예제 #1
0
        /// <summary>
        /// to update ldap contexts , If proxy user is not having permission then grant permission
        /// </summary>
        /// <param name="ldapUrl">ldap url</param>
        /// <param name="LdapAdminDN">ldap admin dn</param>
        /// <param name="LdapAdminPwd">ldap admin password</param>
        private void UpdateLdapContexts(string ldapUrl, string LdapAdminDN, string LdapAdminPwd)
        {
            // for context , see if this proxy user has the rights or not in the search context (modified or unmodified)
            LdapWebUtility ldapUtility = new LdapWebUtility(ldapUrl, LdapAdminDN, LdapAdminPwd);

            // connect
            log.Debug("context updation Connecting to {0}", ldapUrl);
            ldapUtility.Connect();
            foreach (string context in SearchContexts)
            {
                if ((context != null) && (context.Length > 0))
                {
                    if (!ldapUtility.ValidateSearchContext(context))
                    {
                        log.Debug("Invalid context entered :{0}", context);
                        throw new Exception(string.Format("Invalid context entered: {0}", context));
                    }
                }
                log.Debug("Granting Read Rights to {0} on {1}", proxy, context);
                try
                {
                    ldapUtility.GrantReadRights(proxy, context);
                }
                catch (Exception ex)
                {
                    log.Debug("Some exception in granting read access to this proxy user (DN may exist already) {0} {1}", context, proxy);
                }
            }
            ldapUtility.Disconnect();
        }
예제 #2
0
        /// <summary>
        /// Update the ldap settings
        /// </summary>
        /// <param name="LdapAdminDN">ldap admin DN</param>
        /// <param name="LdapAdminPwd">ldap admin password</param>
        /// <param name="FieldToUpdate">which field is to update in config file</param>
        /// <param name="IsMaster">Is it master server</param>
        private void UpdateLdapSettings(string LdapAdminDN, string LdapAdminPwd, string FieldToUpdate, bool IsMaster)
        {
            if (FieldToUpdate.Equals("LDAPURI"))
            {
                UriBuilder newUri = new UriBuilder();
                newUri.Host   = host;
                newUri.Scheme = scheme;
                Uri    newldapUrl = new Uri(newUri.ToString());
                string ldapUrl    = newldapUrl.ToString();
                log.Debug("into condition ldapuri modification, ldapurl is {0} and going to create an instance of ldaputility", ldapUrl);
                LdapWebUtility ldapUtility = new LdapWebUtility(ldapUrl, LdapAdminDN, LdapAdminPwd);

                if (ldapUtility.Secure)
                {
                    string certfile = Path.Combine(storePath, "RootCert.cer");

                    if (Execute("../../../../bin/get-root-certificate", "{0} {1} {2} {3} get {4}",
                                ldapUtility.Host, ldapUtility.Port, LdapAdminDN, LdapAdminPwd, certfile) != 0)
                    {
                        //Failed , getting certificate and install
                        log.Debug("Failed : getting certificate for {0}", ldapUtility.Host);
                        throw new Exception(string.Format("Failed to get certificate."));
                    }
                    if (Execute("/usr/bin/mono", "/usr/lib/mono/1.0/certmgr.exe -add -c Trust {0}",
                                certfile) != 0)
                    {
                        //Failed , getting certificate and install
                        log.Debug("Failed : Installing certificate for {0}", ldapUtility.Host);
                        throw new Exception(string.Format("Failed to save certificate."));
                    }
                }
                log.Debug("Connecting to {0}", ldapUrl);
                try
                {
                    ldapUtility.Connect();
                }
                catch (Exception ex)
                {
                    log.Debug("Ldap connect failed to server URL {0} ", ldapUrl);
                    throw new Exception(string.Format("Ldap connect failed to server URL {0} ", ldapUrl));
                }

                // get the directory type.
                log.Debug("Querying for directory type...");
                LdapDirectoryType directoryType = ldapUtility.QueryDirectoryType();
                log.Debug(" {0}", directoryType);
                ldapUtility.Disconnect();

                if (directoryType.Equals(LdapDirectoryType.Unknown))
                {
                    throw new Exception(string.Format("Unable to determine directory type for {0}", ldapUtility.Host));
                }

                // now check connecting with this proxy
                ldapUtility = new LdapWebUtility(ldapUrl, proxy, password);
                try
                {
                    ldapUtility.Connect();
                }
                catch (Exception ex)
                {
                    log.Debug("Ldap connect failed to server URL {0} with proxy user {1} ", ldapUrl, proxy);
                    throw new Exception(string.Format("Ldap connect failed to server URL {0} with proxy user {1} ", ldapUrl, proxy));
                }
                ldapUtility.Disconnect();
            }
            else
            {
                // ldap IP and SSL status has not changed , other fields (context, proxyDN, proxypwd) might have changed

                UriBuilder newUri = new UriBuilder();
                newUri.Host   = host;
                newUri.Scheme = scheme;
                Uri            newldapUrl  = new Uri(newUri.ToString());
                string         ldapUrl     = newldapUrl.ToString();
                LdapWebUtility ldapUtility = new LdapWebUtility(ldapUrl, LdapAdminDN, LdapAdminPwd);
                // connect
                ldapUtility.Connect();
                if (FieldToUpdate.Equals("PROXYDN"))
                {
                    LdapDirectoryType directoryType = ldapUtility.QueryDirectoryType();
                    // proxy DN has changed , so either create user or change the password.
                    if (password == null || password == "")
                    {
                        ProxyUser proxyDetails = new ProxyUser();
                        ProxyPassword = proxyDetails.Password;
                    }
                    if (ldapUtility.CreateUser(proxy, password))
                    {
                        // successful, proxy user is created
                        log.Debug("New user created with DN = {0} ", proxy);
                    }
                    settingChangeMap |= ChangeMap.searchContexts;
                }
                else if (FieldToUpdate.Equals("PROXYPWD"))
                {
                    if (password == null || password == "")
                    {
                        ProxyUser proxyDetails = new ProxyUser();
                        password = proxyDetails.Password;
                    }
                    ldapUtility.ChangePassword(proxy, password);
                }
                else
                {
                    UpdateLdapContexts(ldapUrl, LdapAdminDN, LdapAdminPwd);
                }

                ldapUtility.Disconnect();
            }
        }