From 5777d93fdc73971ebe939b5058b1683e8b51b84b Mon Sep 17 00:00:00 2001 From: Nick Couchman Date: Sun, 9 Dec 2018 09:48:01 -0500 Subject: [PATCH] GUACAMOLE-234: Clean up some LDAP implementation details. --- .../guacamole/auth/ldap/connection/ConnectionService.java | 6 ++++-- .../guacamole/auth/ldap/group/UserGroupService.java | 2 +- .../org/apache/guacamole/auth/ldap/user/UserService.java | 8 +++++--- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java index 1fce3c6ba..ec48faea2 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java @@ -134,13 +134,14 @@ public class ConnectionService { // Get common name (CN) Attribute cn = entry.get("cn"); - String cnName; if (cn == null) { logger.warn("guacConfigGroup is missing a cn."); return null; } + String cnName; + try { cnName = cn.getString(); } @@ -179,6 +180,7 @@ public class ConnectionService { parameter = parameterAttribute.getString(); } catch (LdapInvalidAttributeValueException e) { + logger.warn("Parameter value not valid for {}", cnName, e); return null; } parameterAttribute.remove(parameter); @@ -235,7 +237,7 @@ public class ConnectionService { * An LDAP search filter which queries all guacConfigGroup objects * accessible by the user having the given DN. * - * @throws LDAPException + * @throws LdapException * If an error occurs preventing retrieval of user groups. * * @throws GuacamoleException diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/group/UserGroupService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/group/UserGroupService.java index 7d73003f7..b31eaab81 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/group/UserGroupService.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/group/UserGroupService.java @@ -50,7 +50,7 @@ public class UserGroupService { /** * Logger for this class. */ - private final Logger logger = LoggerFactory.getLogger(UserGroupService.class); + private static final Logger logger = LoggerFactory.getLogger(UserGroupService.class); /** * Service for retrieving LDAP server configuration information. diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/user/UserService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/user/UserService.java index a5fcb4142..937723116 100644 --- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/user/UserService.java +++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/user/UserService.java @@ -29,6 +29,7 @@ import org.apache.directory.api.ldap.model.entry.Entry; import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException; import org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException; import org.apache.directory.api.ldap.model.name.Dn; +import org.apache.directory.api.ldap.model.name.Rdn; import org.apache.guacamole.auth.ldap.conf.ConfigurationService; import org.apache.guacamole.GuacamoleException; import org.apache.guacamole.GuacamoleServerException; @@ -104,6 +105,7 @@ public class UserService { return new SimpleUser(username); } catch (LdapInvalidAttributeValueException e) { + return null; } @@ -184,10 +186,10 @@ public class UserService { // Derive user DN from base DN try { - return new Dn(usernameAttributes.get(0) + "=" + username - + "," + confService.getUserBaseDN().toString()); + return new Dn(new Rdn(usernameAttributes.get(0), username), + confService.getUserBaseDN()); } - catch (LdapInvalidDnException e) { + catch (LdapInvalidAttributeValueException | LdapInvalidDnException e) { throw new GuacamoleServerException("Error trying to derive user DN.", e); }