예제 #1
0
        public void Connect()
        {
            if (Server.StartsWith("LDAP://"))
            {
                Server = Server.Substring("LDAP://".Length);
            }

            var ldapConnection = new LdapConnection();

            if (StartTls || Ssl)
            {
                ldapConnection.UserDefinedServerCertValidationDelegate += ServerCertValidationHandler;
            }

            if (Ssl)
            {
                ldapConnection.SecureSocketLayer = true;
            }

            try
            {
                ldapConnection.ConnectionTimeout = 30000; // 30 seconds

                _log.DebugFormat("ldapConnection.Connect(Server='{0}', PortNumber='{1}');", Server, PortNumber);

                ldapConnection.Connect(Server, PortNumber);

                if (StartTls)
                {
                    _log.Debug("ldapConnection.StartTls();");
                    ldapConnection.StartTls();
                }
            }
            catch (Exception ex)
            {
                if (_certificateConfirmRequest == null)
                {
                    if (ex.Message.StartsWith("Connect Error"))
                    {
                        throw new SocketException();
                    }

                    if (ex.Message.StartsWith("Unavailable"))
                    {
                        throw new NotSupportedException(ex.Message);
                    }

                    throw;
                }

                _log.Debug("LDAP certificate confirmation requested.");

                ldapConnection.Disconnect();

                var exception = new NovellLdapTlsCertificateRequestedException
                {
                    CertificateConfirmRequest = _certificateConfirmRequest
                };

                throw exception;
            }

            if (string.IsNullOrEmpty(Login) || string.IsNullOrEmpty(Password))
            {
                _log.Debug("ldapConnection.Bind(Anonymous)");

                ldapConnection.Bind(null, null);
            }
            else
            {
                _log.DebugFormat("ldapConnection.Bind(Login: '******')", Login);

                ldapConnection.Bind(Login, Password);
            }

            _ldapConnection = ldapConnection;
        }
        public List <LDAPObject> Search(string login, string password, string server, int portNumber,
                                        int scope, bool startTls, string searchFilter = null,
                                        string disnguishedName = null, string[] attributes = null)
        {
            if (portNumber != LdapConnection.DEFAULT_PORT && portNumber != LdapConnection.DEFAULT_SSL_PORT)
            {
                throw new SystemException("Wrong port");
            }

            if (server.StartsWith("LDAP://"))
            {
                server = server.Substring("LDAP://".Length);
            }

            var entries        = new List <LdapEntry>();
            var ldapConnection = new LdapConnection();

            if (startTls || portNumber == LdapConnection.DEFAULT_SSL_PORT)
            {
                ldapConnection.UserDefinedServerCertValidationDelegate += ServerCertValidationHandler;
            }

            ldapConnection.Connect(server, portNumber);

            if (portNumber == LdapConnection.DEFAULT_SSL_PORT)
            {
                ldapConnection.SecureSocketLayer = true;
            }

            if (startTls) // does not call stopTLS because it does not work
            {
                ldapConnection.startTLS();
            }

            ldapConnection.Bind(LdapConnection.Ldap_V3, login, password);

            if (startTls)
            {
                var errorMessage = ServerCertValidate();
                // error in ServerCertValidationHandler
                if (!string.IsNullOrEmpty(errorMessage))
                {
                    ldapConnection.Disconnect();
                    throw new Exception(errorMessage);
                }
            }

            // certificate confirmation requested
            if ((startTls && _certificateConfirmRequest != null &&
                 _certificateConfirmRequest.Requested && !_certificateConfirmRequest.Approved))
            {
                _log.Debug("LDAP certificate confirmation requested.");

                ldapConnection.Disconnect();

                var exception = new NovellLdapTlsCertificateRequestedException
                {
                    CertificateConfirmRequest = _certificateConfirmRequest
                };

                throw exception;
            }

            if (searchFilter == null)
            {
                ldapConnection.Disconnect();
                return(null);
            }

            if (attributes == null)
            {
                var ldapUniqueIdAttribute = ConfigurationManager.AppSettings["ldap.unique.id"];

                if (ldapUniqueIdAttribute == null)
                {
                    attributes = new[]
                    {
                        "*", Constants.RfcLDAPAttributes.ENTRY_DN, Constants.RfcLDAPAttributes.ENTRY_UUID,
                        Constants.RfcLDAPAttributes.NS_UNIQUE_ID, Constants.RfcLDAPAttributes.GUID
                    };
                }
                else
                {
                    attributes = new[] { "*", ldapUniqueIdAttribute };
                }
            }

            var ldapSearchConstraints = new LdapSearchConstraints
            {
                MaxResults = int.MaxValue,
                HopLimit   = 0
            };

            var ldapSearchResults = ldapConnection.Search(disnguishedName,
                                                          scope, searchFilter, attributes, false, ldapSearchConstraints);

            while (ldapSearchResults.hasMore())
            {
                LdapEntry nextEntry;
                try
                {
                    nextEntry = ldapSearchResults.next();
                }
                catch (LdapException)
                {
                    continue;
                }

                if (nextEntry != null)
                {
                    entries.Add(nextEntry);
                }
            }

            var result = LDAPObjectFactory.CreateObjects(entries);

            ldapConnection.Disconnect();

            return(result);
        }