r4628 - in trunk/src/edu/ucsb/nceas/metacat: . admin util
daigle at ecoinformatics.org
daigle at ecoinformatics.org
Tue Nov 25 09:54:33 PST 2008
Author: daigle
Date: 2008-11-25 09:54:32 -0800 (Tue, 25 Nov 2008)
New Revision: 4628
Modified:
trunk/src/edu/ucsb/nceas/metacat/AuthLdap.java
trunk/src/edu/ucsb/nceas/metacat/admin/LoginAdmin.java
trunk/src/edu/ucsb/nceas/metacat/util/AuthUtil.java
Log:
Catch login errors and report the details via an exception.
Modified: trunk/src/edu/ucsb/nceas/metacat/AuthLdap.java
===================================================================
--- trunk/src/edu/ucsb/nceas/metacat/AuthLdap.java 2008-11-24 23:42:55 UTC (rev 4627)
+++ trunk/src/edu/ucsb/nceas/metacat/AuthLdap.java 2008-11-25 17:54:32 UTC (rev 4628)
@@ -34,7 +34,6 @@
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.SizeLimitExceededException;
-import javax.naming.directory.InvalidSearchFilterException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
@@ -76,7 +75,6 @@
private String ldapConnectTimeLimit;
private int ldapSearchTimeLimit;
private int ldapSearchCountLimit;
- private Context referralContext;
private String currentReferralInfo;
Hashtable env = new Hashtable(11);
private Context rContext;
@@ -130,8 +128,7 @@
* @returns boolean true if authentication successful, false otherwise
*/
- public boolean authenticate(String user, String password) throws
- ConnectException {
+ public boolean authenticate(String user, String password) throws ConnectException {
String ldapUrl = this.ldapUrl;
String ldapsUrl = this.ldapsUrl;
String ldapBase = this.ldapBase;
@@ -139,6 +136,9 @@
String identifier = user;
//get uid here.
+ if (user.indexOf(",") == -1) {
+ throw new ConnectException("Invalid LDAP user credential: " + user + ". Missing ','");
+ }
String uid=user.substring(0, user.indexOf(","));
user = user.substring(user.indexOf(","), user.length());
Modified: trunk/src/edu/ucsb/nceas/metacat/admin/LoginAdmin.java
===================================================================
--- trunk/src/edu/ucsb/nceas/metacat/admin/LoginAdmin.java 2008-11-24 23:42:55 UTC (rev 4627)
+++ trunk/src/edu/ucsb/nceas/metacat/admin/LoginAdmin.java 2008-11-25 17:54:32 UTC (rev 4628)
@@ -101,13 +101,10 @@
Vector<String> processingErrors = new Vector<String>();
Vector<String> validationErrors = new Vector<String>();
-// String loginString = null;
Boolean isLoggedIn = false;
String userName = "";
- try {
userName = request.getParameter("username");
-// String organization = request.getParameter("organization");
String password = request.getParameter("password");
// Validate that the options provided are legitimate. Note that
@@ -117,22 +114,15 @@
validationErrors.addAll(validateOptions(request));
if (validationErrors.size() == 0) {
-// Vector<String> dnList = OrganizationUtil.getOrgDNs(organization);
- isLoggedIn = AuthUtil.logUserIn(request, userName, password);
-// loginString = LDAPUtil.createLDAPString(userName, organization, dnList);
+ try {
+ isLoggedIn = AuthUtil.logUserIn(request, userName, password);
+ } catch (UtilException ue) {
+ String errorMessage = "Could not log in as: " + userName
+ + " : " + ue.getMessage() + ". Please try again";
+ processingErrors.add(errorMessage);
+ logMetacat.error(errorMessage);
+ }
}
-
- if (!isLoggedIn) {
- String errorMessage = "Could not log in as: " + userName
- + " .Please try again";
- processingErrors.add(errorMessage);
- }
- } catch (UtilException ue) {
- String errorMessage = "Problem in utility while "
- + "processing entication page: " + ue.getMessage();
- processingErrors.add(errorMessage);
- logMetacat.error(errorMessage);
- }
try {
if (validationErrors.size() > 0 || processingErrors.size() > 0) {
Modified: trunk/src/edu/ucsb/nceas/metacat/util/AuthUtil.java
