diff --git a/.gitignore b/.gitignore
index 5d78464..9830d86 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@ pom.xml.versionsBackup
pom.xml.next
release.properties
ldap-data*
+ldapdata/
diff --git a/etc/jetty.xml b/etc/jetty.xml
index ea8721a..89118a1 100644
--- a/etc/jetty.xml
+++ b/etc/jetty.xml
@@ -2,9 +2,9 @@
-
- LDAP
- /etc/realm.properties
+
+ LDAP Realm
+ ldaploginmodule
diff --git a/etc/ldaploginmodule.conf b/etc/ldaploginmodule.conf
new file mode 100644
index 0000000..1bac1d5
--- /dev/null
+++ b/etc/ldaploginmodule.conf
@@ -0,0 +1,21 @@
+ldaploginmodule {
+ org.eclipse.jetty.jaas.spi.LdapLoginModule required
+ debug="true"
+ forceBindingLogin="true"
+ contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
+ hostname="localhost"
+ port="10389"
+ bindDn="uid=admin,ou=system"
+ bindPassword="steng-geheim"
+ authenticationMethod="simple"
+ forceBindingLogin="false"
+ userBaseDn="ou=users,dc=domain,dc=example,dc=com"
+ userRdnAttribute="uid"
+ userIdAttribute="uid"
+ userPasswordAttribute="userPassword"
+ userObjectClass="inetOrgPerson"
+ roleBaseDn="ou=groups,dc=domain,dc=example,dc=com"
+ roleNameAttribute="cn"
+ roleMemberAttribute="uniqueMember"
+ roleObjectClass="groupOfUniqueNames";
+};
diff --git a/ldif/ldap-example-data.ldif b/ldif/ldap-example-data.ldif
index 4e4e2b9..c958a07 100644
--- a/ldif/ldap-example-data.ldif
+++ b/ldif/ldap-example-data.ldif
@@ -41,6 +41,18 @@ displayName: Directory Superuser
uid: admin
userPassword: admin-secret
+dn: cn=login,ou=groups,dc=domain,dc=example,dc=com
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: login
+uniqueMember: uid=admin,ou=users,dc=domain,dc=example,dc=com
+
+dn: cn=admins,ou=groups,dc=domain,dc=example,dc=com
+objectClass: top
+objectClass: groupOfUniqueNames
+cn: admins
+uniqueMember: uid=admin,ou=users,dc=domain,dc=example,dc=com
+
dn: uid=application,ou=bind,dc=domain,dc=example,dc=com
objectClass: top
objectClass: inetOrgPerson
diff --git a/pom.xml b/pom.xml
index f02fa1d..6c198e6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -47,6 +47,11 @@
2.3.3
provided
+
+ javax.servlet
+ jstl
+ 1.2
+
commons-net
commons-net
diff --git a/src/main/java/de/jalin/ldapadmin/ldap/DirectoryServiceRunner.java b/src/main/java/de/jalin/ldapadmin/ldap/DirectoryServiceRunner.java
index dfec99e..9817015 100644
--- a/src/main/java/de/jalin/ldapadmin/ldap/DirectoryServiceRunner.java
+++ b/src/main/java/de/jalin/ldapadmin/ldap/DirectoryServiceRunner.java
@@ -27,7 +27,7 @@ public class DirectoryServiceRunner {
if (serviceRunner == null) {
final String dnName = "dc=" + name + ",dc=example,dc=com";
try {
- serviceRunner = new DirectoryServiceRunner("example", dnName, "127.0.0.1", "10389", false);
+ serviceRunner = new DirectoryServiceRunner("example", dnName, "127.0.0.1", "10389", false, null);
} catch (Exception e) {
throw new DirectoryServiceException(e);
}
@@ -39,7 +39,7 @@ public class DirectoryServiceRunner {
final String ip = args[1];
final String port = args[2];
try {
- final DirectoryServiceRunner ads = new DirectoryServiceRunner("example", dnString, ip, port, false);
+ final DirectoryServiceRunner ads = new DirectoryServiceRunner("example", dnString, ip, port, false, null);
final Entry result = ads.service.getAdminSession().lookup(new Dn(dnString));
System.out.println("Found entry : " + result);
} catch (Exception e) {
@@ -48,14 +48,15 @@ public class DirectoryServiceRunner {
}
private final DirectoryService service;
+ private final LdapServer ldapServer;
- public DirectoryServiceRunner(final String partition, final String dnString, final String ip, final String port, final boolean useTLS) throws Exception {
+ public DirectoryServiceRunner(final String partition, final String dnString, final String ip, final String port, final boolean useTLS, final String partitionPath) throws Exception {
this.service = initService(partition);
- addPartition("ou=config", "config");
- addPartition(dnString, partition);
+ addPartition("ou=config", "config", partitionPath);
+ addPartition(dnString, partition, partitionPath);
this.service.startup();
loadData();
- startServer(ip, port, useTLS);
+ this.ldapServer = startServer(ip, port, useTLS);
}
private DirectoryService initService(final String partition) throws Exception {
@@ -70,31 +71,35 @@ public class DirectoryServiceRunner {
return directoryService;
}
- private void addPartition(final String dnString, final String partitionId) throws LdapInvalidDnException, Exception {
+ private void addPartition(final String dnString, final String partitionId, final String partitionPath) throws LdapInvalidDnException, Exception {
final JdbmPartitionFactory partitionFactory = new JdbmPartitionFactory();
final SchemaManager schemaManager = service.getSchemaManager();
final CacheService cacheService = service.getCacheService();
final Cache cache = cacheService.getCache("dnCache");
final DefaultDnFactory defaultDnFactory = new DefaultDnFactory(schemaManager, cache);
+ final String parPath = partitionPath != null ? partitionPath : "ldap-data." + Double.valueOf(Math.random()).hashCode();
final Partition partition =
- partitionFactory.createPartition(
- schemaManager, defaultDnFactory, partitionId, dnString, 400,
- new File("ldap-data." + Double.valueOf(Math.random()).hashCode())
- );
+ partitionFactory.createPartition(schemaManager, defaultDnFactory, partitionId, dnString, 400, new File(parPath));
service.addPartition(partition);
}
- private void startServer(final String ip, final String port, final boolean useTLS) throws Exception {
- final LdapServer ldapServer = new LdapServer();
+ private LdapServer startServer(final String ip, final String port, final boolean useTLS) throws Exception {
+ final LdapServer server = new LdapServer();
final TcpTransport tcpTransport = new TcpTransport(ip, Integer.parseInt(port));
tcpTransport.enableSSL(useTLS);
- ldapServer.setTransports(tcpTransport);
- ldapServer.setDirectoryService(service);
- ldapServer.start();
+ server.setTransports(tcpTransport);
+ server.setDirectoryService(service);
+ server.start();
+ return server;
}
public void shutdown() throws Exception {
- service.shutdown();
+ if (ldapServer != null) {
+ ldapServer.stop();
+ }
+ if (service != null) {
+ service.shutdown();
+ }
}
private void loadData() {
diff --git a/src/main/java/de/jalin/ldapadmin/ldap/LDAPConfig.java b/src/main/java/de/jalin/ldapadmin/ldap/LDAPConfig.java
index ae7923b..ebe0833 100644
--- a/src/main/java/de/jalin/ldapadmin/ldap/LDAPConfig.java
+++ b/src/main/java/de/jalin/ldapadmin/ldap/LDAPConfig.java
@@ -10,13 +10,14 @@ import java.util.logging.Logger;
public class LDAPConfig {
private static LDAPConfig config = null;
-
+
private String ldapProviderUrl;
private String ldapSecurityPrincipal;
private String ldapSecurityPassword;
private String ldapDistinguishedName;
private String ldapHost;
private String ldapPort;
+ private String ldapDataDir;
private boolean ldapUseTLS;
private String smtpFromAddress;
private String smtpHost;
@@ -30,6 +31,7 @@ public class LDAPConfig {
ldapUseTLS = false;
ldapSecurityPrincipal = "uid=admin,ou=system";
ldapSecurityPassword = "secret";
+ ldapDataDir = "ldapdata";
smtpHost = "localhost";
smtpPort = "25";
smtpFromAddress = "nobody@example.com";
@@ -38,6 +40,7 @@ public class LDAPConfig {
ldapProviderUrl = props.getProperty("provider.url", ldapProviderUrl);
ldapSecurityPrincipal = props.getProperty("security.principal", ldapSecurityPrincipal);
ldapSecurityPassword = props.getProperty("security.password", ldapSecurityPassword);
