//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#: //ORIGINAL LINE: private javax.naming.ldap.LdapContext getLdapContextUsingStartTls(org.apache.shiro.realm.ldap.LdapContextFactory ldapContextFactory, Object principal, Object credentials) throws javax.naming.NamingException private LdapContext GetLdapContextUsingStartTls(LdapContextFactory ldapContextFactory, object principal, object credentials) { JndiLdapContextFactory jndiLdapContextFactory = ( JndiLdapContextFactory )ldapContextFactory; Dictionary <string, object> env = new Dictionary <string, object>(); env[Context.INITIAL_CONTEXT_FACTORY] = jndiLdapContextFactory.ContextFactoryClassName; env[Context.PROVIDER_URL] = jndiLdapContextFactory.Url; LdapContext ctx = null; try { ctx = new InitialLdapContext(env, null); StartTlsRequest startTlsRequest = new StartTlsRequest(); StartTlsResponse tls = ( StartTlsResponse )ctx.extendedOperation(startTlsRequest); tls.negotiate(); ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, jndiLdapContextFactory.AuthenticationMechanism); ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, principal); ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, credentials); // do a lookup of the user to trigger authentication ctx.lookup(principal.ToString()); return(ctx); } catch (IOException e) { LdapUtils.closeContext(ctx); _securityLog.error(WithRealm("Failed to negotiate TLS connection with '%s': ", Server(jndiLdapContextFactory), e)); throw new CommunicationException(e.Message); } catch (Exception t) { LdapUtils.closeContext(ctx); _securityLog.error(WithRealm("Unexpected failure to negotiate TLS connection with '%s': ", Server(jndiLdapContextFactory), t)); throw t; } }
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#: //ORIGINAL LINE: private org.apache.shiro.authc.AuthenticationInfo queryForAuthenticationInfoSAM(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.realm.ldap.LdapContextFactory ldapContextFactory) throws javax.naming.NamingException private AuthenticationInfo QueryForAuthenticationInfoSAM(AuthenticationToken token, LdapContextFactory ldapContextFactory) { object principal = token.Principal; object credentials = token.Credentials; LdapContext ctx = null; try { ctx = _useStartTls ? GetSystemLdapContextUsingStartTls(ldapContextFactory) : ldapContextFactory.SystemLdapContext; string[] attrs = new string[] { "cn" }; SearchControls searchCtls = new SearchControls(SearchControls.SUBTREE_SCOPE, 1, 0, attrs, false, false); object[] searchArguments = new object[] { principal }; string filter = "sAMAccountName={0}"; NamingEnumeration <SearchResult> search = ctx.search(_userSearchBase, filter, searchArguments, searchCtls); if (search.hasMore()) { //JAVA TO C# CONVERTER WARNING: The original Java variable was marked 'final': //ORIGINAL LINE: final javax.naming.directory.SearchResult next = search.next(); SearchResult next = search.next(); string loginUser = next.NameInNamespace; if (search.hasMore()) { _securityLog.error("More than one user matching: " + principal); throw new AuthenticationException("More than one user matching: " + principal); } else { LdapContext ctx2 = ldapContextFactory.getLdapContext(loginUser, credentials); LdapUtils.closeContext(ctx2); } } else { throw new AuthenticationException("No user matching: " + principal); } return(CreateAuthenticationInfo(token, principal, credentials, ctx)); } finally { LdapUtils.closeContext(ctx); } }
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#: //ORIGINAL LINE: private javax.naming.ldap.LdapContext getSystemLdapContextUsingStartTls(org.apache.shiro.realm.ldap.LdapContextFactory ldapContextFactory) throws javax.naming.NamingException private LdapContext GetSystemLdapContextUsingStartTls(LdapContextFactory ldapContextFactory) { JndiLdapContextFactory jndiLdapContextFactory = ( JndiLdapContextFactory )ldapContextFactory; return(GetLdapContextUsingStartTls(ldapContextFactory, jndiLdapContextFactory.SystemUsername, jndiLdapContextFactory.SystemPassword)); }
