package com.iplanet.portalserver.auth.module.ldap;

import com.iplanet.portalserver.auth.server.Login;
import com.iplanet.portalserver.auth.server.LoginException;
import com.iplanet.portalserver.profile.Profile;
import com.iplanet.portalserver.profile.impl.ProfileUtil;
import com.iplanet.portalserver.util.Debug;
import java.util.Hashtable;
import java.util.Locale;
import java.util.NoSuchElementException;
import java.util.ResourceBundle;
import javax.naming.AuthenticationException;
import javax.naming.CommunicationException;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.NoInitialContextException;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

/* loaded from: input_file:116905-02/SUNWwtsdd/reloc/SUNWips/lib/ips_services.jar:com/iplanet/portalserver/auth/module/ldap/Ldap.class */
public class Ldap extends Login {
    private static Locale locale = null;
    private static ResourceBundle bundle = null;
    private static Debug debug = null;
    private String userTokenId;
    private String server;
    private String baseDN;
    private String userAttributeFilter;
    private String bindDN;
    private String bindPassword;
    private String searchFilter;
    private String ssl;
    private int searchScope;
    private static final String sccsID = "@(#)Ldap.java\t1.20 02/05/02 Sun Microsystems, Inc.";

    @Override // com.iplanet.portalserver.auth.server.Login, com.iplanet.portalserver.auth.server.Authenticator
    public String getUserTokenId() {
        return this.userTokenId;
    }

    @Override // com.iplanet.portalserver.auth.server.Login, com.iplanet.portalserver.auth.server.Authenticator
    public void init() throws LoginException {
        if (debug == null) {
            debug = new Debug("iwtAuthLdap");
            debug.setDebug();
        }
        debug.message("LDAP auth init()");
    }

    public void initialize() throws LoginException {
        debug.message("LDAP initialize()");
        try {
            if (bundle == null) {
                debug.message("LDAP getting resource bundle");
                bundle = com.iplanet.portalserver.util.Locale.getResourceBundle("iwtAuthLdap", getLocale());
            }
            Profile domainProfile = getDomainProfile(null);
            this.server = domainProfile.getAttributeString("iwtAuthLdap-server");
            this.server = new StringBuffer("ldap://").append(this.server).toString();
            this.baseDN = domainProfile.getAttributeString("iwtAuthLdap-baseDN").replace('|', ',');
            this.bindDN = domainProfile.getAttributeString("iwtAuthLdap-bindDN");
            this.bindPassword = domainProfile.getAttributeString("iwtAuthLdap-bindPasswd");
            this.bindDN = domainProfile.getAttributeString("iwtAuthLdap-bindDN");
            this.searchFilter = domainProfile.getAttributeString("iwtAuthLdap-searchFilter");
            if (this.searchFilter.equals("")) {
                this.searchFilter = ProfileUtil.ATTRIB_UID;
            }
            this.ssl = domainProfile.getAttributeString("iwtAuthLdap-sslEnabled");
            String attributeString = domainProfile.getAttributeString("iwtAuthLdap-searchScope");
            if (attributeString.equals("OBJECT")) {
                this.searchScope = 0;
            } else if (attributeString.equals("ONELEVEL")) {
                this.searchScope = 1;
            } else {
                this.searchScope = 2;
            }
            debug.message(new StringBuffer("bindDN-> ").append(this.bindDN).toString());
            debug.message(new StringBuffer("bindPasswd-> ").append(this.bindPassword).toString());
            debug.message(new StringBuffer("baseDN-> ").append(this.baseDN).toString());
            debug.message(new StringBuffer("server-> ").append(this.server).toString());
            debug.message(new StringBuffer("searchFilter-> ").append(this.searchFilter).toString());
            debug.message(new StringBuffer("ssl-> ").append(this.ssl).toString());
            debug.message(new StringBuffer("searchScope-> ").append(this.searchScope).toString());
        } catch (Exception e) {
            throw new LoginException(new StringBuffer(String.valueOf(bundle.getString("LDAPex"))).append(e.getMessage()).toString());
        }
    }

    @Override // com.iplanet.portalserver.auth.server.Login, com.iplanet.portalserver.auth.server.Authenticator
    public void validate() throws LoginException {
        debug.message("LDAP validate");
        initialize();
        String token = getToken(1);
        String token2 = getToken(2);
        if (token2.equals("") || token.equals("")) {
            throw new LoginException(bundle.getString("UPerror"));
        }
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        String str = new String(new StringBuffer(String.valueOf(this.server)).append(ProfileUtil.NAME_SEPARATOR).append(this.baseDN).toString());
        debug.message(new StringBuffer("-> ").append(str).toString());
        hashtable.put("java.naming.provider.url", str);
        hashtable.put("java.naming.security.principal", this.bindDN);
        hashtable.put("java.naming.security.credentials", this.bindPassword);
        hashtable.put("java.naming.security.authentication", "simple");
        if (this.ssl.equals("true")) {
            hashtable.put("java.naming.security.protocol", "ssl");
        }
        try {
            InitialDirContext initialDirContext = new InitialDirContext(hashtable);
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(this.searchScope);
            searchControls.setReturningAttributes(new String[]{"1.1"});
            this.userAttributeFilter = new StringBuffer("(").append(this.searchFilter).append("=").append(token).append(")").toString();
            debug.message(new StringBuffer("SearchFilter: ").append(this.userAttributeFilter).toString());
            NamingEnumeration search = initialDirContext.search("", this.userAttributeFilter, searchControls);
            initialDirContext.close();
            SearchResult searchResult = (SearchResult) search.next();
            Hashtable hashtable2 = new Hashtable(6, 0.75f);
            hashtable2.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
            hashtable2.put("java.naming.provider.url", new StringBuffer(String.valueOf(this.server)).append(ProfileUtil.NAME_SEPARATOR).append(this.baseDN).toString());
            hashtable2.put("java.naming.security.principal", new StringBuffer(String.valueOf(searchResult.getName())).append(", ").append(this.baseDN).toString());
            hashtable2.put("java.naming.security.credentials", token2);
            if (this.ssl.equals("true")) {
                hashtable2.put("java.naming.security.protocol", "ssl");
            }
            hashtable2.put("java.naming.security.authentication", "simple");
            InitialDirContext initialDirContext2 = new InitialDirContext(hashtable2);
            initialDirContext2.search("", this.userAttributeFilter, searchControls);
            initialDirContext2.close();
            debug.message("success");
            this.userTokenId = token;
        } catch (AuthenticationException e) {
            debug.message(new StringBuffer("LDAP: id and password don't match: bad Credentials:").append(e).toString());
            throw new LoginException(bundle.getString("InvalidUP"));
        } catch (NoSuchElementException unused) {
            debug.message("ERROR: userid does not exist:  check baseDN, searchScope and search filter");
            throw new LoginException(bundle.getString("NoUser"));
        } catch (NameNotFoundException unused2) {
            debug.message("ERROR:  name not found, check baseDN, searchScope and search filter");
            throw new LoginException(bundle.getString("NoUser"));
        } catch (NamingException e2) {
            debug.message(new StringBuffer("Problem getting attribute:").append(e2).toString());
            throw new LoginException(new StringBuffer(String.valueOf(bundle.getString("Naming"))).append(e2).toString());
        } catch (NoInitialContextException unused3) {
            debug.message("ERROR:  Check classpath");
            throw new LoginException(bundle.getString("classpathError"));
        } catch (CommunicationException unused4) {
            debug.message("Error: communication error, check to see if the server is running, check the port # and ssl status");
            throw new LoginException(bundle.getString("NoServer"));
        }
    }
}
