githubFork/gitblit.git - Solinfo Gitblit

			@@ -27,14 +27,18 @@

			import com.gitblit.models.TeamModel;
			import com.gitblit.models.UserModel;
			import com.gitblit.utils.ArrayUtils;
			import com.gitblit.utils.StringUtils;
			import com.unboundid.ldap.sdk.Attribute;
			import com.unboundid.ldap.sdk.ExtendedResult;
			import com.unboundid.ldap.sdk.LDAPConnection;
			import com.unboundid.ldap.sdk.LDAPException;
			import com.unboundid.ldap.sdk.LDAPSearchException;
			import com.unboundid.ldap.sdk.ResultCode;
			import com.unboundid.ldap.sdk.SearchResult;
			import com.unboundid.ldap.sdk.SearchResultEntry;
			import com.unboundid.ldap.sdk.SearchScope;
			import com.unboundid.ldap.sdk.extensions.StartTLSExtendedRequest;
			import com.unboundid.util.ssl.SSLUtil;
			import com.unboundid.util.ssl.TrustAllTrustManager;

			@@ -80,10 +84,22 @@
			if (ldapPort == -1) // Default Port
			ldapPort = 389;

			return new LDAPConnection(ldapUrl.getHost(), ldapPort, bindUserName, bindPassword);
			LDAPConnection conn = new LDAPConnection(ldapUrl.getHost(), ldapPort, bindUserName, bindPassword);

			if (ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
			SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());

			ExtendedResult extendedResult = conn.processExtendedOperation(
			new StartTLSExtendedRequest(sslUtil.createSSLContext()));

			if (extendedResult.getResultCode() != ResultCode.SUCCESS) {
			throw new LDAPException(extendedResult.getResultCode());
			}
			}
			return conn;
			}
			} catch (URISyntaxException e) {
			logger.error("Bad LDAP URL, should be in the form: ldap(s)://<server>:<port>", e);
			logger.error("Bad LDAP URL, should be in the form: ldap(s\|+tls)://<server>:<port>", e);
			} catch (GeneralSecurityException e) {
			logger.error("Unable to create SSL Connection", e);
			} catch (LDAPException e) {
			@@ -140,17 +156,6 @@
			return !settings.getBoolean(Keys.realm.ldap.maintainTeams, false);
			}

			/**
			* Does the user service support cookie authentication?
			*
			* @return true or false
			*/
			@Override
			public boolean supportsCookies() {
			// TODO cookies need to be reviewed
			return false;
			}

			@Override
			public UserModel authenticate(String username, char[] password) {
			String simpleUsername = getSimpleUsername(username);
			@@ -173,8 +178,11 @@
			UserModel user = getUserModel(simpleUsername);
			if (user == null) // create user object for new authenticated user
			user = new UserModel(simpleUsername);



			// create a user cookie
			if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {
			user.cookie = StringUtils.getSHA1(user.username + new String(password));
			}

			if (!supportsTeamMembershipChanges())
			getTeamsFromLdap(ldapConnection, simpleUsername, loggingInUser, user);
			@@ -227,7 +235,10 @@

			user.displayName = displayName;
			} else {
			user.displayName = userEntry.getAttribute(displayName).getValue();
			Attribute attribute = userEntry.getAttribute(displayName);
			if (attribute != null && attribute.hasValue()) {
			user.displayName = attribute.getValue();
			}
			}
			}

			@@ -240,7 +251,10 @@

			user.emailAddress = email;
			} else {
			user.emailAddress = userEntry.getAttribute(email).getValue();
			Attribute attribute = userEntry.getAttribute(email);
			if (attribute != null && attribute.hasValue()) {
			user.emailAddress = attribute.getValue();
			}
			}
			}
			}