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#: //ORIGINAL LINE: protected org.apache.shiro.authz.AuthorizationInfo queryForAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection principals, org.apache.shiro.realm.ldap.LdapContextFactory ldapContextFactory) throws javax.naming.NamingException protected internal override AuthorizationInfo QueryForAuthorizationInfo(PrincipalCollection principals, LdapContextFactory ldapContextFactory) { if (_authorizationEnabled.Value) { string username = GetUsername(principals); if (string.ReferenceEquals(username, null)) { return(null); } if (_useSystemAccountForAuthorization.Value) { // Perform context search using the system context LdapContext ldapContext = _useStartTls ? GetSystemLdapContextUsingStartTls(ldapContextFactory) : ldapContextFactory.SystemLdapContext; ISet <string> roleNames; try { roleNames = FindRoleNamesForUser(username, ldapContext); } finally { LdapUtils.closeContext(ldapContext); } return(new SimpleAuthorizationInfo(roleNames)); } else { // Authorization info is cached during authentication Cache <object, AuthorizationInfo> authorizationCache = AuthorizationCache; AuthorizationInfo authorizationInfo = authorizationCache.get(username); if (authorizationInfo == null) { // The cached authorization info has expired. // Since we do not have the subject's credentials we cannot perform a new LDAP search // for authorization info. Instead we need to fail with a special status, // so that the client can react by re-authenticating. throw new AuthorizationExpiredException("LDAP authorization info expired."); } return(authorizationInfo); } } return(null); }
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#: //ORIGINAL LINE: protected org.apache.shiro.authc.AuthenticationInfo queryForAuthenticationInfoUsingStartTls(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.realm.ldap.LdapContextFactory ldapContextFactory) throws javax.naming.NamingException protected internal virtual AuthenticationInfo QueryForAuthenticationInfoUsingStartTls(AuthenticationToken token, LdapContextFactory ldapContextFactory) { object principal = getLdapPrincipal(token); object credentials = token.Credentials; LdapContext ctx = null; try { ctx = GetLdapContextUsingStartTls(ldapContextFactory, principal, credentials); return(CreateAuthenticationInfo(token, principal, credentials, ctx)); } finally { LdapUtils.closeContext(ctx); } }
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#: //ORIGINAL LINE: protected org.apache.shiro.authc.AuthenticationInfo queryForAuthenticationInfo(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.realm.ldap.LdapContextFactory ldapContextFactory) throws javax.naming.NamingException protected internal override AuthenticationInfo QueryForAuthenticationInfo(AuthenticationToken token, LdapContextFactory ldapContextFactory) { if (_authenticationEnabled.Value) { if (_useSAMAccountName) { return(QueryForAuthenticationInfoSAM(token, ldapContextFactory)); } else { string serverString = Server(( JndiLdapContextFactory )ldapContextFactory); try { AuthenticationInfo info = _useStartTls ? QueryForAuthenticationInfoUsingStartTls(token, ldapContextFactory) : base.QueryForAuthenticationInfo(token, ldapContextFactory); _securityLog.debug(WithRealm("Authenticated user '%s' against %s", token.Principal, serverString)); return(info); } catch (Exception e) { if (IsExceptionAnLdapConnectionTimeout(e)) { throw new AuthProviderTimeoutException(LDAP_CONNECTION_TIMEOUT_CLIENT_MESSAGE, e); } else if (IsExceptionAnLdapReadTimeout(e)) { throw new AuthProviderTimeoutException(LDAP_READ_TIMEOUT_CLIENT_MESSAGE, e); } else if (IsExceptionConnectionRefused(e)) { throw new AuthProviderFailedException(LDAP_CONNECTION_REFUSED_CLIENT_MESSAGE, e); } // This exception will be caught and rethrown by Shiro, and then by us, so we do not need to wrap it here throw e; } } } else { return(null); } }
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#: //ORIGINAL LINE: protected org.apache.shiro.authz.AuthorizationInfo queryForAuthorizationInfo(org.apache.shiro.subject.PrincipalCollection principals, org.apache.shiro.realm.ldap.LdapContextFactory ldapContextFactory) throws javax.naming.NamingException protected internal override AuthorizationInfo QueryForAuthorizationInfo(PrincipalCollection principals, LdapContextFactory ldapContextFactory) { if (FailAuth) { throw new NamingException("Simulated failure"); } return(new SimpleAuthorizationInfo()); }
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#: //ORIGINAL LINE: protected org.apache.shiro.authc.AuthenticationInfo queryForAuthenticationInfoUsingStartTls(org.apache.shiro.authc.AuthenticationToken token, org.apache.shiro.realm.ldap.LdapContextFactory ldapContextFactory) throws javax.naming.NamingException protected internal override AuthenticationInfo QueryForAuthenticationInfoUsingStartTls(AuthenticationToken token, LdapContextFactory ldapContextFactory) { if (FailAuth) { throw new NamingException("Simulated failure"); } return(new SimpleAuthenticationInfo("olivia", "123", "basic")); }