mirrors
/
sonarqube
miroir de https://github.com/SonarSource/sonarqube.git
Suivre 1
Ajouter aux favoris 0
Bifurcation 0
Code Tickets 0 Versions 237 Wiki Activité
Parcourir la source

SONAR-14222 Allow to configure sasl QoP in LDAP context

tags/10.2.0.77647
Jacek Poreda il y a 10 mois
Parent
fd75a6a5af
révision
40f4d52838
2 fichiers modifiés avec 23 ajouts et 2 suppressions
Vue séparée Afficher les stats Diff
  1. 7
    2
      server/sonar-auth-ldap/src/it/java/org/sonar/auth/ldap/DefaultLdapAuthenticatorIT.java
  2. 16
    0
      server/sonar-auth-ldap/src/main/java/org/sonar/auth/ldap/LdapContextFactory.java

+ 7
- 2
server/sonar-auth-ldap/src/it/java/org/sonar/auth/ldap/DefaultLdapAuthenticatorIT.java Voir le fichier

@@ -21,6 +21,7 @@ package org.sonar.auth.ldap;

import org.junit.ClassRule;
import org.junit.Test;
import org.sonar.api.config.internal.MapSettings;
import org.sonar.api.server.http.HttpRequest;
import org.sonar.auth.ldap.server.LdapServer;

@@ -115,8 +116,12 @@ public class DefaultLdapAuthenticatorIT {

@Test
public void testSasl() {
LdapSettingsManager settingsManager = new LdapSettingsManager(
LdapSettingsFactory.generateAuthenticationSettings(exampleServer, null, LdapContextFactory.AUTH_METHOD_CRAM_MD5).asConfig());
MapSettings mapSettings = LdapSettingsFactory.generateAuthenticationSettings(exampleServer, null, LdapContextFactory.AUTH_METHOD_DIGEST_MD5);
//set sasl QoP properties as per https://docs.oracle.com/javase/jndi/tutorial/ldap/security/digest.html
mapSettings.setProperty("ldap.saslQop", "auth")
.setProperty("ldap.saslStrength", "high")
.setProperty("ldap.saslMaxbuf", "16384");
LdapSettingsManager settingsManager = new LdapSettingsManager(mapSettings.asConfig());
DefaultLdapAuthenticator authenticator = new DefaultLdapAuthenticator(settingsManager.getContextFactories(), settingsManager.getUserMappings());

LdapAuthenticationResult user1Success = authenticator.doAuthenticate(createContext("godin", "secret1"));

+ 16
- 0
server/sonar-auth-ldap/src/main/java/org/sonar/auth/ldap/LdapContextFactory.java Voir le fichier

@@ -73,6 +73,9 @@ public class LdapContextFactory {
private final String password;
private final String realm;
private final String referral;
private final String saslQop;
private final String saslStrength;
private final String saslMaxbuf;

public LdapContextFactory(org.sonar.api.config.Configuration config, String settingsPrefix, String ldapUrl) {
this.authentication = StringUtils.defaultString(config.get(settingsPrefix + ".authentication").orElse(null), DEFAULT_AUTHENTICATION);
@@ -83,6 +86,9 @@ public class LdapContextFactory {
this.username = config.get(settingsPrefix + ".bindDn").orElse(null);
this.password = config.get(settingsPrefix + ".bindPassword").orElse(null);
this.referral = getReferralsMode(config, settingsPrefix + ".followReferrals");
this.saslQop = config.get(settingsPrefix + ".saslQop").orElse(null);
this.saslStrength = config.get(settingsPrefix + ".saslStrength").orElse(null);
this.saslMaxbuf = config.get(settingsPrefix + ".saslMaxbuf").orElse(null);
}

/**
@@ -179,6 +185,16 @@ public class LdapContextFactory {
if (principal != null) {
env.put(Context.SECURITY_PRINCIPAL, principal);
}
if (saslQop != null) {
env.put("javax.security.sasl.qop", saslQop);
}
if (saslStrength != null) {
env.put("javax.security.sasl.strength", saslStrength);
}
if (saslMaxbuf != null) {
env.put("javax.security.sasl.maxbuf", saslMaxbuf);
}

// Note: debug is intentionally was placed here - in order to not expose password in log
LOG.debug("Initializing LDAP context {}", env);
if (credentials != null) {

Écrire Aperçu
Chargement…
Annuler
Enregistrer