1/*
2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24/**
25 * Demonstrate JNDI using an LDAP request/response control.
26 * The Authorization Identity controls and their associated control factory
27 * is supplied by a third-party module.
28 */
29
30package test;
31
32import java.net.*;
33import java.util.*;
34import javax.naming.*;
35import javax.naming.directory.*;
36import javax.naming.ldap.*;
37
38import org.example.authz.AuthzIdRequestControl;
39import org.example.authz.AuthzIdResponseControl;
40
41public class ConnectWithAuthzId {
42
43    // LDAP capture file
44    private static final String LDAP_CAPTURE_FILE =
45        System.getProperty("test.src") +
46        "/src/test/test/ConnectWithAuthzId.ldap";
47    // LDAPServer socket
48    private static ServerSocket serverSocket;
49
50    public static void main(String[] args) throws Exception {
51
52        /*
53         * Process arguments
54         */
55
56        int argc = args.length;
57        if ((argc < 1) ||
58            ((argc == 1) && (args[0].equalsIgnoreCase("-help")))) {
59
60            System.err.println("\nUsage:   ConnectWithAuthzId <ldapurl>\n");
61            System.err.println("        <ldapurl> is the LDAP URL of the parent entry\n");
62            System.err.println("example:");
63            System.err.println("        java ConnectWithAuthzId ldap://oasis/o=airius.com");
64            return;
65        }
66
67        /*
68         * Launch the LDAP server with the ConnectWithAuthzId.ldap capture file
69         */
70
71        serverSocket = new ServerSocket(0);
72        new Thread(new Runnable() {
73            @Override
74            public void run() {
75                try {
76                    new LDAPServer(serverSocket, LDAP_CAPTURE_FILE);
77               } catch (Exception e) {
78                   System.out.println("ERROR: unable to launch LDAP server");
79                   e.printStackTrace();
80               }
81            }
82        }).start();
83
84        /*
85         * Connect to the LDAP directory
86         */
87
88        Hashtable<String,Object> env = new Hashtable<>();
89        env.put(Context.INITIAL_CONTEXT_FACTORY,
90            "com.sun.jndi.ldap.LdapCtxFactory");
91        URI ldapUri = new URI(args[0]);
92        if (ldapUri.getPort() == -1) {
93            ldapUri = new URI(ldapUri.getScheme(), null, ldapUri.getHost(),
94                serverSocket.getLocalPort(), ldapUri.getPath(), null, null);
95        }
96        env.put(Context.PROVIDER_URL, ldapUri.toString());
97        env.put(Context.SECURITY_AUTHENTICATION, "simple");
98        env.put(Context.SECURITY_PRINCIPAL, "cn=admin,dc=ie,dc=oracle,dc=com");
99        env.put(Context.SECURITY_CREDENTIALS, "changeit");
100        env.put(LdapContext.CONTROL_FACTORIES,
101            "org.example.authz.AuthzIdResponseControlFactory");
102        if (args[args.length - 1].equalsIgnoreCase("-trace")) {
103            env.put("com.sun.jndi.ldap.trace.ber", System.out);
104        }
105
106        System.out.println("ConnectWithAuthzId: connecting to " + ldapUri);
107        LdapContext ctx = null;
108        Control[] connectionControls = { new AuthzIdRequestControl(false) };
109
110        try {
111            ctx = new InitialLdapContext(env, connectionControls);
112            System.out.println("ConnectWithAuthzId: connected");
113            // Retrieve the response controls
114            Control[] responseControls = ctx.getResponseControls();
115            if (responseControls != null) {
116                for (Control responseControl : responseControls) {
117                    System.out.println("ConnectWithAuthzId: received response" +
118                        " control: " + responseControl.getID());
119                    if (responseControl instanceof AuthzIdResponseControl) {
120                        AuthzIdResponseControl authzId =
121                            (AuthzIdResponseControl)responseControl;
122                        System.out.println("ConnectWithAuthzId: identity is  " +
123                            authzId.getIdentity());
124                    }
125                }
126            }
127        } catch (NamingException e) {
128            System.err.println("ConnectWithAuthzId: error connecting " + e);
129        } finally {
130            if (ctx != null) {
131                ctx.close();
132            }
133        }
134    }
135}
136