Strolch
/
strolch
mirror of https://github.com/strolch-li/strolch.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[Fix] use LDAP's sAMAccountName as username, and be case insensitive

This commit is contained in:
Robert von Burg 2020-09-25 17:19:56 +02:00
parent 74a0c5f8a4
commit 9ec060fe50
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
li.strolch.privilege/src/main/java/li/strolch/privilege/handler/BaseLdapPrivilegeHandler.java
View File

@ -124,7 +124,7 @@ public abstract class BaseLdapPrivilegeHandler extends DefaultPrivilegeHandler {
protected User buildUserFromSearchResult(String username, SearchResult sr) throws Exception {
Attributes attrs = sr.getAttributes();
validateLdapUsername(username, attrs);
username = validateLdapUsername(username, attrs);
String firstName = getFirstName(username, attrs);
String lastName = getLastName(username, attrs);
@ -145,11 +145,13 @@ public abstract class BaseLdapPrivilegeHandler extends DefaultPrivilegeHandler {
protected abstract Map<String, String> buildProperties(String username, Attributes attrs, Set<String> ldapGroups,
Set<String> strolchRoles) throws Exception;
protected void validateLdapUsername(String username, Attributes attrs) throws NamingException {
protected String validateLdapUsername(String username, Attributes attrs) throws NamingException {
Attribute sAMAccountName = attrs.get("sAMAccountName");
if (sAMAccountName == null || !username.toLowerCase().equals(sAMAccountName.get().toString().toLowerCase()))
throw new AccessDeniedException(
"Could not login with user: " + username + this.domain + " on Ldap: Wrong LDAP Data");
return sAMAccountName.get().toString();
}
protected String getLdapString(Attributes attrs, String key) throws NamingException {