@ -65,6 +66,7 @@ object LDAPUtil { dn = userDN, password = password, tls = ldapSettings.tls.getOrElse(false), + ssl = ldapSettings.ssl.getOrElse(false), keystore = ldapSettings.keystore.getOrElse(""), error = "User LDAP Authentication Failed." ){ conn => @@ -96,7 +98,7 @@ object LDAPUtil { }).replaceAll("[^a-zA-Z0-9\\-_.]", "").replaceAll("^[_\\-]", "") } - private def bind[A](host: String, port: Int, dn: String, password: String, tls: Boolean, keystore: String, error: String) + private def bind[A](host: String, port: Int, dn: String, password: String, tls: Boolean, ssl: Boolean, keystore: String, error: String) (f: LDAPConnection => Either[String, A]): Either[String, A] = { if (tls) { // Dynamically set Sun as the security provider @@ -109,7 +111,13 @@ object LDAPUtil { } } - val conn: LDAPConnection = new LDAPConnection(new LDAPJSSEStartTLSFactory()) + val conn: LDAPConnection = + if(ssl) { + new LDAPConnection(new LDAPJSSESecureSocketFactory()) + }else { + new LDAPConnection(new LDAPJSSEStartTLSFactory()) + } + try { // Connect to the server conn.connect(host, port) diff --git a/src/main/twirl/admin/system.scala.html b/src/main/twirl/admin/system.scala.html index 9379672ef..1d0674503 100644 --- a/src/main/twirl/admin/system.scala.html +++ b/src/main/twirl/admin/system.scala.html @@ -169,6 +169,13 @@ +
+
+ +
+
From 858373c6285b84165400d31914fae7ad41450fd0 Mon Sep 17 00:00:00 2001 From: Mario Enrico Ragucci Date: Wed, 7 Jan 2015 07:45:18 +0100 Subject: [PATCH 2/3] small beautifying change to have code properly aligned --- src/main/scala/app/SystemSettingsController.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/scala/app/SystemSettingsController.scala b/src/main/scala/app/SystemSettingsController.scala index c5fcb0fcb..bdcb0a56e 100644 --- a/src/main/scala/app/SystemSettingsController.scala +++ b/src/main/scala/app/SystemSettingsController.scala @@ -41,7 +41,7 @@ trait SystemSettingsControllerBase extends ControllerBase { "fullNameAttribute" -> trim(label("Full name attribute", optional(text()))), "mailAttribute" -> trim(label("Mail address attribute", optional(text()))), "tls" -> trim(label("Enable TLS", optional(boolean()))), - "ssl" -> trim(label("Enable SSL", optional(boolean()))), + "ssl" -> trim(label("Enable SSL", optional(boolean()))), "keystore" -> trim(label("Keystore", optional(text()))) )(Ldap.apply)) )(SystemSettings.apply).verifying { settings => From 31e8e5a95149fee1aab019d83b6388109ac13cdc Mon Sep 17 00:00:00 2001 From: Mario Enrico Ragucci Date: Wed, 7 Jan 2015 07:46:59 +0100 Subject: [PATCH 3/3] code alignment. We want a pretty pull request! --- src/main/scala/util/LDAPUtil.scala | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/scala/util/LDAPUtil.scala b/src/main/scala/util/LDAPUtil.scala index 66cb5e2f1..c8d741f83 100644 --- a/src/main/scala/util/LDAPUtil.scala +++ b/src/main/scala/util/LDAPUtil.scala @@ -48,7 +48,7 @@ object LDAPUtil { dn = ldapSettings.bindDN.getOrElse(""), password = ldapSettings.bindPassword.getOrElse(""), tls = ldapSettings.tls.getOrElse(false), - ssl = ldapSettings.ssl.getOrElse(false), + ssl = ldapSettings.ssl.getOrElse(false), keystore = ldapSettings.keystore.getOrElse(""), error = "System LDAP authentication failed." ){ conn => @@ -66,7 +66,7 @@ object LDAPUtil { dn = userDN, password = password, tls = ldapSettings.tls.getOrElse(false), - ssl = ldapSettings.ssl.getOrElse(false), + ssl = ldapSettings.ssl.getOrElse(false), keystore = ldapSettings.keystore.getOrElse(""), error = "User LDAP Authentication Failed." ){ conn =>