diff options
| author | Florian Zschocke <florian.zschocke@devolo.de> | 2016-11-25 18:21:27 +0100 |
|---|---|---|
| committer | Florian Zschocke <florian.zschocke@devolo.de> | 2016-11-29 12:01:42 +0100 |
| commit | f639d966cb5e7026cb30e6b25be55fb681feb896 (patch) | |
| tree | 5fd7523733eefbcf976132c458f195ef7acf9e5d /src/main/java/com/gitblit/auth/LdapAuthProvider.java | |
| parent | 967c2422591b70a82bd8fc991e87088e880f5024 (diff) | |
| download | gitblit-f639d966cb5e7026cb30e6b25be55fb681feb896.tar.gz gitblit-f639d966cb5e7026cb30e6b25be55fb681feb896.zip | |
Retrieve public SSH keys from LDAP.
Add new class `LdapPublicKeyManager` which retrieves public SSH keys
from LDAP.
The attribute can be configured with the new configuration option
`realm.ldap.sshPublicKey`. The setting can be a simple attribute name,
like `sshPublicKey`, or an attribute name and a prefix for the value,
like `altSecurityIdentities:SshKey`, in which case attributes are selected
that have the name `altSecurityIdentities` and whose values start with
`SshKey:`.
Diffstat (limited to 'src/main/java/com/gitblit/auth/LdapAuthProvider.java')
| -rw-r--r-- | src/main/java/com/gitblit/auth/LdapAuthProvider.java | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/src/main/java/com/gitblit/auth/LdapAuthProvider.java b/src/main/java/com/gitblit/auth/LdapAuthProvider.java index 8a326cdc..7ea8f113 100644 --- a/src/main/java/com/gitblit/auth/LdapAuthProvider.java +++ b/src/main/java/com/gitblit/auth/LdapAuthProvider.java @@ -107,9 +107,9 @@ public class LdapAuthProvider extends UsernamePasswordAuthenticationProvider { } try { - String accountBase = settings.getString(Keys.realm.ldap.accountBase, ""); String uidAttribute = settings.getString(Keys.realm.ldap.uid, "uid"); - String accountPattern = settings.getString(Keys.realm.ldap.accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))"); + String accountBase = ldapConnection.getAccountBase(); + String accountPattern = ldapConnection.getAccountPattern(); accountPattern = StringUtils.replace(accountPattern, "${username}", "*"); SearchResult result = doSearch(ldapConnection, accountBase, accountPattern); @@ -275,11 +275,7 @@ public class LdapAuthProvider extends UsernamePasswordAuthenticationProvider { try { // Find the logging in user's DN - String accountBase = settings.getString(Keys.realm.ldap.accountBase, ""); - String accountPattern = settings.getString(Keys.realm.ldap.accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))"); - accountPattern = StringUtils.replace(accountPattern, "${username}", LdapConnection.escapeLDAPSearchFilter(simpleUsername)); - - SearchResult result = doSearch(ldapConnection, accountBase, accountPattern); + SearchResult result = ldapConnection.searchUser(simpleUsername); if (result != null && result.getEntryCount() == 1) { SearchResultEntry loggingInUser = result.getSearchEntries().get(0); String loggingInUserDN = loggingInUser.getDN(); @@ -527,6 +523,7 @@ public class LdapAuthProvider extends UsernamePasswordAuthenticationProvider { + /** * Returns a simple username without any domain prefixes. * |