From 45cfbe6804e2b998697b11b6f8f08f9da480d450 Mon Sep 17 00:00:00 2001 From: hengsin Date: Mon, 28 Dec 2020 18:09:17 +0800 Subject: [PATCH] IDEMPIERE-4610 Remove obsolete LdapProcessor (#484) * IDEMPIERE-4610 Remove obsolete LdapProcessor * IDEMPIERE-4610 Remove obsolete LdapProcessor Inactivate menu entry (AD_Menu_ID=594) and window (AD_Window_ID=389) * IDEMPIERE-4610 Remove obsolete LdapProcessor move migration script to i8.2z folder. --- .../oracle/202012261710_IDEMPIERE-4610.sql | 14 + .../202012261710_IDEMPIERE-4610.sql | 11 + org.adempiere.server/.classpath | 7 +- org.adempiere.server/META-INF/MANIFEST.MF | 1 - .../OSGI-INF/ldapprocessorfactory.xml | 8 - org.adempiere.server/build.properties | 1 - .../compiere/ldap/LdapConnectionHandler.java | 205 ----------- .../server/org/compiere/ldap/LdapMessage.java | 332 ------------------ .../org/compiere/ldap/LdapProcessor.java | 136 ------- .../server/org/compiere/ldap/LdapResult.java | 308 ---------------- .../factory/DefaultLDAPProcessorFactory.java | 57 --- 11 files changed, 28 insertions(+), 1052 deletions(-) create mode 100644 migration/i8.2z/oracle/202012261710_IDEMPIERE-4610.sql create mode 100644 migration/i8.2z/postgresql/202012261710_IDEMPIERE-4610.sql delete mode 100644 org.adempiere.server/OSGI-INF/ldapprocessorfactory.xml delete mode 100644 org.adempiere.server/src/main/server/org/compiere/ldap/LdapConnectionHandler.java delete mode 100644 org.adempiere.server/src/main/server/org/compiere/ldap/LdapMessage.java delete mode 100644 org.adempiere.server/src/main/server/org/compiere/ldap/LdapProcessor.java delete mode 100644 org.adempiere.server/src/main/server/org/compiere/ldap/LdapResult.java delete mode 100644 org.adempiere.server/src/main/server/org/idempiere/server/factory/DefaultLDAPProcessorFactory.java diff --git a/migration/i8.2z/oracle/202012261710_IDEMPIERE-4610.sql b/migration/i8.2z/oracle/202012261710_IDEMPIERE-4610.sql new file mode 100644 index 0000000000..6ff735f802 --- /dev/null +++ b/migration/i8.2z/oracle/202012261710_IDEMPIERE-4610.sql @@ -0,0 +1,14 @@ +SET SQLBLANKLINES ON +SET DEFINE OFF + +-- Dec 27, 2020, 1:10:12 AM MYT +UPDATE AD_Window SET IsActive='N',Updated=TO_DATE('2020-12-27 01:10:12','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Window_ID=389 +; + +-- Dec 27, 2020, 1:10:12 AM MYT +UPDATE AD_Menu SET Name='LDAP Server', Description='LDAP Server to authenticate and authorize external systems based on iDempiere', IsActive='N',Updated=TO_DATE('2020-12-27 01:10:12','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Menu_ID=594 +; + +SELECT register_migration_script('202012261710_IDEMPIERE-4610.sql') FROM dual +; + diff --git a/migration/i8.2z/postgresql/202012261710_IDEMPIERE-4610.sql b/migration/i8.2z/postgresql/202012261710_IDEMPIERE-4610.sql new file mode 100644 index 0000000000..194d5f64aa --- /dev/null +++ b/migration/i8.2z/postgresql/202012261710_IDEMPIERE-4610.sql @@ -0,0 +1,11 @@ +-- Dec 27, 2020, 1:10:12 AM MYT +UPDATE AD_Window SET IsActive='N',Updated=TO_TIMESTAMP('2020-12-27 01:10:12','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Window_ID=389 +; + +-- Dec 27, 2020, 1:10:12 AM MYT +UPDATE AD_Menu SET Name='LDAP Server', Description='LDAP Server to authenticate and authorize external systems based on iDempiere', IsActive='N',Updated=TO_TIMESTAMP('2020-12-27 01:10:12','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Menu_ID=594 +; + +SELECT register_migration_script('202012261710_IDEMPIERE-4610.sql') FROM dual +; + diff --git a/org.adempiere.server/.classpath b/org.adempiere.server/.classpath index 5fc3e08d0c..2df192e99a 100644 --- a/org.adempiere.server/.classpath +++ b/org.adempiere.server/.classpath @@ -3,12 +3,11 @@ - - - - + + + diff --git a/org.adempiere.server/META-INF/MANIFEST.MF b/org.adempiere.server/META-INF/MANIFEST.MF index beb796e804..6722c6e4a2 100644 --- a/org.adempiere.server/META-INF/MANIFEST.MF +++ b/org.adempiere.server/META-INF/MANIFEST.MF @@ -26,7 +26,6 @@ Import-Package: javax.jms;version="1.1.0", org.osgi.util.tracker;version="1.5.0", org.w3c.dom Export-Package: org.adempiere.server, - org.compiere.ldap, org.compiere.server, org.idempiere.server.cluster, org.idempiere.server.cluster.callable, diff --git a/org.adempiere.server/OSGI-INF/ldapprocessorfactory.xml b/org.adempiere.server/OSGI-INF/ldapprocessorfactory.xml deleted file mode 100644 index f53e45eccd..0000000000 --- a/org.adempiere.server/OSGI-INF/ldapprocessorfactory.