private void validateEnvironment(String certificatePrincipal) throws NamingException { String ou = getLDAPAttribute(certificatePrincipal, OU); LOGGER.debug("OU from certificate: ", ou); String location = getLDAPAttribute(certificatePrincipal, LOCATION); LOGGER.debug("Location from certificate: ", location); if(StringUtils.isBlank(ou)) { throw new NoSuchAttributeException("No ou in dn, you may need to update your certificate: " + certificatePrincipal); } else { if(allAccessOu.equalsIgnoreCase(StringUtils.replace(ou, " ", ""))){ LOGGER.debug("Skipping environment validation, user ou matches {} ", allAccessOu); } else { //if dn not from allAccessOu, verify the location (l) field //in the cert matches the configured environment if(StringUtils.isBlank(location)) { throw new NoSuchAttributeException("No location in dn, you may need to update your certificate: " + certificatePrincipal); } else if(!locationMatchesEnvironment(location)){ throw new NoSuchAttributeException("Invalid location from dn, expected " + environment + " but found l=" + location); } } } }
/** * Returns the last recorded value taken from the given field along with the * time stamp identifying the time this value was recored. * <p> * * @param fieldname * the field whose value was recorded. * * @return the last recorded value taken from the given field along with the * time stamp identifying the time this value was recored. * * @throws NoSuchAttributeException * if no such field exists on the Object to inspect. * */ public TimeStampedValue getLastValue(final String fieldname) throws NoSuchAttributeException { // search for the field int attribindex = -1; for (int i = this.m_fields.length - 1; i >= 0; i--) { if (this.m_fields[i].getName().equals(fieldname)) { attribindex = i; break; } } if (attribindex == -1) { throw new NoSuchAttributeException("The Attribute with the name: " + fieldname + " does not exist in " + this.m_toinspect.getClass().getName()); } final ObjectInspection tmp = this.m_buffer.getYoungest(); return new TimeStampedValue(tmp.getTime(), tmp.get(attribindex)); }
public void removeUser(String username, String groupName) throws NamingException { try { ModificationItem[] mods = new ModificationItem[1]; Attribute mod = new BasicAttribute("member", getUserDN(username)); mods[0] = new ModificationItem(DirContext.REMOVE_ATTRIBUTE, mod); context.modifyAttributes(getGroupDN(groupName), mods); } catch (NoSuchAttributeException e) { // If user is not assigned, ignore the error } }
/** * Removes a Attribute from a Directory Entry. * * @param ctxSource current established Source JNDI Directory Context * @param SourceDN current DN of Entry which is to be removed. * @param AttributeName current Attribute Name to be removed. * @param _IgnoreNoSuchAttribute indicates whether or not to ignore a NoSuchAttribute Exception. * @throws idxIRRException if any non-recoverable errors encountered. */ public void RemoveAttribute(DirContext ctxSource, String SourceDN, String AttributeName, boolean _IgnoreNoSuchAttribute) throws idxIRRException { ; try { ModificationItem[] irrmods = new ModificationItem[1]; irrmods[0] = new ModificationItem( DirContext.REMOVE_ATTRIBUTE, new BasicAttribute(AttributeName)); ctxSource.modifyAttributes(SourceDN, irrmods); } catch (NoSuchAttributeException nsae) { if (_IgnoreNoSuchAttribute) { return; } throw new idxIRRException("Exception Performing IRR Removal of Attribute[" + AttributeName + "], from Entry[" + SourceDN + "],\n" + nsae); } catch (Exception e) { throw new idxIRRException("Exception Performing IRR Removal of Attribute[" + AttributeName + "], from Entry[" + SourceDN + "],\n" + e); } // End of Exception. }
