[Fix] Allow local users in LdapPrivilegeHandler
This commit is contained in:
parent
1a6cf58b61
commit
2eeb1518d7
|
@ -69,60 +69,60 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
/**
|
||||
* Map keeping a reference to all active sessions
|
||||
*/
|
||||
private Map<String, PrivilegeContext> privilegeContextMap;
|
||||
protected Map<String, PrivilegeContext> privilegeContextMap;
|
||||
|
||||
/**
|
||||
* Map of {@link PrivilegePolicy} classes
|
||||
*/
|
||||
private Map<String, Class<PrivilegePolicy>> policyMap;
|
||||
protected Map<String, Class<PrivilegePolicy>> policyMap;
|
||||
|
||||
/**
|
||||
* The persistence handler is used for getting objects and saving changes
|
||||
*/
|
||||
private PersistenceHandler persistenceHandler;
|
||||
protected PersistenceHandler persistenceHandler;
|
||||
|
||||
/**
|
||||
* The encryption handler is used for generating hashes and tokens
|
||||
*/
|
||||
private EncryptionHandler encryptionHandler;
|
||||
protected EncryptionHandler encryptionHandler;
|
||||
|
||||
/**
|
||||
* The Single Sign On Handler
|
||||
*/
|
||||
private SingleSignOnHandler ssoHandler;
|
||||
protected SingleSignOnHandler ssoHandler;
|
||||
|
||||
/**
|
||||
* The {@link UserChallengeHandler} is used to challenge a user which tries to authenticate and/or change their
|
||||
* password
|
||||
*/
|
||||
private UserChallengeHandler userChallengeHandler;
|
||||
protected UserChallengeHandler userChallengeHandler;
|
||||
|
||||
/**
|
||||
* flag to define if already initialized
|
||||
*/
|
||||
private boolean initialized;
|
||||
protected boolean initialized;
|
||||
|
||||
/**
|
||||
* flag to define if a persist should be performed after a user changes their own data
|
||||
*/
|
||||
private boolean autoPersistOnUserChangesData;
|
||||
protected boolean autoPersistOnUserChangesData;
|
||||
|
||||
/**
|
||||
* flag to define if sessions should be persisted
|
||||
*/
|
||||
private boolean persistSessions;
|
||||
protected boolean persistSessions;
|
||||
|
||||
/**
|
||||
* Path to sessions file for persistence
|
||||
*/
|
||||
private File persistSessionsPath;
|
||||
protected File persistSessionsPath;
|
||||
|
||||
/**
|
||||
* Secret key
|
||||
*/
|
||||
private SecretKey secretKey;
|
||||
protected SecretKey secretKey;
|
||||
|
||||
private PrivilegeConflictResolution privilegeConflictResolution;
|
||||
protected PrivilegeConflictResolution privilegeConflictResolution;
|
||||
|
||||
@Override
|
||||
public EncryptionHandler getEncryptionHandler() throws PrivilegeException {
|
||||
|
|
|
@ -61,6 +61,11 @@ public class LdapPrivilegeHandler extends DefaultPrivilegeHandler {
|
|||
@Override
|
||||
protected synchronized User checkCredentialsAndUserState(String username, char[] password)
|
||||
throws InvalidCredentialsException, AccessDeniedException {
|
||||
|
||||
// first see if this is a local user
|
||||
if (this.persistenceHandler.getUser(username) != null)
|
||||
return super.checkCredentialsAndUserState(username, password);
|
||||
|
||||
// Set up the environment for creating the initial context
|
||||
Hashtable<String, String> env = new Hashtable<>();
|
||||
|
||||
|
@ -87,8 +92,8 @@ public class LdapPrivilegeHandler extends DefaultPrivilegeHandler {
|
|||
//Specify the search scope
|
||||
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
||||
|
||||
String searchFilter = "(&(objectCategory=person)(objectClass=user)(userPrincipalName=" + username + domain
|
||||
+ "))";
|
||||
String searchFilter =
|
||||
"(&(objectCategory=person)(objectClass=user)(userPrincipalName=" + username + domain + "))";
|
||||
|
||||
// Search for objects using the filter
|
||||
NamingEnumeration<SearchResult> answer = ctx.search(searchBase, searchFilter, searchCtls);
|
||||
|
|
Loading…
Reference in New Issue