--- /dev/null
+/**
+ * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package com.liferay.portal.security.ldap;
+
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+import javax.naming.Binding;
+import javax.naming.CompositeName;
+import javax.naming.Context;
+import javax.naming.Name;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.naming.ldap.InitialLdapContext;
+import javax.naming.ldap.LdapContext;
+
+import com.liferay.portal.kernel.exception.SystemException;
+import com.liferay.portal.kernel.log.Log;
+import com.liferay.portal.kernel.log.LogFactoryUtil;
+import com.liferay.portal.kernel.log.LogUtil;
+import com.liferay.portal.kernel.util.ArrayUtil;
+import com.liferay.portal.kernel.util.GetterUtil;
+import com.liferay.portal.kernel.util.PrefsPropsUtil;
+import com.liferay.portal.kernel.util.PropertiesUtil;
+import com.liferay.portal.kernel.util.PropsKeys;
+import com.liferay.portal.kernel.util.StringPool;
+import com.liferay.portal.kernel.util.StringUtil;
+import com.liferay.portal.kernel.util.Validator;
+import com.liferay.portal.util.PropsValues;
+
+/**
+ * <a href="PortalLDAPUtil.java.html"><b><i>View Source</i></b></a>
+ *
+ * @author Michael Young
+ * @author Brian Wing Shun Chan
+ * @author Jerry Niu
+ * @author Scott Lee
+ * @author Herv� M�nage
+ *
+ */
+public class PortalLDAPUtil {
+
+ static DateFormat dateFormat = new SimpleDateFormat("yyyyMMddHHmmss");
+
+ private static Log _log = LogFactoryUtil.getLog(PortalLDAPUtil.class);
+
+ // context LDAP
+ static LdapContext ctx = null;
+
+
+
+ public static Boolean isEmptyENTLDAPGroup(Properties groupMappings, Attributes attrs) {
+ Attribute attr = attrs.get(groupMappings.getProperty("user"));
+ try {
+ if (attr.size()==0 || (attr.size()==1 && ((String) attr.get(0)).equals("uid=system_fake_user"))) {
+ return true;
+ }
+ } catch (NamingException e) {
+ e.printStackTrace();
+ }
+ return false;
+ }
+
+
+ public static boolean isAuthEnabled(long companyId) throws SystemException {
+ if (PrefsPropsUtil.getBoolean(companyId, PropsKeys.LDAP_AUTH_ENABLED,
+ PropsValues.LDAP_AUTH_ENABLED)) {
+
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ public static boolean isExportEnabled(long companyId)
+ throws SystemException {
+
+ if (PrefsPropsUtil.getBoolean(companyId, PropsKeys.LDAP_EXPORT_ENABLED,
+ PropsValues.LDAP_EXPORT_ENABLED)) {
+
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ public static boolean isImportOnStartup(long companyId)
+ throws SystemException {
+
+ if (PrefsPropsUtil.getBoolean(companyId,
+ PropsKeys.LDAP_IMPORT_ON_STARTUP)) {
+
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ public static boolean isNtlmEnabled(long companyId) throws SystemException {
+
+ if (!isAuthEnabled(companyId)) {
+ return false;
+ }
+
+ if (PrefsPropsUtil.getBoolean(companyId, PropsKeys.NTLM_AUTH_ENABLED,
+ PropsValues.NTLM_AUTH_ENABLED)) {
+
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ public static boolean isPasswordPolicyEnabled(long companyId)
+ throws SystemException {
+
+ if (PrefsPropsUtil.getBoolean(companyId,
+ PropsKeys.LDAP_PASSWORD_POLICY_ENABLED,
+ PropsValues.LDAP_PASSWORD_POLICY_ENABLED)) {
+
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ public static boolean isSiteMinderEnabled(long companyId)
+ throws SystemException {
+
+ if (!isAuthEnabled(companyId)) {
+ return false;
+ }
+
+ if (PrefsPropsUtil.getBoolean(companyId,
+ PropsKeys.SITEMINDER_AUTH_ENABLED,
+ PropsValues.SITEMINDER_AUTH_ENABLED)) {
+
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ private static Attributes _getAttributes(String fullDistinguishedName, String[] attributeIds, long companyId)
+ throws Exception {
+
+ Attributes attrs = null;
+ String[] auditAttributeIds = { "creatorsName", "createTimestamp", "modifiersName", "modifyTimestamp" };
+
+ if (attributeIds == null) {
+
+ // Get complete listing of LDAP attributes (slow)
+ attrs = doContextAttributes(companyId, fullDistinguishedName);
+ NamingEnumeration<? extends Attribute> enu = doContextAttributes(companyId, fullDistinguishedName, auditAttributeIds).getAll();
+ while (enu.hasMoreElements()) {
+ attrs.put(enu.nextElement());
+ }
+ enu.close();
+ } else {
+
+ // Get specified LDAP attributes
+ int attributeCount = attributeIds.length + auditAttributeIds.length;
+ String[] allAttributeIds = new String[attributeCount];
+ System.arraycopy(attributeIds, 0, allAttributeIds, 0, attributeIds.length);
+ System.arraycopy(auditAttributeIds, 0, allAttributeIds, attributeIds.length, auditAttributeIds.length);
+ attrs = doContextAttributes(companyId, fullDistinguishedName, allAttributeIds);
+ }
+
+ return attrs;
+ }
+
+ public static String[] splitFullName(String fullName) {
+ String firstName = StringPool.BLANK;
+ String lastName = StringPool.BLANK;
+ String middleName = StringPool.BLANK;
+
+ if (Validator.isNotNull(fullName)) {
+ String[] name = StringUtil.split(fullName, " ");
+
+ firstName = name[0];
+ lastName = name[name.length - 1];
+ middleName = StringPool.BLANK;
+
+ if (name.length > 2) {
+ for (int i = 1; i < name.length - 1; i++) {
+ if (Validator.isNull(name[i].trim())) {
+ continue;
+ }
+
+ if (i != 1) {
+ middleName += " ";
+ }
+
+ middleName += name[i].trim();
+ }
+ }
+ }
+ else {
+ firstName = GetterUtil.getString(firstName, lastName);
+ lastName = firstName;
+ }
+
+ return new String[] {firstName, middleName, lastName};
+ }
+
+ /**
+ * Delete a user in LDAP
+ * @param companyId
+ * @param dn
+ * @throws Exception
+ */
+ public static void delete(long companyId, String dn) throws Exception {
+ try{
+ getContext(companyId).unbind(dn);
+ }
+ catch(Exception e) {
+ e.printStackTrace();
+ _log.error("Could not delete dn "+dn+" in LDAP.");
+ }
+
+ }
+
+
+
+ public static Attributes getGroupAttributes(long companyId, String fullDistinguishedName) throws Exception {
+ return getGroupAttributes(companyId, fullDistinguishedName, false);
+ }
+
+ public static Attributes getGroupAttributes(long companyId,
+ String fullDistinguishedName,
+ boolean includeReferenceAttributes) throws Exception {
+
+ Properties groupMappings = getGroupMappings(companyId);
+
+ List<String> mappedGroupAttributeIds = new ArrayList<String>();
+
+ mappedGroupAttributeIds.add(groupMappings.getProperty("groupName"));
+ mappedGroupAttributeIds.add(groupMappings.getProperty("description"));
+
+ if (includeReferenceAttributes) {
+ mappedGroupAttributeIds.add(groupMappings.getProperty("user"));
+ }
+
+ return _getAttributes(fullDistinguishedName,
+ mappedGroupAttributeIds.toArray(new String[0]), companyId);
+ }
+
+
+ public static Properties getGroupMappings(long companyId) throws Exception {
+
+ Properties groupMappings = PropertiesUtil.load(PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_GROUP_MAPPINGS));
+ return groupMappings;
+ }
+
+ public static NamingEnumeration<SearchResult> getGroups(long companyId, int maxResults) throws Exception {
+
+ String baseDN = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_DN);
+ String groupFilter = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_IMPORT_GROUP_SEARCH_FILTER);
+ return getGroups(companyId, maxResults, baseDN, groupFilter);
+ }
+
+ public static NamingEnumeration<SearchResult> getGroups(long companyId, int maxResults, String baseDN, String groupFilter)
+ throws Exception {
+
+ SearchControls cons = new SearchControls(SearchControls.SUBTREE_SCOPE, maxResults, 0, null, false, false);
+ return doContextSearch(companyId, baseDN, groupFilter, cons);
+ }
+
+ public static String getNameInNamespace(long companyId, Binding binding)
+ throws Exception {
+
+ String baseDN = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_DN);
+
+ if (Validator.isNull(baseDN)) {
+ return binding.getName();
+ } else {
+ StringBuilder sb = new StringBuilder();
+
+ sb.append(binding.getName());
+ sb.append(StringPool.COMMA);
+ sb.append(baseDN);
+
+ return sb.toString();
+ }
+ }
+
+ public static String getNameInNamespace(
+ long ldapServerId, long companyId, Binding binding)
+ throws Exception {
