Skip to content
Snippets Groups Projects
Commit fa3332aa authored by Adrian Damian's avatar Adrian Damian
Browse files

Added better error messaging

parent e3ebdacb
Branches
Tags
No related merge requests found
...@@ -68,12 +68,14 @@ ...@@ -68,12 +68,14 @@
*/ */
package ca.nrc.cadc.ac.server.ldap; package ca.nrc.cadc.ac.server.ldap;
import ca.nrc.cadc.util.StringUtil;
import java.io.IOException; import java.io.IOException;
import java.net.URL; import java.net.URL;
import java.util.Properties; import java.util.Properties;
import org.apache.log4j.Logger; import org.apache.log4j.Logger;
import ca.nrc.cadc.util.StringUtil;
public class LdapConfig public class LdapConfig
{ {
private static final Logger logger = Logger.getLogger(LdapConfig.class); private static final Logger logger = Logger.getLogger(LdapConfig.class);
......
...@@ -196,21 +196,16 @@ public abstract class LdapDAO ...@@ -196,21 +196,16 @@ public abstract class LdapDAO
* @param errorMsg * @param errorMsg
* @throws TransientException * @throws TransientException
*/ */
protected static void checkLdapResult(ResultCode code, String errorMsg) protected static void checkLdapResult(ResultCode code)
throws TransientException throws TransientException
{ {
String msg = "";
if (errorMsg != null)
{
msg = "(" + errorMsg + ")";
}
if (code == ResultCode.INSUFFICIENT_ACCESS_RIGHTS) if (code == ResultCode.INSUFFICIENT_ACCESS_RIGHTS)
{ {
throw new AccessControlException("Not authorized " + msg); throw new AccessControlException("Not authorized ");
} }
else if (code == ResultCode.INVALID_CREDENTIALS) else if (code == ResultCode.INVALID_CREDENTIALS)
{ {
throw new AccessControlException("Invalid credentials " + msg); throw new AccessControlException("Invalid credentials ");
} }
else if ((code == ResultCode.SUCCESS) || (code == ResultCode.NO_SUCH_OBJECT) ) else if ((code == ResultCode.SUCCESS) || (code == ResultCode.NO_SUCH_OBJECT) )
{ {
...@@ -218,16 +213,16 @@ public abstract class LdapDAO ...@@ -218,16 +213,16 @@ public abstract class LdapDAO
} }
else if (code == ResultCode.PARAM_ERROR) else if (code == ResultCode.PARAM_ERROR)
{ {
throw new IllegalArgumentException("Error in Ldap parameters " + msg); throw new IllegalArgumentException("Error in Ldap parameters ");
} }
else if (code == ResultCode.BUSY || else if (code == ResultCode.BUSY ||
code == ResultCode.CONNECT_ERROR ) code == ResultCode.CONNECT_ERROR )
{ {
throw new TransientException("Connection problems " + msg ); throw new TransientException("Connection problems ");
} }
else else
{ {
throw new RuntimeException("Ldap error" + msg); throw new RuntimeException("Ldap error (" + code.getName() + ")");
} }
} }
......
