aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnton Tananaev <anton.tananaev@gmail.com>2017-11-11 18:40:40 +1300
committerAnton Tananaev <anton.tananaev@gmail.com>2017-11-11 18:40:40 +1300
commit1908351b442732acc375397648a6834f09c0d9c4 (patch)
tree9814b1273b991ebe9831c53482cd083bcb149661
parent204b1074ee57960775066c7c483d54bab8ebf279 (diff)
downloadtraccar-server-1908351b442732acc375397648a6834f09c0d9c4.tar.gz
traccar-server-1908351b442732acc375397648a6834f09c0d9c4.tar.bz2
traccar-server-1908351b442732acc375397648a6834f09c0d9c4.zip
Implement LDAP authentication
-rw-r--r--debug.xml4
-rw-r--r--schema/changelog-3.15.xml7
-rw-r--r--src/org/traccar/Context.java11
-rw-r--r--src/org/traccar/database/DataManager.java19
-rw-r--r--src/org/traccar/database/LdapProvider.java51
-rw-r--r--src/org/traccar/model/User.java10
6 files changed, 99 insertions, 3 deletions
diff --git a/debug.xml b/debug.xml
index 282350b8a..e8647b6fe 100644
--- a/debug.xml
+++ b/debug.xml
@@ -21,4 +21,8 @@
<entry key='intellitrac.port'>6037</entry>
+ <!--<entry key='ldap.enable'>true</entry>
+ <entry key='ldap.url'>ldap://ldap.forumsys.com:389</entry>
+ <entry key='ldap.context'>dc=example,dc=com</entry>-->
+
</properties>
diff --git a/schema/changelog-3.15.xml b/schema/changelog-3.15.xml
index 9756fe696..202ae21eb 100644
--- a/schema/changelog-3.15.xml
+++ b/schema/changelog-3.15.xml
@@ -133,5 +133,12 @@
<addForeignKeyConstraint baseTableName="device_notification" baseColumnNames="deviceid" constraintName="fk_device_notification_deviceid" referencedTableName="devices" referencedColumnNames="id" onDelete="CASCADE" />
<addForeignKeyConstraint baseTableName="device_notification" baseColumnNames="notificationid" constraintName="fk_device_notification_notificationid" referencedTableName="notifications" referencedColumnNames="id" onDelete="CASCADE" />
+ <dropNotNullConstraint tableName="users" columnName="hashedpassword" columnDataType="VARCHAR(128)" />
+ <dropNotNullConstraint tableName="users" columnName="salt" columnDataType="VARCHAR(128)" />
+
+ <addColumn tableName="users">
+ <column name="login" type="VARCHAR(128)" />
+ </addColumn>
+
</changeSet>
</databaseChangeLog>
diff --git a/src/org/traccar/Context.java b/src/org/traccar/Context.java
index 237da40c8..9a48b2740 100644
--- a/src/org/traccar/Context.java
+++ b/src/org/traccar/Context.java
@@ -34,6 +34,7 @@ import org.traccar.database.DataManager;
import org.traccar.database.DeviceManager;
import org.traccar.database.DriversManager;
import org.traccar.database.IdentityManager;
+import org.traccar.database.LdapProvider;
import org.traccar.database.MediaManager;
import org.traccar.database.NotificationManager;
import org.traccar.database.PermissionsManager;
@@ -109,6 +110,12 @@ public final class Context {
return dataManager;
}
+ private static LdapProvider ldapProvider;
+
+ public static LdapProvider getLdapProvider() {
+ return ldapProvider;
+ }
+
private static MediaManager mediaManager;
public static MediaManager getMediaManager() {
@@ -321,6 +328,10 @@ public final class Context {
dataManager = new DataManager(config);
}
+ if (config.getBoolean("ldap.enable")) {
+ ldapProvider = new LdapProvider(config.getString("ldap.url"), config.getString("ldap.context"));
+ }
+
if (config.hasKey("media.path")) {
mediaManager = new MediaManager(config);
}
diff --git a/src/org/traccar/database/DataManager.java b/src/org/traccar/database/DataManager.java
index e88ff7f0d..f71e3e538 100644
--- a/src/org/traccar/database/DataManager.java
+++ b/src/org/traccar/database/DataManager.java
@@ -40,6 +40,7 @@ import liquibase.resource.FileSystemResourceAccessor;
import liquibase.resource.ResourceAccessor;
import org.traccar.Config;
+import org.traccar.Context;
import org.traccar.helper.Log;
import org.traccar.model.Attribute;
import org.traccar.model.Device;
@@ -300,11 +301,23 @@ public class DataManager {
User user = QueryBuilder.create(dataSource, getQuery("database.loginUser"))
.setString("email", email.trim())
.executeQuerySingle(User.class);
- if (user != null && user.isPasswordValid(password)) {
- return user;
+ LdapProvider ldapProvider = Context.getLdapProvider();
+ if (user != null) {
+ if (ldapProvider != null && ldapProvider.login(user.getLogin(), password)
+ || user.isPasswordValid(password)) {
+ return user;
+ }
} else {
- return null;
+ if (ldapProvider != null && ldapProvider.login(email, password)) {
+ user = new User();
+ user.setName(email);
+ user.setEmail(email);
+ user.setLogin(email);
+ Context.getUsersManager().addItem(user);
+ return user;
+ }
}
+ return null;
}
public void updateDeviceStatus(Device device) throws SQLException {
diff --git a/src/org/traccar/database/LdapProvider.java b/src/org/traccar/database/LdapProvider.java
new file mode 100644
index 000000000..6a4c244f8
--- /dev/null
+++ b/src/org/traccar/database/LdapProvider.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2017 Anton Tananaev (anton@traccar.org)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.traccar.database;
+
+import javax.naming.Context;
+import javax.naming.NamingException;
+import javax.naming.directory.InitialDirContext;
+import java.util.Hashtable;
+
+public class LdapProvider {
+
+ private String url;
+ private String context;
+
+ public LdapProvider(String url, String context) {
+ this.url = url;
+ this.context = context;
+ }
+
+ public boolean login(String username, String password) {
+
+ Hashtable<String, String> env = new Hashtable<>();
+ env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
+ env.put(Context.PROVIDER_URL, url);
+
+ env.put(Context.SECURITY_AUTHENTICATION, "simple");
+ env.put(Context.SECURITY_PRINCIPAL, "uid=" + username + "," + context);
+ env.put(Context.SECURITY_CREDENTIALS, password);
+
+ try {
+ new InitialDirContext(env).close();
+ return true;
+ } catch (NamingException e) {
+ return false;
+ }
+ }
+
+}
diff --git a/src/org/traccar/model/User.java b/src/org/traccar/model/User.java
index 5d89dcfae..b1883213c 100644
--- a/src/org/traccar/model/User.java
+++ b/src/org/traccar/model/User.java
@@ -35,6 +35,16 @@ public class User extends ExtendedModel {
this.name = name;
}
+ private String login;
+
+ public String getLogin() {
+ return login;
+ }
+
+ public void setLogin(String login) {
+ this.login = login;
+ }
+
private String email;
public String getEmail() {