nicolabs/ldap-plugin
1
0
Fork 0
mirror of https://github.com/nicolabs/ldap-plugin.git synced 2025-09-07 05:14:24 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge remote branch 'upstream/master'

Browse source 
Originally-Committed-As: 3ff20f4436bca904da2c9daad94139aef543ff9a
This commit is contained in:
Kevin Connor 2011-06-20 13:08:43 -07:00
commit d1b2c88721
2 changed files with 18 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
core/src/main/java/hudson/security/LDAPSecurityRealm.java
View file

@ -29,7 +29,7 @@ import static hudson.Util.fixNull;
import static hudson.Util.fixEmptyAndTrim; import static hudson.Util.fixEmptyAndTrim;
import static hudson.Util.fixEmpty; import static hudson.Util.fixEmpty;
import hudson.model.Descriptor; import hudson.model.Descriptor;
import hudson.model.Hudson; import jenkins.model.Jenkins;
import hudson.model.User; import hudson.model.User;
import hudson.tasks.MailAddressResolver; import hudson.tasks.MailAddressResolver;
import hudson.util.FormValidation; import hudson.util.FormValidation;
@ -54,6 +54,7 @@ import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.acegisecurity.userdetails.ldap.LdapUserDetails; import org.acegisecurity.userdetails.ldap.LdapUserDetails;
import org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl; import org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl;
import org.apache.commons.collections.map.LRUMap; import org.apache.commons.collections.map.LRUMap;
import org.apache.commons.io.input.AutoCloseInputStream;
import org.kohsuke.stapler.DataBoundConstructor; import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.QueryParameter; import org.kohsuke.stapler.QueryParameter;
import org.springframework.dao.DataAccessException; import org.springframework.dao.DataAccessException;
@ -66,6 +67,9 @@ import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttributes; import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext; import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext; import javax.naming.directory.InitialDirContext;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException; import java.io.IOException;
import java.net.InetAddress; import java.net.InetAddress;
import java.net.Socket; import java.net.Socket;
@ -73,7 +77,6 @@ import java.net.UnknownHostException;
import java.util.Collections; import java.util.Collections;
import java.util.HashSet; import java.util.HashSet;
import java.util.Hashtable; import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set; import java.util.Set;
import java.util.logging.Level; import java.util.logging.Level;
import java.util.logging.Logger; import java.util.logging.Logger;
@ -350,7 +353,15 @@ public class LDAPSecurityRealm extends AbstractPasswordBasedSecurityRealm {
binding.setVariable("instance", this); binding.setVariable("instance", this);
BeanBuilder builder = new BeanBuilder(); BeanBuilder builder = new BeanBuilder();
builder.parse(Hudson.getInstance().servletContext.getResourceAsStream("/WEB-INF/security/LDAPBindSecurityRealm.groovy"),binding); String fileName = "LDAPBindSecurityRealm.groovy";
try {
File override = new File(Jenkins.getInstance().getRootDir(), fileName);
builder.parse(
override.exists() ? new AutoCloseInputStream(new FileInputStream(override)) :
Jenkins.getInstance().servletContext.getResourceAsStream("/WEB-INF/security/"+ fileName),binding);
} catch (FileNotFoundException e) {
throw new Error("Failed to load "+fileName,e);
}
WebApplicationContext appContext = builder.createApplicationContext(); WebApplicationContext appContext = builder.createApplicationContext();
ldapTemplate = new LdapTemplate(findBean(InitialDirContextFactory.class, appContext)); ldapTemplate = new LdapTemplate(findBean(InitialDirContextFactory.class, appContext));
@ -453,7 +464,7 @@ public class LDAPSecurityRealm extends AbstractPasswordBasedSecurityRealm {
public static final class MailAdressResolverImpl extends MailAddressResolver { public static final class MailAdressResolverImpl extends MailAddressResolver {
public String findMailAddressFor(User u) { public String findMailAddressFor(User u) {
// LDAP not active // LDAP not active
SecurityRealm realm = Hudson.getInstance().getSecurityRealm(); SecurityRealm realm = Jenkins.getInstance().getSecurityRealm();
if(!(realm instanceof LDAPSecurityRealm)) if(!(realm instanceof LDAPSecurityRealm))
return null; return null;
try { try {
@ -547,7 +558,7 @@ public class LDAPSecurityRealm extends AbstractPasswordBasedSecurityRealm {
@QueryParameter final String managerDN, @QueryParameter final String managerDN,
@QueryParameter final String managerPassword) { @QueryParameter final String managerPassword) {
if(!Hudson.getInstance().hasPermission(Hudson.ADMINISTER)) if(!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER))
return FormValidation.ok(); return FormValidation.ok();
try { try {

4
war/src/main/webapp/WEB-INF/security/LDAPBindSecurityRealm.groovy
View file

@ -28,7 +28,7 @@ import org.acegisecurity.providers.ldap.authenticator.BindAuthenticator2
import org.acegisecurity.ldap.DefaultInitialDirContextFactory import org.acegisecurity.ldap.DefaultInitialDirContextFactory
import org.acegisecurity.ldap.search.FilterBasedLdapUserSearch import org.acegisecurity.ldap.search.FilterBasedLdapUserSearch
import org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider import org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider
import hudson.model.Hudson import jenkins.model.Jenkins
import hudson.security.LDAPSecurityRealm.AuthoritiesPopulatorImpl import hudson.security.LDAPSecurityRealm.AuthoritiesPopulatorImpl
import hudson.Util import hudson.Util
import javax.naming.Context import javax.naming.Context
@ -74,7 +74,7 @@ authenticationManager(ProviderManager) {
// these providers apply everywhere // these providers apply everywhere
bean(RememberMeAuthenticationProvider) { bean(RememberMeAuthenticationProvider) {
key = Hudson.getInstance().getSecretKey(); key = Jenkins.getInstance().getSecretKey();
}, },
// this doesn't mean we allow anonymous access. // this doesn't mean we allow anonymous access.
// we just authenticate anonymous users as such, // we just authenticate anonymous users as such,