X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fauth%2FIpaLoginModule.java;h=0cbdc7d5b64a18c274271b5ec4a2987699b2fa06;hb=baccdf322cf7c6dda7b61f68d3a873be86c3089d;hp=b5d836c94c28813b0922de6afc78d08175f33d46;hpb=fcae8c8dbe979fbfdad103747328cf60de7d3315;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/auth/IpaLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/IpaLoginModule.java index b5d836c94..0cbdc7d5b 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/IpaLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/IpaLoginModule.java @@ -4,7 +4,6 @@ import java.security.PrivilegedAction; import java.util.Map; import java.util.Set; -import javax.naming.InvalidNameException; import javax.naming.ldap.LdapName; import javax.security.auth.Subject; import javax.security.auth.callback.CallbackHandler; @@ -14,7 +13,7 @@ import javax.security.auth.spi.LoginModule; import javax.servlet.http.HttpServletRequest; import org.argeo.cms.CmsException; -import org.argeo.naming.LdapAttrs; +import org.argeo.osgi.useradmin.IpaUtils; import org.osgi.framework.BundleContext; import org.osgi.framework.FrameworkUtil; import org.osgi.service.useradmin.Authorization; @@ -57,7 +56,7 @@ public class IpaLoginModule implements LoginModule { authorization = userAdmin.getAuthorization(null); } else { KerberosPrincipal kerberosPrincipal = kerberosPrincipals.iterator().next(); - LdapName dn = kerberosToIpa(kerberosPrincipal); + LdapName dn = IpaUtils.kerberosToDn(kerberosPrincipal.getName()); AuthenticatingUser authenticatingUser = new AuthenticatingUser(dn); authorization = Subject.doAs(subject, new PrivilegedAction() { @@ -79,21 +78,6 @@ public class IpaLoginModule implements LoginModule { return true; } - private LdapName kerberosToIpa(KerberosPrincipal kerberosPrincipal) { - String[] kname = kerberosPrincipal.getName().split("@"); - String username = kname[0]; - String[] dcs = kname[1].split("\\."); - StringBuilder sb = new StringBuilder(); - for (String dc : dcs) { - sb.append(',').append(LdapAttrs.dc.name()).append('=').append(dc.toLowerCase()); - } - String dn = LdapAttrs.uid + "=" + username + ",cn=users,cn=accounts" + sb; - try { - return new LdapName(dn); - } catch (InvalidNameException e) { - throw new CmsException("Badly formatted name for " + kerberosPrincipal + ": " + dn); - } - } @Override public boolean abort() throws LoginException {