Revision 34:c8a57c4ca05f
pom.xml | ||
---|---|---|
85 | 85 |
dir="${project.build.outputDirectory}/com/ib/hibernate/configuration" |
86 | 86 |
includes="hibernate.*.cfg.xml" /> |
87 | 87 |
</delete> |
88 |
|
|
89 |
<delete file="${project.build.outputDirectory}/spring-ldap.xml" /> |
|
90 |
<copy |
|
91 |
file="src/main/resources/spring-ldap.xml" |
|
92 |
tofile="${project.build.outputDirectory}/spring-ldap.xml" /> |
|
93 |
<delete> |
|
94 |
<fileset dir="${project.build.outputDirectory}" includes="spring-ldap.*.xml" /> |
|
95 |
</delete> |
|
88 | 96 |
</target> |
89 | 97 |
</configuration> |
90 | 98 |
<goals> |
src/main/java/my/com/upass/services/VerifyStaticPasswordService.java | ||
---|---|---|
23 | 23 |
import my.com.upass.factory.MinimalUPassFactory; |
24 | 24 |
import my.com.upass.pojo.MinimalUserBean; |
25 | 25 |
import my.com.upass.spassword.PasswordController; |
26 |
import my.com.upass.spring.ldap.MaybankLdapDAO; |
|
26 | 27 |
|
27 | 28 |
import org.hibernate.Session; |
29 |
import org.springframework.beans.factory.BeanFactory; |
|
30 |
import org.springframework.beans.factory.xml.XmlBeanFactory; |
|
31 |
import org.springframework.core.io.ClassPathResource; |
|
32 |
import org.springframework.core.io.Resource; |
|
28 | 33 |
|
29 | 34 |
/** |
30 | 35 |
* PROGRAMMER: Danniell |
... | ... | |
42 | 47 |
public class VerifyStaticPasswordService { |
43 | 48 |
|
44 | 49 |
private MinimalUPassControllerV2 upc; |
50 |
private MaybankLdapDAO maybankLdapDAO; |
|
51 |
protected ModifyUserService modifyUserService; |
|
45 | 52 |
|
46 | 53 |
public VerifyStaticPasswordService(MinimalUPassControllerV2 upc) { |
47 | 54 |
this.upc = upc; |
55 |
Resource resource = new ClassPathResource("spring-ldap.xml"); |
|
56 |
BeanFactory factory = new XmlBeanFactory(resource); |
|
57 |
maybankLdapDAO = (MaybankLdapDAO)factory.getBean("maybankLdap"); |
|
58 |
modifyUserService = new ModifyUserService(upc); |
|
48 | 59 |
} |
49 | 60 |
|
50 | 61 |
public int verifyStaticPassword( |
... | ... | |
115 | 126 |
return MinimalConstants.ERR_USERALIAS_NOT_FOUND; |
116 | 127 |
} |
117 | 128 |
|
129 |
//-- migration period checking : START -- |
|
130 |
if(userBean.getHashedPassword() == null){ //password null, so the user haven't get migrated. |
|
131 |
|
|
132 |
//authenticate to ldap |
|
133 |
if(!maybankLdapDAO.authenticate(userAlias, password)){ |
|
134 |
return MinimalConstants.ERR_INVALID_CREDENTIAL; |
|
135 |
} |
|
136 |
|
|
137 |
//update password to upass |
|
138 |
int responseCode = modifyUserService.modifyUser(userAlias, MinimalConstants.UTYPE_STATE_USER, "", password, MinimalConstants.UID_STATE_ACTIVE); |
|
139 |
if(MinimalConstants.ERR_SUCCESS != responseCode){ |
|
140 |
return responseCode; |
|
141 |
} |
|
142 |
|
|
143 |
//reload profile with password |
|
144 |
userBean = userDao.getUserFromStore(userAlias, txSession); |
|
145 |
} |
|
146 |
//-- migration period checking : END -- |
|
147 |
|
|
148 |
|
|
118 | 149 |
// verify user state, must be active (not inactive|locked|deleted) |
119 | 150 |
switch (userBean.getUstate()) { |
120 | 151 |
|
src/main/java/my/com/upass/spring/ldap/CollectingAuthenticationErrorCallback.java | ||
---|---|---|
1 |
package my.com.upass.spring.ldap; |
|
2 |
|
|
3 |
import org.springframework.ldap.core.AuthenticationErrorCallback; |
|
4 |
|
|
5 |
public final class CollectingAuthenticationErrorCallback implements AuthenticationErrorCallback { |
|
6 |
private Exception error; |
|
7 |
|
|
8 |
public void execute(Exception e) { |
|
9 |
this.error = e; |
|
10 |
} |
|
11 |
|
|
12 |
public Exception getError() { |
|
13 |
return error; |
|
14 |
} |
|
15 |
} |
src/main/java/my/com/upass/spring/ldap/LdapStatusCodeParser.java | ||
---|---|---|
1 |
package my.com.upass.spring.ldap; |
|
2 |
|
|
3 |
import java.util.regex.Matcher; |
|
4 |
import java.util.regex.Pattern; |
|
5 |
|
|
6 |
public class LdapStatusCodeParser { |
|
7 |
|
|
8 |
public static String getCode(String ldapExceptionExplanation){ |
|
9 |
|
|
10 |
Pattern pattern = Pattern.compile("^[\\[:a-zA-Z ]+([0-9]+).*"); |
|
11 |
Matcher matcher = pattern.matcher(ldapExceptionExplanation); |
|
12 |
|
|
13 |
if (matcher.find()) { |
|
14 |
return matcher.group(1); |
|
15 |
} |
|
16 |
|
|
17 |
return null; |
|
18 |
} |
|
19 |
} |
src/main/java/my/com/upass/spring/ldap/MaybankLdapDAO.java | ||
---|---|---|
1 |
package my.com.upass.spring.ldap; |
|
2 |
|
|
3 |
|
|
4 |
public interface MaybankLdapDAO { |
|
5 |
|
|
6 |
public boolean isUserExist(String mbbuserid); |
|
7 |
|
|
8 |
public boolean authenticate(String mbbuserid, String password); |
|
9 |
} |
src/main/java/my/com/upass/spring/ldap/MaybankLdapDAOImpl.java | ||
---|---|---|
1 |
package my.com.upass.spring.ldap; |
|
2 |
|
|
3 |
import javax.naming.Name; |
|
4 |
|
|
5 |
import org.apache.commons.logging.Log; |
|
6 |
import org.apache.commons.logging.LogFactory; |
|
7 |
import org.springframework.ldap.AuthenticationException; |
|
8 |
import org.springframework.ldap.NameNotFoundException; |
|
9 |
import org.springframework.ldap.core.DistinguishedName; |
|
10 |
import org.springframework.ldap.core.LdapTemplate; |
|
11 |
|
|
12 |
public class MaybankLdapDAOImpl implements MaybankLdapDAO{ |
|
13 |
|
|
14 |
private Log logger = LogFactory.getLog(MaybankLdapDAOImpl.class); |
|
15 |
private LdapTemplate ldapTemplate = null; |
|
16 |
private String base; |
|
17 |
private String usernameAttrName; |
|
18 |
|
|
19 |
public boolean isUserExist(String mbbuserid) { |
|
20 |
Object person = null; |
|
21 |
|
|
22 |
try { |
|
23 |
person = ldapTemplate.lookup(buildDn(mbbuserid)); |
|
24 |
} catch (NameNotFoundException e) { |
|
25 |
//not found |
|
26 |
} |
|
27 |
|
|
28 |
if(person != null){ |
|
29 |
return true; |
|
30 |
} |
|
31 |
|
|
32 |
return false; |
|
33 |
} |
|
34 |
|
|
35 |
protected Name buildDn(String mbbuserid) { |
|
36 |
DistinguishedName dn = new DistinguishedName(base); |
|
37 |
dn.add("mbbuserid", mbbuserid); |
|
38 |
return dn; |
|
39 |
} |
|
40 |
|
|
41 |
public boolean authenticate(String mbbuserid, String password) { |
|
42 |
boolean result = false; |
|
43 |
CollectingAuthenticationErrorCallback errorCallback = new CollectingAuthenticationErrorCallback(); |
|
44 |
|
|
45 |
try { |
|
46 |
result = ldapTemplate.authenticate(base, "("+usernameAttrName+"="+mbbuserid+")", password, errorCallback); |
|
47 |
} catch (NameNotFoundException e) { |
|
48 |
logger.warn("LDAP Error code:"+LdapStatusCodeParser.getCode(e.getExplanation()) + " - " + e.getExplanation()); |
|
49 |
} |
|
50 |
|
|
51 |
if (!result && errorCallback.getError() != null) { |
|
52 |
AuthenticationException e = (AuthenticationException)errorCallback.getError(); |
|
53 |
logger.info("LDAP Error code:"+LdapStatusCodeParser.getCode(e.getExplanation()) + " - " + e.getExplanation()); |
|
54 |
} |
|
55 |
|
|
56 |
return result; |
|
57 |
} |
|
58 |
|
|
59 |
public void setLdapTemplate(LdapTemplate ldapTemplate) { |
|
60 |
this.ldapTemplate = ldapTemplate; |
|
61 |
} |
|
62 |
|
|
63 |
public void setBase(String base) { |
|
64 |
this.base = base; |
|
65 |
} |
|
66 |
|
|
67 |
public void setUsernameAttrName(String usernameAttrName) { |
|
68 |
this.usernameAttrName = usernameAttrName; |
|
69 |
} |
|
70 |
|
|
71 |
} |
src/main/resources/spring-ldap.xml | ||
---|---|---|
1 |
<?xml version="1.0" encoding="UTF-8"?> |
|
2 |
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN 2.0//EN" "http://www.springframework.org/dtd/spring-beans-2.0.dtd"> |
|
3 |
<beans> |
|
4 |
<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource"> |
|
5 |
<property name="url" value="ldap://172.31.11.36:389" /> |
|
6 |
<!-- property name="url" value="ldaps://172.31.11.36:636" /--> |
|
7 |
<property name="userDn" value="cn=Directory Manager" /> |
|
8 |
<property name="password" value="password" /> |
|
9 |
</bean> |
|
10 |
<bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate"> |
|
11 |
<constructor-arg ref="contextSource" /> |
|
12 |
</bean> |
|
13 |
<bean id="maybankLdap" class="my.com.upass.spring.ldap.MaybankLdapDAOImpl"> |
|
14 |
<property name="ldapTemplate" ref="ldapTemplate" /> |
|
15 |
<property name="base" value="ou=People,o=maybank"/> |
|
16 |
<property name="usernameAttrName" value="mbbuserid"/> |
|
17 |
</bean> |
|
18 |
</beans> |
Also available in: Unified diff