1/* 2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24/** 25 * Demonstrate JNDI using an LDAP request/response control. 26 * The Authorization Identity controls and their associated control factory 27 * is supplied by a third-party module. 28 */ 29 30package test; 31 32import java.net.*; 33import java.util.*; 34import javax.naming.*; 35import javax.naming.directory.*; 36import javax.naming.ldap.*; 37 38import org.example.authz.AuthzIdRequestControl; 39import org.example.authz.AuthzIdResponseControl; 40 41public class ConnectWithAuthzId { 42 43 // LDAP capture file 44 private static final String LDAP_CAPTURE_FILE = 45 System.getProperty("test.src") + 46 "/src/test/test/ConnectWithAuthzId.ldap"; 47 // LDAPServer socket 48 private static ServerSocket serverSocket; 49 50 public static void main(String[] args) throws Exception { 51 52 /* 53 * Process arguments 54 */ 55 56 int argc = args.length; 57 if ((argc < 1) || 58 ((argc == 1) && (args[0].equalsIgnoreCase("-help")))) { 59 60 System.err.println("\nUsage: ConnectWithAuthzId <ldapurl>\n"); 61 System.err.println(" <ldapurl> is the LDAP URL of the parent entry\n"); 62 System.err.println("example:"); 63 System.err.println(" java ConnectWithAuthzId ldap://oasis/o=airius.com"); 64 return; 65 } 66 67 /* 68 * Launch the LDAP server with the ConnectWithAuthzId.ldap capture file 69 */ 70 71 serverSocket = new ServerSocket(0); 72 new Thread(new Runnable() { 73 @Override 74 public void run() { 75 try { 76 new LDAPServer(serverSocket, LDAP_CAPTURE_FILE); 77 } catch (Exception e) { 78 System.out.println("ERROR: unable to launch LDAP server"); 79 e.printStackTrace(); 80 } 81 } 82 }).start(); 83 84 /* 85 * Connect to the LDAP directory 86 */ 87 88 Hashtable<String,Object> env = new Hashtable<>(); 89 env.put(Context.INITIAL_CONTEXT_FACTORY, 90 "com.sun.jndi.ldap.LdapCtxFactory"); 91 URI ldapUri = new URI(args[0]); 92 if (ldapUri.getPort() == -1) { 93 ldapUri = new URI(ldapUri.getScheme(), null, ldapUri.getHost(), 94 serverSocket.getLocalPort(), ldapUri.getPath(), null, null); 95 } 96 env.put(Context.PROVIDER_URL, ldapUri.toString()); 97 env.put(Context.SECURITY_AUTHENTICATION, "simple"); 98 env.put(Context.SECURITY_PRINCIPAL, "cn=admin,dc=ie,dc=oracle,dc=com"); 99 env.put(Context.SECURITY_CREDENTIALS, "changeit"); 100 env.put(LdapContext.CONTROL_FACTORIES, 101 "org.example.authz.AuthzIdResponseControlFactory"); 102 if (args[args.length - 1].equalsIgnoreCase("-trace")) { 103 env.put("com.sun.jndi.ldap.trace.ber", System.out); 104 } 105 106 System.out.println("ConnectWithAuthzId: connecting to " + ldapUri); 107 LdapContext ctx = null; 108 Control[] connectionControls = { new AuthzIdRequestControl(false) }; 109 110 try { 111 ctx = new InitialLdapContext(env, connectionControls); 112 System.out.println("ConnectWithAuthzId: connected"); 113 // Retrieve the response controls 114 Control[] responseControls = ctx.getResponseControls(); 115 if (responseControls != null) { 116 for (Control responseControl : responseControls) { 117 System.out.println("ConnectWithAuthzId: received response" + 118 " control: " + responseControl.getID()); 119 if (responseControl instanceof AuthzIdResponseControl) { 120 AuthzIdResponseControl authzId = 121 (AuthzIdResponseControl)responseControl; 122 System.out.println("ConnectWithAuthzId: identity is " + 123 authzId.getIdentity()); 124 } 125 } 126 } 127 } catch (NamingException e) { 128 System.err.println("ConnectWithAuthzId: error connecting " + e); 129 } finally { 130 if (ctx != null) { 131 ctx.close(); 132 } 133 } 134 } 135} 136