aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar/database
diff options
context:
space:
mode:
authorShinryuken <watertext@hotmail.it>2017-11-19 11:22:31 +0100
committerGitHub <noreply@github.com>2017-11-19 11:22:31 +0100
commita5b273f8f8afd1a67613517c6487642601070456 (patch)
treebabc63f5d50977fc91b3946b1da2e86ec74c51a5 /src/org/traccar/database
parentc7928ef4a722cb40e9911c8e76e308fc48c85567 (diff)
parentfb9cbb2b74dc0060bd0dc5d0b3bfeb958ed6f3b5 (diff)
downloadtraccar-server-a5b273f8f8afd1a67613517c6487642601070456.tar.gz
traccar-server-a5b273f8f8afd1a67613517c6487642601070456.tar.bz2
traccar-server-a5b273f8f8afd1a67613517c6487642601070456.zip
Merge branch 'master' into payload-as-form-param
Diffstat (limited to 'src/org/traccar/database')
-rw-r--r--src/org/traccar/database/DataManager.java20
-rw-r--r--src/org/traccar/database/LdapProvider.java176
-rw-r--r--src/org/traccar/database/NotificationManager.java8
3 files changed, 201 insertions, 3 deletions
diff --git a/src/org/traccar/database/DataManager.java b/src/org/traccar/database/DataManager.java
index e88ff7f0d..abc424ff9 100644
--- a/src/org/traccar/database/DataManager.java
+++ b/src/org/traccar/database/DataManager.java
@@ -40,6 +40,7 @@ import liquibase.resource.FileSystemResourceAccessor;
import liquibase.resource.ResourceAccessor;
import org.traccar.Config;
+import org.traccar.Context;
import org.traccar.helper.Log;
import org.traccar.model.Attribute;
import org.traccar.model.Device;
@@ -75,9 +76,13 @@ public class DataManager {
private boolean generateQueries;
+ private boolean forceLdap;
+
public DataManager(Config config) throws Exception {
this.config = config;
+ forceLdap = config.getBoolean("ldap.force");
+
initDatabase();
initDatabaseSchema();
}
@@ -300,11 +305,20 @@ public class DataManager {
User user = QueryBuilder.create(dataSource, getQuery("database.loginUser"))
.setString("email", email.trim())
.executeQuerySingle(User.class);
- if (user != null && user.isPasswordValid(password)) {
- return user;
+ LdapProvider ldapProvider = Context.getLdapProvider();
+ if (user != null) {
+ if (ldapProvider != null && ldapProvider.login(user.getLogin(), password)
+ || !forceLdap && user.isPasswordValid(password)) {
+ return user;
+ }
} else {
- return null;
+ if (ldapProvider != null && ldapProvider.login(email, password)) {
+ user = ldapProvider.getUser(email);
+ Context.getUsersManager().addItem(user);
+ return user;
+ }
}
+ return null;
}
public void updateDeviceStatus(Device device) throws SQLException {
diff --git a/src/org/traccar/database/LdapProvider.java b/src/org/traccar/database/LdapProvider.java
new file mode 100644
index 000000000..2c4b7ceb1
--- /dev/null
+++ b/src/org/traccar/database/LdapProvider.java
@@ -0,0 +1,176 @@
+/*
+ * Copyright 2017 Anton Tananaev (anton@traccar.org)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.traccar.database;
+
+import javax.naming.Context;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+
+import org.traccar.Config;
+import org.traccar.helper.Log;
+import org.traccar.model.User;
+
+import java.util.Hashtable;
+
+public class LdapProvider {
+
+ private String url;
+ private String searchBase;
+ private String idAttribute;
+ private String nameAttribute;
+ private String mailAttribute;
+ private String searchFilter;
+ private String adminFilter;
+ private String serviceUser;
+ private String servicePassword;
+
+ public LdapProvider(Config config) {
+ String url = config.getString("ldap.url");
+ if (url != null) {
+ this.url = url;
+ } else {
+ this.url = "ldap://" + config.getString("ldap.server") + ":" + config.getInteger("ldap.port", 389);
+ }
+ this.searchBase = config.getString("ldap.base");
+ this.idAttribute = config.getString("ldap.idAttribute", "uid");
+ this.nameAttribute = config.getString("ldap.nameAttribute", "cn");
+ this.mailAttribute = config.getString("ldap.mailAttribute", "mail");
+ this.searchFilter = config.getString("ldap.searchFilter", "(" + idAttribute + "=:login)");
+ String adminGroup = config.getString("ldap.adminGroup");
+ this.adminFilter = config.getString("ldap.adminFilter");
+ if (this.adminFilter == null && adminGroup != null) {
+ this.adminFilter = "(&(" + idAttribute + "=:login)(memberOf=" + adminGroup + "))";
+ }
+ this.serviceUser = config.getString("ldap.user");
+ this.servicePassword = config.getString("ldap.password");
+ }
+
+ private InitialDirContext auth(String accountName, String password) throws NamingException {