+
+ String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);
+ String baseDN = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_DN + postfix);
+
+ String name = binding.getName();
+
+ if (name.startsWith(StringPool.QUOTE) &&
+ name.endsWith(StringPool.QUOTE)) {
+
+ name = name.substring(1, name.length() - 1);
+ }
+
+ if (Validator.isNull(baseDN)) {
+ return name.toString();
+ }
+ else {
+ return name.concat(StringPool.COMMA).concat(baseDN);
+ }
+ }
+
+ public static Binding getUser(long companyId, String screenName)
+ throws Exception {
+
+ NamingEnumeration<SearchResult> enu = null;
+
+ try {
+ String baseDN = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_DN);
+
+ Properties userMappings = PropertiesUtil.load(PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_USER_MAPPINGS));
+
+ StringBuilder filter = new StringBuilder();
+
+ filter.append(StringPool.OPEN_PARENTHESIS);
+ filter.append(userMappings.getProperty("screenName"));
+ filter.append(StringPool.EQUAL);
+ filter.append(screenName);
+ filter.append(StringPool.CLOSE_PARENTHESIS);
+
+ SearchControls cons = new SearchControls(
+ SearchControls.SUBTREE_SCOPE, 1, 0, null, false, false);
+
+ enu = doContextSearch(companyId, baseDN, filter.toString(), cons);
+
+ } catch (Exception e) {
+ throw e;
+ }
+
+ if (enu.hasMoreElements()) {
+ Binding binding = enu.nextElement();
+
+ enu.close();
+
+ return binding;
+ } else {
+ return null;
+ }
+ }
+
+ public static Attributes getUserAttributes(long companyId, String fullDistinguishedName) throws Exception {
+
+ Properties userMappings = PropertiesUtil.load(PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_USER_MAPPINGS));
+
+ String[] allAttrs = {
+ userMappings.getProperty(LDAPConstants.LDAP_ATTRIBUTE_SCREENNAME),
+ userMappings.getProperty(LDAPConstants.LDAP_ATTRIBUTE_EMAIL),
+ userMappings.getProperty(LDAPConstants.LDAP_ATTRIBUTE_FULLNAME),
+ userMappings.getProperty(LDAPConstants.LDAP_ATTRIBUTE_FIRSTNAME),
+ userMappings.getProperty(LDAPConstants.LDAP_ATTRIBUTE_MIDDLENAME),
+ userMappings.getProperty(LDAPConstants.LDAP_ATTRIBUTE_LASTNAME),
+ userMappings.getProperty(LDAPConstants.LDAP_ATTRIBUTE_JOBTITLE),
+ userMappings.getProperty(LDAPConstants.LDAP_ATTRIBUTE_GROUP),
+ userMappings.getProperty(LDAPConstants.LDAP_ATTRIBUTE_BIRTHDATE, ""),
+ LDAPConstants.LDAP_ATTRIBUTE_OBJECTCLASS,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTVALIDACCOUNT,
+ LDAPConstants.LDAP_ATTRIBUTE_UID,
+ LDAPConstants.LDAP_ATTRIBUTE_HOMEPHONE,
+ LDAPConstants.LDAP_ATTRIBUTE_TELEPHONENUMBER,
+ LDAPConstants.LDAP_ATTRIBUTE_MAIL,
+ LDAPConstants.LDAP_ATTRIBUTE_MOBILE,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTPERSONMOBILESMS,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTPERSONMAILDIFFUSION,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTPERSONADRESSE,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTPERSONADRESSEDIFFUSION,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTELEVEBOURSIER,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTELEVETRANSPORT,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTELEVEREGIME,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTPERSONJOINTURE,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTPERSONPROFILS,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTAUXENSCATEGODISCIPLINE,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTPERSONSTRUCTRATTACH,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTPERSONFONCTIONS,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTAUXENSMATIEREENSEIGNETAB,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTELEVEAUTORITEPARENTALE,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTAUXENSCLASSESPRINCIPAL,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTELEVEPARENTS,
+ LDAPConstants.LDAP_ATTRIBUTE_ENTELEVEPERSRELELEVE
+ };
+
+ return _getAttributes(fullDistinguishedName, allAttrs, companyId);
+ }
+
+ public static Attributes getUserAttributes(
+ long ldapServerId, long companyId, LdapContext ldapContext,
+ String fullDistinguishedName)
+ throws Exception {
+
+ Properties userMappings = LDAPSettingsUtil.getUserMappings(ldapServerId, companyId);
+ Properties userExpandoMappings = LDAPSettingsUtil.getUserExpandoMappings(ldapServerId, companyId);
+
+ PropertiesUtil.merge(userMappings, userExpandoMappings);
+
+ Properties contactMappings = LDAPSettingsUtil.getContactMappings(ldapServerId, companyId);
+ Properties contactExpandoMappings = LDAPSettingsUtil.getContactExpandoMappings(ldapServerId, companyId);
+
+ PropertiesUtil.merge(contactMappings, contactExpandoMappings);
+
+ PropertiesUtil.merge(userMappings, contactMappings);
+
+ String[] mappedUserAttributeIds = ArrayUtil.toStringArray(
+ userMappings.values().toArray(new Object[userMappings.size()]));
+
+ return _getAttributes(ldapContext, fullDistinguishedName, mappedUserAttributeIds);
+ }
+
+
+
+ private static Attributes _getAttributes(
+ LdapContext ldapContext, String fullDistinguishedName,
+ String[] attributeIds)
+ throws Exception {
+
+ Name fullDN = new CompositeName().add(fullDistinguishedName);
+
+ Attributes attributes = null;
+
+ String[] auditAttributeIds = {
+ LDAPConstants.LDAP_ATTRIBUTE_CREATORSNAME, LDAPConstants.LDAP_ATTRIBUTE_CREATETIMESTAMP, LDAPConstants.LDAP_ATTRIBUTE_MODIFIERSNAME, LDAPConstants.LDAP_ATTRIBUTE_MODIFYTIMESTAMP
+ };
+
+ if (attributeIds == null) {
+
+ // Get complete listing of LDAP attributes (slow)
+
+ attributes = ldapContext.getAttributes(fullDN);
+ NamingEnumeration<? extends Attribute> enu = null;
+
+ try {
+ enu = ldapContext.getAttributes(fullDN, auditAttributeIds).getAll();
+
+ while (enu.hasMoreElements()) {
+ attributes.put(enu.nextElement());
+ }
+ }
+ finally {
+ if (enu != null) {
+ enu.close();
+ }
+ }
+ }
+ else {
+
+ // Get specified LDAP attributes
+
+ int attributeCount = attributeIds.length + auditAttributeIds.length;
+
+ String[] allAttributeIds = new String[attributeCount];
+
+ System.arraycopy(attributeIds, 0, allAttributeIds, 0, attributeIds.length);
+ System.arraycopy(auditAttributeIds, 0, allAttributeIds, attributeIds.length, auditAttributeIds.length);
+
+ attributes = ldapContext.getAttributes(fullDN, allAttributeIds);
+ }
+
+ return attributes;
+ }
+
+
+ public static Properties getUserMappings(long companyId) throws Exception {
+
+ Properties userMappings = PropertiesUtil.load(PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_USER_MAPPINGS));
+
+ return userMappings;
+ }
+
+ public static NamingEnumeration<SearchResult> getUsers(long companyId, int maxResults) throws Exception {
+
+ return getUsers(companyId, maxResults, null);
+ }
+
+ public static NamingEnumeration<SearchResult> getUsers(long companyId, int maxResults, String[] attrs) throws Exception {
+
+ String baseDN = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_DN);
+ String userFilter = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_IMPORT_USER_SEARCH_FILTER);
+ return getUsers(companyId, maxResults, baseDN, userFilter, attrs);
+ }
+
+ public static NamingEnumeration<SearchResult> getUsers(long companyId, int maxResults, String baseDN, String userFilter, String[] attrs)
+ throws Exception {
+
+ SearchControls cons = new SearchControls(SearchControls.SUBTREE_SCOPE, maxResults, 0, attrs, false, false);
+
+ return doContextSearch(companyId, baseDN, userFilter, cons);
+ }
+
+ public static NamingEnumeration<SearchResult> getAllEtabs(long companyId, String[] attrs) throws Exception {
+
+ String etabBaseDN = "ou=etablissements,"+PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_DN);
+ String etabFilter = "(objectClass=*)";
+ SearchControls cons = new SearchControls(SearchControls.ONELEVEL_SCOPE, 0, 0, attrs, false, false);
+ return doContextSearch(companyId, etabBaseDN, etabFilter, cons);
+ }
+
+ public static String getUsersDN(long companyId) throws Exception {
+ return PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_USERS_DN);
+ }
+
+ public static long getLdapServerId(
+ long companyId)
+ throws Exception {
+
+ long[] ldapServerIds = StringUtil.split(
+ PrefsPropsUtil.getString(companyId, "ldap.server.ids"), 0L);
+
+ if(ldapServerIds.length <= 0) {
+ return 0;
+ }
+
+ return ldapServerIds[0];
+ }
+
+ public static boolean hasUser(long companyId, String screenName)
+ throws Exception {
+
+ if (getUser(companyId, screenName) != null) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ public static String getAuthSearchFilter(long companyId,
+ String emailAddress, String screenName, String userId)
+ throws SystemException {
+
+ String filter = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_AUTH_SEARCH_FILTER);
+
+ filter = StringUtil.replace(filter, new String[] { "@company_id@",
+ "@email_address@", "@screen_name@", "@user_id@" },
+ new String[] { String.valueOf(companyId), emailAddress,
+ screenName, userId });
+
+ return filter;
+ }
+
+ public static NamingEnumeration<SearchResult> doContextSearch(long companyId, String baseDN, String searchFilter, SearchControls cons) throws Exception {
+ try{
+ return getContext(companyId).search(baseDN, searchFilter, cons);
+ }
+ catch(Exception exc) {
+ if (ctx!=null) {
+ ctx.close();
+ }
+ ctx = null;
+ return getContext(companyId).search(baseDN, searchFilter, cons);
+ }
+
+ }
+
+ public static Attributes doContextAttributes(long companyId, String search) throws Exception {
+ try{
+ return getContext(companyId).getAttributes(search);
+ }
+ catch(Exception exc) {
+ if (ctx!=null) {
+ ctx.close();
+ }
+ ctx = null;
+ return getContext(companyId).getAttributes(search);
+ }
+ }
+
+ public static Attributes doContextAttributes(long companyId, String search, String[] attributeIds) throws Exception {
+ try{
+ return getContext(companyId).getAttributes(search, attributeIds);
+ }
+ catch(Exception exc) {
+ if (ctx!=null) {
+ ctx.close();
+ }
+ ctx = null;
+ return getContext(companyId).getAttributes(search, attributeIds);
+ }
+ }
+
+ public static LdapContext getContext(long companyId) throws Exception {
+ return getContext(getLdapServerId(companyId), companyId);
+ }
+
+ public static LdapContext getContext(long ldapServerId, long companyId)
+ throws Exception {
+
+ String postfix = LDAPSettingsUtil.getPropertyPostfix(ldapServerId);
+ String baseProviderURL = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_PROVIDER_URL + postfix);
+ if (Validator.isNull(baseProviderURL)){
+ baseProviderURL = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_BASE_PROVIDER_URL);
+ }
+ String pricipal = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_SECURITY_PRINCIPAL + postfix);
+ if (Validator.isNull(pricipal)){
+ pricipal = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_SECURITY_PRINCIPAL);
+ }
+ String credentials = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_SECURITY_CREDENTIALS + postfix);
+ if (Validator.isNull(credentials)){
+ credentials = PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_SECURITY_CREDENTIALS);
+ }
+ return getContext(companyId, baseProviderURL, pricipal, credentials);
+ }
+
+ public static LdapContext getContext(long companyId, String providerURL,
+ String pricipal, String credentials) throws Exception {
+
+ if (ctx!=null) {
+ return ctx;
+ }
+
+ Properties env = new Properties();
+
+ env.put(Context.INITIAL_CONTEXT_FACTORY, PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_FACTORY_INITIAL));
+ env.put(Context.PROVIDER_URL, providerURL);
+ env.put(Context.SECURITY_PRINCIPAL, pricipal);
+ env.put(Context.SECURITY_CREDENTIALS, credentials);
+ env.put(Context.REFERRAL, PrefsPropsUtil.getString(companyId, PropsKeys.LDAP_REFERRAL));
+
+ // Enable pooling
+
+ env.put("com.sun.jndi.ldap.connect.pool", "true");
+ env.put("com.sun.jndi.ldap.connect.pool.maxsize", "50");
+ env.put("com.sun.jndi.ldap.connect.pool.timeout", "10000");
+
+ LogUtil.debug(_log, env);
+
+ try {
+ ctx = new InitialLdapContext(env, null);
+ } catch (Exception e) {
+ _log.warn("Failed to bind to the LDAP server", e);
+ }
+
+ return ctx;
+ }
+
+
+}
\ No newline at end of file