[Fix] Allow local users in LdapPrivilegeHandler
This commit is contained in:
parent
1a6cf58b61
commit
2eeb1518d7
|
@ -69,60 +69,60 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
||||||
/**
|
/**
|
||||||
* Map keeping a reference to all active sessions
|
* Map keeping a reference to all active sessions
|
||||||
*/
|
*/
|
||||||
private Map<String, PrivilegeContext> privilegeContextMap;
|
protected Map<String, PrivilegeContext> privilegeContextMap;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Map of {@link PrivilegePolicy} classes
|
* Map of {@link PrivilegePolicy} classes
|
||||||
*/
|
*/
|
||||||
private Map<String, Class<PrivilegePolicy>> policyMap;
|
protected Map<String, Class<PrivilegePolicy>> policyMap;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The persistence handler is used for getting objects and saving changes
|
* The persistence handler is used for getting objects and saving changes
|
||||||
*/
|
*/
|
||||||
private PersistenceHandler persistenceHandler;
|
protected PersistenceHandler persistenceHandler;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The encryption handler is used for generating hashes and tokens
|
* The encryption handler is used for generating hashes and tokens
|
||||||
*/
|
*/
|
||||||
private EncryptionHandler encryptionHandler;
|
protected EncryptionHandler encryptionHandler;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Single Sign On Handler
|
* The Single Sign On Handler
|
||||||
*/
|
*/
|
||||||
private SingleSignOnHandler ssoHandler;
|
protected SingleSignOnHandler ssoHandler;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The {@link UserChallengeHandler} is used to challenge a user which tries to authenticate and/or change their
|
* The {@link UserChallengeHandler} is used to challenge a user which tries to authenticate and/or change their
|
||||||
* password
|
* password
|
||||||
*/
|
*/
|
||||||
private UserChallengeHandler userChallengeHandler;
|
protected UserChallengeHandler userChallengeHandler;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* flag to define if already initialized
|
* flag to define if already initialized
|
||||||
*/
|
*/
|
||||||
private boolean initialized;
|
protected boolean initialized;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* flag to define if a persist should be performed after a user changes their own data
|
* flag to define if a persist should be performed after a user changes their own data
|
||||||
*/
|
*/
|
||||||
private boolean autoPersistOnUserChangesData;
|
protected boolean autoPersistOnUserChangesData;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* flag to define if sessions should be persisted
|
* flag to define if sessions should be persisted
|
||||||
*/
|
*/
|
||||||
private boolean persistSessions;
|
protected boolean persistSessions;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Path to sessions file for persistence
|
* Path to sessions file for persistence
|
||||||
*/
|
*/
|
||||||
private File persistSessionsPath;
|
protected File persistSessionsPath;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Secret key
|
* Secret key
|
||||||
*/
|
*/
|
||||||
private SecretKey secretKey;
|
protected SecretKey secretKey;
|
||||||
|
|
||||||
private PrivilegeConflictResolution privilegeConflictResolution;
|
protected PrivilegeConflictResolution privilegeConflictResolution;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public EncryptionHandler getEncryptionHandler() throws PrivilegeException {
|
public EncryptionHandler getEncryptionHandler() throws PrivilegeException {
|
||||||
|
|
|
@ -61,6 +61,11 @@ public class LdapPrivilegeHandler extends DefaultPrivilegeHandler {
|
||||||
@Override
|
@Override
|
||||||
protected synchronized User checkCredentialsAndUserState(String username, char[] password)
|
protected synchronized User checkCredentialsAndUserState(String username, char[] password)
|
||||||
throws InvalidCredentialsException, AccessDeniedException {
|
throws InvalidCredentialsException, AccessDeniedException {
|
||||||
|
|
||||||
|
// first see if this is a local user
|
||||||
|
if (this.persistenceHandler.getUser(username) != null)
|
||||||
|
return super.checkCredentialsAndUserState(username, password);
|
||||||
|
|
||||||
// Set up the environment for creating the initial context
|
// Set up the environment for creating the initial context
|
||||||
Hashtable<String, String> env = new Hashtable<>();
|
Hashtable<String, String> env = new Hashtable<>();
|
||||||
|
|
||||||
|
@ -87,8 +92,8 @@ public class LdapPrivilegeHandler extends DefaultPrivilegeHandler {
|
||||||
//Specify the search scope
|
//Specify the search scope
|
||||||
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
||||||
|
|
||||||
String searchFilter = "(&(objectCategory=person)(objectClass=user)(userPrincipalName=" + username + domain
|
String searchFilter =
|
||||||
+ "))";
|
"(&(objectCategory=person)(objectClass=user)(userPrincipalName=" + username + domain + "))";
|
||||||
|
|
||||||
// Search for objects using the filter
|
// Search for objects using the filter
|
||||||
NamingEnumeration<SearchResult> answer = ctx.search(searchBase, searchFilter, searchCtls);
|
NamingEnumeration<SearchResult> answer = ctx.search(searchBase, searchFilter, searchCtls);
|
||||||
|
|
Loading…
Reference in New Issue