LDAP authentication

ktelnet.properties

@@ -0,0 +1,4 @@
+ldapserver=ldap://ldap.khubla.lan
+ldapbinddn=cn=Manager,dc=khubla,dc=com
+ldapbindpw=
+

src/main/java/com/khubla/telnet/auth/impl/LDAPAuthenticationHandlerImpl.java

@@ -0,0 +1,92 @@
+/*
+ * Copyright (C) khubla.com - All Rights Reserved
+ * Unauthorized copying of this file, via any medium is strictly prohibited
+ * Proprietary and confidential
+ * Written by Tom Everett <tom@khubla.com>, 2018
+ */
+package com.khubla.telnet.auth.impl;
+
+import com.khubla.telnet.auth.AuthenticationHandler;
+import com.khubla.telnet.config.Config;
+import com.khubla.telnet.nvt.NVT;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
+import javax.naming.Context;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.*;
+import java.util.HashMap;
+import java.util.Hashtable;
+
+public class LDAPAuthenticationHandlerImpl implements AuthenticationHandler {
+   /**
+    * logger
+    */
+   private static final Logger logger = LogManager.getLogger(NVT.class);
+
+   @Override
+   public boolean login(String username, String password, HashMap<String, Object> sessionParameters) {
+      try {
+         Config config = Config.getInstance();
+         String server = config.getProperty("ldapserver");
+         String binddn = config.getProperty("ldapbinddn");
+         String bindpw = config.getProperty("ldapbindpw");
+         DirContext adminContext = buildContext(server, binddn, bindpw);
+         UserData userData = search(adminContext, username);
+         try {
+            if (null != userData) {
+               // authenticate user
+               DirContext userContext = buildContext(server, userData.dn, password);
+               if (null != userContext) {
+                  userContext.close();
+                  return true;
+               }
+            }
+            return false;
+         } finally {
+            if (null != adminContext) {
+               adminContext.close();
+            }
+         }
+      } catch (final Exception e) {
+         logger.error(e);
+         return false;
+      }
+   }
+
+   private UserData search(DirContext dirContext, String username) throws NamingException {
+      String filter = "(&(objectClass=person)(uid=" + username + "))";
+      String[] attrIDs = { "cn" };
+      SearchControls searchControls = new SearchControls();
+      searchControls.setReturningAttributes(attrIDs);
+      searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+      NamingEnumeration<SearchResult> searchResults = dirContext.search("dc=khubla,dc=com", filter, searchControls);
+      String commonName = null;
+      String distinguishedName = null;
+      if (searchResults.hasMore()) {
+         UserData userData = new UserData();
+         SearchResult result = searchResults.next();
+         Attributes attrs = result.getAttributes();
+         userData.dn = result.getNameInNamespace();
+         userData.cn = attrs.get("cn").toString();
+         return userData;
+      }
+      return null;
+   }
+
+   private DirContext buildContext(String server, String binddn, String bindpw) throws NamingException {
+      Hashtable<String, String> environment = new Hashtable<String, String>();
+      environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
+      environment.put(Context.PROVIDER_URL, server);
+      environment.put(Context.SECURITY_AUTHENTICATION, "simple");
+      environment.put(Context.SECURITY_PRINCIPAL, binddn);
+      environment.put(Context.SECURITY_CREDENTIALS, bindpw);
+      return new InitialDirContext(environment);
+   }
+
+   private static class UserData {
+      public String cn;
+      public String dn;
+   }
+}

src/main/java/com/khubla/telnet/config/Config.java

@@ -0,0 +1,43 @@
+package com.khubla.telnet.config;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.util.Properties;
+
+public class Config {
+   private static final String CONFIG_FILE = "ktelnet.properties";
+   /**
+    * logger
+    */
+   private static final Logger logger = LogManager.getLogger(Config.class);
+   private static Config instance;
+   private Properties properties;
+
+   private Config() {
+   }
+
+   public static Config getInstance() {
+      try {
+         if (instance == null) {
+            instance = new Config();
+            instance.readConfig();
+         }
+         return instance;
+      } catch (Exception e) {
+         logger.error(e);
+         return instance;
+      }
+   }
+
+   private void readConfig() throws IOException {
+      this.properties = new Properties();
+      properties.load(new FileInputStream(CONFIG_FILE));
+   }
+
+   public String getProperty(String key) {
+      return properties.getProperty(key);
+   }
+}

src/main/java/com/khubla/telnet/nvt/iac/impl/CommandIACHandlerImpl.java

@@ -41,7 +41,7 @@ public CommandIACHandlerImpl() {
       addIACCommandHandler(new WinsizeIAICCommandHandlerImpl());
       // addIACCommandHandler( new RemoteFlowControlIAICCommandHandlerImpl());
       // addIACCommandHandler(new LineModeIAICCommandHandlerImpl());
-      // addIACCommandHandler( new AuthenticationIAICCommandHandlerImpl());
+      addIACCommandHandler(new AuthenticationIAICCommandHandlerImpl());
       addIACCommandHandler(new BinaryIAICCommandHandlerImpl());
       addIACCommandHandler(new EORIAICCommandHandlerImpl());
       // iacCommandHandlers.put(IACHandler.IAC_CODE_3270_REGIME, new TN3270RegimeIAICCommandHandlerImpl());

src/test/java/com/khubla/telnet/TestLDAPAuthenticator.java

@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) khubla.com - All Rights Reserved
+ * Unauthorized copying of this file, via any medium is strictly prohibited
+ * Proprietary and confidential
+ * Written by Tom Everett <tom@khubla.com>, 2018
+ */
+package com.khubla.telnet;
+
+import com.khubla.telnet.auth.AuthenticationHandler;
+import com.khubla.telnet.auth.impl.LDAPAuthenticationHandlerImpl;
+import org.junit.jupiter.api.Disabled;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.junit.jupiter.api.Assertions.fail;
+
+public class TestLDAPAuthenticator {
+   @Test
+   @Disabled
+   public void test1() {
+      try {
+         final AuthenticationHandler authenticationHandler = new LDAPAuthenticationHandlerImpl();
+         assertTrue(authenticationHandler.login("tom", "", null));
+      } catch (final Exception e) {
+         e.printStackTrace();
+         fail();
+      }
+   }
+}