306. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 12/13/2018 10:35:28 AM Eastern Standard Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

306.1 Files compared

#	Location	File	Last Modified
1	v12.5_iter_7_build 51.zip\TRM_Upgrade\src\main\java\gov\va\med\fw\persistent\ldap	LdapPersonDaoImpl.java	Fri Dec 7 17:36:34 2018 UTC
2	v12.5_iter_7_build 51.zip\TRM_Upgrade\src\main\java\gov\va\med\fw\persistent\ldap	LdapPersonDaoImpl.java	Wed Dec 12 22:13:29 2018 UTC

306.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	2	536
Changed	1	2
Inserted	0	0
Removed	0	0

306.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

306.4 Active regular expressions

No regular expressions were active.

306.5 Comparison detail

	1	/******* ****** ****** ****** ****** ****** *******
	2	* Copyrii ght 2008 V HA. All ri ghts reser ved
	3	******* ****** ****** ****** ****** ****** *******/
	4	package go v.va.med.f w.persiste nt.ldap;
	5
	6	import jav a.net.Conn ectExcepti on;
	7	import jav a.net.NoRo uteToHostE xception;
	8	import jav a.net.Unkn ownHostExc eption;
	9	import jav a.util.Arr ayList;
	10	import jav a.util.Has hMap;
	11	import jav a.util.Lis t;
	12	import jav a.util.Map ;
	13
	14	import jav ax.naming. NamingExce ption;
	15	import jav ax.naming. directory. DirContext ;
	16	import jav ax.naming. directory. SearchCont rols;
	17
	18	import org .apache.co mmons.lang .exception .Exception Utils;
	19	import org .springfra mework.bea ns.factory .Initializ ingBean;
	20	import org .springfra mework.bea ns.factory .annotatio n.Autowire d;
	21	import org .springfra mework.bea ns.factory .annotatio n.Value;
	22	import org .springfra mework.lda p.Communic ationExcep tion;
	23	import org .springfra mework.lda p.core.Att ributesMap per;
	24	import org .springfra mework.lda p.core.Con textMapper ;
	25	import org .springfra mework.lda p.core.Dis tinguished Name;
	26	import org .springfra mework.lda p.core.Lda pTemplate;
	27	import org .springfra mework.lda p.core.sup port.Defau ltDirObjec tFactory;
	28	import org .springfra mework.lda p.core.sup port.LdapC ontextSour ce;
	29	import org .springfra mework.lda p.filter.A ndFilter;
	30	import org .springfra mework.lda p.filter.E qualsFilte r;
	31	import org .springfra mework.lda p.filter.L ikeFilter;
	32	import org .springfra mework.lda p.transact ion.compen sating.man ager.Trans actionAwar eContextSo urceProxy;
	33	import org .springfra mework.ste reotype.Re pository;
	34
	35	import gov .va.med.fw .model.lda p.LdapCons tants;
	36	import gov .va.med.fw .model.lda p.LdapPers on;
	37	import gov .va.med.fw .model.lda p.SearchCr iteria;
	38	import gov .va.med.fw .service.A bstractCom ponent;
	39	import gov .va.med.fw .util.Stri ngUtils;
	40
	41
	42	/**
	43	* Data Ac cess Objec t implemen tation for Ldap Grou p.
	44	*
	45	* CISS ci ss_framewo rk Jun 23, 2008
	46	*
	47	* @author D NS
	48	*/
	49	@Repositor y
	50	public cla ss LdapPer sonDaoImpl extends A bstractCom ponent imp lements Ld apPersonDa o, LdapCon stants, In itializing Bean{
	51
	52	pr ivate Ldap Template l dapTemplat e;
	53
	54	pr ivate Stri ng domainC ontext = " DC=va,DC=g ov";
	55
	56	@V alue(value ="${ldapRe adServerUr l1} ${ldap ReadServer Url2}")
	57	pr ivate Stri ng[] ldapS erverUrls = null;
	58	pr ivate Stri ng groupOU = "None" ;
	59	@V alue(value ="${ldapU serId}")
	60	pr ivate Stri ng userDn;
	61	@V alue(value ="${ldapPa ssword}")
	62	pr ivate Stri ng ldapPas sword;
	63
	64	pu blic void setGroupOU (String gr oupOU) {
	65	this .groupOU = groupOU;
	66	}
	67
	68	/* *
	69	* @return t he domainC ontext
	70	* /
	71	pu blic Strin g getDomai nContext() {