===================================================================
--- trunk/src/edu/ucsb/nceas/metacat/util/AuthUtil.java 2008-11-24 23:42:55 UTC (rev 4627)
+++ trunk/src/edu/ucsb/nceas/metacat/util/AuthUtil.java 2008-11-25 17:54:32 UTC (rev 4628)
@@ -29,12 +29,9 @@
import java.util.Calendar;
import java.util.Vector;
-import javax.naming.AuthenticationException;
-import javax.naming.NamingException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
-import edu.ucsb.nceas.metacat.AuthLdap;
import edu.ucsb.nceas.metacat.AuthSession;
import edu.ucsb.nceas.metacat.service.PropertyService;
import edu.ucsb.nceas.metacat.service.SessionService;
@@ -167,40 +164,6 @@
moderators = StringUtil.toVector(moderatorString, ':');
}
-// /**
-// * Validate connectivity to the ldap server. This does not test user
-// * authentication. Validation methods return a string error message if there
-// * is an issue. This allows the calling code to run several validations and
-// * compile the errors into a list that can be displayed on a web page if
-// * desired.
-// *
-// * @param ldapurl
-// * the url of the ldap server
-// * @param ldapbase
-// * the ldap base value to test
-// * @return a string holding error message if validation fails.
-// */
-// public static String validateLDAPConnectivity(String ldapurl,
-// String ldapbase) {
-// try {
-// AuthLdap authLdap = new AuthLdap();
-// authLdap.testCredentials(
-// "uid=bogusname,o=NCEAS,dc=ecoinformatics,dc=org",
-// "boguspassword", ldapurl, ldapbase);
-// } catch (AuthenticationException ae) {
-// // Do nothing here. We are using dummy uid and password, so we
-// // expect authentication exceptions
-// } catch (javax.naming.InvalidNameException ine) {
-// return "An invalid domain name was provided: " + ine.getMessage();
-// } catch (NamingException ne) {
-// return "An invalid ldap name was provided: " + ne.getMessage();
-// } catch (InstantiationException ie) {
-// return "Could not instantiate AuthLdap: " + ie.getMessage();
-// }
-//
-// return null;
-// }
-
/**
* log the user in against ldap. If the login is successful, add
* the session information to the session list in SessionUtil.
@@ -212,12 +175,9 @@
// make sure we have username and password.
if (userName == null || password == null) {
- throw new UtilException("null username, password, or dn list when logging user in");
+ throw new UtilException("null username or password when logging user in");
}
- // put the login credentials into an LDAP string
-// String ldapString = createLDAPString(userName, organization, dnList);
-
// Create auth session
try {
authSession = new AuthSession();
@@ -226,21 +186,20 @@
+ e.getMessage());
}
// authenticate user against ldap
- boolean isValid = authSession.authenticate(request, userName,
- password);
+ if(!authSession.authenticate(request, userName,password)) {
+ throw new UtilException(authSession.getMessage());
+ }
- // if login was successful, add the session information to the
+ // if login was successful, add the session information to the
// global session list.
- if (isValid) {
- HttpSession session = authSession.getSessions();
- String sessionId = session.getId();
- SessionService.registerSession(sessionId,
- (String) session.getAttribute("username"),
- (String[]) session.getAttribute("groupnames"),
- (String) session.getAttribute("password"));
- }
+ HttpSession session = authSession.getSessions();
+ String sessionId = session.getId();
+ SessionService.registerSession(sessionId,
+ (String) session.getAttribute("username"),
+ (String[]) session.getAttribute("groupnames"),
+ (String) session.getAttribute("password"));
- return isValid;
+ return true;
}
/**
More information about the Metacat-cvs
mailing list