-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
169 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
ldapserver=ldap://ldap.khubla.lan | ||
ldapbinddn=cn=Manager,dc=khubla,dc=com | ||
ldapbindpw= | ||
|
92 changes: 92 additions & 0 deletions
92
src/main/java/com/khubla/telnet/auth/impl/LDAPAuthenticationHandlerImpl.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
/* | ||
* Copyright (C) khubla.com - All Rights Reserved | ||
* Unauthorized copying of this file, via any medium is strictly prohibited | ||
* Proprietary and confidential | ||
* Written by Tom Everett <tom@khubla.com>, 2018 | ||
*/ | ||
package com.khubla.telnet.auth.impl; | ||
|
||
import com.khubla.telnet.auth.AuthenticationHandler; | ||
import com.khubla.telnet.config.Config; | ||
import com.khubla.telnet.nvt.NVT; | ||
import org.apache.logging.log4j.LogManager; | ||
import org.apache.logging.log4j.Logger; | ||
|
||
import javax.naming.Context; | ||
import javax.naming.NamingEnumeration; | ||
import javax.naming.NamingException; | ||
import javax.naming.directory.*; | ||
import java.util.HashMap; | ||
import java.util.Hashtable; | ||
|
||
public class LDAPAuthenticationHandlerImpl implements AuthenticationHandler { | ||
/** | ||
* logger | ||
*/ | ||
private static final Logger logger = LogManager.getLogger(NVT.class); | ||
|
||
@Override | ||
public boolean login(String username, String password, HashMap<String, Object> sessionParameters) { | ||
try { | ||
Config config = Config.getInstance(); | ||
String server = config.getProperty("ldapserver"); | ||
String binddn = config.getProperty("ldapbinddn"); | ||
String bindpw = config.getProperty("ldapbindpw"); | ||
DirContext adminContext = buildContext(server, binddn, bindpw); | ||
UserData userData = search(adminContext, username); | ||
try { | ||
if (null != userData) { | ||
// authenticate user | ||
DirContext userContext = buildContext(server, userData.dn, password); | ||
if (null != userContext) { | ||
userContext.close(); | ||
return true; | ||
} | ||
} | ||
return false; | ||
} finally { | ||
if (null != adminContext) { | ||
adminContext.close(); | ||
} | ||
} | ||
} catch (final Exception e) { | ||
logger.error(e); | ||
return false; | ||
} | ||
} | ||
|
||
private UserData search(DirContext dirContext, String username) throws NamingException { | ||
String filter = "(&(objectClass=person)(uid=" + username + "))"; | ||
String[] attrIDs = { "cn" }; | ||
SearchControls searchControls = new SearchControls(); | ||
searchControls.setReturningAttributes(attrIDs); | ||
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); | ||
NamingEnumeration<SearchResult> searchResults = dirContext.search("dc=khubla,dc=com", filter, searchControls); | ||
String commonName = null; | ||
String distinguishedName = null; | ||
if (searchResults.hasMore()) { | ||
UserData userData = new UserData(); | ||
SearchResult result = searchResults.next(); | ||
Attributes attrs = result.getAttributes(); | ||
userData.dn = result.getNameInNamespace(); | ||
userData.cn = attrs.get("cn").toString(); | ||
return userData; | ||
} | ||
return null; | ||
} | ||
|
||
private DirContext buildContext(String server, String binddn, String bindpw) throws NamingException { | ||
Hashtable<String, String> environment = new Hashtable<String, String>(); | ||
environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); | ||
environment.put(Context.PROVIDER_URL, server); | ||
environment.put(Context.SECURITY_AUTHENTICATION, "simple"); | ||
environment.put(Context.SECURITY_PRINCIPAL, binddn); | ||
environment.put(Context.SECURITY_CREDENTIALS, bindpw); | ||
return new InitialDirContext(environment); | ||
} | ||
|
||
private static class UserData { | ||
public String cn; | ||
public String dn; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
package com.khubla.telnet.config; | ||
|
||
import org.apache.logging.log4j.LogManager; | ||
import org.apache.logging.log4j.Logger; | ||
|
||
import java.io.FileInputStream; | ||
import java.io.IOException; | ||
import java.util.Properties; | ||
|
||
public class Config { | ||
private static final String CONFIG_FILE = "ktelnet.properties"; | ||
/** | ||
* logger | ||
*/ | ||
private static final Logger logger = LogManager.getLogger(Config.class); | ||
private static Config instance; | ||
private Properties properties; | ||
|
||
private Config() { | ||
} | ||
|
||
public static Config getInstance() { | ||
try { | ||
if (instance == null) { | ||
instance = new Config(); | ||
instance.readConfig(); | ||
} | ||
return instance; | ||
} catch (Exception e) { | ||
logger.error(e); | ||
return instance; | ||
} | ||
} | ||
|
||
private void readConfig() throws IOException { | ||
this.properties = new Properties(); | ||
properties.load(new FileInputStream(CONFIG_FILE)); | ||
} | ||
|
||
public String getProperty(String key) { | ||
return properties.getProperty(key); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
29 changes: 29 additions & 0 deletions
29
src/test/java/com/khubla/telnet/TestLDAPAuthenticator.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
/* | ||
* Copyright (C) khubla.com - All Rights Reserved | ||
* Unauthorized copying of this file, via any medium is strictly prohibited | ||
* Proprietary and confidential | ||
* Written by Tom Everett <tom@khubla.com>, 2018 | ||
*/ | ||
package com.khubla.telnet; | ||
|
||
import com.khubla.telnet.auth.AuthenticationHandler; | ||
import com.khubla.telnet.auth.impl.LDAPAuthenticationHandlerImpl; | ||
import org.junit.jupiter.api.Disabled; | ||
import org.junit.jupiter.api.Test; | ||
|
||
import static org.junit.jupiter.api.Assertions.assertTrue; | ||
import static org.junit.jupiter.api.Assertions.fail; | ||
|
||
public class TestLDAPAuthenticator { | ||
@Test | ||
@Disabled | ||
public void test1() { | ||
try { | ||
final AuthenticationHandler authenticationHandler = new LDAPAuthenticationHandlerImpl(); | ||
assertTrue(authenticationHandler.login("tom", "", null)); | ||
} catch (final Exception e) { | ||
e.printStackTrace(); | ||
fail(); | ||
} | ||
} | ||
} |