From 48c67bd65fa8f4599a651a3200e3347066840632 Mon Sep 17 00:00:00 2001 From: Sebastian Sdorra Date: Mon, 4 Jul 2011 08:29:19 +0200 Subject: [PATCH] move scm-auth-ldap-plugin to its own repository at https://bitbucket.org/tludewig/scm-auth-ldap-plugin --- scm-plugins/pom.xml | 1 - scm-plugins/scm-auth-ldap-plugin/pom.xml | 49 -- .../auth/ldap/LDAPAuthenticationHandler.java | 704 ------------------ .../java/sonia/scm/auth/ldap/LDAPConfig.java | 263 ------- .../scm/auth/ldap/LDAPConfigResource.java | 119 --- .../java/sonia/scm/auth/ldap/LdapUtil.java | 217 ------ .../main/resources/META-INF/scm/plugin.xml | 21 - .../sonia/scm/auth/ldap/sonia.ldap.js | 232 ------ 8 files changed, 1606 deletions(-) delete mode 100644 scm-plugins/scm-auth-ldap-plugin/pom.xml delete mode 100644 scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPAuthenticationHandler.java delete mode 100644 scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPConfig.java delete mode 100644 scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPConfigResource.java delete mode 100644 scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LdapUtil.java delete mode 100644 scm-plugins/scm-auth-ldap-plugin/src/main/resources/META-INF/scm/plugin.xml delete mode 100644 scm-plugins/scm-auth-ldap-plugin/src/main/resources/sonia/scm/auth/ldap/sonia.ldap.js diff --git a/scm-plugins/pom.xml b/scm-plugins/pom.xml index b178a3158d..abee9543cf 100644 --- a/scm-plugins/pom.xml +++ b/scm-plugins/pom.xml @@ -17,7 +17,6 @@ scm-activedirectory-auth-plugin - scm-auth-ldap-plugin scm-hg-plugin scm-git-plugin diff --git a/scm-plugins/scm-auth-ldap-plugin/pom.xml b/scm-plugins/scm-auth-ldap-plugin/pom.xml deleted file mode 100644 index 81226e515a..0000000000 --- a/scm-plugins/scm-auth-ldap-plugin/pom.xml +++ /dev/null @@ -1,49 +0,0 @@ - - - - 4.0.0 - - - scm-plugins - sonia.scm.plugins - 1.5-SNAPSHOT - - - sonia.scm.plugins - scm-auth-ldap-plugin - jar - 1.4-SNAPSHOT - ${project.artifactId} - plugin description - - - - - javax.servlet - servlet-api - ${servlet.version} - provided - - - - - - sonia.scm - scm-test - 1.3 - test - - - - - - - - maven.scm-manager.org - scm-manager release repository - http://maven.scm-manager.org/nexus/content/groups/public - - - - - \ No newline at end of file diff --git a/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPAuthenticationHandler.java b/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPAuthenticationHandler.java deleted file mode 100644 index d5d55e60c4..0000000000 --- a/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPAuthenticationHandler.java +++ /dev/null @@ -1,704 +0,0 @@ -/** - * Copyright (c) 2010, Sebastian Sdorra - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * 3. Neither the name of SCM-Manager; nor the names of its - * contributors may be used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * http://bitbucket.org/sdorra/scm-manager - * - */ - - - -package sonia.scm.auth.ldap; - -//~--- non-JDK imports -------------------------------------------------------- - -import com.google.inject.Inject; -import com.google.inject.Singleton; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import sonia.scm.SCMContextProvider; -import sonia.scm.plugin.ext.Extension; -import sonia.scm.store.Store; -import sonia.scm.store.StoreFactory; -import sonia.scm.user.User; -import sonia.scm.util.AssertUtil; -import sonia.scm.util.Util; -import sonia.scm.web.security.AuthenticationHandler; -import sonia.scm.web.security.AuthenticationResult; - -//~--- JDK imports ------------------------------------------------------------ - -import java.io.IOException; - -import java.text.MessageFormat; - -import java.util.ArrayList; -import java.util.HashSet; -import java.util.Hashtable; -import java.util.List; -import java.util.Set; - -import javax.naming.Context; -import javax.naming.NamingEnumeration; -import javax.naming.NamingException; -import javax.naming.directory.Attribute; -import javax.naming.directory.Attributes; -import javax.naming.directory.DirContext; -import javax.naming.directory.InitialDirContext; -import javax.naming.directory.SearchControls; -import javax.naming.directory.SearchResult; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * - * @author Thorsten Ludewig - */ -@Singleton -@Extension -public class LDAPAuthenticationHandler implements AuthenticationHandler -{ - - /** Field description */ - public static final String ATTRIBUTE_GROUP_NAME = "cn"; - - /** Field description */ - public static final String FILTER_GROUP = - "(&(objectClass=groupOfUniqueNames)(uniqueMember={0}))"; - - /** Field description */ - public static final String SEARCHTYPE_GROUP = "group"; - - /** Field description */ - public static final String SEARCHTYPE_USER = "user"; - - /** Field description */ - public static final String TYPE = "ldap"; - - /** the logger for PAMAuthenticationHandler */ - private static final Logger logger = - LoggerFactory.getLogger(LDAPAuthenticationHandler.class); - - //~--- constructors --------------------------------------------------------- - - /** - * Constructs ... - * - * - * @param factory - */ - @Inject - public LDAPAuthenticationHandler(StoreFactory factory) - { - store = factory.getStore(LDAPConfig.class, TYPE); - } - - //~--- methods -------------------------------------------------------------- - - /** - * Method description - * - * - * @param request - * @param response - * @param username - * @param password - * - * @return - */ - @Override - public AuthenticationResult authenticate(HttpServletRequest request, - HttpServletResponse response, String username, String password) - { - AuthenticationResult result = AuthenticationResult.NOT_FOUND; - - if (config.isEnabled()) - { - AssertUtil.assertIsNotEmpty(username); - AssertUtil.assertIsNotEmpty(password); - result = authenticate(username, password); - } - else if (logger.isWarnEnabled()) - { - logger.warn("ldap plugin is disabled"); - } - - return result; - } - - /** - * Method description - * - * - * @throws IOException - */ - @Override - public void close() throws IOException - { - - // do nothing - } - - /** - * Method description - * - * - * @param context - */ - @Override - public void init(SCMContextProvider context) - { - config = store.get(); - - if (config == null) - { - config = new LDAPConfig(); - store.set(config); - } - - buildLdapProperties(); - } - - /** - * Method description - * - */ - public void storeConfig() - { - store.set(config); - } - - //~--- get methods ---------------------------------------------------------- - - /** - * Method description - * - * - * @return - */ - public LDAPConfig getConfig() - { - return config; - } - - /** - * Method description - * - * - * @return - */ - @Override - public String getType() - { - return TYPE; - } - - //~--- set methods ---------------------------------------------------------- - - /** - * Method description - * - * - * @param config - */ - public void setConfig(LDAPConfig config) - { - this.config = config; - buildLdapProperties(); - } - - //~--- methods -------------------------------------------------------------- - - /** - * Method description - * - * - * @param list - * @param attribute - */ - private void appendAttribute(List list, String attribute) - { - if (Util.isNotEmpty(attribute)) - { - list.add(attribute); - } - } - - /** - * Method description - * - * - * @param username - * @param password - * - * @return - */ - private AuthenticationResult authenticate(String username, String password) - { - AuthenticationResult result = AuthenticationResult.NOT_FOUND; - DirContext bindContext = null; - - try - { - bindContext = createBindContext(); - - if (bindContext != null) - { - SearchResult searchResult = getUserSearchResult(bindContext, username); - - if (searchResult != null) - { - result = AuthenticationResult.FAILED; - - String userDN = searchResult.getNameInNamespace(); - - if (authenticateUser(userDN, password)) - { - Attributes attributes = searchResult.getAttributes(); - User user = createUser(attributes); - Set groups = new HashSet(); - - fetchGroups(bindContext, groups, userDN); - getGroups(attributes, groups); - result = new AuthenticationResult(user, groups); - } // password wrong ? - } // user not found - } // no bind context available - } - finally - { - LdapUtil.close(bindContext); - } - - return result; - } - - /** - * Method description - * - * - * @param userDN - * @param password - * - * @return - */ - private boolean authenticateUser(String userDN, String password) - { - boolean authenticated = false; - Hashtable userProperties = new Hashtable(ldapProperties); - - userProperties.put(Context.SECURITY_PRINCIPAL, userDN); - userProperties.put(Context.SECURITY_CREDENTIALS, password); - - DirContext userContext = null; - - try - { - userContext = new InitialDirContext(userProperties); - authenticated = true; - - if (logger.isDebugEnabled()) - { - logger.debug("user {} successfully authenticated", userDN); - } - } - catch (NamingException ex) - { - if (logger.isTraceEnabled()) - { - logger.trace("authentication failed for user ".concat(userDN), ex); - } - else if (logger.isWarnEnabled()) - { - logger.debug("authentication failed for user {}", userDN); - } - } - finally - { - LdapUtil.close(userContext); - } - - return authenticated; - } - - /** - * Method description - * - */ - private void buildLdapProperties() - { - ldapProperties = new Hashtable(); - ldapProperties.put(Context.INITIAL_CONTEXT_FACTORY, - "com.sun.jndi.ldap.LdapCtxFactory"); - ldapProperties.put(Context.PROVIDER_URL, config.getHostUrl()); - ldapProperties.put(Context.SECURITY_AUTHENTICATION, "simple"); - ldapProperties.put(Context.SECURITY_PRINCIPAL, config.getConnectionDn()); - ldapProperties.put(Context.SECURITY_CREDENTIALS, - config.getConnectionPassword()); - ldapProperties.put("java.naming.ldap.version", "3"); - } - - /** - * Method description - * - * - * @return - */ - private DirContext createBindContext() - { - DirContext context = null; - - try - { - context = new InitialDirContext(ldapProperties); - } - catch (NamingException ex) - { - logger.error( - "could not bind to ldap with dn ".concat(config.getConnectionDn()), - ex); - } - - return context; - } - - /** - * Method description - * - * - * @return - */ - private String createGroupSearchBaseDN() - { - return createSearchBaseDN(SEARCHTYPE_GROUP, config.getUnitGroup()); - } - - /** - * Method description - * - * - * @param type - * @param prefix - * - * @return - */ - private String createSearchBaseDN(String type, String prefix) - { - String dn = null; - - if (Util.isNotEmpty(config.getBaseDn())) - { - if (Util.isNotEmpty(prefix)) - { - dn = prefix.concat(",").concat(config.getBaseDn()); - } - else - { - if (logger.isDebugEnabled()) - { - logger.debug("no prefix for {} defined, using basedn for search", - type); - } - - dn = config.getBaseDn(); - } - - if (logger.isDebugEnabled()) - { - logger.debug("saarch base for {} search: {}", type, dn); - } - } - else - { - logger.error("no basedn defined"); - } - - return dn; - } - - /** - * Method description - * - * - * @param attributes - * - * @return - */ - private User createUser(Attributes attributes) - { - User user = new User(); - - user.setName(LdapUtil.getAttribute(attributes, - config.getAttributeNameId())); - user.setDisplayName(LdapUtil.getAttribute(attributes, - config.getAttributeNameFullname())); - user.setMail(LdapUtil.getAttribute(attributes, - config.getAttributeNameMail())); - user.setType(TYPE); - - return user; - } - - /** - * Method description - * - * - * @return - */ - private String createUserSearchBaseDN() - { - return createSearchBaseDN(SEARCHTYPE_USER, config.getUnitPeople()); - } - - /** - * Method description - * - * - * @param username - * - * @return - */ - private String createUserSearchFilter(String username) - { - String filter = null; - - if (Util.isNotEmpty(config.getSearchFilter())) - { - filter = MessageFormat.format(config.getSearchFilter(), username); - - if (logger.isDebugEnabled()) - { - logger.debug("search-filter for user search: {}", filter); - } - } - else - { - logger.error("search filter not defined"); - } - - return filter; - } - - /** - * Method description - * - * - * @param context - * @param groups - * @param userDN - */ - private void fetchGroups(DirContext context, Set groups, - String userDN) - { - NamingEnumeration searchResultEnm = null; - - try - { - - // read group of unique names - SearchControls searchControls = new SearchControls(); - - searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); - searchControls.setReturningAttributes(new String[] { "cn" }); - - String filter = MessageFormat.format(FILTER_GROUP, userDN); - - if (logger.isDebugEnabled()) - { - logger.debug("using filter {} for group search", filter); - } - - String searchDN = createGroupSearchBaseDN(); - - searchResultEnm = context.search(searchDN, filter, searchControls); - - while (searchResultEnm.hasMore()) - { - SearchResult searchResult = searchResultEnm.next(); - Attributes groupAttributes = searchResult.getAttributes(); - String name = LdapUtil.getAttribute(groupAttributes, - ATTRIBUTE_GROUP_NAME); - - if (Util.isNotEmpty(name)) - { - groups.add(name); - } - } - } - catch (NamingException ex) - { - logger.debug("groupOfUniqueNames not found", ex); - } - finally - { - LdapUtil.close(searchResultEnm); - } - } - - //~--- get methods ---------------------------------------------------------- - - /** - * Method description - * - * - * @param attributes - * @param groups - * - */ - private void getGroups(Attributes attributes, Set groups) - { - NamingEnumeration userGroupsEnm = null; - - try - { - Attribute groupsAttribute = - attributes.get(config.getAttributeNameGroup()); - - if (groupsAttribute != null) - { - userGroupsEnm = (NamingEnumeration) groupsAttribute.getAll(); - - while (userGroupsEnm.hasMore()) - { - groups.add((String) userGroupsEnm.next()); - } - } - else - { - logger.info("user has no group attributes assigned"); - } - } - catch (NamingException ex) - { - logger.error("could not read group attribute", ex); - } - finally - { - LdapUtil.close(userGroupsEnm); - } - } - - /** - * Method description - * - * - * @return - */ - private String[] getReturnAttributes() - { - List list = new ArrayList(); - - appendAttribute(list, config.getAttributeNameId()); - appendAttribute(list, config.getAttributeNameFullname()); - appendAttribute(list, config.getAttributeNameMail()); - appendAttribute(list, config.getAttributeNameMail()); - - return list.toArray(new String[list.size()]); - } - - /** - * Method description - * - * - * @param bindContext - * @param username - * - * @return - */ - private SearchResult getUserSearchResult(DirContext bindContext, - String username) - { - SearchResult result = null; - - if (bindContext != null) - { - NamingEnumeration searchResultEnm = null; - - try - { - SearchControls searchControls = new SearchControls(); - int scope = LdapUtil.getSearchScope(config.getSearchScope()); - - if (logger.isDebugEnabled()) - { - logger.debug("using scope {} for user search", - LdapUtil.getSearchScope(scope)); - } - - searchControls.setSearchScope(scope); - searchControls.setCountLimit(1); - searchControls.setReturningAttributes(getReturnAttributes()); - - String filter = createUserSearchFilter(username); - - if (filter != null) - { - String baseDn = createUserSearchBaseDN(); - - if (baseDn != null) - { - searchResultEnm = bindContext.search(baseDn, filter, - searchControls); - - if (searchResultEnm.hasMore()) - { - result = searchResultEnm.next(); - } - else if (logger.isWarnEnabled()) - { - logger.warn("no user with username {} found", username); - } - } - } - } - catch (NamingException ex) - { - logger.error("exception occured during user search", ex); - } - finally - { - LdapUtil.close(searchResultEnm); - } - } - - return result; - } - - //~--- fields --------------------------------------------------------------- - - /** Field description */ - private LDAPConfig config; - - /** Field description */ - private Hashtable ldapProperties; - - /** Field description */ - private Store store; -} diff --git a/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPConfig.java b/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPConfig.java deleted file mode 100644 index 680fb51419..0000000000 --- a/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPConfig.java +++ /dev/null @@ -1,263 +0,0 @@ -/** - * Copyright (c) 2010, Sebastian Sdorra - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * 3. Neither the name of SCM-Manager; nor the names of its - * contributors may be used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * http://bitbucket.org/sdorra/scm-manager - * - */ - - - -package sonia.scm.auth.ldap; - -//~--- JDK