mirror of
https://github.com/sismics/docs.git
synced 2024-11-25 15:17:57 +01:00
#678: reopen ldap connection for each login
This commit is contained in:
parent
39f96cbd28
commit
2bdb2dc34f
@ -13,10 +13,9 @@ import org.apache.directory.api.ldap.model.entry.Attribute;
|
|||||||
import org.apache.directory.api.ldap.model.entry.Entry;
|
import org.apache.directory.api.ldap.model.entry.Entry;
|
||||||
import org.apache.directory.api.ldap.model.entry.Value;
|
import org.apache.directory.api.ldap.model.entry.Value;
|
||||||
import org.apache.directory.api.ldap.model.message.SearchScope;
|
import org.apache.directory.api.ldap.model.message.SearchScope;
|
||||||
import org.apache.directory.ldap.client.api.DefaultLdapConnectionFactory;
|
import org.apache.directory.ldap.client.api.LdapConnection;
|
||||||
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
|
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
|
||||||
import org.apache.directory.ldap.client.api.LdapConnectionPool;
|
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
|
||||||
import org.apache.directory.ldap.client.api.ValidatingPoolableLdapConnectionFactory;
|
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
@ -35,32 +34,14 @@ public class LdapAuthenticationHandler implements AuthenticationHandler {
|
|||||||
private static final Logger log = LoggerFactory.getLogger(LdapAuthenticationHandler.class);
|
private static final Logger log = LoggerFactory.getLogger(LdapAuthenticationHandler.class);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* LDAP connection pool.
|
* Get a LDAP connection.
|
||||||
|
* @return LdapConnection
|
||||||
*/
|
*/
|
||||||
private static LdapConnectionPool pool;
|
private LdapConnection getConnection() {
|
||||||
|
|
||||||
/**
|
|
||||||
* Reset the LDAP pool.
|
|
||||||
*/
|
|
||||||
public static void reset() {
|
|
||||||
if (pool != null) {
|
|
||||||
try {
|
|
||||||
pool.close();
|
|
||||||
} catch (Exception e) {
|
|
||||||
// NOP
|
|
||||||
}
|
|
||||||
}
|
|
||||||
pool = null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Initialize the LDAP pool.
|
|
||||||
*/
|
|
||||||
private static void init() {
|
|
||||||
ConfigDao configDao = new ConfigDao();
|
ConfigDao configDao = new ConfigDao();
|
||||||
Config ldapEnabled = configDao.getById(ConfigType.LDAP_ENABLED);
|
Config ldapEnabled = configDao.getById(ConfigType.LDAP_ENABLED);
|
||||||
if (pool != null || ldapEnabled == null || !Boolean.parseBoolean(ldapEnabled.getValue())) {
|
if (ldapEnabled == null || !Boolean.parseBoolean(ldapEnabled.getValue())) {
|
||||||
return;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
LdapConnectionConfig config = new LdapConnectionConfig();
|
LdapConnectionConfig config = new LdapConnectionConfig();
|
||||||
@ -70,25 +51,23 @@ public class LdapAuthenticationHandler implements AuthenticationHandler {
|
|||||||
config.setName(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_DN));
|
config.setName(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_DN));
|
||||||
config.setCredentials(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_PASSWORD));
|
config.setCredentials(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_PASSWORD));
|
||||||
|
|
||||||
DefaultLdapConnectionFactory factory = new DefaultLdapConnectionFactory(config);
|
return new LdapNetworkConnection(config);
|
||||||
pool = new LdapConnectionPool(new ValidatingPoolableLdapConnectionFactory(factory), null);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public User authenticate(String username, String password) {
|
public User authenticate(String username, String password) {
|
||||||
init();
|
// Fetch and authenticate the user
|
||||||
if (pool == null) {
|
Entry userEntry;
|
||||||
|
try (LdapConnection ldapConnection = getConnection()) {
|
||||||
|
if (ldapConnection == null) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Fetch and authenticate the user
|
EntryCursor cursor = ldapConnection.search(ConfigUtil.getConfigStringValue(ConfigType.LDAP_BASE_DN),
|
||||||
Entry userEntry;
|
|
||||||
try {
|
|
||||||
EntryCursor cursor = pool.getConnection().search(ConfigUtil.getConfigStringValue(ConfigType.LDAP_BASE_DN),
|
|
||||||
ConfigUtil.getConfigStringValue(ConfigType.LDAP_FILTER).replace("USERNAME", username), SearchScope.SUBTREE);
|
