Class ActiveLdap::Adapter::NetLdap
In: lib/active_ldap/adapter/net_ldap.rb
Parent: Base
Error AttributeAssignmentError AdapterNotSpecified OperationNotPermitted RequiredObjectClassMissed ConnectionError RequiredAttributeMissed LdifInvalid LdapError DistinguishedNameNotSetError EntryNotFound SaveError StrongAuthenticationRequired NotImplemented AdapterNotFound TimeoutError AuthenticationError AttributeValueInvalid EntryNotSaved DistinguishedNameInputInvalid EntryAlreadyExist ObjectClassError UnknownAttribute EntryInvalid DeleteError ConfigurationError ConnectionNotSetup DistinguishedNameInvalid Schema\n[lib/active_ldap/schema.rb\nlib/active_ldap/schema/syntaxes.rb] DistinguishedName Base Reloadable::Deprecated Reloadable::Subclasses Enumerable Ldif Collection EntryAttribute StandardError Children HasManyWrap HasMany BelongsToMany Proxy BelongsTo Common Find LDIF Delete Update GetText::Translation Normalizable GetText Parser ActiveRecord::Callbacks ActiveRecord::Validations Base\n[lib/active_ldap/adapter/base.rb\nlib/active_ldap/adapter/jndi.rb\nlib/active_ldap/adapter/ldap.rb\nlib/active_ldap/adapter/net_ldap.rb] Jndi Ldap NetLdap GetTextSupport Xml JndiConnection lib/active_ldap/distinguished_name.rb lib/active_ldap/base.rb lib/active_ldap/schema/syntaxes.rb lib/active_ldap/xml.rb lib/active_ldap/entry_attribute.rb lib/active_ldap/ldif.rb lib/active_ldap/ldap_error.rb Compatible ClassMethods Associations LdapBenchmarking ActionController Populate lib/active_ldap/association/has_many_wrap.rb lib/active_ldap/association/children.rb lib/active_ldap/association/collection.rb lib/active_ldap/association/proxy.rb lib/active_ldap/association/belongs_to_many.rb lib/active_ldap/association/belongs_to.rb lib/active_ldap/association/has_many.rb HasManyUtils Association ClassMethods Tree Acts Command Update Common ModifyNameRecordLoadable AddOperationModifiable DeleteOperationModifiable ReplaceOperationModifiable ModifyRecordLoadable DeleteRecordLoadable AddRecordLoadable ContentRecordLoadable LDIF Delete Find Operations GetTextSupport Escape ClassMethods Normalizable Attributes ClassMethods Configuration ClassMethods ObjectClass lib/active_ldap/get_text/parser.rb GetText ClassMethods Callbacks Validations lib/active_ldap/adapter/jndi_connection.rb lib/active_ldap/adapter/net_ldap.rb lib/active_ldap/adapter/ldap.rb lib/active_ldap/adapter/jndi.rb Adapter Helper Translation GetTextFallback ClassMethods HumanReadable Salt UserPassword ClassMethods Connection ActiveLdap dot/m_46_0.png

Methods

Constants

METHOD = { :ssl => :simple_tls, :tls => :start_tls, :plain => nil, }
CHARS = ("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a

Public Instance methods

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 97
 97:       def add(dn, entries, options={})
 98:         super do |_dn, _entries|
 99:           attributes = {}
100:           _entries.each do |type, key, attrs|
101:             attrs.each do |name, values|
102:               attributes[name] = values
103:             end
104:           end
105:           args = {:dn => _dn, :attributes => attributes}
106:           info = args.dup
107:           execute(:add, info, args)
108:         end
109:       end

[Source]

    # File lib/active_ldap/adapter/net_ldap.rb, line 50
50:       def bind(options={})
51:         begin
52:           super
53:         rescue Net::LDAP::LdapError
54:           raise AuthenticationError, $!.message
55:         end
56:       end

[Source]

    # File lib/active_ldap/adapter/net_ldap.rb, line 58
58:       def bind_as_anonymous(options={})
59:         super do
60:           execute(:bind, {:name => "bind: anonymous"}, {:method => :anonymous})
61:           true
62:         end
63:       end

[Source]

    # File lib/active_ldap/adapter/net_ldap.rb, line 23
23:       def connect(options={})
24:         super do |host, port, method|
25:           config = {
26:             :host => host,
27:             :port => port,
28:           }
29:           config[:encryption] = {:method => method} if method
30:           begin
31:             uri = construct_uri(host, port, method == :simple_tls)
32:             with_start_tls = method == :start_tls
33:             info = {:uri => uri, :with_start_tls => with_start_tls}
34:             [log("connect", info) {Net::LDAP::Connection.new(config)},
35:              uri, with_start_tls]
36:           rescue Net::LDAP::LdapError
37:             raise ConnectionError, $!.message
38:           end
39:         end
40:       end

[Source]

    # File lib/active_ldap/adapter/net_ldap.rb, line 89
89:       def delete(targets, options={})
90:         super do |target|
91:           args = {:dn => target}
92:           info = args.dup
93:           execute(:delete, info, args)
94:         end
95:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 111
111:       def modify(dn, entries, options={})
112:         super do |_dn, _entries|
113:           info = {:dn => _dn, :attributes => _entries}
114:           execute(:modify, info,
115:                   :dn => _dn,
116:                   :operations => parse_entries(_entries))
117:         end
118:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 120
120:       def modify_rdn(dn, new_rdn, delete_old_rdn, new_superior, options={})
121:         super do |_dn, _new_rdn, _delete_old_rdn, _new_superior|
122:           if _new_superior
123:             raise NotImplemented.new(_("modify RDN with new superior"))
124:           end
125:           info = {
126:             :name => "modify: RDN",
127:             :dn => _dn,
128:             :new_rdn => _new_rdn,
129:             :new_superior => _new_superior,
130:             :delete_old_rdn => _delete_old_rdn
131:           }
132:           execute(:rename, info,
133:                   :olddn => _dn,
134:                   :newrdn => _new_rdn,
135:                   :delete_attributes => _delete_old_rdn)
136:         end
137:       end

[Source]

    # File lib/active_ldap/adapter/net_ldap.rb, line 65
65:       def search(options={})
66:         super(options) do |base, scope, filter, attrs, limit|
67:           args = {
68:             :base => base,
69:             :scope => scope,
70:             :filter => filter,
71:             :attributes => attrs,
72:             :size => limit,
73:           }
74:           info = {
75:             :base => base, :scope => scope_name(scope),
76:             :filter => filter, :attributes => attrs, :limit => limit
77:           }
78:           execute(:search, info, args) do |entry|
79:             attributes = {}
80:             entry.original_attribute_names.each do |name|
81:               value = entry[name]
82:               attributes[name] = value if value
83:             end
84:             yield([entry.dn, attributes])
85:           end
86:         end
87:       end

[Source]

    # File lib/active_ldap/adapter/net_ldap.rb, line 42
42:       def unbind(options={})
43:         super do
44:           log("unbind") do
45:             @connection.close # Net::LDAP doesn't implement unbind.
46:           end
47:         end
48:       end

Private Instance methods

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 163
163:       def ensure_method(method)
164:         method ||= "plain"
165:         normalized_method = method.to_s.downcase.to_sym
166:         return METHOD[normalized_method] if METHOD.has_key?(normalized_method)
167: 
168:         available_methods = METHOD.keys.collect {|m| m.inspect}.join(", ")
169:         format = _("%s is not one of the available connect methods: %s")
170:         raise ConfigurationError, format % [method.inspect, available_methods]
171:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 299
299:       def ensure_mod_type(type)
300:         case type
301:         when :replace, :add, :delete
302:           type
303:         else
304:           raise ArgumentError, _("unknown type: %s") % type
305:         end
306:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 173
173:       def ensure_scope(scope)
174:         scope_map = {
175:           :base => Net::LDAP::SearchScope_BaseObject,
176:           :sub => Net::LDAP::SearchScope_WholeSubtree,
177:           :one => Net::LDAP::SearchScope_SingleLevel,
178:         }
179:         value = scope_map[scope || :sub]
180:         if value.nil?
181:           available_scopes = scope_map.keys.inspect
182:           format = _("%s is not one of the available LDAP scope: %s")
183:           raise ArgumentError, format % [scope.inspect, available_scopes]
184:         end
185:         value
186:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 140
140:       def execute(method, info=nil, *args, &block)
141:         name = (info || {}).delete(:name) || method
142:         result = log(name, info) do
143:           begin
144:             @connection.send(method, *args, &block)
145:           rescue Errno::EPIPE
146:             raise ConnectionError, "#{$!.class}: #{$!.message}"
147:           end
148:         end
149:         message = nil
150:         if result.is_a?(Hash)
151:           message = result[:errorMessage]
152:           result = result[:resultCode]
153:         end
154:         unless result.zero?
155:           klass = LdapError::ERRORS[result]
156:           klass ||= LdapError
157:           return if klass == LdapError::SizeLimitExceeded
158:           message = [Net::LDAP.result2string(result), message].compact.join(": ")
159:           raise klass, message
160:         end
161:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 268
268:       def generate_client_nonce(size=32)
269:         nonce = ""
270:         size.times do |i|
271:           nonce << CHARS[rand(CHARS.size)]
272:         end
273:         nonce
274:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 288
288:       def parse_entries(entries)
289:         result = []
290:         entries.each do |type, key, attributes|
291:           mod_type = ensure_mod_type(type)
292:           attributes.each do |name, values|
293:             result << [mod_type, name, values]
294:           end
295:         end
296:         result
297:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 259
259:       def parse_sasl_digest_md5_credential(cred)
260:         params = {}
261:         cred.scan(/(\w+)=(\"?)(.+?)\2(?:,|$)/) do |name, sep, value|
262:           params[name] = value
263:         end
264:         params
265:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 196
196:       def sasl_bind(bind_dn, options={})
197:         super do |_bind_dn, mechanism, quiet|
198:           normalized_mechanism = mechanism.downcase.gsub(/-/, '_')
199:           sasl_bind_setup = "sasl_bind_setup_#{normalized_mechanism}"
200:           next unless respond_to?(sasl_bind_setup, true)
201:           initial_credential, challenge_response =
202:             send(sasl_bind_setup, _bind_dn, options)
203:           args = {
204:             :method => :sasl,
205:             :initial_credential => initial_credential,
206:             :mechanism => mechanism,
207:             :challenge_response => challenge_response,
208:           }
209:           info = {
210:             :name => "bind: SASL", :dn => _bind_dn, :mechanism => mechanism,
211:           }
212:           execute(:bind, info, args)
213:           true
214:         end
215:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 217
217:       def sasl_bind_setup_digest_md5(bind_dn, options)
218:         initial_credential = ""
219:         nonce_count = 1
220:         challenge_response = Proc.new do |cred|
221:           params = parse_sasl_digest_md5_credential(cred)
222:           qops = params["qop"].split(/,/)
223:           unless qops.include?("auth")
224:             raise ActiveLdap::AuthenticationError,
225:                   _("unsupported qops: %s") % qops.inspect
226:           end
227:           qop = "auth"
228:           server = @connection.instance_variable_get("@conn").addr[2]
229:           realm = params['realm']
230:           uri = "ldap/#{server}"
231:           nc = "%08x" % nonce_count
232:           nonce = params["nonce"]
233:           cnonce = generate_client_nonce
234:           requests = {
235:             :username => bind_dn.inspect,
236:             :realm => realm.inspect,
237:             :nonce => nonce.inspect,
238:             :cnonce => cnonce.inspect,
239:             :nc => nc,
240:             :qop => qop,
241:             :maxbuf => "65536",
242:             "digest-uri" => uri.inspect,
243:           }
244:           a1 = "#{bind_dn}:#{realm}:#{password(cred, options)}"
245:           a1 = "#{Digest::MD5.digest(a1)}:#{nonce}:#{cnonce}"
246:           ha1 = Digest::MD5.hexdigest(a1)
247:           a2 = "AUTHENTICATE:#{uri}"
248:           ha2 = Digest::MD5.hexdigest(a2)
249:           response = "#{ha1}:#{nonce}:#{nc}:#{cnonce}:#{qop}:#{ha2}"
250:           requests["response"] = Digest::MD5.hexdigest(response)
251:           nonce_count += 1
252:           requests.collect do |key, value|
253:             "#{key}=#{value}"
254:           end.join(",")
255:         end
256:         [initial_credential, challenge_response]
257:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 188
188:       def scope_name(scope)
189:         {
190:           Net::LDAP::SearchScope_BaseObject => :base,
191:           Net::LDAP::SearchScope_WholeSubtree => :sub,
192:           Net::LDAP::SearchScope_SingleLevel => :one,
193:         }[scope]
194:       end

[Source]

     # File lib/active_ldap/adapter/net_ldap.rb, line 276
276:       def simple_bind(bind_dn, options={})
277:         super do |_bind_dn, password|
278:           args = {
279:             :method => :simple,
280:             :username => _bind_dn,
281:             :password => password,
282:           }
283:           execute(:bind, {:dn => _bind_dn}, args)
284:           true
285:         end
286:       end

[Validate]