Commit d2d0073c authored by wannes's avatar wannes
Browse files

Transparently move passwords into LDAP

parent dfd174c3
......@@ -20,12 +20,12 @@
<dependency>
<groupId>org.restlet.jse</groupId>
<artifactId>org.restlet</artifactId>
<version>2.3.1</version>
<version>2.3.3</version>
</dependency>
<dependency>
<groupId>org.restlet.jse</groupId>
<artifactId>org.restlet.ext.jackson</artifactId>
<version>2.3.1</version>
<version>2.3.3</version>
<exclusions>
<exclusion>
<artifactId>jackson-module-jaxb-annotations</artifactId>
......@@ -36,12 +36,12 @@
<dependency>
<groupId>org.restlet.jee</groupId>
<artifactId>org.restlet.ext.servlet</artifactId>
<version>2.3.1</version>
<version>2.3.3</version>
</dependency>
<dependency>
<groupId>org.restlet.jse</groupId>
<artifactId>org.restlet.ext.slf4j</artifactId>
<version>2.3.1</version>
<version>2.3.3</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
......@@ -56,7 +56,7 @@
<dependency>
<groupId>be.fedict.eid-applet</groupId>
<artifactId>eid-applet-service</artifactId>
<version>1.2.0</version>
<version>1.2.2</version>
<exclusions>
<exclusion>
<artifactId>servlet-api</artifactId>
......@@ -76,46 +76,46 @@
<artifactId>jetty-http</artifactId>
<groupId>org.eclipse.jetty</groupId>
<type>jar</type>
<version>9.3.0.M2</version>
<version>9.3.0.RC1</version>
</dependency>
<dependency>
<artifactId>jetty-io</artifactId>
<groupId>org.eclipse.jetty</groupId>
<type>jar</type>
<version>9.3.0.M2</version>
<version>9.3.0.RC1</version>
</dependency>
<dependency>
<artifactId>jetty-server</artifactId>
<groupId>org.eclipse.jetty</groupId>
<type>jar</type>
<version>9.3.0.M2</version>
<version>9.3.0.RC1</version>
</dependency>
<dependency>
<artifactId>jetty-util</artifactId>
<groupId>org.eclipse.jetty</groupId>
<type>jar</type>
<version>9.3.0.M2</version>
<version>9.3.0.RC1</version>
</dependency>
<dependency>
<artifactId>jetty-servlet</artifactId>
<groupId>org.eclipse.jetty</groupId>
<type>jar</type>
<version>9.3.0.M2</version>
<version>9.3.0.RC1</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty.http2</groupId>
<artifactId>http2-server</artifactId>
<version>9.3.0.M2</version>
<version>9.3.0.RC1</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty.alpn</groupId>
<artifactId>alpn-api</artifactId>
<version>1.1.0.v20141014</version>
<version>1.1.2.v20150522</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-alpn-server</artifactId>
<version>9.3.0.M2</version>
<version>9.3.0.RC1</version>
</dependency>
<dependency>
<groupId>com.googlecode.java-ipv6</groupId>
......@@ -145,7 +145,7 @@
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.35</version>
<version>5.1.36</version>
</dependency>
<dependency>
<groupId>org.postgresql</groupId>
......@@ -155,12 +155,12 @@
<dependency>
<groupId>org.xerial</groupId>
<artifactId>sqlite-jdbc</artifactId>
<version>3.8.7</version>
<version>3.8.10.1</version>
</dependency>
<dependency>
<groupId>org.apache.curator</groupId>
<artifactId>curator-recipes</artifactId>
<version>2.7.1</version>
<version>2.8.0</version>
</dependency>
<dependency>
<groupId>net.killa.kept</groupId>
......@@ -209,6 +209,11 @@
<artifactId>unboundid-ldapsdk</artifactId>
<version>2.3.8</version>
</dependency>
<dependency>
<groupId>org.mindrot</groupId>
<artifactId>jbcrypt</artifactId>
<version>0.3m</version>
</dependency>
</dependencies>
<repositories>
<repository>
......
package be.neutrinet.ispng.external;
import be.neutrinet.ispng.config.Config;
import be.neutrinet.ispng.util.AuthenticationMigrationAutomationIntegration;
import com.unboundid.ldap.sdk.*;
import com.unboundid.ldap.sdk.controls.PasswordExpiredControl;
import com.unboundid.ldap.sdk.controls.PasswordExpiringControl;
......@@ -104,6 +105,11 @@ public class LDAP {
public boolean auth(String dn, String password) {
try {
// Handle migration from old password hash format
int result = AuthenticationMigrationAutomationIntegration.intercept(dn, password);
if (result == -1) return false;
if (result == 1) return true;
LDAPConnection connection = new LDAPConnection(socketFactory, host.get(), Integer.parseInt(Config.get("ldap/port", "636")));
BindResult bind = connection.bind(dn, password);
boolean success = bind.getResultCode().equals(ResultCode.SUCCESS);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment