working in tomcat9

This commit is contained in:
Peter Hormanns 2019-07-24 20:22:16 +02:00
parent 0d15cbf294
commit 2e5e7d21ee
11 changed files with 79 additions and 30 deletions

1
.gitignore vendored
View File

@ -6,3 +6,4 @@ pom.xml.versionsBackup
pom.xml.next pom.xml.next
release.properties release.properties
ldap-data* ldap-data*
ldapdata/

View File

@ -2,9 +2,9 @@
<Call name="addBean"> <Call name="addBean">
<Arg> <Arg>
<New class="org.eclipse.jetty.security.HashLoginService"> <New class="org.eclipse.jetty.jaas.JAASLoginService">
<Set name="name">LDAP</Set> <Set name="Name">LDAP Realm</Set>
<Set name="config"><SystemProperty name="jetty.home" default="."/>/etc/realm.properties</Set> <Set name="LoginModuleName">ldaploginmodule</Set>
</New> </New>
</Arg> </Arg>
</Call> </Call>

21
etc/ldaploginmodule.conf Normal file
View File

@ -0,0 +1,21 @@
ldaploginmodule {
org.eclipse.jetty.jaas.spi.LdapLoginModule required
debug="true"
forceBindingLogin="true"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
hostname="localhost"
port="10389"
bindDn="uid=admin,ou=system"
bindPassword="steng-geheim"
authenticationMethod="simple"
forceBindingLogin="false"
userBaseDn="ou=users,dc=domain,dc=example,dc=com"
userRdnAttribute="uid"
userIdAttribute="uid"
userPasswordAttribute="userPassword"
userObjectClass="inetOrgPerson"
roleBaseDn="ou=groups,dc=domain,dc=example,dc=com"
roleNameAttribute="cn"
roleMemberAttribute="uniqueMember"
roleObjectClass="groupOfUniqueNames";
};

View File

@ -41,6 +41,18 @@ displayName: Directory Superuser
uid: admin uid: admin
userPassword: admin-secret userPassword: admin-secret
dn: cn=login,ou=groups,dc=domain,dc=example,dc=com
objectClass: top
objectClass: groupOfUniqueNames
cn: login
uniqueMember: uid=admin,ou=users,dc=domain,dc=example,dc=com
dn: cn=admins,ou=groups,dc=domain,dc=example,dc=com
objectClass: top
objectClass: groupOfUniqueNames
cn: admins
uniqueMember: uid=admin,ou=users,dc=domain,dc=example,dc=com
dn: uid=application,ou=bind,dc=domain,dc=example,dc=com dn: uid=application,ou=bind,dc=domain,dc=example,dc=com
objectClass: top objectClass: top
objectClass: inetOrgPerson objectClass: inetOrgPerson

View File

@ -47,6 +47,11 @@
<version>2.3.3</version> <version>2.3.3</version>
<scope>provided</scope> <scope>provided</scope>
</dependency> </dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<dependency> <dependency>
<groupId>commons-net</groupId> <groupId>commons-net</groupId>
<artifactId>commons-net</artifactId> <artifactId>commons-net</artifactId>

View File

@ -27,7 +27,7 @@ public class DirectoryServiceRunner {
if (serviceRunner == null) { if (serviceRunner == null) {
final String dnName = "dc=" + name + ",dc=example,dc=com"; final String dnName = "dc=" + name + ",dc=example,dc=com";
try { try {
serviceRunner = new DirectoryServiceRunner("example", dnName, "127.0.0.1", "10389", false); serviceRunner = new DirectoryServiceRunner("example", dnName, "127.0.0.1", "10389", false, null);
} catch (Exception e) { } catch (Exception e) {
throw new DirectoryServiceException(e); throw new DirectoryServiceException(e);
} }
@ -39,7 +39,7 @@ public class DirectoryServiceRunner {
final String ip = args[1]; final String ip = args[1];
final String port = args[2]; final String port = args[2];
try { try {
final DirectoryServiceRunner ads = new DirectoryServiceRunner("example", dnString, ip, port, false); final DirectoryServiceRunner ads = new DirectoryServiceRunner("example", dnString, ip, port, false, null);
final Entry result = ads.service.getAdminSession().lookup(new Dn(dnString)); final Entry result = ads.service.getAdminSession().lookup(new Dn(dnString));
System.out.println("Found entry : " + result); System.out.println("Found entry : " + result);
} catch (Exception e) { } catch (Exception e) {
@ -48,14 +48,15 @@ public class DirectoryServiceRunner {
} }
private final DirectoryService service; private final DirectoryService service;
private final LdapServer ldapServer;
public DirectoryServiceRunner(final String partition, final String dnString, final String ip, final String port, final boolean useTLS) throws Exception { public DirectoryServiceRunner(final String partition, final String dnString, final String ip, final String port, final boolean useTLS, final String partitionPath) throws Exception {
this.service = initService(partition); this.service = initService(partition);
addPartition("ou=config", "config"); addPartition("ou=config", "config", partitionPath);
addPartition(dnString, partition); addPartition(dnString, partition, partitionPath);
this.service.startup(); this.service.startup();
loadData(); loadData();
startServer(ip, port, useTLS); this.ldapServer = startServer(ip, port, useTLS);
} }
private DirectoryService initService(final String partition) throws Exception { private DirectoryService initService(final String partition) throws Exception {
@ -70,31 +71,35 @@ public class DirectoryServiceRunner {
return directoryService; return directoryService;
} }
private void addPartition(final String dnString, final String partitionId) throws LdapInvalidDnException, Exception { private void addPartition(final String dnString, final String partitionId, final String partitionPath) throws LdapInvalidDnException, Exception {
final JdbmPartitionFactory partitionFactory = new JdbmPartitionFactory(); final JdbmPartitionFactory partitionFactory = new JdbmPartitionFactory();
final SchemaManager schemaManager = service.getSchemaManager(); final SchemaManager schemaManager = service.getSchemaManager();
final CacheService cacheService = service.getCacheService(); final CacheService cacheService = service.getCacheService();
final Cache cache = cacheService.getCache("dnCache"); final Cache cache = cacheService.getCache("dnCache");
final DefaultDnFactory defaultDnFactory = new DefaultDnFactory(schemaManager, cache); final DefaultDnFactory defaultDnFactory = new DefaultDnFactory(schemaManager, cache);
final String parPath = partitionPath != null ? partitionPath : "ldap-data." + Double.valueOf(Math.random()).hashCode();
final Partition partition = final Partition partition =
partitionFactory.createPartition( partitionFactory.createPartition(schemaManager, defaultDnFactory, partitionId, dnString, 400, new File(parPath));
schemaManager, defaultDnFactory, partitionId, dnString, 400,
new File("ldap-data." + Double.valueOf(Math.random()).hashCode())
);
service.addPartition(partition); service.addPartition(partition);
} }
private void startServer(final String ip, final String port, final boolean useTLS) throws Exception { private LdapServer startServer(final String ip, final String port, final boolean useTLS) throws Exception {
final LdapServer ldapServer = new LdapServer(); final LdapServer server = new LdapServer();
final TcpTransport tcpTransport = new TcpTransport(ip, Integer.parseInt(port)); final TcpTransport tcpTransport = new TcpTransport(ip, Integer.parseInt(port));
tcpTransport.enableSSL(useTLS); tcpTransport.enableSSL(useTLS);
ldapServer.setTransports(tcpTransport); server.setTransports(tcpTransport);
ldapServer.setDirectoryService(service); server.setDirectoryService(service);
ldapServer.start(); server.start();
return server;
} }
public void shutdown() throws Exception { public void shutdown() throws Exception {
service.shutdown(); if (ldapServer != null) {
ldapServer.stop();
}
if (service != null) {
service.shutdown();
}
} }
private void loadData() { private void loadData() {

View File

@ -17,6 +17,7 @@ public class LDAPConfig {
private String ldapDistinguishedName; private String ldapDistinguishedName;
private String ldapHost; private String ldapHost;
private String ldapPort; private String ldapPort;
private String ldapDataDir;
private boolean ldapUseTLS; private boolean ldapUseTLS;
private String smtpFromAddress; private String smtpFromAddress;
private String smtpHost; private String smtpHost;
@ -30,6 +31,7 @@ public class LDAPConfig {
ldapUseTLS = false; ldapUseTLS = false;
ldapSecurityPrincipal = "uid=admin,ou=system"; ldapSecurityPrincipal = "uid=admin,ou=system";
ldapSecurityPassword = "secret"; ldapSecurityPassword = "secret";
ldapDataDir = "ldapdata";
smtpHost = "localhost"; smtpHost = "localhost";
smtpPort = "25"; smtpPort = "25";
smtpFromAddress = "nobody@example.com"; smtpFromAddress = "nobody@example.com";
@ -38,6 +40,7 @@ public class LDAPConfig {
ldapProviderUrl = props.getProperty("provider.url", ldapProviderUrl); ldapProviderUrl = props.getProperty("provider.url", ldapProviderUrl);
ldapSecurityPrincipal = props.getProperty("security.principal", ldapSecurityPrincipal); ldapSecurityPrincipal = props.getProperty("security.principal", ldapSecurityPrincipal);
ldapSecurityPassword = props.getProperty("security.password", ldapSecurityPassword); ldapSecurityPassword = props.getProperty("security.password", ldapSecurityPassword);
ldapDataDir = props.getProperty("data.path", ldapDataDir);
smtpHost = props.getProperty("smtp.host", smtpHost); smtpHost = props.getProperty("smtp.host", smtpHost);
smtpPort = props.getProperty("smtp.port", smtpPort); smtpPort = props.getProperty("smtp.port", smtpPort);
smtpFromAddress = props.getProperty("smtp.from", smtpFromAddress); smtpFromAddress = props.getProperty("smtp.from", smtpFromAddress);
@ -82,6 +85,10 @@ public class LDAPConfig {
return ldapPort; return ldapPort;
} }
public String getLdapDataDir() {
return ldapDataDir;
}
public boolean isLdapUseTLS() { public boolean isLdapUseTLS() {
return ldapUseTLS; return ldapUseTLS;
} }

View File

@ -1,9 +1,9 @@
package de.jalin.ldapadmin.server; package de.jalin.ldapadmin.server;
import de.jalin.ldapadmin.ldap.DirectoryServiceRunner; import de.jalin.ldapadmin.ldap.DirectoryServiceRunner;
import de.jalin.ldapadmin.ldap.LDAPConfig;
import java.util.logging.Level; import java.util.logging.Level;
import java.util.logging.Logger; import java.util.logging.Logger;
import javax.servlet.ServletContext;
import javax.servlet.ServletContextEvent; import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener; import javax.servlet.ServletContextListener;
import javax.servlet.annotation.WebListener; import javax.servlet.annotation.WebListener;
@ -16,10 +16,8 @@ public class WebappDirectoryServer implements ServletContextListener {
@Override @Override
public void contextInitialized(final ServletContextEvent evt) { public void contextInitialized(final ServletContextEvent evt) {
try { try {
final ServletContext ctx = evt.getServletContext(); final LDAPConfig cfg = LDAPConfig.getConfig();
final String uri = ctx.getInitParameter("uri"); directoryServer = new DirectoryServiceRunner("main", cfg.getLdapDistinguishedName(), cfg.getLdapHost(), cfg.getLdapPort(), cfg.isLdapUseTLS(), cfg.getLdapDataDir());
final LDAPUriParser uriParser = new LDAPUriParser(uri);
directoryServer = new DirectoryServiceRunner("main", uriParser.getDn(), uriParser.getHost(), uriParser.getPort(), uriParser.isUseTLS());
} catch (Exception ex) { } catch (Exception ex) {
Logger.getLogger(WebappDirectoryServer.class.getName()).log(Level.SEVERE, null, ex); Logger.getLogger(WebappDirectoryServer.class.getName()).log(Level.SEVERE, null, ex);
} }

View File

@ -138,7 +138,7 @@ public class ResetPasswordServlet extends AbstractLDAPServlet {
salutation = usr.getFirstname() + " " + usr.getLastname(); salutation = usr.getFirstname() + " " + usr.getLastname();
} }
} }
if (login.isEmpty() || email.isEmpty()) { if (login == null || email == null || login.isEmpty() || email.isEmpty()) {
httpSession.setAttribute("errormessage", messages.getString("ResetPasswordServlet.error_sending_password_reset")); httpSession.setAttribute("errormessage", messages.getString("ResetPasswordServlet.error_sending_password_reset"));
req.getRequestDispatcher("/reset-password.jsp").forward(req, resp); req.getRequestDispatcher("/reset-password.jsp").forward(req, resp);
return; return;

View File

@ -65,7 +65,7 @@
</security-constraint> </security-constraint>
<login-config> <login-config>
<auth-method>FORM</auth-method> <auth-method>FORM</auth-method>
<realm-name>LDAP</realm-name> <realm-name>LDAP Realm</realm-name>
<form-login-config> <form-login-config>
<form-login-page>/login.jsp</form-login-page> <form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginfail.jsp</form-error-page> <form-error-page>/loginfail.jsp</form-error-page>

View File

@ -44,11 +44,11 @@ public class TestCreateGroup {
final User newUser2 = newUsersInstance("Jens", "Jenssen"); final User newUser2 = newUsersInstance("Jens", "Jenssen");
udao.create(newUser2); udao.create(newUser2);
Group login = new Group(); Group login = new Group();
login.setName("login"); login.setName("xlogin");
login.setMembers(Arrays.asList(new String[]{newUser1.getDn(), newUser2.getDn()})); login.setMembers(Arrays.asList(new String[]{newUser1.getDn(), newUser2.getDn()}));
gdao.create(login); gdao.create(login);
Group admins = new Group(); Group admins = new Group();
admins.setName("admins"); admins.setName("xadmins");
admins.setMembers(Arrays.asList(new String[]{newUser1.getDn(), newUser2.getDn()})); admins.setMembers(Arrays.asList(new String[]{newUser1.getDn(), newUser2.getDn()}));
gdao.create(admins); gdao.create(admins);
} catch (LDAPSessionException | RequiredAttributeException | AlreadyBoundException e) { } catch (LDAPSessionException | RequiredAttributeException | AlreadyBoundException e) {