+ ldapDataDir = props.getProperty("data.path", ldapDataDir);
smtpHost = props.getProperty("smtp.host", smtpHost);
smtpPort = props.getProperty("smtp.port", smtpPort);
smtpFromAddress = props.getProperty("smtp.from", smtpFromAddress);
@@ -82,6 +85,10 @@ public class LDAPConfig {
return ldapPort;
}
+ public String getLdapDataDir() {
+ return ldapDataDir;
+ }
+
public boolean isLdapUseTLS() {
return ldapUseTLS;
}
diff --git a/src/main/java/de/jalin/ldapadmin/server/WebappDirectoryServer.java b/src/main/java/de/jalin/ldapadmin/server/WebappDirectoryServer.java
index 15e5755..359f045 100644
--- a/src/main/java/de/jalin/ldapadmin/server/WebappDirectoryServer.java
+++ b/src/main/java/de/jalin/ldapadmin/server/WebappDirectoryServer.java
@@ -1,9 +1,9 @@
package de.jalin.ldapadmin.server;
import de.jalin.ldapadmin.ldap.DirectoryServiceRunner;
+import de.jalin.ldapadmin.ldap.LDAPConfig;
import java.util.logging.Level;
import java.util.logging.Logger;
-import javax.servlet.ServletContext;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import javax.servlet.annotation.WebListener;
@@ -16,10 +16,8 @@ public class WebappDirectoryServer implements ServletContextListener {
@Override
public void contextInitialized(final ServletContextEvent evt) {
try {
- final ServletContext ctx = evt.getServletContext();
- final String uri = ctx.getInitParameter("uri");
- final LDAPUriParser uriParser = new LDAPUriParser(uri);
- directoryServer = new DirectoryServiceRunner("main", uriParser.getDn(), uriParser.getHost(), uriParser.getPort(), uriParser.isUseTLS());
+ final LDAPConfig cfg = LDAPConfig.getConfig();
+ directoryServer = new DirectoryServiceRunner("main", cfg.getLdapDistinguishedName(), cfg.getLdapHost(), cfg.getLdapPort(), cfg.isLdapUseTLS(), cfg.getLdapDataDir());
} catch (Exception ex) {
Logger.getLogger(WebappDirectoryServer.class.getName()).log(Level.SEVERE, null, ex);
}
diff --git a/src/main/java/de/jalin/ldapadmin/web/ResetPasswordServlet.java b/src/main/java/de/jalin/ldapadmin/web/ResetPasswordServlet.java
index 3e1020f..53a1264 100644
--- a/src/main/java/de/jalin/ldapadmin/web/ResetPasswordServlet.java
+++ b/src/main/java/de/jalin/ldapadmin/web/ResetPasswordServlet.java
@@ -138,7 +138,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
salutation = usr.getFirstname() + " " + usr.getLastname();
}
}
- if (login.isEmpty() || email.isEmpty()) {
+ if (login == null || email == null || login.isEmpty() || email.isEmpty()) {
httpSession.setAttribute("errormessage", messages.getString("ResetPasswordServlet.error_sending_password_reset"));
req.getRequestDispatcher("/reset-password.jsp").forward(req, resp);
return;
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index 72d96f4..2fb1240 100644
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -65,7 +65,7 @@
FORM
- LDAP
+ LDAP Realm
/login.jsp
/loginfail.jsp
diff --git a/src/test/java/de/jalin/ldapadmin/ldap/TestCreateGroup.java b/src/test/java/de/jalin/ldapadmin/ldap/TestCreateGroup.java
index e9803f4..4646ba9 100644
--- a/src/test/java/de/jalin/ldapadmin/ldap/TestCreateGroup.java
+++ b/src/test/java/de/jalin/ldapadmin/ldap/TestCreateGroup.java
@@ -44,11 +44,11 @@ public class TestCreateGroup {
final User newUser2 = newUsersInstance("Jens", "Jenssen");
udao.create(newUser2);
Group login = new Group();
- login.setName("login");
+ login.setName("xlogin");
login.setMembers(Arrays.asList(new String[]{newUser1.getDn(), newUser2.getDn()}));
gdao.create(login);
Group admins = new Group();
- admins.setName("admins");
+ admins.setName("xadmins");
admins.setMembers(Arrays.asList(new String[]{newUser1.getDn(), newUser2.getDn()}));
gdao.create(admins);
} catch (LDAPSessionException | RequiredAttributeException | AlreadyBoundException e) {