+ Hashtable<String, String> env = new Hashtable<>();
+ env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
+ env.put(Context.PROVIDER_URL, url);
+
+ env.put(Context.SECURITY_AUTHENTICATION, "simple");
+ env.put(Context.SECURITY_PRINCIPAL, accountName);
+ env.put(Context.SECURITY_CREDENTIALS, password);
+
+ return new InitialDirContext(env);
+ }
+
+ private boolean isAdmin(String accountName) {
+ if (this.adminFilter != null) {
+ try {
+ InitialDirContext context = initContext();
+ String searchString = adminFilter.replace(":login", accountName);
+ SearchControls searchControls = new SearchControls();
+ searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+ NamingEnumeration<SearchResult> results = context.search(searchBase, searchString, searchControls);
+ if (results.hasMoreElements()) {
+ results.nextElement();
+ if (results.hasMoreElements()) {
+ Log.warning("Matched multiple users for the accountName: " + accountName);
+ return false;
+ }
+ return true;
+ }
+ } catch (NamingException e) {
+ return false;
+ }
+ }
+ return false;
+ }
+
+ public InitialDirContext initContext() throws NamingException {
+ return auth(serviceUser, servicePassword);
+ }
+
+ private SearchResult lookupUser(String accountName) throws NamingException {
+ InitialDirContext context = initContext();
+
+ String searchString = searchFilter.replace(":login", accountName);
+
+ SearchControls searchControls = new SearchControls();
+ String[] attributeFilter = {idAttribute, nameAttribute, mailAttribute};
+ searchControls.setReturningAttributes(attributeFilter);
+ searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+
+ NamingEnumeration<SearchResult> results = context.search(searchBase, searchString, searchControls);
+
+ SearchResult searchResult = null;
+ if (results.hasMoreElements()) {
+ searchResult = (SearchResult) results.nextElement();
+ if (results.hasMoreElements()) {
+ Log.warning("Matched multiple users for the accountName: " + accountName);
+ return null;
+ }
+ }
+
+ return searchResult;
+ }
+
+ public User getUser(String accountName) {
+ SearchResult ldapUser;
+ User user = new User();
+ try {
+ ldapUser = lookupUser(accountName);
+ if (ldapUser != null) {
+ Attribute attribute = ldapUser.getAttributes().get(idAttribute);
+ if (attribute != null) {
+ user.setLogin((String) attribute.get());
+ } else {
+ user.setLogin(accountName);
+ }
+ attribute = ldapUser.getAttributes().get(nameAttribute);
+ if (attribute != null) {
+ user.setName((String) attribute.get());
+ } else {
+ user.setName(accountName);
+ }
+ attribute = ldapUser.getAttributes().get(mailAttribute);
+ if (attribute != null) {
+ user.setEmail((String) attribute.get());
+ } else {
+ user.setEmail(accountName);
+ }
+ }
+ user.setAdmin(isAdmin(accountName));
+ } catch (NamingException e) {
+ user.setLogin(accountName);
+ user.setName(accountName);
+ user.setEmail(accountName);
+ Log.warning(e);
+ }
+ return user;
+ }
+
+ public boolean login(String username, String password) {
+ try {
+ SearchResult ldapUser = lookupUser(username);
+ if (ldapUser != null) {
+ auth(ldapUser.getNameInNamespace(), password).close();
+ return true;
+ }
+ } catch (NamingException e) {
+ return false;
+ }
+ return false;
+ }
+
+}
diff --git a/src/org/traccar/database/NotificationManager.java b/src/org/traccar/database/NotificationManager.java
index 73041a23f..4e6114001 100644
--- a/src/org/traccar/database/NotificationManager.java
+++ b/src/org/traccar/database/NotificationManager.java
@@ -35,8 +35,11 @@ import org.traccar.notification.NotificationSms;
public class NotificationManager extends ExtendedObjectManager<Notification> {
+ private boolean geocodeOnRequest;
+
public NotificationManager(DataManager dataManager) {
super(dataManager, Notification.class);
+ geocodeOnRequest = Context.getConfig().getBoolean("geocoder.onRequest");
}
private Set<Long> getEffectiveNotifications(long userId, long deviceId) {
@@ -57,6 +60,11 @@ public class NotificationManager extends ExtendedObjectManager<Notification> {
Log.warning(error);
}
+ if (position != null && geocodeOnRequest && Context.getGeocoder() != null && position.getAddress() == null) {
+ position.setAddress(Context.getGeocoder()
+ .getAddress(position.getLatitude(), position.getLongitude(), null));
+ }
+
long deviceId = event.getDeviceId();
Set<Long> users = Context.getPermissionsManager().getDeviceUsers(deviceId);
for (long userId : users) {