...@@ -173,7 +173,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -173,7 +173,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
group.description, group.description,
group.getUserMembers(), group.getUserMembers(),
group.getGroupMembers()); group.getGroupMembers());
LdapDAO.checkLdapResult(result.getResultCode(), null); LdapDAO.checkLdapResult(result.getResultCode());
// add group to admin groups tree // add group to admin groups tree
result = addGroup(getAdminGroupDN(group.getID()), result = addGroup(getAdminGroupDN(group.getID()),
...@@ -181,7 +181,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -181,7 +181,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
group.description, group.description,
group.getUserAdmins(), group.getUserAdmins(),
group.getGroupAdmins()); group.getGroupAdmins());
LdapDAO.checkLdapResult(result.getResultCode(), null); LdapDAO.checkLdapResult(result.getResultCode());
try try
{ {
...@@ -195,8 +195,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -195,8 +195,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
} }
catch (LDAPException e) catch (LDAPException e)
{ {
LdapDAO.checkLdapResult(e.getResultCode(), LdapDAO.checkLdapResult(e.getResultCode());
e.getDiagnosticMessage());
throw new RuntimeException("Unexpected LDAP exception", e); throw new RuntimeException("Unexpected LDAP exception", e);
} }
} }
...@@ -302,7 +301,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -302,7 +301,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
} }
catch (LDAPException e) catch (LDAPException e)
{ {
LdapDAO.checkLdapResult(e.getResultCode(), e.getDiagnosticMessage()); LdapDAO.checkLdapResult(e.getResultCode());
throw new RuntimeException("Unexpected LDAP exception", e); throw new RuntimeException("Unexpected LDAP exception", e);
} }
} }
...@@ -391,13 +390,13 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -391,13 +390,13 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
} }
else else
{ {
LdapDAO.checkLdapResult(e.getResultCode(), e.getMessage()); LdapDAO.checkLdapResult(e.getResultCode());
} }
} }
if (searchResult.getEntryCount() == 0) if (searchResult.getEntryCount() == 0)
{ {
LdapDAO.checkLdapResult(searchResult.getResultCode(), null); LdapDAO.checkLdapResult(searchResult.getResultCode());
//access denied //access denied
String msg = "Not authorized to access " + groupID; String msg = "Not authorized to access " + groupID;
logger.debug(msg); logger.debug(msg);
...@@ -485,7 +484,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -485,7 +484,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
} }
catch (LDAPException e1) catch (LDAPException e1)
{ {
LdapDAO.checkLdapResult(e1.getResultCode(), e1.getDiagnosticMessage()); LdapDAO.checkLdapResult(e1.getResultCode());
throw new GroupNotFoundException("Not found " + groupID); throw new GroupNotFoundException("Not found " + groupID);
} }
} }
...@@ -573,7 +572,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -573,7 +572,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
new ProxiedAuthorizationV2RequestControl( new ProxiedAuthorizationV2RequestControl(
"dn:" + getSubjectDN().toNormalizedString())); "dn:" + getSubjectDN().toNormalizedString()));
LdapDAO.checkLdapResult(getConnection(). LdapDAO.checkLdapResult(getConnection().
modify(modifyRequest).getResultCode(), null); modify(modifyRequest).getResultCode());
// modify the group itself now // modify the group itself now
modifyRequest = new ModifyRequest(getGroupDN(group.getID()), mods); modifyRequest = new ModifyRequest(getGroupDN(group.getID()), mods);
...@@ -582,11 +581,11 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -582,11 +581,11 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
new ProxiedAuthorizationV2RequestControl( new ProxiedAuthorizationV2RequestControl(
"dn:" + getSubjectDN().toNormalizedString())); "dn:" + getSubjectDN().toNormalizedString()));
LdapDAO.checkLdapResult(getConnection(). LdapDAO.checkLdapResult(getConnection().
modify(modifyRequest).getResultCode(), null); modify(modifyRequest).getResultCode());
} }
catch (LDAPException e1) catch (LDAPException e1)
{ {
LdapDAO.checkLdapResult(e1.getResultCode(), e1.getDiagnosticMessage()); LdapDAO.checkLdapResult(e1.getResultCode());
} }
try try
{ {
...@@ -655,11 +654,11 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -655,11 +654,11 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
new ProxiedAuthorizationV2RequestControl( new ProxiedAuthorizationV2RequestControl(
"dn:" + getSubjectDN().toNormalizedString())); "dn:" + getSubjectDN().toNormalizedString()));
LDAPResult result = getConnection().modify(modifyRequest); LDAPResult result = getConnection().modify(modifyRequest);
LdapDAO.checkLdapResult(result.getResultCode(), null); LdapDAO.checkLdapResult(result.getResultCode());
} }
catch (LDAPException e1) catch (LDAPException e1)
{ {
LdapDAO.checkLdapResult(e1.getResultCode(), e1.getDiagnosticMessage()); LdapDAO.checkLdapResult(e1.getResultCode());
} }
try try
...@@ -761,7 +760,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -761,7 +760,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
} }
catch (LDAPException e1) catch (LDAPException e1)
{ {
LdapDAO.checkLdapResult(e1.getResultCode(), e1.getDiagnosticMessage()); LdapDAO.checkLdapResult(e1.getResultCode());
} }
return groupDNs; return groupDNs;
} }
...@@ -851,7 +850,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -851,7 +850,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
} }
catch (LDAPException e) catch (LDAPException e)
{ {
LdapDAO.checkLdapResult(e.getResultCode(), e.getDiagnosticMessage()); LdapDAO.checkLdapResult(e.getResultCode());
} }
throw new IllegalArgumentException(groupID + " not a valid group ID"); throw new IllegalArgumentException(groupID + " not a valid group ID");
} }
...@@ -869,7 +868,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -869,7 +868,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
} }
catch (LDAPException e) catch (LDAPException e)
{ {
LdapDAO.checkLdapResult(e.getResultCode(), e.getDiagnosticMessage()); LdapDAO.checkLdapResult(e.getResultCode());
} }
throw new IllegalArgumentException(groupID + " not a valid group ID"); throw new IllegalArgumentException(groupID + " not a valid group ID");
} }
......