imports ------------------------------------------------------------ - - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlRootElement; - -/** - * - * @author Thorsten Ludewig - */ -@XmlRootElement(name = "ldap-config") -@XmlAccessorType(XmlAccessType.FIELD) -public class LDAPConfig -{ - - /** - * Method description - * - * - * @return - */ - public String getAttributeNameFullname() - { - return attributeNameFullname; - } - - /** - * Method description - * - * - * @return - */ - public String getAttributeNameGroup() - { - return attributeNameGroup; - } - - /** - * Method description - * - * - * @return - */ - public String getAttributeNameId() - { - return attributeNameId; - } - - /** - * Method description - * - * - * @return - */ - public String getAttributeNameMail() - { - return attributeNameMail; - } - - /** - * Method description - * - * - * @return - */ - public String getBaseDn() - { - return baseDn; - } - - /** - * Method description - * - * - * @return - */ - public String getConnectionDn() - { - return connectionDn; - } - - /** - * Method description - * - * - * @return - */ - public String getConnectionPassword() - { - return connectionPassword; - } - - /** - * Method description - * - * - * @return - */ - public String getHostUrl() - { - return hostUrl; - } - - /** - * Method description - * - * - * @return - */ - public String getSearchFilter() - { - return searchFilter; - } - - /** - * Method description - * - * - * @return - */ - public String getSearchScope() - { - return searchScope; - } - - /** - * Method description - * - * - * @return - */ - public String getUnitGroup() - { - return unitGroup; - } - - /** - * Method description - * - * - * @return - */ - public String getUnitPeople() - { - return unitPeople; - } - - /** - * Method description - * - * - * @return - */ - public boolean isEnabled() - { - return enabled; - } - - //~--- set methods ---------------------------------------------------------- - - /** - * Method description - * - * - * - * @param enabled - */ - public void setEnabled(boolean enabled) - { - this.enabled = enabled; - } - - //~--- fields --------------------------------------------------------------- - - /** Field description */ - @XmlElement(name = "attribute-name-fullname") - private String attributeNameFullname = "cn"; - - /** Field description */ - @XmlElement(name = "attribute-name-group") - private String attributeNameGroup = "group"; - - /** Field description */ - @XmlElement(name = "attribute-name-id") - private String attributeNameId = "uid"; - - /** Field description */ - @XmlElement(name = "attribute-name-mail") - private String attributeNameMail = "mail"; - - /** Field description */ - @XmlElement(name = "base-dn") - private String baseDn = "dc=scm-manager,dc=org"; - - /** Field description */ - @XmlElement(name = "connection-dn") - private String connectionDn = "cn=Directory Manager"; - - /** Field description */ - @XmlElement(name = "connection-password") - private String connectionPassword = "password"; - - /** Field description */ - @XmlElement(name = "host-url") - private String hostUrl = "ldap://localhost:389"; - - /** Field description */ - @XmlElement(name = "search-filter") - private String searchFilter = "(&(uid={0})(objectClass=posixAccount))"; - - /** Field description */ - @XmlElement(name = "search-scope") - private String searchScope = "one"; - - /** Field description */ - @XmlElement(name = "unit-groups") - private String unitGroup = "ou=Groups"; - - /** Field description */ - @XmlElement(name = "unit-people") - private String unitPeople = "ou=People"; - - /** Field description */ - @XmlElement(name = "enabled") - private boolean enabled = false; -} diff --git a/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPConfigResource.java b/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPConfigResource.java deleted file mode 100644 index 6c9d17c0a6..0000000000 --- a/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LDAPConfigResource.java +++ /dev/null @@ -1,119 +0,0 @@ -/** - * Copyright (c) 2010, Sebastian Sdorra - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * 3. Neither the name of SCM-Manager; nor the names of its - * contributors may be used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * http://bitbucket.org/sdorra/scm-manager - * - */ - - - -package sonia.scm.auth.ldap; - -//~--- non-JDK imports -------------------------------------------------------- - -import com.google.inject.Inject; -import com.google.inject.Singleton; - -//~--- JDK imports ------------------------------------------------------------ - -import java.io.IOException; - -import javax.ws.rs.Consumes; -import javax.ws.rs.GET; -import javax.ws.rs.POST; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; -import javax.ws.rs.core.UriInfo; - -/** - * - * @author Thorsten Ludewig - */ -@Singleton -@Path("config/auth/ldap") -public class LDAPConfigResource -{ - - /** - * Constructs ... - * - * - * @param authenticationHandler - */ - @Inject - public LDAPConfigResource(LDAPAuthenticationHandler authenticationHandler) - { - this.authenticationHandler = authenticationHandler; - } - - //~--- get methods ---------------------------------------------------------- - - /** - * Method description - * - * - * @return - */ - @GET - @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) - public LDAPConfig getConfig() - { - return authenticationHandler.getConfig(); - } - - //~--- set methods ---------------------------------------------------------- - - /** - * Method description - * - * - * @param uriInfo - * @param config - * - * @return - * - * @throws IOException - */ - @POST - @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) - public Response setConfig(@Context UriInfo uriInfo, LDAPConfig config) - throws IOException - { - authenticationHandler.setConfig(config); - authenticationHandler.storeConfig(); - - return Response.created(uriInfo.getRequestUri()).build(); - } - - //~--- fields --------------------------------------------------------------- - - /** Field description */ - private LDAPAuthenticationHandler authenticationHandler; -} diff --git a/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LdapUtil.java b/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LdapUtil.java deleted file mode 100644 index a76d798594..0000000000 --- a/scm-plugins/scm-auth-ldap-plugin/src/main/java/sonia/scm/auth/ldap/LdapUtil.java +++ /dev/null @@ -1,217 +0,0 @@ -/** - * Copyright (c) 2010, Sebastian Sdorra - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * 3. Neither the name of SCM-Manager; nor the names of its - * contributors may be used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * http://bitbucket.org/sdorra/scm-manager - * - */ - - - -package sonia.scm.auth.ldap; - -//~--- non-JDK imports -------------------------------------------------------- - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import sonia.scm.util.Util; - -//~--- JDK imports ------------------------------------------------------------ - -import javax.naming.Context; -import javax.naming.NamingEnumeration; -import javax.naming.NamingException; -import javax.naming.directory.Attribute; -import javax.naming.directory.Attributes; -import javax.naming.directory.SearchControls; - -/** - * - * @author Sebastian Sdorra - */ -public class LdapUtil -{ - - /** Field description */ - public static final String SCOPE_OBJECT = "object"; - - /** Field description */ - public static final String SCOPE_ONE = "one"; - - /** Field description */ - public static final String SCOPE_SUB = "sub"; - - /** the logger for LdapUtil */ - private static final Logger logger = LoggerFactory.getLogger(LdapUtil.class); - - //~--- methods -------------------------------------------------------------- - - /** - * Method description - * - * - * @param context - */ - public static void close(Context context) - { - if (context != null) - { - try - { - context.close(); - } - catch (NamingException ex) - { - logger.error(ex.getMessage(), ex); - } - } - } - - /** - * Method description - * - * - * @param enm - */ - public static void close(NamingEnumeration enm) - { - if (enm != null) - { - try - { - enm.close(); - } - catch (NamingException ex) - { - logger.error(ex.getMessage(), ex); - } - } - } - - //~--- get methods ---------------------------------------------------------- - - /** - * Method