Initial commit

Author: almu

nbactions.xml

@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<actions>
+        <action>
+            <actionName>run</actionName>
+            <packagings>
+                <packaging>jar</packaging>
+            </packagings>
+            <goals>
+                <goal>process-classes</goal>
+                <goal>org.codehaus.mojo:exec-maven-plugin:1.5.0:exec</goal>
+            </goals>
+            <properties>
+                <exec.args>-classpath %classpath se.idsecurity.jldap.edirectoryjldapext.sample.SampleEdirTransaction cn=adminadmin,o=system n0v3ll4ever</exec.args>
+                <exec.executable>java</exec.executable>
+            </properties>
+        </action>
+        <action>
+            <actionName>debug</actionName>
+            <packagings>
+                <packaging>jar</packaging>
+            </packagings>
+            <goals>
+                <goal>process-classes</goal>
+                <goal>org.codehaus.mojo:exec-maven-plugin:1.5.0:exec</goal>
+            </goals>
+            <properties>
+                <exec.args>-agentlib:jdwp=transport=dt_socket,server=n,address=${jpda.address} -classpath %classpath se.idsecurity.jldap.edirectoryjldapext.sample.SampleEdirTransaction cn=adminadmin,o=system n0v3ll4ever</exec.args>
+                <exec.executable>java</exec.executable>
+                <jpda.listen>true</jpda.listen>
+            </properties>
+        </action>
+        <action>
+            <actionName>profile</actionName>
+            <packagings>
+                <packaging>jar</packaging>
+            </packagings>
+            <goals>
+                <goal>process-classes</goal>
+                <goal>org.codehaus.mojo:exec-maven-plugin:1.5.0:exec</goal>
+            </goals>
+            <properties>
+                <exec.args>-classpath %classpath se.idsecurity.jldap.edirectoryjldapext.sample.SampleEdirTransaction cn=adminadmin,o=system n0v3ll4ever</exec.args>
+                <exec.executable>java</exec.executable>
+            </properties>
+        </action>
+    </actions>

pom.xml

@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>se.idsecurity</groupId>
+    <artifactId>eDirectoryJLdapExt</artifactId>
+    <version>1.0-SNAPSHOT</version>
+    <packaging>jar</packaging>
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <maven.compiler.source>1.8</maven.compiler.source>
+        <maven.compiler.target>1.8</maven.compiler.target>
+    </properties>
+    <name>eDirectoryJLdapExt</name>
+    <dependencies>
+        <dependency>
+            <groupId>com.novell.ldap</groupId>
+            <artifactId>jldap</artifactId>
+            <version>2009-10-07</version>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-javadoc-plugin</artifactId>
+                <version>3.0.0-M1</version>
+            </plugin>
+        </plugins>
+    </build>
+</project>

src/main/java/se/idsecurity/jldap/edirectoryjldapext/common/OID.java

@@ -0,0 +1,52 @@
+/**
+ * MIT License
+
+Copyright (c) [2018] [almu]
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+ */
+package se.idsecurity.jldap.edirectoryjldapext.common;
+
+/**
+ * OID's used for LDAP transactions
+ */
+public enum OID {
+
+    CreateGroupingRequest("2.16.840.1.113719.1.27.103.1"),
+    CreateGroupingResponse("2.16.840.1.113719.1.27.103.1"),
+    EndGroupingRequest("2.16.840.1.113719.1.27.103.2"),
+    EndGroupingResponse("2.16.840.1.113719.1.27.103.2"),
+    GroupingControl("2.16.840.1.113719.1.27.103.7");
+
+    private final String oid;
+
+    OID(String oid) {
+        this.oid = oid;
+    }
+
+    /**
+     * Get the OID for the LDAP extension/control
+     *
+     * @return
+     */
+    public String getOID() {
+        return oid;
+    }
+
+}

src/main/java/se/idsecurity/jldap/edirectoryjldapext/controls/GroupingControl.java

@@ -0,0 +1,84 @@
+/**
+ * MIT License
+
+Copyright (c) [2018] [almu]
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+ */
+package se.idsecurity.jldap.edirectoryjldapext.controls;
+
+import com.novell.ldap.LDAPControl;
+import com.novell.ldap.asn1.ASN1Integer;
+import com.novell.ldap.asn1.ASN1Sequence;
+import com.novell.ldap.asn1.LBEREncoder;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import se.idsecurity.jldap.edirectoryjldapext.common.OID;
+
+/**
+ * GroupingControl ( 2.16.840.1.113719.1.27.103.7 ) - This is used to indicate
+ * association of an operation to a grouping via the groupCookie which is the
+ * value carried by this control.
+ *
+ * @see
+ * <a href="https://www.netiq.com/documentation/edirectory-9/edir_admin/data/b4r36pg.html">Documentation</a>
+ *
+ */
+public final class GroupingControl extends LDAPControl {
+
+    private final LBEREncoder encoder = new LBEREncoder();
+
+    private final ByteArrayOutputStream encodedData = new ByteArrayOutputStream();
+
+    private final ASN1Sequence groupingControlValue = new ASN1Sequence();
+
+    /**
+     * Creates a new GroupingControl using the cookie received in a
+     * CreateGroupingResponse in response to CreateGroupingRequest
+     *
+     * @param groupCookie The cookie from the CreateGroupingResponse
+     * @param critial True if the LDAP operation should be discarded if the
+     * control is not supported. False if the operation can be processed without
+     * the control.
+     */
+    public GroupingControl(ASN1Integer groupCookie, boolean critial) {
+        super(OID.GroupingControl.getOID(), critial, null);
+
+        groupingControlValue.add(groupCookie);
+
+        try {
+            groupingControlValue.encode(encoder, encodedData);
+            setValue(encodedData.toByteArray());
+        } catch (IOException e) {
+            //Shouldn't occur unless there is a serious failure
+            throw new AssertionError("Unable to create instance of GroupingControl", e);
+        }
+
+    }
+
+    /**
+     * Get the control as a byte array
+     *
+     * @return The control with the group cookie as encoded byte array
+     */
+    public byte[] getEncoded() {
+        return encodedData.toByteArray();
+    }
+
+}

src/main/java/se/idsecurity/jldap/edirectoryjldapext/extensions/CreateGroupingRequest.java

@@ -0,0 +1,71 @@
+/**
+ * MIT License
+
+Copyright (c) [2018] [almu]
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+ */
+package se.idsecurity.jldap.edirectoryjldapext.extensions;
+
+import com.novell.ldap.LDAPExtendedOperation;
+import com.novell.ldap.LDAPExtendedResponse;
+import com.novell.ldap.asn1.ASN1OctetString;
+import com.novell.ldap.asn1.ASN1Sequence;
+import com.novell.ldap.asn1.LBEREncoder;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import se.idsecurity.jldap.edirectoryjldapext.common.OID;
+
+/**
+ * CreateGroupingRequest ( 2.16.840.1.113719.1.27.103.1 ) – This is LDAP
+ * extended operation which allows grouping of related operations. The extended
+ * operation carries a value – createGroupType which identifies the type of
+ * grouping requested. For LDAP transactions, the grouping type is
+ * transactionGroupingType. ( 2.16.840.1.113719.1.27.103.7)
+ *
+ * @see
+ * <a href="https://www.netiq.com/documentation/edirectory-9/edir_admin/data/b4r36pg.html">Documentation</a>
+ *
+ */
+public final class CreateGroupingRequest extends LDAPExtendedOperation {
+
+    private final ByteArrayOutputStream encodedData = new ByteArrayOutputStream();
+    private final LBEREncoder encoder = new LBEREncoder();
+    private final ASN1OctetString createGroupType = new ASN1OctetString(OID.GroupingControl.getOID());
+    private final ASN1Sequence sequence = new ASN1Sequence(1);
+
+    /**
+     * Creates an extended operations object for retrieving a group cookie for
+     * use with the LDAP transactions GroupingControl
+     */
+    public CreateGroupingRequest() {
+        super(OID.CreateGroupingRequest.getOID(), null);
+
+        LDAPExtendedResponse.register(OID.CreateGroupingResponse.getOID(), CreateGroupingResponse.class);
+
+        try {
+            sequence.add(createGroupType);
+            sequence.encode(encoder, encodedData);
+        } catch (IOException e) {
+            //Shouldn't occur unless there is a serious failure
+            throw new AssertionError("Could not create instance of CreateGroupingRequest", e);
+        }
+        setValue(encodedData.toByteArray());
+    }
+}

src/main/java/se/idsecurity/jldap/edirectoryjldapext/extensions/CreateGroupingResponse.java

@@ -0,0 +1,87 @@
+/**
+ * MIT License
+
+Copyright (c) [2018] [almu]
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+ */
+package se.idsecurity.jldap.edirectoryjldapext.extensions;
+
+import se.idsecurity.jldap.edirectoryjldapext.controls.GroupingControl;
+import com.novell.ldap.LDAPExtendedResponse;
+import com.novell.ldap.asn1.ASN1Integer;
+import com.novell.ldap.asn1.ASN1Object;
+import com.novell.ldap.asn1.ASN1Sequence;
+import com.novell.ldap.asn1.LBERDecoder;
+import com.novell.ldap.rfc2251.RfcLDAPMessage;
+
+/**
+ * CreateGroupingResponse ( 2.16.840.1.113719.1.27.103.1 ) – This is the
+ * response of the LDAP server to the createGroupingRequest and contains 2
+ * response fields – groupCookie and an optional createGroupValue.
+ *
+ * @see
+ * <a href="https://www.netiq.com/documentation/edirectory-9/edir_admin/data/b4r36pg.html">Documentation</a>
+ *
+ */
+public final class CreateGroupingResponse extends LDAPExtendedResponse {
+
+    private final ASN1Integer groupCookie;
+
+    /**
+     * Creates an response containing the GroupingControl needed for performing
+     * LDAP operations
+     *
+     * @param rfcMessage
+     */
+    public CreateGroupingResponse(RfcLDAPMessage rfcMessage) {
+        super(rfcMessage);
+
+        byte[] value = getValue();
+        LBERDecoder dec = new LBERDecoder();
+        ASN1Sequence decode = (ASN1Sequence) dec.decode(value);
+        ASN1Object first = decode.get(0);
+        groupCookie = (ASN1Integer) first;
+
+    }
+
+    /**
+     * Get the group cookie
+     *
+     * @return The group cookie
+     */
+    public ASN1Integer getGroupCookie() {
+        return groupCookie;
+    }
+
+    /**
+     * Get the GroupingControl for use with the LDAPConstraints object
+     *
+     * @param critical True if the LDAP operation should be discarded if the
+     * control is not supported. False if the operation can be processed without
+     * the control.
+     * @return The GroupingControl containing the group cookie needed for
+     * transactions.
+     */
+    public GroupingControl getControl(boolean critical) {
+        GroupingControl gc = new GroupingControl(groupCookie, critical);
+        return gc;
+    }
+
+}