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - - - - - diff --git a/org.adempiere.server/build.properties b/org.adempiere.server/build.properties index f23f80651d..415a88aa39 100644 --- a/org.adempiere.server/build.properties +++ b/org.adempiere.server/build.properties @@ -19,7 +19,6 @@ bin.includes = META-INF/,\ plugin.xml,\ OSGI-INF/acctprocessorfactory.xml,\ OSGI-INF/alertprocessorfactory.xml,\ - OSGI-INF/ldapprocessorfactory.xml,\ OSGI-INF/requestprocessorfactory.xml,\ OSGI-INF/schedulerfactory.xml,\ OSGI-INF/workflowprocessorfactory.xml,\ diff --git a/org.adempiere.server/src/main/server/org/compiere/ldap/LdapConnectionHandler.java b/org.adempiere.server/src/main/server/org/compiere/ldap/LdapConnectionHandler.java deleted file mode 100644 index ce46a90384..0000000000 --- a/org.adempiere.server/src/main/server/org/compiere/ldap/LdapConnectionHandler.java +++ /dev/null @@ -1,205 +0,0 @@ -/****************************************************************************** - * Product: Adempiere ERP & CRM Smart Business Solution - * Copyright (C) 1999-2006 ComPiere, Inc. All Rights Reserved. - * This program is free software; you can redistribute it and/or modify it - * under the terms version 2 of the GNU General Public License as published - * by the Free Software Foundation. This program is distributed in the hope - * that it will be useful, but WITHOUT ANY WARRANTY; without even the implied - * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * See the GNU General Public License for more details. - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - * You may reach us at: ComPiere, Inc. - http://www.compiere.org/license.html - * 2620 Augustine Dr. #245, Santa Clara, CA 95054, USA or info@compiere.org - *****************************************************************************/ -package org.compiere.ldap; - -import java.io.BufferedOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.net.Socket; -import java.util.Hashtable; -import java.util.logging.Level; - -import javax.naming.AuthenticationException; -import javax.naming.Context; -import javax.naming.ldap.InitialLdapContext; - -import org.compiere.model.MLdapProcessor; -import org.compiere.model.MLdapUser; -import org.compiere.util.CLogger; - -/** - * LDAP Connection Handler - * - * Only "simple" authentication and the following protocol are supported: - * bind - * unbind - * search - * The following distinguished name are supported: - * o - organization - * ou - organization unit - * cn - common name - * Due to some of the ldap client might not unbind and close the connection, - * whenever error occurs and authenticate done, we will close the connection. - * - * Basically, tested with two type of ldap authentication, java client and - * apache ldap support. - * For the apache support, here's the tested definition: - * AuthType Basic - * AuthLDAPAuthoritative on - * AuthLDAPEnabled on - * AuthLDAPURL ldap://:/o=,ou=?uid?sub - * The protocol for the apache ldap: - * - bind to server - * - search for the object name with user input userid - * - bind again with returned object name and password - * The protocol for the java client, please refer to the sample code in main(). - * - * @author Jorg Janke - * @version $Id: LdapConnectionHandler.java,v 1.1 2006/10/09 00:23:16 jjanke Exp $ - */ -public class LdapConnectionHandler extends Thread -{ - /** - * Ldap Connection Handler - * @param socket server socket - * @param model model - */ - public LdapConnectionHandler(Socket socket, MLdapProcessor model) - { - try - { - m_socket = socket; - m_socket.setTcpNoDelay(true); // should not be required - m_model = model; - } - catch (Exception e) - { - log.log(Level.SEVERE, "", e); - } // no timeout - } // LdapConnectionHandler - - /** Socket */ - private Socket m_socket = null; - /** Ldap Model */ - private MLdapProcessor m_model = null; - /** Logger */ - private static final CLogger log = CLogger.getCLogger (LdapConnectionHandler.class); - - - /** - * Do Work - */ - public void run() - { - try - { - if (m_socket == null || m_socket.isClosed()) - return; - - LdapMessage msg = new LdapMessage(); - MLdapUser ldapUser = new MLdapUser(); - LdapResult result = new LdapResult(); - boolean activeSession = true; - while (activeSession) - { - InputStream in = m_socket.getInputStream(); - BufferedOutputStream out = new BufferedOutputStream(m_socket.getOutputStream()); - // Read - byte[] buffer = new byte[512]; - int length = in.read(buffer, 0, 512); - - // Decode the input message buffer - result.reset(msg, ldapUser); - msg.reset(result); - msg.decode(buffer, length); - if (msg.getOperation() == LdapMessage.UNBIND_REQUEST) - { - out.close(); - break; - } - - // Not unbind, so we can create a response - byte[] bytes = result.getResult(m_model); - - // Send the response back - out.write(bytes); - out.flush(); - - // If there's error or successfully authenticated the user, - // close the connection to avoid too many open connection - if (result.getDone()) - { - out.close(); - break; - } - } // while(activeSession) - } - catch (IOException e) - { - log.log(Level.SEVERE, "", e); - } - - try - { - m_socket.close(); - } - catch (Exception e) - { - log.log(Level.WARNING, "Socket", e); - } - m_socket = null; - } // run - - /** - * String Representation - * @return info - */ - public String toString() - { - StringBuilder sb = new StringBuilder ("LdapConnectionHandler["); - sb.append (hashCode()).append ("]"); - return sb.toString (); - } // toString - - /** - * Test using the java client. - * Ldap v3 won't need to do any bind, search, bind anymore. - * When new InitialLdapContext() is called, it will bind with the - * dn and password, the ldap server should be authenticate with it. - * - * @param args - */ - public static void main(String[] args) - { - Hashtable env = new Hashtable(); - env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); - // ldap://dc.compiere.org - env.put(Context.PROVIDER_URL, "ldap://10.104.139.160:389"); - env.put(Context.SECURITY_AUTHENTICATION, "simple"); - // Compiere server only support cn/o/ou, and cn should be the user id. - // Only one entry for cn. - env.put(Context.SECURITY_PRINCIPAL, "cn=cboss@compiere.org,o=GardenWorld,ou=LawnCare"); - env.put(Context.SECURITY_CREDENTIALS, "carlboss"); - - try - { - // Create the initial context - new InitialLdapContext(env, null); - // If not successfully authenticated, exception should be thrown - System.out.println("Successfully authenticated ..."); - } - catch (AuthenticationException e) - { - e.printStackTrace(); - return; - } - catch (Exception e) - { - e.printStackTrace(); - return; - } - } // main() -} // LdapConnectionHandler diff --git a/org.adempiere.server/src/main/server/org/compiere/ldap/LdapMessage.java b/org.adempiere.server/src/main/server/org/compiere/ldap/LdapMessage.java deleted file mode 100644 index f3fd996573..0000000000 --- a/org.adempiere.server/src/main/server/org/compiere/ldap/LdapMessage.java +++ /dev/null @@ -1,332 +0,0 @@ -/****************************************************************************** - * Product: Adempiere ERP & CRM Smart Business Solution - * Copyright (C) 1999-2006 ComPiere, Inc. All Rights Reserved. - * This program is free software; you can redistribute it and/or modify it - * under the terms version 2 of the GNU General Public License as published - * by the Free Software Foundation. This program is distributed in the hope - * that it will be useful, but WITHOUT ANY WARRANTY; without even the implied - * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * See the GNU General Public License for more details. - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - * You may reach us at: ComPiere, Inc. - http://www.compiere.org/license.html - * 2620 Augustine Dr. #245, Santa Clara, CA 95054, USA or info@compiere.org - *****************************************************************************/ -package org.compiere.ldap; - -import java.util.logging.Level; - -import org.compiere.util.CLogger; - -import com.sun.jndi.ldap.BerDecoder; - -/** - * Ldap Message - * - * @author Jorg Janke - * @version $Id: LdapMessage.java,v 1.1 2006/10/09 00:23:16 jjanke Exp $ - */ -public class LdapMessage -{ - static public final int BIND_REQUEST = 96; - static public final int BIND_RESPONSE = 97; - static public final int UNBIND_REQUEST = 98; - static public final int SEARCH_REQUEST = 99; - static public final int SEARCH_REP_ENTRY = 100; - static public final int SEARCH_RES_RESULT = 101; - - static public final int SIMPLE_AUTHENTICATION = 128; - - static public final int FILTER_AND = 160; - static public final int FILTER_OR = 161; - static public final int FILTER_NOT = 162; - static public final int FILTER_EQUALITYMATCH = 163; - - static public final int SEQUENCE = 48; - - /** Decoder */ - private BerDecoder decoder = null; - /** Logger */ - private static final CLogger log = CLogger.getCLogger (LdapMessage.class); - /** Protocol Operation */ - private int m_protocolOp = -1; - /** Message Id needed for the reply message */ - private int msgId; - /** Distinguished name */ - private String dn = null; - /** Organization */ - private String org = null; - /** Organization unit */ - private String orgUnit = null; - /** User Id */ - private String userId = null; - /** Password */ - private String passwd = null; - /** base Object */ - private String baseObj = null; - /** LdapResult object to hold if there's any error during parsing */ - private LdapResult result = null; - - /** - * Ldap Message - */ - public LdapMessage() - { - } // LdapMessage - - /* - * Reset all the attributes - */ - public void reset(LdapResult result) - { - this.result = result; - decoder = null; - m_protocolOp = -1; - msgId = -1; - dn = null; - org = null; - orgUnit = null; - userId = null; - passwd = null; - baseObj = null; - - } // reset() - - /** - * Decode Message - * @param data input buffer - * @param length buffer size - */ - public void decode(byte[] data, int length) - { - try - { - // Create the decoder - decoder = new BerDecoder(data, 0, length); - } - catch (Exception e) - { - log.log(Level.SEVERE, data.toString(), e); - return; - } - - try - { - // Parse the message envelope - decoder.parseSeq(null); - - // Parse message Id - msgId = decoder.parseInt(); - - // Parse the operation protocol - m_protocolOp = decoder.parseSeq(null); - - // - // Payload - if (m_protocolOp == BIND_REQUEST) { - handleBind(); - } else if (m_protocolOp == UNBIND_REQUEST) { - if (log.isLoggable(Level.INFO)) log.info("#" + msgId + ": unbind"); - } else if (m_protocolOp == SEARCH_REQUEST) { - handleSearch(); - } else { // Only supoort BIND, UNBIND and SEARCH - result.setErrorNo(LdapResult.LDAP_PROTOCOL_ERROR); - result.setErrorString(": Unsupported Request"); - log.warning("#" + msgId + ": Unknown Op + " + m_protocolOp); - } - } - catch (Exception ex) - { - result.setErrorNo(LdapResult.LDAP_PROTOCOL_ERROR); - log.log(Level.SEVERE, "", ex); - } - } // decode - - /* - * Encode the search request message - */ - private void handleSearch() - { - try - { - // Parse the base Object - baseObj = decoder.parseString(true); - parseDN(baseObj); - - decoder.parseEnumeration(); // scope - decoder.parseEnumeration(); // derefAliases - decoder.parseInt(); // sizeLimit - decoder.parseInt(); // timeLimit - decoder.parseBoolean(); // typeOnly - - boolean equalityFilter = false; - while (true) - { - int filter = decoder.parseSeq(null); //Filter - if (filter == FILTER_EQUALITYMATCH) - { - decoder.parseString(true); - userId = decoder.parseString(true); - equalityFilter = true; - break; - } - else if (filter == FILTER_AND) - decoder.parseStringWithTag(135, true, null); - else if (filter == SEQUENCE) - break; - } // while true - - if (!equalityFilter) // Didn't find the it - { - result.setErrorNo(LdapResult.LDAP_PROTOCOL_ERROR); - result.setErrorString("Can't can't Filter - EqualityMatch"); - } - } - catch (Exception ex) - { - log.log(Level.SEVERE, "", ex); - } - } // handleSearch() - - /* - * Encode the bind request message - */ - private void handleBind() - { - try - { - // Parse LDAP version; only support v3 - int version = decoder.parseInt(); - if (version != 3) - { - result.setErrorNo(LdapResult.LDAP_PROTOCOL_ERROR); - result.setErrorString("Unsupported LDAP version"); - if (log.isLoggable(Level.INFO)) log.info("#" + msgId + ": unsupported LDAP version - " + version); - return; - } - - // Parse DN - dn = decoder.parseString(true); - - // Peek on AuthenticationChoice; only support simple authentication - int auth = decoder.peekByte(); - if (auth != SIMPLE_AUTHENTICATION) // 0x80 - simple authentication - { - result.setErrorNo(LdapResult.LDAP_AUTH_METHOD_NOT_SUPPORTED); - if (log.isLoggable(Level.INFO)) log.info("#" + msgId + ": unsupported authentication method - " + auth); - return; - } - - // It is simple authentication, get the authentication string - passwd = decoder.parseStringWithTag(SIMPLE_AUTHENTICATION, true, null); - if (passwd != null && passwd.length() > 0) - { - parseDN(dn); - if (userId == null || userId.length() <= 0) - { - result.setErrorNo(LdapResult.LDAP_NO_SUCH_OBJECT); - result.setErrorString(": \"cn\" not defined"); - if (log.isLoggable(Level.INFO)) log.info("#" + msgId + ": \"cn\" not defined"); - return; - } - } - - // Log the information - if (log.isLoggable(Level.INFO)) log.info("#" + msgId + ": bind - version=" + version + ", userId=" + userId); - } - catch (Exception ex) - { - log.log(Level.SEVERE, "", ex); - } - } // handleBind() - - /* - * Parse the DN to find user id, organization and organization unit - */ - private void parseDN(String dName) - { - String[] dnArray = dName.split(","); - for (int i = 0; i < dnArray.length; i++) - { - if (dnArray[i].startsWith("cn=")) - userId = dnArray[i].split("=")[1]; - else if (dnArray[i].startsWith("o=")) - org = dnArray[i].split("=")[1]; - else if (dnArray[i].startsWith("ou=")) - orgUnit = dnArray[i].split("=")[1]; - } - } // parseDN() - - /** - * Get Operation Code - * @return protocolOp - */ - public int getOperation() - { - return m_protocolOp; - } // getOperation - - /** - * Get message id - * @return msgId - */ - public int getMsgId() - { - return msgId; - } // getMsgId() - - /** - * Get DN - * @return dn - */ - public String getDN() - { - return dn; - } // getDN() - - /** - * Get User Id - * @return userId - */ - public String getUserId() - { - return userId; - } // getUserId() - - /** - * Get User passwod - * @return passwd - */ - public String getUserPasswd() - { - return passwd; - } // getUserPasswd() - - /** - * Get base object - * @return baseObj - */ - public String getBaseObj() - { - return baseObj; - } // getBaseObj() - - /** - * Get organization - * @return org - */ - public String getOrg() - { - return org; - } // getOrg() - - /** - * Get organization unit - * @return orgUnit - */ - public String getOrgUnit() - { - return orgUnit; - } // getOrgUnit() -} // LdapMessage diff --git a/org.adempiere.server/src/main/server/org/compiere/ldap/LdapProcessor.java b/org.adempiere.server/src/main/server/org/compiere/ldap/LdapProcessor.java deleted file mode 100644 index 9f34cb1a33..0000000000 --- a/org.adempiere.server/src/main/server/org/compiere/ldap/LdapProcessor.java +++ /dev/null @@ -1,136 +0,0 @@ -/****************************************************************************** - * Product: Adempiere ERP & CRM Smart Business Solution - * Copyright (C) 1999-2006 ComPiere, Inc. All Rights Reserved. - * This program is free software; you can redistribute it and/or modify it - * under the terms version 2 of the GNU General Public License as published - * by the Free Software Foundation. This program is distributed in the hope - * that it will be useful, but WITHOUT ANY WARRANTY; without even the implied - * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * See the GNU General Public License for more details. - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - * You may reach us at: ComPiere, Inc. - http://www.compiere.org/license.html - * 2620 Augustine Dr. #245, Santa Clara, CA 95054, USA or info@compiere.org - *****************************************************************************/ -package org.compiere.ldap; - -import java.net.ServerSocket; -import java.net.Socket; -import java.sql.Timestamp; -import java.util.Properties; -import java.util.logging.Level; - -import org.compiere.Adempiere; -import org.compiere.model.MLdapProcessor; -import org.compiere.model.MLdapProcessorLog; -import org.compiere.server.AdempiereServer; -import org.compiere.util.TimeUtil; - -/** - * LDAP Server - * - * @author Jorg Janke - * @version $Id: LdapProcessor.java,v 1.1 2006/10/09 00:23:16 jjanke Exp $ - */ -public class LdapProcessor extends AdempiereServer -{ - /** - * Ldap Processor (Server) - * @param model Ldap Model - */ - public LdapProcessor (MLdapProcessor model) - { - super (model, 300); - m_model = model; - } // LdapProcessor - - /** The Concrete Model */ - protected MLdapProcessor m_model = null; - /** Last Summary */ - protected StringBuffer m_summary = new StringBuffer(); - /** Server Socket */ - protected ServerSocket m_serverSocket = null; - /** Counter */ - protected int m_counter = 0; - - - /** - * Do Work - */ - protected void doWork() - { - // Close Socket - if (m_serverSocket != null) - { - try - { - m_serverSocket.close(); - } - catch (Exception e) - { - } - } - m_counter = 0; - // - m_summary = new StringBuffer(m_model.toString()) - .append(" - "); - // - - try - { - m_serverSocket = new ServerSocket(m_model.getLdapPort()); - if (log.isLoggable(Level.INFO))log.log(Level.INFO, "Opened Port=" + m_model.getLdapPort()); - while (!isInterrupted()) - { - Socket socket = m_serverSocket.accept(); // waits for connection - if (log.isLoggable(Level.FINE))log.log(Level.FINE, "Connection on Port=" + m_model.getLdapPort()); - LdapConnectionHandler handler = - new LdapConnectionHandler (socket, m_model); - handler.start(); - m_counter++; - } - } - catch (Exception e) - { - log.log(Level.WARNING, "Port=" + m_model.getLdapPort(), e); - m_summary.append(e.toString()); - } - - m_summary.append ("; ") - .append (m_model.getInfo()); - - int no = m_model.deleteLog(); - m_summary.append("; Logs deleted=").append(no); - // - MLdapProcessorLog pLog = new MLdapProcessorLog(m_model, m_summary.toString()); - pLog.setReference("#" + String.valueOf(p_runCount) - + " - " + TimeUtil.formatElapsed(new Timestamp(p_startWork))); - pLog.saveEx(); - - } // doWork - - - /** - * Get Server Info - * @return info - */ - public String getServerInfo() - { - return "#" + p_runCount + " - Last=" + m_summary.toString() - + "; Counter=" + m_counter - + "; " + m_model.getInfo(); - } // getServerInfo - - /** - * Test - * @param args - */ - public static void main(String[] args) - { - Adempiere.startup(true); - new LdapProcessor(new MLdapProcessor(new Properties(), 100, null)).doWork(); - } // main - -} // LdapProcessor - diff --git a/org.adempiere.server/src/main/server/org/compiere/ldap/LdapResult.java b/org.adempiere.server/src/main/server/org/compiere/ldap/LdapResult.java deleted file mode 100644 index 49da11a723..0000000000 --- a/org.adempiere.server/src/main/server/org/compiere/ldap/LdapResult.java +++ /dev/null @@ -1,308 +0,0 @@ -/****************************************************************************** - * Product: Adempiere ERP & CRM Smart Business Solution - * Copyright (C) 1999-2006 ComPiere, Inc. All Rights Reserved. - * This program is free software; you can redistribute it and/or modify it - * under the terms version 2 of the GNU General Public License as published - * by the Free Software Foundation. This program is distributed in the hope - * that it will be useful, but WITHOUT ANY WARRANTY; without even the implied - * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * See the GNU General Public License for more details. - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - * You may reach us at: ComPiere, Inc. - http://www.compiere.org/license.html - * 2620 Augustine Dr. #245, Santa Clara, CA 95054, USA or info@compiere.org - *****************************************************************************/ -package org.compiere.ldap; - -import java.util.logging.Level; - -import org.compiere.model.MLdapProcessor; -import org.compiere.model.MLdapUser; -import org.compiere.util.CLogger; - -import com.sun.jndi.ldap.BerEncoder; - -/** - * Ldap Wire Response - * - * @author Jorg Janke - * @version $Id: LdapResult.java,v 1.1 2006/10/09 00:23:16 jjanke Exp $ - */ -public class LdapResult -{ - /** LdapMesssage */ - private LdapMessage ldapMsg = null; - /** Encoder */ - private BerEncoder m_encoder = null; - /** Logger */ - private static final CLogger log = CLogger.getCLogger (LdapResult.class); - /** Error number */ - private int errNo = LDAP_SUCCESS; - /** Error String */ - private String errStr = ""; - /** LdapUser */ - private MLdapUser ldapUser = null; - /** disconnect to client */ - private boolean disconnect = false; - - public LdapResult () - { - } // LdapResult - - /* - * Reset the attributes - */ - public void reset(LdapMessage ldapMsg, MLdapUser ldapUser) - { - this.ldapMsg = ldapMsg; - m_encoder = new BerEncoder(); - errNo = LDAP_SUCCESS; - errStr = ""; - this.ldapUser = ldapUser; - } // reset() - - /** - * Get the response according to the request message - * @param model model - * @return reponse - */ - public byte[] getResult(MLdapProcessor model) - { - if (errNo != LDAP_SUCCESS) - { - generateResult("", - ((ldapMsg.getOperation()==LdapMessage.BIND_REQUEST)? - LdapMessage.BIND_RESPONSE:LdapMessage.SEARCH_RES_RESULT), - errNo, ldapErrorMessage[errNo] + errStr); - m_encoder.getTrimmedBuf(); - } - - try - { - String usrId = ldapMsg.getUserId(); - String o = ldapMsg.getOrg(); - String ou = ldapMsg.getOrgUnit(); - - // Adding the Application 1 Sequence - if (ldapMsg.getOperation() == LdapMessage.BIND_REQUEST) - { - String pwd = ldapMsg.getUserPasswd(); - if (pwd == null || pwd.length() <= 0) - { - // 1st anonymous bind - generateResult(ldapMsg.getDN(), LdapMessage.BIND_RESPONSE, - LDAP_SUCCESS, null); - log.info("Success"); - return m_encoder.getTrimmedBuf(); - } - - // Authenticate with Compiere data - if (ldapUser.getUserId() == null) - { // Try to authenticate on the 1st bind, must be java client - ldapUser.reset(); - model.authenticate(ldapUser, usrId, o, ou); - if (ldapUser.getErrorMsg() != null) - { // Failed to authenticated with compiere - errNo = LDAP_NO_SUCH_OBJECT; - generateResult(ldapMsg.getBaseObj(), LdapMessage.SEARCH_RES_RESULT, - LDAP_NO_SUCH_OBJECT, - ldapErrorMessage[LDAP_NO_SUCH_OBJECT] + ldapUser.getErrorMsg()); - log.info("Failed"); - return m_encoder.getTrimmedBuf(); - } - } - - // Check to see if the input passwd is match to the one - // in compiere database - if (usrId.compareTo(ldapUser.getUserId()) == 0 && - pwd.compareTo(ldapUser.getPassword()) == 0) - { // Successfully authenticated - generateResult("", LdapMessage.BIND_RESPONSE, - LDAP_SUCCESS, null); - // Close the connection to client since most of the client - // application might cache the connection but we can't afford - // to have too many such client connection - disconnect = true; - log.info("Success"); - } - else - { // Unsuccessfully authenticated - errNo = LDAP_INAPPROPRIATE_AUTHENTICATION; - generateResult("", LdapMessage.BIND_RESPONSE, - LDAP_INAPPROPRIATE_AUTHENTICATION, - ldapErrorMessage[LDAP_INAPPROPRIATE_AUTHENTICATION]); - if (log.isLoggable(Level.INFO)) log.info("Failed : " + ldapErrorMessage[LDAP_INAPPROPRIATE_AUTHENTICATION]); - } - } - else if (ldapMsg.getOperation() == LdapMessage.SEARCH_REQUEST) - { - // Authenticate with compiere database - ldapUser.reset(); - model.authenticate(ldapUser, usrId, o, ou); - if (ldapUser.getErrorMsg() != null) - { - errNo = LDAP_NO_SUCH_OBJECT; - generateResult(ldapMsg.getBaseObj(), LdapMessage.SEARCH_RES_RESULT, - LDAP_NO_SUCH_OBJECT, - ldapErrorMessage[LDAP_NO_SUCH_OBJECT] + ldapUser.getErrorMsg()); - log.info("Failed"); - return m_encoder.getTrimmedBuf(); - } - - m_encoder.beginSeq(48); // Hard coded here for Envelope header - m_encoder.encodeInt(ldapMsg.getMsgId()); - m_encoder.beginSeq(LdapMessage.SEARCH_REP_ENTRY); // Application 4 - m_encoder.encodeString("cn="+ldapMsg.getUserId(), true); // this should be object name - // not going to put in any attributes for this - m_encoder.beginSeq(48); - m_encoder.endSeq(); - m_encoder.endSeq(); - m_encoder.endSeq(); - - // SearchResultDone Application 5 for bind - // Result 0 = success - // No error message - generateResult(ldapMsg.getBaseObj(), LdapMessage.SEARCH_RES_RESULT, - LDAP_SUCCESS, null); - log.info("Success"); - } - - return m_encoder.getTrimmedBuf(); - } - catch (Exception e) - { - log.log(Level.SEVERE, "", e); - } - - return m_encoder.getTrimmedBuf(); - } // bindResponse - - /** - * Generate LDAPResult - * @param dn Distinguished Name - * @param resultProtocol Result protocol/operation code - * @param resultCode Result code - * @param errMsg Error Message - * @return reponse - */ - private void generateResult(String dn, int resultProtocol, - int resultCode, String errMsg) - { - try - { - m_encoder.beginSeq(48); // Hard coded here for Envelope header - m_encoder.encodeInt(ldapMsg.getMsgId()); - m_encoder.beginSeq(resultProtocol); - m_encoder.encodeInt(resultCode, 10); // Enumeration - 10 - // Adding LDAPDN - m_encoder.encodeString(dn, true); - // Adding error message - m_encoder.encodeString((errMsg == null)?"":errMsg, true); - m_encoder.endSeq(); - m_encoder.endSeq(); - } - catch (Exception ex) - { - log.log(Level.SEVERE, "", ex); - } - } // generateResult() - - /* - * Should it be close the connection with client - */ - public boolean getDone() - { - if (errNo != LDAP_SUCCESS) - return true; - return disconnect; - } // getDone() - - /** - * Set the error No - * @param errNo Error Number - */ - public void setErrorNo(int errNo) - { - this.errNo = errNo; - } // setErrorNo() - - /** - * Get the error No - * @return errNo Error Number - */ - public int getErrorNo() - { - return errNo; - } // getErrorNo() - - /** - * Set the error String - * @param errStr Error String - */ - public void setErrorString(String errStr) - { - this.errStr = errStr; - } // setErrorStr() - - static final int LDAP_SUCCESS = 0; - static final int LDAP_OPERATIONS_ERROR = 1; - static final int LDAP_PROTOCOL_ERROR = 2; - static final int LDAP_TIME_LIMIT_EXCEEDED = 3; - static final int LDAP_SIZE_LIMIT_EXCEEDED = 4; - static final int LDAP_COMPARE_FALSE = 5; - static final int LDAP_COMPARE_TRUE = 6; - static final int LDAP_AUTH_METHOD_NOT_SUPPORTED = 7; - static final int LDAP_STRONG_AUTH_REQUIRED = 8; - static final int LDAP_PARTIAL_RESULTS = 9; - static final int LDAP_REFERRAL = 10; - static final int LDAP_ADMIN_LIMIT_EXCEEDED = 11; - static final int LDAP_UNAVAILABLE_CRITICAL_EXTENSION = 12; - static final int LDAP_CONFIDENTIALITY_REQUIRED = 13; - static final int LDAP_SASL_BIND_IN_PROGRESS = 14; - static final int LDAP_NO_SUCH_ATTRIBUTE = 16; - static final int LDAP_UNDEFINED_ATTRIBUTE_TYPE = 17; - static final int LDAP_INAPPROPRIATE_MATCHING = 18; - static final int LDAP_CONSTRAINT_VIOLATION = 19; - static final int LDAP_ATTRIBUTE_OR_VALUE_EXISTS = 20; - static final int LDAP_INVALID_ATTRIBUTE_SYNTAX = 21; - static final int LDAP_NO_SUCH_OBJECT = 32; - static final int LDAP_ALIAS_PROBLEM = 33; - static final int LDAP_INVALID_DN_SYNTAX = 34; - static final int LDAP_IS_LEAF = 35; - static final int LDAP_ALIAS_DEREFERENCING_PROBLEM = 36; - static final int LDAP_INAPPROPRIATE_AUTHENTICATION = 48; - static final int LDAP_INVALID_CREDENTIALS = 49; - static final int LDAP_INSUFFICIENT_ACCESS_RIGHTS = 50; - static final int LDAP_BUSY = 51; - static final int LDAP_UNAVAILABLE = 52; - static final int LDAP_UNWILLING_TO_PERFORM = 53; - static final int LDAP_LOOP_DETECT = 54; - static final int LDAP_NAMING_VIOLATION = 64; - static final int LDAP_OBJECT_CLASS_VIOLATION = 65; - static final int LDAP_NOT_ALLOWED_ON_NON_LEAF = 66; - static final int LDAP_NOT_ALLOWED_ON_RDN = 67; - static final int LDAP_ENTRY_ALREADY_EXISTS = 68; - static final int LDAP_OBJECT_CLASS_MODS_PROHIBITED = 69; - static final int LDAP_AFFECTS_MULTIPLE_DSAS = 71; - static final int LDAP_OTHER = 80; - static final String ldapErrorMessage[] = { - "Success", "Operations Error", "Protocol Error", "Timelimit Exceeded", - "Sizelimit Exceeded", "Compare False", "Compare True", - "Authentication Method Not Supported", "Strong Authentication Required", null, - "Referral", "Administrative Limit Exceeded", "Unavailable Critical Extension", - "Confidentiality Required", "SASL Bind In Progress", null, "No Such Attribute", - "Undefined Attribute Type", "Inappropriate Matching", "Constraint Violation", - "Attribute Or Value Exists", "Invalid Attribute Syntax", null, null, null, - null, null, null, null, null,null, null, "No Such Object", "Alias Problem", - "Invalid DN Syntax", null, "Alias Dereferencing Problem", null, null, null, - null, null, null, null, null, null, null, null, "Inappropriate Authentication", - "Invalid Credentials", "Insufficient Access Rights", "Busy", "Unavailable", - "Unwilling To Perform", "Loop Detect", null, null, null, null, null, - null, null, null, null, "Naming Violation", "Object Class Violation", - "Not Allowed On Non-leaf", "Not Allowed On RDN", "Entry Already Exists", - "Object Class Modifications Prohibited", null, "Affects Multiple DSAs", null, - null, null, null, null, null, null, null,"Other", null, null, null, null, - null, null, null, null, null,null - }; -} // LdapResult diff --git a/org.adempiere.server/src/main/server/org/idempiere/server/factory/DefaultLDAPProcessorFactory.java b/org.adempiere.server/src/main/server/org/idempiere/server/factory/DefaultLDAPProcessorFactory.java deleted file mode 100644 index 20ad229454..0000000000 --- a/org.adempiere.server/src/main/server/org/idempiere/server/factory/DefaultLDAPProcessorFactory.java +++ /dev/null @@ -1,57 +0,0 @@ -/****************************************************************************** - * Copyright (C) 2013 Heng Sin Low * - * Copyright (C) 2013 Trek Global * - * This program is free software; you can redistribute it and/or modify it * - * under the terms version 2 of the GNU General Public License as published * - * by the Free Software Foundation. This program is distributed in the hope * - * that it will be useful, but WITHOUT ANY WARRANTY; without even the implied * - * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * - * See the GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License along * - * with this program; if not, write to the Free Software Foundation, Inc., * - * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. * - *****************************************************************************/ -package org.idempiere.server.factory; - -import java.util.ArrayList; -import java.util.List; -import java.util.Properties; - -import org.adempiere.server.IServerFactory; -import org.compiere.ldap.LdapProcessor; -import org.compiere.model.MLdapProcessor; - -/** - * @author hengsin - * - */ -public class DefaultLDAPProcessorFactory implements IServerFactory { - - /** - * default constructor - */ - public DefaultLDAPProcessorFactory() { - } - - @Override - public LdapProcessor[] create(Properties ctx) { - MLdapProcessor[] ldapModels = MLdapProcessor.getActive(ctx); - List list = new ArrayList(); - for (MLdapProcessor lp : ldapModels) - { - LdapProcessor server = create(ctx, lp); - list.add(server); - } - return list.toArray(new LdapProcessor[0]); - } - - @Override - public Class getProcessorClass() { - return MLdapProcessor.class; - } - - @Override - public LdapProcessor create(Properties ctx, MLdapProcessor serverModel) { - return new LdapProcessor(serverModel); - } -}