description - * - * - * @param attributes - * @param name - * - * @return - * - */ - public static String getAttribute(Attributes attributes, String name) - { - String value = null; - - try - { - if (Util.isNotEmpty(name)) - { - Attribute attribute = attributes.get(name); - - if (attribute != null) - { - value = (String) attribute.get(); - } - } - } - catch (NamingException ex) - { - logger.warn("could not fetch attribute ".concat(name), ex); - } - - return value; - } - - /** - * Method description - * - * - * @param scopeString - * - * @return - */ - public static int getSearchScope(String scopeString) - { - int scope = SearchControls.SUBTREE_SCOPE; - - if (Util.isNotEmpty(scopeString)) - { - scopeString = scopeString.trim(); - - if (SCOPE_SUB.equalsIgnoreCase(scopeString)) - { - scope = SearchControls.SUBTREE_SCOPE; - } - else if (SCOPE_ONE.equalsIgnoreCase(scopeString)) - { - scope = SearchControls.ONELEVEL_SCOPE; - } - else if (SCOPE_OBJECT.equalsIgnoreCase(scopeString)) - { - scope = SearchControls.OBJECT_SCOPE; - } - else if (logger.isWarnEnabled()) - { - logger.warn("unknown scope {}, using subtree scope", scopeString); - } - } - else if (logger.isWarnEnabled()) - { - logger.warn("no search scope defined, using subtree scope"); - } - - return scope; - } - - /** - * Method description - * - * - * @param scope - * - * @return - */ - public static String getSearchScope(int scope) - { - String scopeString = SCOPE_SUB; - - switch (scope) - { - case SearchControls.ONELEVEL_SCOPE : - scopeString = SCOPE_ONE; - - break; - - case SearchControls.OBJECT_SCOPE : - scopeString = SCOPE_OBJECT; - } - - return scopeString; - } -} diff --git a/scm-plugins/scm-auth-ldap-plugin/src/main/resources/META-INF/scm/plugin.xml b/scm-plugins/scm-auth-ldap-plugin/src/main/resources/META-INF/scm/plugin.xml deleted file mode 100644 index 9b1228a219..0000000000 --- a/scm-plugins/scm-auth-ldap-plugin/src/main/resources/META-INF/scm/plugin.xml +++ /dev/null @@ -1,21 +0,0 @@ - - - - - ${project.groupId} - ${project.artifactId} - ${project.version} - ${project.name} - SCM-Manager LDAP Plugin - Thorsten Ludewig - - - - sonia.scm.auth.ldap - - - - - - - diff --git a/scm-plugins/scm-auth-ldap-plugin/src/main/resources/sonia/scm/auth/ldap/sonia.ldap.js b/scm-plugins/scm-auth-ldap-plugin/src/main/resources/sonia/scm/auth/ldap/sonia.ldap.js deleted file mode 100644 index 636b8e8009..0000000000 --- a/scm-plugins/scm-auth-ldap-plugin/src/main/resources/sonia/scm/auth/ldap/sonia.ldap.js +++ /dev/null @@ -1,232 +0,0 @@ -/* * - * Copyright (c) 2010, Sebastian Sdorra - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * 1. Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * 3. Neither the name of SCM-Manager; nor the names of its - * contributors may be used to endorse or promote products derived from this - * software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY - * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - * - * http://bitbucket.org/sdorra/scm-manager - * - */ - -Ext.ns("Sonia.ldap"); - -Sonia.ldap.ConfigPanel = Ext.extend(Sonia.config.ConfigForm, { - - titleText: 'LDAP Authentication', - idAttributeText: 'ID Attribute Name', - fullnameAttributeText: 'Fullname Attribute Name', - mailAttributeText: 'Mail Attribute Name', - groupAttributeText: 'Group Attribute Name', - baseDNText: 'Base DN', - connectionDNText: 'Connection DN', - connectionPasswordText: 'Connection Password', - hostURLText: 'Host URL', - searchFilterText: 'Search Filter', - searchScopeText: 'Search Scope', - groupsUnitText: 'Groups Unit', - peopleUnitText: 'People Unit', - enabledText: 'Enabled', - - // help texts - idAttributeHelpText: 'The name of the ldap attribute which contains the username', - fullnameAttributeHelpText: 'The name of the ldap attribute which contains the displayname of the user', - mailAttributeHelpText: 'The name of the ldap attribute which contains the e-mail address of the user', - // TODO improve - groupAttributeHelpText: 'The name of the ldap attribute which contains the group names of the user', - baseDNHelpText: 'The basedn for example: dc=example,dc=com', - connectionDNHelpText: 'The complete dn of the connection