...@@ -166,7 +166,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO ...@@ -166,7 +166,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
} }
catch (LDAPException e) catch (LDAPException e)
{ {
LdapDAO.checkLdapResult(e.getResultCode(), e.getDiagnosticMessage()); LdapDAO.checkLdapResult(e.getResultCode());
} }
if (searchResult == null) if (searchResult == null)
...@@ -196,7 +196,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO ...@@ -196,7 +196,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
* @return Collection of Group instances. * @return Collection of Group instances.
* *
* @throws UserNotFoundException when the user is not found. * @throws UserNotFoundException when the user is not found.
* @throws TransientException If an temporary, unexpected problem occurred. * @throws TransientException If an temporary, unexpected problem occurred., e.getMessage(
* @throws AccessControlException If the operation is not permitted. * @throws AccessControlException If the operation is not permitted.
*/ */
public Collection<DN> getUserGroups(final T userID, final boolean isAdmin) public Collection<DN> getUserGroups(final T userID, final boolean isAdmin)
...@@ -257,7 +257,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO ...@@ -257,7 +257,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
} }
catch (LDAPException e) catch (LDAPException e)
{ {
LdapDAO.checkLdapResult(e.getResultCode(), e.getDiagnosticMessage()); LdapDAO.checkLdapResult(e.getResultCode());
} }
return groupDNs; return groupDNs;
} }
...@@ -312,7 +312,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO ...@@ -312,7 +312,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
} }
catch (LDAPException e) catch (LDAPException e)
{ {
LdapDAO.checkLdapResult(e.getResultCode(), e.getDiagnosticMessage()); LdapDAO.checkLdapResult(e.getResultCode());
} }
return false; return false;
} }
...@@ -347,7 +347,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO ...@@ -347,7 +347,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
// } // }
// catch (LDAPException e) // catch (LDAPException e)
// { // {
// LdapDAO.checkLdapResult(e.getResultCode(), e.getDiagnosticMessage()); // LdapDAO.checkLdapResult(e.getResultCode());
// throw new RuntimeException("Unexpected LDAP exception", e); // throw new RuntimeException("Unexpected LDAP exception", e);
// } // }
// } // }
...@@ -423,7 +423,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO ...@@ -423,7 +423,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
} catch (LDAPException e) } catch (LDAPException e)
{ {
LdapDAO.checkLdapResult(e.getResultCode(), e.getDiagnosticMessage()); LdapDAO.checkLdapResult(e.getResultCode());
} }
......
...@@ -292,6 +292,7 @@ public class LdapGroupDAOTest ...@@ -292,6 +292,7 @@ public class LdapGroupDAOTest
testGroup2.getUserMembers().add(daoTestUser2); testGroup2.getUserMembers().add(daoTestUser2);
testGroup2 = getGroupDAO().addGroup(testGroup2); testGroup2 = getGroupDAO().addGroup(testGroup2);
log.debug("add group: " + testGroup2ID); log.debug("add group: " + testGroup2ID);
Thread.sleep(1000); //sleep to let memberof plugin in LDAP do its work
} }
catch (Exception e) catch (Exception e)
{ {
...@@ -392,6 +393,7 @@ public class LdapGroupDAOTest ...@@ -392,6 +393,7 @@ public class LdapGroupDAOTest
testGroup2.getUserAdmins().add(daoTestUser2); testGroup2.getUserAdmins().add(daoTestUser2);
testGroup2 = getGroupDAO().addGroup(testGroup2); testGroup2 = getGroupDAO().addGroup(testGroup2);
log.debug("add group: " + testGroup2ID); log.debug("add group: " + testGroup2ID);
Thread.sleep(1000); // sleep to let memberof plugin do its work
} }
catch (Exception e) catch (Exception e)
{ {
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment