X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fdirectory%2Fldap%2FIpaUtils.java;h=b14c090abbf65dd4de8d5af0a92e2214af090d1e;hb=ac54bae7278d8653a0ae85749a9da8e3886991c7;hp=a31cdaca1b80aea13d05b9cc849dcaed0f8e0ae6;hpb=54df376a9c2dd458a82eaa09bfbb718fe699dd0d;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/directory/ldap/IpaUtils.java b/org.argeo.cms/src/org/argeo/cms/directory/ldap/IpaUtils.java
index a31cdaca1..b14c090ab 100644
--- a/org.argeo.cms/src/org/argeo/cms/directory/ldap/IpaUtils.java
+++ b/org.argeo.cms/src/org/argeo/cms/directory/ldap/IpaUtils.java
@@ -13,7 +13,7 @@ import java.util.StringJoiner;
 import javax.naming.InvalidNameException;
 import javax.naming.ldap.LdapName;
 
-import org.argeo.api.acr.ldap.LdapAttrs;
+import org.argeo.api.acr.ldap.LdapAttr;
 import org.argeo.cms.dns.DnsBrowser;
 import org.argeo.cms.runtime.DirectoryConf;
 
@@ -26,7 +26,7 @@ public class IpaUtils {
 
 	public final static String IPA_ACCOUNTS_BASE = "cn=accounts";
 
-	private final static String KRB_PRINCIPAL_NAME = LdapAttrs.krbPrincipalName.name().toLowerCase();
+	private final static String KRB_PRINCIPAL_NAME = LdapAttr.krbPrincipalName.name().toLowerCase();
 
 	public final static String IPA_USER_DIRECTORY_CONFIG = DirectoryConf.userBase + "=" + IPA_USER_BASE + "&"
 			+ DirectoryConf.groupBase + "=" + IPA_GROUP_BASE + "&" + DirectoryConf.systemRoleBase + "=" + IPA_ROLE_BASE
@@ -51,7 +51,7 @@ public class IpaUtils {
 		StringJoiner sj = new StringJoiner(",");
 		for (int i = 0; i < dcs.length; i++) {
 			String dc = dcs[i];
-			sj.add(LdapAttrs.dc.name() + '=' + dc.toLowerCase());
+			sj.add(LdapAttr.dc.name() + '=' + dc.toLowerCase());
 		}
 		return IPA_ACCOUNTS_BASE + ',' + sj.toString();
 	}
@@ -62,7 +62,7 @@ public class IpaUtils {
 		String baseDn = domainToBaseDn(kname[1]);
 		String dn;
 		if (!username.contains("/"))
-			dn = LdapAttrs.uid + "=" + username + "," + IPA_USER_BASE + "," + baseDn;
+			dn = LdapAttr.uid + "=" + username + "," + IPA_USER_BASE + "," + baseDn;
 		else
 			dn = KRB_PRINCIPAL_NAME + "=" + kerberosName + "," + IPA_SERVICE_BASE + "," + baseDn;
 		try {
@@ -79,9 +79,18 @@ public class IpaUtils {
 	public static String kerberosDomainFromDns() {
 		String kerberosDomain;
 		try (DnsBrowser dnsBrowser = new DnsBrowser()) {
+			// TODO retrieve hostname from CMS config
 			InetAddress localhost = InetAddress.getLocalHost();
 			String hostname = localhost.getHostName();
-			String dnsZone = hostname.substring(hostname.indexOf('.') + 1);
+			int dotIndex = hostname.indexOf('.');
+			if (dotIndex <= 0) {
+				hostname = localhost.getCanonicalHostName();
+				dotIndex = hostname.indexOf('.');
+				if (dotIndex <= 0)
+					throw new IllegalArgumentException(
+							"Cannot extract DNS zone from hostname " + hostname + " (" + localhost + ")");
+			}
+			String dnsZone = hostname.substring(dotIndex + 1);
 			kerberosDomain = dnsBrowser.getRecord("_kerberos." + dnsZone, "TXT");
 			return kerberosDomain;
 		} catch (IOException e) {