import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
-import org.argeo.api.acr.ldap.LdapAttrs;
+import org.argeo.api.acr.ldap.LdapAttr;
import org.argeo.cms.dns.DnsBrowser;
import org.argeo.cms.runtime.DirectoryConf;
public final static String IPA_ACCOUNTS_BASE = "cn=accounts";
- private final static String KRB_PRINCIPAL_NAME = LdapAttrs.krbPrincipalName.name().toLowerCase();
+ private final static String KRB_PRINCIPAL_NAME = LdapAttr.krbPrincipalName.name().toLowerCase();
public final static String IPA_USER_DIRECTORY_CONFIG = DirectoryConf.userBase + "=" + IPA_USER_BASE + "&"
+ DirectoryConf.groupBase + "=" + IPA_GROUP_BASE + "&" + DirectoryConf.systemRoleBase + "=" + IPA_ROLE_BASE
StringJoiner sj = new StringJoiner(",");
for (int i = 0; i < dcs.length; i++) {
String dc = dcs[i];
- sj.add(LdapAttrs.dc.name() + '=' + dc.toLowerCase());
+ sj.add(LdapAttr.dc.name() + '=' + dc.toLowerCase());
}
return IPA_ACCOUNTS_BASE + ',' + sj.toString();
}
String baseDn = domainToBaseDn(kname[1]);
String dn;
if (!username.contains("/"))
- dn = LdapAttrs.uid + "=" + username + "," + IPA_USER_BASE + "," + baseDn;
+ dn = LdapAttr.uid + "=" + username + "," + IPA_USER_BASE + "," + baseDn;
else
dn = KRB_PRINCIPAL_NAME + "=" + kerberosName + "," + IPA_SERVICE_BASE + "," + baseDn;
try {
public static String kerberosDomainFromDns() {
String kerberosDomain;
try (DnsBrowser dnsBrowser = new DnsBrowser()) {
+ // TODO retrieve hostname from CMS config
InetAddress localhost = InetAddress.getLocalHost();
String hostname = localhost.getHostName();
- String dnsZone = hostname.substring(hostname.indexOf('.') + 1);
+ int dotIndex = hostname.indexOf('.');
+ if (dotIndex <= 0) {
+ hostname = localhost.getCanonicalHostName();
+ dotIndex = hostname.indexOf('.');
+ if (dotIndex <= 0)
+ throw new IllegalArgumentException(
+ "Cannot extract DNS zone from hostname " + hostname + " (" + localhost + ")");
+ }
+ String dnsZone = hostname.substring(dotIndex + 1);
kerberosDomain = dnsBrowser.getRecord("_kerberos." + dnsZone, "TXT");
return kerberosDomain;
} catch (IOException e) {