/** * TestCase: get our local address and reverse look it up */ @Test public void testRDNS() throws Exception { InetAddress localhost = getLocalIPAddr(); try { String s = DNS.reverseDns(localhost, null); LOG.info("Local reverse DNS hostname is " + s); } catch (NameNotFoundException | CommunicationException e) { if (!localhost.isLinkLocalAddress() || localhost.isLoopbackAddress()) { //these addresses probably won't work with rDNS anyway, unless someone //has unusual entries in their DNS server mapping 1.0.0.127 to localhost LOG.info("Reverse DNS failing as due to incomplete networking", e); LOG.info("Address is " + localhost + " Loopback=" + localhost.isLoopbackAddress() + " Linklocal=" + localhost.isLinkLocalAddress()); } } }
void loginUser(VOUser voUser, String password, HttpServletRequest httpRequest, HttpSession session) throws LoginException, CommunicationException { ServiceAccess serviceAccess = ServiceAccess .getServiceAcccessFor(session); IdentityService service = getIdService(); // authenticate the user httpRequest.getSession(); try { httpRequest.login(String.valueOf(voUser.getKey()), password); } catch (ServletException e) { throw new LoginException(e.getMessage()); } serviceAccess.login(voUser, password, httpRequest, getResponse()); // log info on the successful login logger.logInfo(Log4jLogger.ACCESS_LOG, LogMessageIdentifier.INFO_USER_LOGIN_SUCCESS, voUser.getUserId(), IPResolver.resolveIpAddress(httpRequest), voUser.getTenantId()); // read the user details value object and store it in the session session.setAttribute(Constants.SESS_ATTR_USER, service.getCurrentUserDetails()); }
/** * Determines if the caught exception was caused by a communication * exception and return it. If so, the LDAP server cannot be reached. * * @param caughtException * The exception to check the cause for. * @return The first found CommunicationException or null. */ private CommunicationException getCausedByCommunicationException( Throwable caughtException) { Throwable cause = caughtException.getCause(); while (cause != null) { if (cause instanceof CommunicationException) { return (CommunicationException) cause; } if (cause.getMessage() .contains("javax.naming.CommunicationException")) { return new CommunicationException(); } cause = cause.getCause(); } return null; }
private String decodeSoa(int pos) throws CommunicationException { DnsName mname = new DnsName(); pos = decodeName(pos, mname); DnsName rname = new DnsName(); pos = decodeName(pos, rname); long serial = getUInt(pos); pos += 4; long refresh = getUInt(pos); pos += 4; long retry = getUInt(pos); pos += 4; long expire = getUInt(pos); pos += 4; long minimum = getUInt(pos); // now used as negative TTL pos += 4; return (mname + " " + rname + " " + serial + " " + refresh + " " + retry + " " + expire + " " + minimum); }
private String decodeNaptr(int pos) throws CommunicationException { int order = getUShort(pos); pos += 2; int preference = getUShort(pos); pos += 2; StringBuffer flags = new StringBuffer(); pos += decodeCharString(pos, flags); StringBuffer services = new StringBuffer(); pos += decodeCharString(pos, services); StringBuffer regexp = new StringBuffer(rdlen); pos += decodeCharString(pos, regexp); DnsName replacement = decodeName(pos); return (order + " " + preference + " " + flags + " " + services + " " + regexp + " " + replacement); }
@Override public Response toResponse(final Throwable exception) { /* * Check LDAP communication issue. As this exception is wrapped by a runtime exception brought bySpring-LDAP * (optional dependency), there is no way a create a specific Mapper. */ if (exception.getCause() instanceof CommunicationException) { log.error("LDAP exception", exception); return toResponse(Status.SERVICE_UNAVAILABLE, "ldap-down", exception.getCause()); } // Really not managed exception log.error("Non managed error", exception); // Don't expose the associated exception or message since we ignore the content return toResponse(Status.INTERNAL_SERVER_ERROR, "internal", null); }
void loginUser(VOUser voUser, String password, HttpServletRequest httpRequest, HttpSession session) throws LoginException, CommunicationException{ ServiceAccess serviceAccess = ServiceAccess .getServiceAcccessFor(session); IdentityService service = getIdService(); // authenticate the user serviceAccess.login(voUser, password, httpRequest, getResponse()); // log info on the successful login logger.logInfo(Log4jLogger.ACCESS_LOG, LogMessageIdentifier.INFO_USER_LOGIN_SUCCESS, voUser.getUserId(), IPResolver.resolveIpAddress(httpRequest), voUser.getTenantId()); // read the user details value object and store it in the session session.setAttribute(Constants.SESS_ATTR_USER, service.getCurrentUserDetails()); }
/** * Determines if the caught exception was caused by a communication * exception and return it. If so, the LDAP server cannot be reached. * * @param caughtException * The exception to check the cause for. * @return The first found CommunicationException or null. */ private CommunicationException getCausedByCommunicationException( Throwable caughtException) { Throwable cause = caughtException.getCause(); while (cause != null) { if (cause instanceof CommunicationException) { return (CommunicationException) cause; } if (cause.getMessage().contains( "javax.naming.CommunicationException")) { return new CommunicationException(); } cause = cause.getCause(); } return null; }
private NamingEnumeration<SearchResult> search(String name, Attributes matchAttrs) throws NamingException { try { return searchWithoutRetry(name, matchAttrs); } catch (CommunicationException first) { // I've seen ldap queries fail occasionally with a CommunicationException "connection closed". So try it twice. try { Thread.sleep(100); } catch (InterruptedException e) { // fall-through } try { return searchWithoutRetry(name, matchAttrs); } catch (NamingException second) { second.addSuppressed(first); throw second; } } }
@Test public void testEnsureOnetimeException() throws Exception { MockLdapContext ldapContext = new MockLdapContext() { boolean firstTime = true; @Override public Attributes getAttributes(String name) throws NamingException { if (firstTime) { firstTime = false; throw new CommunicationException("testing"); } else { return super.getAttributes(name); } } }; addStandardKeysAndResults(ldapContext); AdServer adServer = new AdServer("localhost", "" /*userSearchBaseDN*/, "" /*groupSearchBaseDN*/, "" /*userSearchFilter*/, "" /*groupSearchFilter*/, ldapContext) { @Override void recreateLdapContext() { // do nothing } }; adServer.initialize(); }
@Test public void testEnsureConnectionOnetimeException() throws Exception { MockLdapContext ldapContext = new MockLdapContext() { boolean firstTime = true; @Override public Attributes getAttributes(String name) throws NamingException { if (firstTime) { firstTime = false; throw new CommunicationException("testing"); } else { return super.getAttributes(name); } } }; LdapServer ldapServer = new LdapServer("localhost", "nickname", "ou=basedn", "userFilter", "cn,dn" /* attributes */, 1000 /* traversalRate */, "dn={dn}, cn={cn}", ldapContext) { @Override void recreateLdapContext() { // do nothing } }; ldapServer.initialize(); }
@Test public void testEnsureConnectionWrapsStartupException() throws Exception { MockLdapContext ldapContext = new MockLdapContext() { @Override public Attributes getAttributes(String name) throws NamingException { throw new CommunicationException("testing"); } }; LdapServer ldapServer = new LdapServer("localhost", "nickname", "ou=basedn", "userFilter", "cn,dn" /* attributes */, 1000 /* traversalRate */, "dn={dn}, cn={cn}", ldapContext) { @Override void recreateLdapContext() { throw new StartupException("persistent problem"); } }; try { ldapServer.initialize(); } catch (RuntimeException re) { assertTrue(re.getCause() instanceof NamingException); NamingException ne = (NamingException) re.getCause(); assertTrue(ne.getMessage().contains("recreateLdapContext")); assertTrue(ne.getRootCause() instanceof StartupException); } }
public void removeNamingListener(NamingListener namingListener) throws NamingException { if (listeners == null || !listeners.containsKey(namingListener)) { return; } if (namingListener instanceof UnsolicitedNotificationListener) { unls.remove(namingListener); } List<Integer> idList = listeners.remove(namingListener); if (idList == null) { return; } try { for (Integer id : idList) { client.removePersistentSearch(id.intValue(), requestControls); } } catch (IOException e) { CommunicationException ex = new CommunicationException(); ex.setRootCause(e); } }
/** * Retrieves the next element. <code>NoSuchElementException</code> will be * thrown, if there is no other elements or <code>close()</code> has been * invoked. */ public T next() throws NamingException { if (values == null || (values.isEmpty() && isFinished)) { throw new NoSuchElementException(); } synchronized (values) { if (values.isEmpty() && !isFinished) { waitMoreElement(); // wait timeout if (values.isEmpty() && !isFinished) { if (exception != null) { throw exception; } // ldap.31=Read LDAP response message time out throw new CommunicationException(Messages .getString("ldap.31")); //$NON-NLS-1$ } else if (values.isEmpty()) { throw new NoSuchElementException(); } } return values.poll(); } }
public void test_getExceptionFromResult() { String message = "error message"; LdapResult result = getLdapResult(0, message); NamingException ex = LdapUtils.getExceptionFromResult(result); assertNull(ex); // error code map to CommunicationException result = getLdapResult(2, message); ex = LdapUtils.getExceptionFromResult(result); assertTrue(ex instanceof CommunicationException); assertEquals("[LDAP: error code 2 - error message]", ex.getMessage()); // error code not in map result = getLdapResult(100, message); ex = LdapUtils.getExceptionFromResult(result); assertTrue(ex instanceof NamingException); assertEquals("[LDAP: error code 100 - error message]", ex.getMessage()); // empty error message result = getLdapResult(3, ""); ex = LdapUtils.getExceptionFromResult(result); assertTrue(ex instanceof TimeLimitExceededException); assertEquals("[LDAP: error code 3]", ex.getMessage()); }
@Test public void testGetGroupsWithConnectionClosed() throws IOException, NamingException { // The case mocks connection is closed/gc-ed, so the first search call throws CommunicationException, // then after reconnected return the user NamingEnumeration first, and then the group when(mockContext.search(anyString(), anyString(), any(Object[].class), any(SearchControls.class))) .thenThrow(new CommunicationException("Connection is closed")) .thenReturn(mockUserNamingEnum, mockGroupNamingEnum); // Although connection is down but after reconnected it still should retrieve the result groups doTestGetGroups(Arrays.asList(testGroups), 1 + 2); // 1 is the first failure call }
@Test public void testGetGroupsWithLdapDown() throws IOException, NamingException { // This mocks the case where Ldap server is down, and always throws CommunicationException when(mockContext.search(anyString(), anyString(), any(Object[].class), any(SearchControls.class))) .thenThrow(new CommunicationException("Connection is closed")); // Ldap server is down, no groups should be retrieved doTestGetGroups(Arrays.asList(new String[] {}), 1 + LdapGroupsMapping.RECONNECT_RETRY_COUNT); // 1 is the first normal call }
/** * Retrieves a PooledConnection from this list of connections. * Use an existing one if one is idle, or create one if the list's * max size hasn't been reached. If max size has been reached, wait * for a PooledConnection to be returned, or one to be removed (thus * not reaching the max size any longer). * * @param timeout if > 0, msec to wait until connection is available * @param factory creates the PooledConnection if one needs to be created * * @return A non-null PooledConnection * @throws NamingException PooledConnection cannot be created, because this * thread was interrupted while it waited for an available connection, * or if it timed out while waiting, or the creation of a connection * resulted in an error. */ synchronized PooledConnection get(long timeout, PooledConnectionFactory factory) throws NamingException { PooledConnection conn; long start = (timeout > 0 ? System.currentTimeMillis() : 0); long waittime = timeout; d("get(): before"); while ((conn = getOrCreateConnection(factory)) == null) { if (timeout > 0 && waittime <= 0) { throw new CommunicationException( "Timeout exceeded while waiting for a connection: " + timeout + "ms"); } try { d("get(): waiting"); if (waittime > 0) { wait(waittime); // Wait until one is released or removed } else { wait(); } } catch (InterruptedException e) { throw new InterruptedNamingException( "Interrupted while waiting for a connection"); } // Check whether we timed out if (timeout > 0) { long now = System.currentTimeMillis(); waittime = timeout - (now - start); } } d("get(): after"); return conn; }
synchronized BerDecoder getReplyBer() throws CommunicationException { if (cancelled) { throw new CommunicationException("Request: " + msgId + " cancelled"); } /* * Remove a reply if the queue is not empty. * poll returns null if queue is empty. */ BerDecoder reply = replies.poll(); return reply; }
ResourceRecord(byte[] msg, int msgLen, int offset, boolean qSection, boolean decodeRdata) throws CommunicationException { this.msg = msg; this.msgLen = msgLen; this.offset = offset; this.qSection = qSection; decode(decodeRdata); }
private int decodeName(int pos, DnsName n) throws CommunicationException { int endPos = -1; int level = 0; try { while (true) { if (level > MAXIMUM_COMPRESSION_REFERENCES) throw new IOException("Too many compression references"); int typeAndLen = msg[pos] & 0xFF; if (typeAndLen == 0) { // end of name ++pos; n.add(0, ""); break; } else if (typeAndLen <= 63) { // regular label ++pos; n.add(0, new String(msg, pos, typeAndLen, StandardCharsets.ISO_8859_1)); pos += typeAndLen; } else if ((typeAndLen & 0xC0) == 0xC0) { // name compression ++level; endPos = pos + 2; pos = getUShort(pos) & 0x3FFF; } else throw new IOException("Invalid label type: " + typeAndLen); } } catch (IOException | InvalidNameException e) { CommunicationException ce =new CommunicationException( "DNS error: malformed packet"); ce.initCause(e); throw ce; } if (endPos == -1) endPos = pos; return endPos; }
private Object decodeRdata(int pos) throws CommunicationException { if (rrclass == CLASS_INTERNET) { switch (rrtype) { case TYPE_A: return decodeA(pos); case TYPE_AAAA: return decodeAAAA(pos); case TYPE_CNAME: case TYPE_NS: case TYPE_PTR: return decodeName(pos); case TYPE_MX: return decodeMx(pos); case TYPE_SOA: return decodeSoa(pos); case TYPE_SRV: return decodeSrv(pos); case TYPE_NAPTR: return decodeNaptr(pos); case TYPE_TXT: return decodeTxt(pos); case TYPE_HINFO: return decodeHinfo(pos); } } // Unknown RR type/class byte[] rd = new byte[rdlen]; System.arraycopy(msg, pos, rd, 0, rdlen); return rd; }
private String decodeSrv(int pos) throws CommunicationException { int priority = getUShort(pos); pos += 2; int weight = getUShort(pos); pos += 2; int port = getUShort(pos); pos += 2; DnsName target = decodeName(pos); return (priority + " " + weight + " " + port + " " + target); }
/** * Get a map containing the values for this request. The first time * this method is called on an object, the LDAP request is sent, * the results parsed and added to a private map and also to the * cache of this LDAPCertStore. Subsequent calls return the private * map immediately. * * The map contains an entry for each requested attribute. The * attribute name is the key, values are byte[][]. If there are no * values for that attribute, values are byte[0][]. * * @return the value Map * @throws NamingException if a naming exception occurs */ private Map<String, byte[][]> getValueMap() throws NamingException { if (valueMap != null) { return valueMap; } if (DEBUG) { System.out.println("Request: " + name + ":" + requestedAttributes); requests++; if (requests % 5 == 0) { System.out.println("LDAP requests: " + requests); } } valueMap = new HashMap<>(8); String[] attrIds = requestedAttributes.toArray(STRING0); Attributes attrs; if (communicationError) { ctx.reconnect(null); communicationError = false; } try { attrs = ctx.getAttributes(name, attrIds); } catch (CommunicationException ce) { communicationError = true; throw ce; } catch (NameNotFoundException e) { // name does not exist on this LDAP server // treat same as not attributes found attrs = EMPTY_ATTRIBUTES; } for (String attrId : requestedAttributes) { Attribute attr = attrs.get(attrId); byte[][] values = getAttributeValues(attr); cacheAttribute(attrId, values); valueMap.put(attrId, values); } return valueMap; }
@DELETE @Path("ldap") public void throwCommunicationException() { /* * As this exception is wrapped by a runtime exception brought * bySpring-LDAP (optional dependency), there is no way a create a * specific Mapper. */ throw new RuntimeException(new CommunicationException("Connection refused")); }
