io.gravitee.management.providers.ldap.spring.LdapContextSourceFactory Maven / Gradle / Ivy
The newest version!
/**
* Copyright (C) 2015 The Gravitee team (http://gravitee.io)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package io.gravitee.management.providers.ldap.spring;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.AbstractFactoryBean;
import org.springframework.core.env.Environment;
import org.springframework.ldap.core.support.BaseLdapPathContextSource;
import org.springframework.ldap.core.support.LdapContextSource;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.springframework.security.ldap.server.ApacheDSContainer;
import java.io.IOException;
import java.net.ServerSocket;
/**
* @author David BRASSELY (david at gravitee.io)
* @author GraviteeSource Team
*/
public class LdapContextSourceFactory extends AbstractFactoryBean {
@Autowired
private Environment environment;
private LdapContextSource ldapContextSource;
private ApacheDSContainer apacheDsContainer;
@Override
public Class> getObjectType() {
return LdapContextSource.class;
}
@Override
protected LdapContextSource createInstance() throws Exception {
ContextSourceBuilder contextSourceBuilder = new ContextSourceBuilder();
// TODO: remove this default index and get it by searching in the providers list configuration
int providerIdx = 2;
contextSourceBuilder
.root(environment.getProperty("security.providers[" + providerIdx + "].context-source-base"));
// set up embedded mode
if (environment.getProperty("security.providers[" + providerIdx + "].embedded", boolean.class, false)) {
contextSourceBuilder.ldif("classpath:/ldap/gravitee-io-management-rest-api-ldap-test.ldif");
} else {
contextSourceBuilder
.managerDn(environment.getProperty("security.providers[" + providerIdx + "].context-source-username"))
.managerPassword(environment.getProperty("security.providers[" + providerIdx + "].context-source-password"))
.url(environment.getProperty("security.providers[" + providerIdx + "].context-source-url"));
}
ldapContextSource = contextSourceBuilder.build();
return ldapContextSource;
}
/**
* Allows building a {@link BaseLdapPathContextSource} and optionally creating an
* embedded LDAP instance.
*
* @author Rob Winch
* @since 3.2
*/
public final class ContextSourceBuilder {
private String ldif = "classpath*:*.ldif";
private String managerPassword;
private String managerDn;
private Integer port;
private static final int DEFAULT_PORT = 33389;
private String root = "dc=springframework,dc=org";
private String url;
/**
* Specifies an ldif to load at startup for an embedded LDAP server. This only
* loads if using an embedded instance. The default is "classpath*:*.ldif".
*
* @param ldif the ldif to load at startup for an embedded LDAP server.
* @return the {@link ContextSourceBuilder} for further customization
*/
public ContextSourceBuilder ldif(String ldif) {
this.ldif = ldif;
return this;
}
/**
* Username (DN) of the "manager" user identity (i.e. "uid=admin,ou=system") which
* will be used to authenticate to a (non-embedded) LDAP server. If omitted,
* anonymous access will be used.
*
* @param managerDn the username (DN) of the "manager" user identity used to
* authenticate to a LDAP server.
* @return the {@link ContextSourceBuilder} for further customization
*/
public ContextSourceBuilder managerDn(String managerDn) {
this.managerDn = managerDn;
return this;
}
/**
* The password for the manager DN. This is required if the manager-dn is
* specified.
* @param managerPassword password for the manager DN
* @return the {@link ContextSourceBuilder} for further customization
*/
public ContextSourceBuilder managerPassword(String managerPassword) {
this.managerPassword = managerPassword;
return this;
}
/**
* The port to connect to LDAP to (the default is 33389 or random available port
* if unavailable).
* @param port the port to connect to
* @return the {@link ContextSourceBuilder} for further customization
*/
public ContextSourceBuilder port(int port) {
this.port = port;
return this;
}
/**
* Optional root suffix for the embedded LDAP server. Default is
* "dc=springframework,dc=org"
*
* @param root root suffix for the embedded LDAP server
* @return the {@link ContextSourceBuilder} for further customization
*/
public ContextSourceBuilder root(String root) {
this.root = root;
return this;
}
/**
* Specifies the ldap server URL when not using the embedded LDAP server. For
* example, "ldaps://ldap.example.com:33389/dc=myco,dc=org".
*
* @param url the ldap server URL
* @return the {@link ContextSourceBuilder} for further customization
*/
public ContextSourceBuilder url(String url) {
this.url = url;
return this;
}
private DefaultSpringSecurityContextSource build() throws Exception {
DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(
getProviderUrl());
if (managerDn != null) {
contextSource.setUserDn(managerDn);
if (managerPassword == null) {
throw new IllegalStateException(
"managerPassword is required if managerDn is supplied");
}
contextSource.setPassword(managerPassword);
}
// contextSource = postProcess(contextSource);
if (url != null) {
return contextSource;
}
ApacheDSContainer embeddedApacheContainer = new ApacheDSContainer(root, ldif);
embeddedApacheContainer.setPort(getPort());
apacheDsContainer = embeddedApacheContainer;
// postProcess(apacheDsContainer);
return contextSource;
}
private int getPort() {
if (port == null) {
port = getDefaultPort();
}
return port;
}
private int getDefaultPort() {
ServerSocket serverSocket = null;
try {
try {
serverSocket = new ServerSocket(DEFAULT_PORT);
}
catch (IOException e) {
try {
serverSocket = new ServerSocket(0);
}
catch (IOException e2) {
return DEFAULT_PORT;
}
}
return serverSocket.getLocalPort();
}
finally {
if (serverSocket != null) {
try {
serverSocket.close();
}
catch (IOException e) {
}
}
}
}
private String getProviderUrl() {
if (url == null) {
return "ldap://127.0.0.1:" + getPort() + "/" + root;
}
return url;
}
private ContextSourceBuilder() {
}
}
@Override
public void afterPropertiesSet() throws Exception {
super.afterPropertiesSet();
ldapContextSource.afterPropertiesSet();
if (apacheDsContainer != null) {
apacheDsContainer.afterPropertiesSet();
}
}
@Override
public void destroy() throws Exception {
super.destroy();
if (apacheDsContainer != null) {
apacheDsContainer.destroy();
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy