Quantcast

[Fwd: Update NIS plugin]

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Fwd: Update NIS plugin]

Ludovic Dubost

--
Ludovic Dubost
XPertNet: http://www.xpertnet.fr/
Blog: http://www.ludovic.org/blog/
XWiki: http://www.xwiki.com
Skype: ldubost AIM: nvludo Yahoo: ludovic


Hi Ludovic,

How are you?.
I'm sending you the laters implementation of my NISAuthService. I've
improved the code and fixed some issues

By the way, I've found a bug using basic authentication. If you change
from form authetication to basic authetication, you will receive an
error when you try to attach a file to a page. This bug is caused by an
incomplete implementation of the Struts MultipartRequestWrapper. I've
changed the implemetation of the MultipartRequestWrapper. methods
getRequestURL and getParameterMap from:

            public Map getParameterMap() {
                   return null;
            }

            public StringBuffer getRequestURL() {
                 return null;
            }
to
              public Map getParameterMap() {
                 return request.getParameterMap();
            }
       
            public StringBuffer getRequestURL() {
                    return new StringBuffer(request.getScheme()+ "://" +
request.getServerName() +":" + request.getServerPort()
+request.getRequestURI());
            }

I'm also attaching the struts-1.2.4.jar with this modification included.

I hope, this info can help.
Best Regards
Paulo



/**
 * ===================================================================
 *
 * Copyright (c) 2003,2004 Ludovic Dubost, All rights reserved.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details, published at
 * http://www.gnu.org/copyleft/lesser.html or in lesser.txt in the
 * root folder of this distribution.

 * Created by
 * User: Ludovic Dubost
 * Date: 5 juin 2004
 * Time: 10:48:20
 */
package com.xpn.xwiki.user.impl.NIS;

import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import com.xpn.xwiki.doc.XWikiDocument;
import com.xpn.xwiki.objects.classes.BaseClass;
import com.xpn.xwiki.objects.BaseObject;
import com.xpn.xwiki.user.api.XWikiUser;
import com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl;
import org.securityfilter.realm.SimplePrincipal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import java.security.Principal;
import java.util.Hashtable;
import java.io.UnsupportedEncodingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.InitialDirContext;
import javax.naming.*;

public class NISAuthServiceImpl extends XWikiAuthServiceImpl {

    private static final Log log = LogFactory.getLog(NISAuthServiceImpl.class);
    static final String NIS_PROVIDER_URL_PARAM = "xwiki.authentication.nis.providedURL";
    static final String ADMIN_PASSWORD_PARAM = "xwiki.adminpassword";
    static private InitialDirContext dirContext;

    public XWikiUser checkAuth(XWikiContext context) throws XWikiException {
            XWikiUser user = super.checkAuth(context);
            if (user!=null)
                user = new XWikiUser("XWiki." + user.getUser());
            return user;
    }

    public Principal authenticate(String userId, String password, XWikiContext context) throws XWikiException {

        log.debug("NIS Authenticator Improved:" + userId + "");
        Principal principal = null;

         if ((userId==null)||(userId.trim().equals("")))
            return null;                                                            

        if ((password==null)||(password.trim().equals("")))
            return null;

        String superadmin = "admin";
        if (userId.equals(superadmin)) {
            String superadminpassword = context.getWiki().Param(ADMIN_PASSWORD_PARAM);
            if ((superadminpassword!=null)&&(superadminpassword.equals(password))) {
                principal = new SimplePrincipal("XWiki.Admin");
                return principal;
            } else {
                return null;
            }
        }

        if (checkUserPassword(userId,password,context))
        {
            log.debug("User " + userId +"' password matched");
            if(isUserFirstLogin(userId,context))
            {
                log.debug("First Login");
                createUserFromNIS(userId,context);
                log.debug("User has been created");
            }
            principal =  new SimplePrincipal(userId);
        }

        return principal;
    }

//    private DirContext getUserBinding(String susername, XWikiContext context) throws XWikiException {
//         DirContext dirContext = null;
//         try{
//             InitialDirContext dirContext = getInitialContext(context);
//             dirContext.getAttributes("user/"+susername.toLowerCase())
//
//             dirContext = (DirContext) dirContext.lookup("user/"+susername.toLowerCase());
//         }catch(NameNotFoundException e)
//        {
//            log.warn(e);
//        } catch (NamingException e) {
//           log.fatal("Unexpected exeption:",e);
//
//            final XWikiException wException = new XWikiException();
//            wException.setException(e);
//            throw wException;
//        }
//        return dirContext;
//    }

    private InitialDirContext getInitialContext(XWikiContext context) throws NamingException {

        if(dirContext ==null)
        {
            Hashtable env = new Hashtable();
            env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.nis.NISCtxFactory");
            env.put(Context.PROVIDER_URL, context.getWiki().Param(NIS_PROVIDER_URL_PARAM));
            dirContext = new InitialDirContext(env);
        }
        return dirContext;
    }

    protected boolean checkUserPassword( String userId, String password, XWikiContext context) throws XWikiException {
        boolean  ret = false;
        try {
            try
            {
                ret = checkUserPasswordImpl(userId,password,context);
            }
            catch(CommunicationException exception)
            {
                dirContext = null;
                ret =  checkUserPasswordImpl(userId,password,context);
            }
        } catch (NamingException e) {
            log.debug(e);
        }
        return ret;
    }
    protected boolean checkUserPasswordImpl( String userId, String password, XWikiContext context) throws NamingException, XWikiException {

        boolean  ret = false;
        try {

            InitialDirContext dirContext = getInitialContext(context);
            Attributes attr = dirContext.getAttributes("user/"+userId.toLowerCase());
            final byte[] nisPassword = (byte[]) attr.get("userpassword").get();

            log.debug("encryptedPassword:" + new String(nisPassword));

            String encryptedPassword = new String(nisPassword,"UTF8");
            encryptedPassword = encryptedPassword.substring("{crypt}".length());
            if (encryptedPassword != null)
            {
                Crypt c = new Crypt();
                byte oldCrypt[] = encryptedPassword.getBytes("UTF8");
                byte newCrypt[] = c.crypt(password.getBytes("UTF8"),
                              oldCrypt);
                if (newCrypt.length != oldCrypt.length)
                    return false;
                for (int i = 0; i < newCrypt.length; i++) {
                    if (oldCrypt[i] != newCrypt[i])
                    return false;
                }
                ret = true;
            }
        } catch (UnsupportedEncodingException e) {
            log.fatal("Unexpected exeption:",e);

            final XWikiException wException = new XWikiException();
            wException.setException(e);
            throw wException;
        }
//
        return ret;
    }


      public boolean isUserFirstLogin(String userID, XWikiContext context)
    {
        boolean  ret = true;
        if (context!=null) {
            // First we check in the local database
            try {
                String user = findUser(userID, context);
                log.debug("Retrived user in tiky database:"+ user);
                ret = user==null || user.length()==0;
            } catch (Exception e) {}

        }
        return ret;
    }

    protected Principal getUserPrincipal(String susername, XWikiContext context) {
        Principal principal = null;

        // First we check in the local database
        try {
            String user = findUser(susername, context);
            if (user!=null) {
                principal = new SimplePrincipal(user);
            }
        } catch (Exception e) {}
       return principal;
    }

    private void createUserFromNIS(String userId, XWikiContext context) throws XWikiException {

        BaseClass bclass = context.getWiki().getUserClass(context);
        BaseObject bobj = new BaseObject();
        bobj.setClassName(bclass.getName());


        String fullwikiname = "XWiki." + userId;
        bobj.setName(fullwikiname);
        bobj.setName(userId);
        bobj.setStringValue("first_name",userId);
        if (userId != null && userId.length() > 0)
        {
            XWikiDocument doc = context.getWiki().getDocument(fullwikiname, context);
            doc.setParent("");
            doc.addObject(bclass.getName(), bobj);

            doc.setContent("#includeForm(\"XWiki.XWikiUserTemplate\")");

            context.getWiki().ProtectUserPage(context, fullwikiname, "edit", doc);

            context.getWiki().saveDocument(doc, null, context);

            context.getWiki().SetUserDefaultGroup(context, fullwikiname);
        }
    }

}

struts-1.2.4.jar (49K) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [Fwd: Update NIS plugin]

Ludovic Dubost

I'm moving the discussion to xwiki-dev.. You should subscribe:
http://forge.objectweb.org/mail/?group_id=170

The right process would be to create a task in http://jira.xwiki.org so
we can track this feature and the bug separately..

Concerning the struts change. Woulnd't this be possible ?

                  public StringBuffer getRequestURL() {
                   return request.getRequestURL());
           }

Also I think we need to send this change to the struts team in order for
this to be in the standard distrib. In the mean time we need to make a
unified diff and commit it in contrib of xwiki, and rename the struts
jar to acknowledge our change.

Ludovic

Ludovic Dubost wrote:

>
>
> ------------------------------------------------------------------------
>
> Subject:
> Update NIS plugin
> From:
> Paulo Gustavo Veiga <[hidden email]>
> Date:
> Wed, 10 Aug 2005 22:16:56 -0300
> To:
> Ludovic Dubost <[hidden email]>
>
> To:
> Ludovic Dubost <[hidden email]>
>
>
> Hi Ludovic,
>
> How are you?. I'm sending you the laters implementation of my
> NISAuthService. I've improved the code and fixed some issues
>
> By the way, I've found a bug using basic authentication. If you change
> from form authetication to basic authetication, you will receive an
> error when you try to attach a file to a page. This bug is caused by
> an incomplete implementation of the Struts MultipartRequestWrapper.
> I've changed the implemetation of the MultipartRequestWrapper. methods
> getRequestURL and getParameterMap from:
>
>            public Map getParameterMap() {
>                   return null;
>            }
>
>            public StringBuffer getRequestURL() {
>                 return null;
>            }
> to
>              public Map getParameterMap() {
>                 return request.getParameterMap();
>            }
>                   public StringBuffer getRequestURL() {
>                    return new StringBuffer(request.getScheme()+ "://"
> + request.getServerName() +":" + request.getServerPort()
> +request.getRequestURI());
>            }
>
> I'm also attaching the struts-1.2.4.jar with this modification included.
>
> I hope, this info can help.
> Best Regards
> Paulo
>
>
> ------------------------------------------------------------------------
>
>
> --
> You receive this message as a subscriber of the [hidden email] mailing list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
>  

--
Ludovic Dubost
XPertNet: http://www.xpertnet.fr/
Blog: http://www.ludovic.org/blog/
XWiki: http://www.xwiki.com
Skype: ldubost AIM: nvludo Yahoo: ludovic




--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
Loading...