public void ldapInjectionSunApi(String input) throws NamingException { //Stub instances Properties props = new Properties(); props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); props.put(Context.PROVIDER_URL, "ldap://ldap.example.com"); props.put(Context.REFERRAL, "ignore"); SearchControls ctrls = new SearchControls(); ctrls.setReturningAttributes(new String[]{"givenName", "sn"}); ctrls.setSearchScope(SearchControls.SUBTREE_SCOPE); //Two context instances mostly usable with sun specific API LdapCtx context5 = null; EventDirContext context6 = null; //LdapCtx is the only known class to implements to this interface NamingEnumeration<SearchResult> answers; answers = context5.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", ctrls); answers = context5.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", new Object[0], ctrls); answers = context5.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", ctrls); answers = context5.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", new Object[0], ctrls); answers = context6.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", ctrls); answers = context6.search(new LdapName("dc=People,dc=example,dc=com"), "(uid=" + input + ")", new Object[0], ctrls); answers = context6.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", ctrls); answers = context6.search("dc=People,dc=example,dc=com", "(uid=" + input + ")", new Object[0], ctrls); }
protected void open() throws NamingException { if (isContextAlive()) { return; } context = createContext(); eventContext = ((EventDirContext) context.lookup("")); SearchControls searchControls = new SearchControls(); searchControls.setReturningAttributes(new String[]{roleAttribute}); searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); if (enableListener) { eventContext.addNamingListener(destinationBase, filter, searchControls, new LDAPNamespaceChangeListener()); } }
/** * Create InitialDirContext and NamingEventListener objects, register event * listener. */ public void setUp() { try { Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, "org.apache.harmony.test.func.api.javax." + "naming.event.EventDirCtxFactory"); ctx = new InitialDirContext(env); l = new NamingEventListenerSample(); ((EventDirContext) ctx.lookup("")).addNamingListener(ctxName, EventContext.ONELEVEL_SCOPE, l); } catch (Exception e) { e.printStackTrace(); System.exit(fail(e.toString())); } }
public void testUnsolicitedNotification() throws Exception { server.setResponseSeq(new LdapMessage[] { new LdapMessage( LdapASN1Constant.OP_BIND_RESPONSE, new BindResponse(), null) }); LdapContext context = new InitialLdapContext(env, null); server.setResponseSeq(new LdapMessage[] { new LdapMessage( LdapASN1Constant.OP_SEARCH_RESULT_DONE, new EncodableLdapResult(), null) }); EventDirContext eventContext = (EventDirContext) context.lookup(""); assertTrue(eventContext.targetMustExist()); MockUnsolicitedNotificationListener listener = new MockUnsolicitedNotificationListener(); MockLdapMessage message = new MockLdapMessage(new LdapMessage( LdapASN1Constant.OP_EXTENDED_RESPONSE, new DisconnectResponse(), null)); message.setMessageId(0); server.setResponseSeq(new LdapMessage[] { message }); eventContext.addNamingListener("", "(objectclass=cn)", new Object[0], new SearchControls(), listener); server.disconnectNotify(); Thread.sleep(500); assertNull(listener.exceptionEvent); assertNotNull(listener.unsolicatedEvent); assertTrue(listener.unsolicatedEvent.getSource() instanceof LdapContext); UnsolicitedNotification notification = listener.unsolicatedEvent .getNotification(); assertNotNull(notification); assertEquals(DisconnectResponse.oid, notification.getID()); assertNull(notification.getControls()); assertNull(notification.getException()); assertNull(notification.getReferrals()); assertNull(notification.getEncodedValue()); }
/** * start the connector */ public void start() throws Exception { LOG.info("connecting..."); Hashtable<String, String> env = new Hashtable<String, String>(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); this.ldapURI = getUri(); LOG.debug(" URI [{}]", this.ldapURI); env.put(Context.PROVIDER_URL, this.ldapURI.toString()); if (anonymousAuthentication) { LOG.debug(" login credentials [anonymous]"); env.put(Context.SECURITY_AUTHENTICATION, "none"); } else { LOG.debug(" login credentials [{}:******]", user); env.put(Context.SECURITY_PRINCIPAL, user); env.put(Context.SECURITY_CREDENTIALS, password); } boolean isConnected = false; while (!isConnected) { try { context = new InitialDirContext(env); isConnected = true; } catch (CommunicationException err) { if (failover) { this.ldapURI = getUri(); LOG.error("connection error [{}], failover connection to [{}]", env.get(Context.PROVIDER_URL), this.ldapURI.toString()); env.put(Context.PROVIDER_URL, this.ldapURI.toString()); Thread.sleep(curReconnectDelay); curReconnectDelay = Math.min(curReconnectDelay * 2, maxReconnectDelay); } else { throw err; } } } // add connectors from search results LOG.info("searching for network connectors..."); LOG.debug(" base [{}]", base); LOG.debug(" filter [{}]", searchFilter); LOG.debug(" scope [{}]", searchControls.getSearchScope()); NamingEnumeration<SearchResult> results = context.search(base, searchFilter, searchControls); while (results.hasMore()) { addConnector(results.next()); } // register persistent search event listener if (searchEventListener) { LOG.info("registering persistent search listener..."); EventDirContext eventContext = (EventDirContext) context.lookup(""); eventContext.addNamingListener(base, searchFilter, searchControls, this); } else { // otherwise close context (i.e. connection as it is no longer needed) context.close(); } }
