1 /*
2 * Copyright (c) 2015, 2018, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /**
25 * Demonstrate JNDI using an LDAP request/response control.
26 * The Authorization Identity controls and their associated control factory
27 * is supplied by a third-party module.
28 */
29
30 package test;
31
32 import java.io.PrintStream;
33 import java.net.*;
34 import java.util.*;
35 import javax.naming.*;
36 import javax.naming.directory.*;
37 import javax.naming.ldap.*;
38
39 import org.example.authz.AuthzIdRequestControl;
40 import org.example.authz.AuthzIdResponseControl;
41
42 public class ConnectWithAuthzId {
43
44 static {
45 final PrintStream out = new PrintStream(System.out, true);
46 final PrintStream err = new PrintStream(System.err, true);
47
48 System.setOut(out);
49 System.setErr(err);
50 }
51
52 // LDAP capture file
53 private static final String LDAP_CAPTURE_FILE =
54 System.getProperty("test.src") +
55 "/src/test/test/ConnectWithAuthzId.ldap";
56
57 public static void main(String[] args) throws Exception {
58
59 /*
60 * Process arguments
61 */
62
63 int argc = args.length;
64 if ((argc < 1) ||
65 ((argc == 1) && (args[0].equalsIgnoreCase("-help")))) {
66
67 System.err.println("\nUsage: ConnectWithAuthzId <ldapurl>\n");
68 System.err.println(" <ldapurl> is the LDAP URL of the parent entry\n");
69 System.err.println("example:");
70 System.err.println(" java ConnectWithAuthzId ldap://oasis/o=airius.com");
71 return;
72 }
73
74 /*
75 * Launch the LDAP server with the ConnectWithAuthzId.ldap capture file
76 */
77
78 try (ServerSocket serverSocket = new ServerSocket()) {
79 serverSocket.bind(new InetSocketAddress(InetAddress.getLoopbackAddress(), 0));
80 new Thread(new Runnable() {
81 @Override
82 public void run() {
83 try {
84 new LDAPServer(serverSocket, LDAP_CAPTURE_FILE);
85 } catch (Exception e) {
86 System.out.println("ERROR: unable to launch LDAP server");
87 e.printStackTrace();
88 }
89 }
90 }).start();
91
92 /*
93 * Connect to the LDAP directory
94 */
95
96 Hashtable<String,Object> env = new Hashtable<>();
97 env.put(Context.INITIAL_CONTEXT_FACTORY,
98 "com.sun.jndi.ldap.LdapCtxFactory");
99 URI ldapUri = new URI(args[0]);
100 if (ldapUri.getPort() == -1) {
101 ldapUri = new URI(ldapUri.getScheme(), null, ldapUri.getHost(),
102 serverSocket.getLocalPort(), ldapUri.getPath(), null, null);
103 }
104 env.put(Context.PROVIDER_URL, ldapUri.toString());
105 env.put(Context.SECURITY_AUTHENTICATION, "simple");
106 env.put(Context.SECURITY_PRINCIPAL, "cn=admin,dc=ie,dc=oracle,dc=com");
107 env.put(Context.SECURITY_CREDENTIALS, "changeit");
108 env.put(LdapContext.CONTROL_FACTORIES,
109 "org.example.authz.AuthzIdResponseControlFactory");
110 if (args[args.length - 1].equalsIgnoreCase("-trace")) {
111 env.put("com.sun.jndi.ldap.trace.ber", System.out);
112 }
113
114 System.out.println("ConnectWithAuthzId: connecting to " + ldapUri);
115 LdapContext ctx = null;
116 Control[] connectionControls = { new AuthzIdRequestControl(false) };
117
118 try {
119 ctx = new InitialLdapContext(env, connectionControls);
120 System.out.println("ConnectWithAuthzId: connected");
121 // Retrieve the response controls
122 Control[] responseControls = ctx.getResponseControls();
123 if (responseControls != null) {
124 for (Control responseControl : responseControls) {
125 System.out.println("ConnectWithAuthzId: received response" +
126 " control: " + responseControl.getID());
127 if (responseControl instanceof AuthzIdResponseControl) {
128 AuthzIdResponseControl authzId =
129 (AuthzIdResponseControl)responseControl;
130 System.out.println("ConnectWithAuthzId: identity is " +
131 authzId.getIdentity());
132 }
133 }
134 }
135 } catch (NamingException e) {
136 System.err.println("ConnectWithAuthzId: error connecting " + e);
137 } finally {
138 if (ctx != null) {
139 ctx.close();
140 }
141 }
142 }
143 }
144 }