import java.util.Map;
import java.util.Set;
-import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.servlet.http.HttpServletRequest;
import org.argeo.cms.CmsException;
-import org.argeo.naming.LdapAttrs;
+import org.argeo.osgi.useradmin.IpaUtils;
import org.osgi.framework.BundleContext;
import org.osgi.framework.FrameworkUtil;
import org.osgi.service.useradmin.Authorization;
authorization = userAdmin.getAuthorization(null);
} else {
KerberosPrincipal kerberosPrincipal = kerberosPrincipals.iterator().next();
- LdapName dn = kerberosToIpa(kerberosPrincipal);
+ LdapName dn = IpaUtils.kerberosToDn(kerberosPrincipal.getName());
AuthenticatingUser authenticatingUser = new AuthenticatingUser(dn);
authorization = Subject.doAs(subject, new PrivilegedAction<Authorization>() {
return true;
}
- private LdapName kerberosToIpa(KerberosPrincipal kerberosPrincipal) {
- String[] kname = kerberosPrincipal.getName().split("@");
- String username = kname[0];
- String[] dcs = kname[1].split("\\.");
- StringBuilder sb = new StringBuilder();
- for (String dc : dcs) {
- sb.append(',').append(LdapAttrs.dc.name()).append('=').append(dc.toLowerCase());
- }
- String dn = LdapAttrs.uid + "=" + username + ",cn=users,cn=accounts" + sb;
- try {
- return new LdapName(dn);
- } catch (InvalidNameException e) {
- throw new CmsException("Badly formatted name for " + kerberosPrincipal + ": " + dn);
- }
- }
@Override
public boolean abort() throws LoginException {