	72	retu rn domainC ontext;
	73	}
	74
	75	/* *
	76	* @param do mainContex t
	77	* the doma inContext to set
	78	* /
	79	pu blic void setDomainC ontext(Str ing domain Context) {
	80	if ( StringUtil s.isNotEmp ty(domainC ontext)) {
	81	this.d omainConte xt = domai nContext;
	82	}
	83	}
	84
	85	/* *
	86	* @return t he ldapRea dServerUrl
	87	* /
	88	pu blic Strin g[] getLda pServerUrl s() {
	89	retu rn ldapSer verUrls;
	90	}
	91
	92	/* *
	93	* @param ld apReadServ erUrl
	94	* the ldap ReadServer Url to set
	95	* /
	96	pu blic void setLdapSer verUrls(St ring[] lda pReadServe rUrls) {
	97	this .ldapServe rUrls = ld apReadServ erUrls;
	98	}
	99
	100	pr ivate Attr ibutesMapp er<LdapPer son> getAt tributesMa pper() {
	101	Pers onContextM apper pers onContextM apper = ne w PersonCo ntextMappe r();
	102	pers onContextM apper.setG roupOU(gro upOU);
	103	retu rn personC ontextMapp er;
	104	}
	105
	106	pu blic List findAll() {
	107	Equa lsFilter f ilter = ne w EqualsFi lter(OBJEC T_CLASS, U SER);
	108	//Us e ldapTemp late searc h instead to fix For tify issue
	109	return l dapTemplat e.search(D istinguish edName.EMP TY_PATH, f ilter.enco de(),
	110	getA ttributesM apper());
	111	}
	112
	113	pu blic LdapP erson find ByDistingu ishedName( String dn) {
	114	//Us e ldapTemp late looku p instead to fix For tify issue
	115	retu rn (LdapPe rson) ldap Template.l ookup(dn, getAttribu tesMapper( ));
	116	}
	117
	118	/* *
	119	* Searches ActiveDire ctory by t he given s AMAccountN ame
	120	*
	121	* @param sA MAccountNa me
	122	* the sAmA ccountaNam e to searc h by
	123	* @return t he found L dapPerson
	124	* /
	125	pu blic LdapP erson find BySamAccou ntName(Str ing sAMAcc ountName) {
	126	AndF ilter andF ilter = ne w AndFilte r();
	127	andF ilter.and( new Equals Filter(OBJ ECT_CLASS, USER));
	128	andF ilter.and( new Equals Filter(SAM _ACCOUNT_N AME, sAMAc countName) );
	129	@Sup pressWarni ngs("unche cked")
	130	//us e ldapTemp late to se arch to fi x Fortify issue
	131	List <LdapPerso n> results = ldapTem plate.sear ch(Disting uishedName .EMPTY_PAT H, andFilt er.encode( ),
	132	getAttri butesMappe r());
	133
	134	if ( results != null && r esults.siz e() > 0)
	135	return (LdapPers on) result s.get(0);
	136	else
	137	return null;
	138	}
	139
	140	pu blic List find(Searc hCriteria criteria) {
	141	AndF ilter andF ilter = ne w AndFilte r();
	142	andF ilter.and( new Equals Filter(OBJ ECT_CLASS, "user"));
	143
	144	// C heck for m inimum req uired sear ch fields
	145	if ( !isValid(c riteria)) {
	146	return new Array List();
	147	}
	148	if ( StringUtil s.isNotEmp ty(criteri a.getSAMAc countName( ))) {
	149	andFil ter.and(ne w EqualsFi lter(SAM_A CCOUNT_NAM E, criteri a.getSAMAc countName( )));
	150	}
	151	if ( StringUtil s.isNotEmp ty(criteri a.getFirst Name())) {
	152	// and Filter.and (new Equal sFilter(GI VEN_NAME,
	153	// cri teria.getF irstName() ));
	154	andFil ter.and(ne w LikeFilt er(GIVEN_N AME, crite ria.getFir stName())) ;
	155	}
	156	if ( StringUtil s.isNotEmp ty(criteri a.getLastN ame())) {
	157	andFil ter.and(ne w EqualsFi lter(SN, c riteria.ge tLastName( )));
	158	}
	159	if ( StringUtil s.isNotEmp ty(criteri a.getMiddl eName())) {
	160	andFil ter.and(ne w EqualsFi lter(MIDDL E_NAME, cr iteria.get MiddleName ()));
	161	}
	162	if ( StringUtil s.isNotEmp ty(criteri a.getGroup Name())) {
	163	andFil ter.and(ne w EqualsFi lter(MEMBE R_OF, crit eria.getGr oupName()) );
	164	}
	165
	166	// T his is a c onvenience for testi ng and is not used b y the appl ication
	167	if ( StringUtil s.isNotEmp ty(criteri a.getName( ))) {
	168	andFil ter.and(ne w LikeFilt er(CN, cri teria.getN ame()));
	169	}
	170
	171	//us e ldaptemp late to se arch to fi x Fortify issue
	172	retu rn ldapTem plate.sear ch(Disting uishedName .EMPTY_PAT H, andFilt er.encode( ),
	173	ge tAttribute sMapper()) ;
	174	}
	175
	176	/* *
	177	* Allow use rid, lastn ame or gro up name se arch
	178	*
	179	* @param cr iteria
	180	* @return
	181	* /
	182	pr ivate bool ean isVali d(SearchCr iteria cri teria) {
	183	if ( StringUtil s.isNotEmp ty(criteri a.getSAMAc countName( ))
	184	\|\| Strin gUtils.isN otEmpty(cr iteria.get LastName() )
	185	\|\| Strin gUtils.isN otEmpty(cr iteria.get Name())
	186	\|\| Strin gUtils.isN otEmpty(cr iteria.get GroupName( ))) {
	187	return true;
	188	}
	189	retu rn false;
	190	}
	191
	192	/* *
	193	* Authentic ate by log ging into the ldap s erver
	194	*
	195	* @param us erDn
	196	* @param pa ssword
	197	* @return
	198	* /
	199	pu blic boole an authent icate(Stri ng userDn, String pa ssword) th rows Commu nicationEx ception {
	200	DirC ontext ctx = null;
	201	try {
	202	LdapCo ntextSourc e context = new Ldap ContextSou rce();
	203	contex t.setUrls( getLdapSer verUrls()) ;
	204	contex t.setBase( getDomainC ontext());
	205	contex t.setUserD n(userDn);
	206	contex t.setPassw ord(passwo rd);
	207	contex t.setPoole d(false);
	208	contex t.afterPro pertiesSet ();
	209	ctx = context.ge tReadOnlyC ontext();
	210	return true;
	211	} ca tch (Excep tion e) {
	212	logger .error("Un able to au thenticate against L DAP", e);
	213	if(e i nstanceof Communicat ionExcepti on && (Exc eptionUtil s.getRootC ause(e) in stanceof U nknownHost Exception \|\|
	214	ExceptionU tils.getRo otCause(e) instanceo f NoRouteT oHostExcep tion \|\|
	215	ExceptionU tils.getRo otCause(e) instanceo f ConnectE xception)) {
	216	throw (C ommunicati onExceptio n) e;
	217	}
	218	// TOD O transalt e the ldap messaged into user readable e rror
	219	// mes sages
	220
	221	/*
	222	* 525 - user no t found 52 e - invali d credenti als 530 - not
	223	* per mitted to logon at t his time 5 32 - passw ord expire d 533 -
	224	* acc ount disab led 701 - account ex pired 773 - user mus t reset
	225	* pas sword
	226	*/
	227
	228	return false;
	229	} fi nally {
	230	close( ctx);
	231	}
	232	}
	233
	234	/* *
	235	* Close the ldap dire ctory cont ext
	236	*
	237	* @param ct x
	238	* /
	239	pr ivate void close(Dir Context ct x) {
	240	if ( ctx != nul l) {
	241	try {
	242	ctx.clos e();
	243	} catc h (NamingE xception e ) {
	244	// TODO Auto-gener ated catch block
	245	e.printS tackTrace( );
	246	}
	247	}
	248	}
	249
	250	@O verride
	251	pu blic void afterPrope rtiesSet() throws Ex ception {
	252	// S etting the proper LD AP configu rations
	253	fina l LdapCont extSource contextSou rceReadTar get = new LdapContex tSource();
	254	cont extSourceR eadTarget. setUrls(ld apServerUr ls);
	255	cont extSourceR eadTarget. setBase(do mainContex t);
	256	cont extSourceR eadTarget. setUserDn( userDn);
	257	cont extSourceR eadTarget. setPasswor d(ldapPass word);
	258	cont extSourceR eadTarget. setDirObje ctFactory( DefaultDir ObjectFact ory.class) ;
	259	cont extSourceR eadTarget. setPooled( false);
	260	fina l Map<Stri ng, Object > map = ne w HashMap< >();
	261	map. put("java. naming.ref erral", "i gnore");
	262	cont extSourceR eadTarget. setBaseEnv ironmentPr operties(m ap);
	263	cont extSourceR eadTarget. afterPrope rtiesSet() ;
	264	fina l Transact ionAwareCo ntextSourc eProxy con textSource Read = new Transacti onAwareCon textSource Proxy(cont extSourceR eadTarget) ;
	265	ldap Template = new LdapT emplate(co ntextSourc eRead);
	266	ldap Template.s etIgnorePa rtialResul tException (true);
	267	}
	268
	269	}