2

I need some help concerning UnboundID. I heard it was a great choice but I'm not really used to it.

So I need to make a LDAP listener. On this listener, i should be able to catch bind request (from a ldap browser for example). I wonder how to get the DN and the password. Here is my code for the LDAP listener:

    public ResultCode CreateLdapServer () throws LDAPException {
       CannedResponseRequestHandler requestHandler = new CannedResponseRequestHandler();
    LDAPListenerConfig config =
             new LDAPListenerConfig(4243, requestHandler);
      try
      {
        config.setListenAddress(
             InetAddress.getByName("localhost"));
      }
      catch (final Exception e)
      {
        System.err.println("Unable to create the listen server.");
        return ResultCode.PARAM_ERROR;
      }

    listener = new LDAPListener(config);

    try
    {
      listener.startListening();
      System.out.println("Serveur is listening ...");
    }
    catch (final Exception e)
    {
        System.err.println("Unable to start listening.");
      return ResultCode.LOCAL_ERROR;
    }
    return ResultCode.SUCCESS;
}

public static void main(String[] args) throws LDAPException {
    MyConnection connect = new MyConnection();
    connect.CreateLdapServer();
}

I read a lot of UnboundID documentation, but i can't find any simple example of what I need.

Also, i'm not really sure of the utility of CannedResponseRequestHandler. For what i need, is it enough ?

An other question: I'm not sure, but I have the feeling that my server is not listening OR i don't catch anything (when I connect with a ldap Browser, nothing happened). Any Idea / Suggestion ?

Thanks and have a nice day !

EDIT : Thanks to xhochy, I was able to catch the password and the username. As he said, I subclassed LDAPListenerRequestyHandler to override, first, newInstance then ProcessBindRequest. Here is the code (it's absolutely not perfect and it's still a beginning).

public class MyConnection {

private LDAPListener listener;

public MyConnection(){
}

public ResultCode CreateLdapServer() throws LDAPException {
    MyLDAPListenerRequestHandler requestHandler = new MyLDAPListenerRequestHandler();
    LDAPListenerConfig config =
             new LDAPListenerConfig(4243, requestHandler);
      try
      {
        config.setListenAddress(
             InetAddress.getByName("localhost"));
      }
      catch (final Exception e)
      {
        System.err.println("Unable to create the listen server.");
        return ResultCode.PARAM_ERROR;
      }

    listener = new LDAPListener(config);

    try
    {
      listener.startListening();
      System.out.println("Serveur is listening ...");
    }
    catch (IOException e)
    {
        System.err.println("Unable to start listening.");
      return ResultCode.LOCAL_ERROR;
    }


    return ResultCode.SUCCESS;
}

public static void main(String[] args) throws LDAPException {
    MyConnection connect = new MyConnection();
    connect.CreateLdapServer();
}

}

Then the subclass of LDAPListenerRequestHandler:

public class MyLDAPListenerRequestHandler extends LDAPListenerRequestHandler {

@Override
public LDAPListenerRequestHandler newInstance(
        LDAPListenerClientConnection arg0) throws LDAPException {
        System.out.println("New Instance.");
        LDAPConnectionOptions option = new LDAPConnectionOptions();
        LDAPConnection connection = new LDAPConnection(option, "yourIPadress", yourport);
        System.out.println("Connected to : " + connection.getConnectedAddress()+ " " + connection.getConnectedPort());

    return this;
}

@Override
public LDAPMessage processBindRequest(int arg0, BindRequestProtocolOp arg1,
        List<Control> arg2) {
    System.out.println(arg1.getBindDN());
    System.out.println(arg1.getSimplePassword());
    return null;
}

}

Thanks again !

Roux
  • 293
  • 2
  • 17
  • Trying to sniff out peoples passwords? – pap Sep 26 '12 at 07:38
  • No, I just need username and password to put them on a webservice which see if people are authorized or not. – Roux Sep 26 '12 at 07:39
  • But that's what the LDAP server is for! Your question doesn't make sense yet. – user207421 Sep 27 '12 at 00:52
  • I don't really understand @EJP. I just need to catch username and password. With that, I can interact with my Web-service. I can't do something else, that's my boss decision :) – Roux Sep 27 '12 at 07:08

2 Answers2

3

Many LDAP server implementations will not return a password and many will not return a password you can use. (ie it maybe a hash).

I would be very curious why there could be a reason to return the password.

-jim

jwilleke
  • 10,467
  • 1
  • 30
  • 51
2

You should subclass LDAPListenerRequestHandler and implement processBindRequest. All the information you are looking for is included in BindRequestProtocolOp (second argument of processBindRequest). Add an empty implementation for all other abstract methods.

If request is your BindRequestProtocolOp instance then you get your information via:

String username = request.getBindDN();
ByteString password = request.getSimplePassword();
Uwe L. Korn
  • 8,080
  • 1
  • 30
  • 42
  • Thanks a lot @xhochy, i'll check that today ! :) – Roux Sep 26 '12 at 09:20
  • The CannedResponseRequestHandler cannot be subclassed (it's final). So I tried with LDAPListenerRequestHandler and it can. I overrided to display the bind, but there seems to be something missing, my ldap browser don't communicate with the server. – Roux Sep 26 '12 at 13:35
  • Another try: You could subclass LDAPListenerRequestHandler directly and add empty implementations for all other abstract methods. – Uwe L. Korn Sep 26 '12 at 13:36
  • Ok, so I overrided the LDAPListenerRequestHandler to display the password and the username and it works (not perfectly with Softerra, but still). The thing that take me a long time to understand is that I needed to override newInstance() and to return this. I'll post the code in my question. Thanks a lot xhochy ! – Roux Sep 27 '12 at 13:19