user. Note: \n\ - This user needs read an search privileges for the id, mail and fullname attributes.', - connectionPasswordHelpText: 'The password for connection user.', - hostURLHelpText: 'The url for the ldap server. For example: ldap://localhost:389/', - searchFilterHelpText: 'The search filter to find the users. Note:\n\ - {0} will be replaced by the username.', - searchScopeHelpText: 'The scope for the user search.', - peopleUnitHelpText: 'The relative location of the users. For example: ou=People', - groupsUnitHelpText: 'The relative location of the users. For example: ou=Groups', - enabledHelpText: 'Enables or disables the ldap authentication', - - initComponent: function(){ - - var config = { - title : this.titleText, - items : [{ - xtype : 'textfield', - fieldLabel : this.idAttributeText, - name : 'attribute-name-id', - allowBlank : true, - helpText: this.idAttributeHelpText - },{ - xtype : 'textfield', - fieldLabel : this.fullnameAttributeText, - name : 'attribute-name-fullname', - allowBlank : true, - helpText: this.fullnameAttributeHelpText - },{ - xtype : 'textfield', - fieldLabel : this.mailAttributeText, - name : 'attribute-name-mail', - allowBlank : true, - helpText: this.mailAttributeHelpText - },{ - xtype : 'textfield', - fieldLabel : this.groupAttributeText, - name : 'attribute-name-group', - allowBlank : true, - helpText: this.groupAttributeHelpText - },{ - xtype : 'textfield', - fieldLabel : this.baseDNText, - name : 'base-dn', - allowBlank : true, - helpText: this.baseDNHelpText - },{ - xtype : 'textfield', - fieldLabel : this.connectionDNText, - name : 'connection-dn', - allowBlank : true, - helpText: this.connectionDNHelpText - },{ - xtype : 'textfield', - inputType: 'password', - fieldLabel : this.connectionPasswordText, - name : 'connection-password', - allowBlank : true, - helpText: this.connectionPasswordHelpText - },{ - xtype : 'textfield', - fieldLabel : this.hostURLText, - name : 'host-url', - allowBlank : true, - helpText: this.hostURLHelpText - },{ - xtype : 'textfield', - fieldLabel : this.searchFilterText, - name : 'search-filter', - allowBlank : true, - helpText: this.searchFilterHelpText - },{ - xtype : 'combo', - fieldLabel : this.searchScopeText, - name : 'search-scope', - allowBlank : true, - helpText: this.searchScopeHelpText, - valueField: 'scope', - displayField: 'scope', - typeAhead: false, - editable: false, - triggerAction: 'all', - mode: 'local', - store: new Ext.data.SimpleStore({ - fields: ['scope'], - data: [ - ['object'], - ['one'], - ['sub'] - ] - }) - },{ - xtype : 'textfield', - fieldLabel : this.peopleUnitText, - name : 'unit-people', - allowBlank : true, - helpText: this.peopleUnitHelpText - },{ - xtype : 'textfield', - fieldLabel : this.groupsUnitText, - name : 'unit-groups', - allowBlank : true, - helpText: this.groupsUnitHelpText - },{ - xtpye: 'checkbox', - fieldLabel : this.enabledText, - name: 'enabled', - helpText: this.enabledHelpText - }] - } - - Ext.apply(this, Ext.apply(this.initialConfig, config)); - Sonia.ldap.ConfigPanel.superclass.initComponent.apply(this, arguments); - }, - - onSubmit: function(values){ - this.el.mask(this.submitText); - Ext.Ajax.request({ - url: restUrl + 'config/auth/ldap.json', - method: 'POST', - jsonData: values, - scope: this, - disableCaching: true, - success: function(response){ - this.el.unmask(); - }, - failure: function(){ - this.el.unmask(); - } - }); - }, - - onLoad: function(el){ - var tid = setTimeout( function(){el.mask(this.loadingText);}, 100); - Ext.Ajax.request({ - url: restUrl + 'config/auth/ldap.json', - method: 'GET', - scope: this, - disableCaching: true, - success: function(response){ - var obj = Ext.decode(response.responseText); - this.load(obj); - clearTimeout(tid); - el.unmask(); - }, - failure: function(){ - el.unmask(); - clearTimeout(tid); - alert('failure'); - } - }); - } - -}); - -// register xtype -Ext.reg("ldapConfigPanel", Sonia.ldap.ConfigPanel); - - -// i18n - -if ( i18n != null && i18n.country == 'de' ){ - - Ext.override(Sonia.ldap.ConfigPanel, { - - // TODO - - }); - -} - -// regist config panel -registerGeneralConfigPanel({ - id: 'ldapConfigPanel', - xtype: 'ldapConfigPanel' -});