ConfigUtil.getConfigStringValue(ConfigType.LDAP_FILTER).replace("USERNAME", username), SearchScope.SUBTREE);
|
||||||
if (cursor.next()) {
|
if (cursor.next()) {
|
||||||
userEntry = cursor.get();
|
userEntry = cursor.get();
|
||||||
pool.getConnection().bind(userEntry.getDn(), password);
|
ldapConnection.bind(userEntry.getDn(), password);
|
||||||
} else {
|
} else {
|
||||||
// User not found
|
// User not found
|
||||||
return null;
|
return null;
|
||||||
|
@ -14,7 +14,6 @@ import com.sismics.docs.core.model.jpa.File;
|
|||||||
import com.sismics.docs.core.service.InboxService;
|
import com.sismics.docs.core.service.InboxService;
|
||||||
import com.sismics.docs.core.util.ConfigUtil;
|
import com.sismics.docs.core.util.ConfigUtil;
|
||||||
import com.sismics.docs.core.util.DirectoryUtil;
|
import com.sismics.docs.core.util.DirectoryUtil;
|
||||||
import com.sismics.docs.core.util.authentication.LdapAuthenticationHandler;
|
|
||||||
import com.sismics.docs.core.util.jpa.PaginatedList;
|
import com.sismics.docs.core.util.jpa.PaginatedList;
|
||||||
import com.sismics.docs.core.util.jpa.PaginatedLists;
|
import com.sismics.docs.core.util.jpa.PaginatedLists;
|
||||||
import com.sismics.docs.rest.constant.BaseFunction;
|
import com.sismics.docs.rest.constant.BaseFunction;
|
||||||
@ -27,12 +26,6 @@ import com.sismics.util.context.ThreadLocalContext;
|
|||||||
import com.sismics.util.log4j.LogCriteria;
|
import com.sismics.util.log4j.LogCriteria;
|
||||||
import com.sismics.util.log4j.LogEntry;
|
import com.sismics.util.log4j.LogEntry;
|
||||||
import com.sismics.util.log4j.MemoryAppender;
|
import com.sismics.util.log4j.MemoryAppender;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
|
||||||
import org.apache.log4j.Appender;
|
|
||||||
import org.apache.log4j.Level;
|
|
||||||
import org.slf4j.Logger;
|
|
||||||
import org.slf4j.LoggerFactory;
|
|
||||||
|
|
||||||
import jakarta.json.Json;
|
import jakarta.json.Json;
|
||||||
import jakarta.json.JsonArrayBuilder;
|
import jakarta.json.JsonArrayBuilder;
|
||||||
import jakarta.json.JsonObjectBuilder;
|
import jakarta.json.JsonObjectBuilder;
|
||||||
@ -40,6 +33,12 @@ import jakarta.persistence.EntityManager;
|
|||||||
import jakarta.persistence.Query;
|
import jakarta.persistence.Query;
|
||||||
import jakarta.ws.rs.*;
|
import jakarta.ws.rs.*;
|
||||||
import jakarta.ws.rs.core.Response;
|
import jakarta.ws.rs.core.Response;
|
||||||
|
import org.apache.commons.lang3.StringUtils;
|
||||||
|
import org.apache.log4j.Appender;
|
||||||
|
import org.apache.log4j.Level;
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.nio.file.DirectoryStream;
|
import java.nio.file.DirectoryStream;
|
||||||
import java.nio.file.Files;
|
import java.nio.file.Files;
|
||||||
@ -854,9 +853,6 @@ public class AppResource extends BaseResource {
|
|||||||
configDao.update(ConfigType.LDAP_ENABLED, Boolean.FALSE.toString());
|
configDao.update(ConfigType.LDAP_ENABLED, Boolean.FALSE.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Reset the LDAP pool to reconnect with the new configuration
|
|
||||||
LdapAuthenticationHandler.reset();
|
|
||||||
|
|
||||||
return Response.ok().build();
|
return Response.ok().build();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
2
pom.xml
2
pom.xml
@ -46,7 +46,7 @@
|
|||||||
<com.icegreen.greenmail.version>1.6.14</com.icegreen.greenmail.version>
|
<com.icegreen.greenmail.version>1.6.14</com.icegreen.greenmail.version>
|
||||||
<org.jsoup.jsoup.version>1.15.4</org.jsoup.jsoup.version>
|
<org.jsoup.jsoup.version>1.15.4</org.jsoup.jsoup.version>
|
||||||
<com.squareup.okhttp3.okhttp.version>4.10.0</com.squareup.okhttp3.okhttp.version>
|
<com.squareup.okhttp3.okhttp.version>4.10.0</com.squareup.okhttp3.okhttp.version>
|
||||||
<org.apache.directory.api.api-all.version>2.1.2</org.apache.directory.api.api-all.version>
|
<org.apache.directory.api.api-all.version>2.1.3</org.apache.directory.api.api-all.version>
|
||||||
|
|
||||||
<org.glassfish.jersey.version>3.0.10</org.glassfish.jersey.version>
|
<org.glassfish.jersey.version>3.0.10</org.glassfish.jersey.version>
|
||||||
<jakarta.servlet.jakarta.servlet-api.version>5.0.0</jakarta.servlet.jakarta.servlet-api.version>
|
<jakarta.servlet.jakarta.servlet-api.version>5.0.0</jakarta.servlet.jakarta.servlet-api.version>
|
||||||
|
Loading…
Reference in New Issue
Block a user