From 581176503d1ebfe9cb7380ffe41e1da269bb1de5 Mon Sep 17 00:00:00 2001
From: Robert Godfrey <rgodfrey@apache.org>
Date: Fri, 18 Jul 2014 14:55:51 +0000
Subject: QPID-5768 : [Java Broker] Add ability to bind without searching for
 LDAP authentication manager

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1611668 13f79535-47bb-0310-9956-ffa450edef68
---
 .../manager/SimpleLDAPAuthenticationManager.java   |  3 ++
 .../SimpleLDAPAuthenticationManagerImpl.java       | 54 ++++++++++++++--------
 2 files changed, 38 insertions(+), 19 deletions(-)

(limited to 'qpid/java')

diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManager.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManager.java
index dde1e690ac..ec735ad4e8 100644
--- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManager.java
+++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManager.java
@@ -43,6 +43,9 @@ public interface SimpleLDAPAuthenticationManager<X extends SimpleLDAPAuthenticat
     @ManagedAttribute( description = "Search filter")
     String getSearchFilter();
 
+    @ManagedAttribute( description = "Bind without search")
+    boolean isBindWithoutSearch();
+
     @ManagedAttribute( description = "LDAP context factory")
     String getLdapContextFactory();
 
diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManagerImpl.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManagerImpl.java
index f6f32c3bce..a0b2032dac 100644
--- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManagerImpl.java
+++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/SimpleLDAPAuthenticationManagerImpl.java
@@ -90,6 +90,9 @@ public class SimpleLDAPAuthenticationManagerImpl extends AbstractAuthenticationM
     @ManagedAttributeField
     private TrustStore _trustStore;
 
+    @ManagedAttributeField
+    private boolean _bindWithoutSearch;
+
     /**
      * Dynamically created SSL Socket Factory implementation used in the case where user has specified a trust store.
      */
@@ -411,35 +414,48 @@ public class SimpleLDAPAuthenticationManagerImpl extends AbstractAuthenticationM
 
     private String getNameFromId(String id) throws NamingException
     {
-        Hashtable<String,Object> env = createInitialDirContextEnvironment(_providerUrl);
-
-        env.put(Context.SECURITY_AUTHENTICATION, "none");
-        InitialDirContext ctx = createInitialDirContext(env);
-
-        try
+        if(!isBindWithoutSearch())
         {
-            SearchControls searchControls = new SearchControls();
-            searchControls.setReturningAttributes(new String[] {});
-            searchControls.setCountLimit(1l);
-            searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
-            NamingEnumeration<?> namingEnum = null;
-            String name = null;
+            Hashtable<String, Object> env = createInitialDirContextEnvironment(_providerUrl);
+
+            env.put(Context.SECURITY_AUTHENTICATION, "none");
+            InitialDirContext ctx = createInitialDirContext(env);
 
-            namingEnum = ctx.search(_searchContext, _searchFilter, new String[] { id }, searchControls);
-            if(namingEnum.hasMore())
+            try
+            {
+                SearchControls searchControls = new SearchControls();
+                searchControls.setReturningAttributes(new String[]{});
+                searchControls.setCountLimit(1l);
+                searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+                NamingEnumeration<?> namingEnum = null;
+                String name = null;
+
+                namingEnum = ctx.search(_searchContext, _searchFilter, new String[]{id}, searchControls);
+                if (namingEnum.hasMore())
+                {
+                    SearchResult result = (SearchResult) namingEnum.next();
+                    name = result.getNameInNamespace();
+                }
+                return name;
+            }
+            finally
             {
-                SearchResult result = (SearchResult) namingEnum.next();
-                name = result.getNameInNamespace();
+                closeSafely(ctx);
             }
-            return name;
         }
-        finally
+        else
         {
-            closeSafely(ctx);
+            return id;
         }
 
     }
 
+    @Override
+    public boolean isBindWithoutSearch()
+    {
+        return _bindWithoutSearch;
+    }
+
     private void closeSafely(InitialDirContext ctx)
     {
         try
-- 
cgit v1.2.1