37                            x ! x x          x x x x        C H   !"# $%&'  ()* \  +,-./0 H123 g4 j5 l6 n n7 l8  9: ; <= v>? l@A lBC lDE F  GH  8 I lJ jKL jM  NOP QR  STU VW  XY SZ [\ []^ _ ` a Sab cdef Sghi Sjkl@@ mnop \qrstu vwxyz Z {|} ~   H    a  v   v v v    c H vZ    $ ldapUrlLjava/lang/String;ldapBasereferralldapConnectTimeLimitldapSearchTimeLimitIldapSearchCountLimitcurrentReferralInfoenvLjava/util/Hashtable; Signature;Ljava/util/Hashtable;refExc Ljavax/naming/ReferralException;log Lorg/apache/commons/logging/Log;()VCodeLineNumberTableLocalVariableTableeLjava/lang/Exception;this+Lorg/dataone/portal/servlets/ldap/AuthLdap; StackMapTable Exceptions authenticate'(Ljava/lang/String;Ljava/lang/String;)Zposition position2decodedrefUrlrefBasenpe Ljava/lang/NullPointerException;neLjavax/naming/NamingException;userpassword authenticatedZ identifieruid?ldapAuthenticateK(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)ZLjava/io/IOException; aliasedDnee&Ljavax/naming/AuthenticationException;dn rootServerrootBaseserveruserDNLocalVariableTypeTable)2getSubjectInfo>(Ljava/lang/String;)Lorg/dataone/service/types/v1/SubjectInfo; attributesLjava/util/HashMap;g$Lorg/dataone/service/types/v1/Group; groupSubject&Lorg/dataone/service/types/v1/Subject;group[Ljava/lang/String;groups[[Ljava/lang/String;Ljava/net/ConnectException;usernameinfo*Lorg/dataone/service/types/v1/SubjectInfo;person%Lorg/dataone/service/types/v1/Person;subjectMLjava/util/HashMap;>;456getAliasedDnTLS;(Ljava/lang/String;Ljava/util/Hashtable;)Ljava/lang/String;aliasuseTLSa(Ljava/lang/String;Ljava/util/Hashtable;)Ljava/lang/String; getAliasedDn<(Ljava/lang/String;Ljava/util/Hashtable;Z)Ljava/lang/String;result%Ljavax/naming/directory/SearchResult;sctxLjavax/naming/ldap/LdapContext;tls$Ljavax/naming/ldap/StartTlsResponse;ctls'Ljavax/naming/directory/SearchControls;filteranswer Ljavax/naming/NamingEnumeration;UWb(Ljava/lang/String;Ljava/util/Hashtable;Z)Ljava/lang/String;authenticateTLS<(Ljava/util/Hashtable;Ljava/lang/String;Ljava/lang/String;)Zctx startTimeDstopTimesessLjavax/net/ssl/SSLSession;aeioeb(Ljava/util/Hashtable;Ljava/lang/String;Ljava/lang/String;)ZgetIdentifyingNameJ(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;sr referralError moreReferralsorg#Ljavax/naming/directory/DirContext;| getUserInfo9(Ljava/lang/String;Ljava/lang/String;)[Ljava/lang/String;slee)Ljavax/naming/SizeLimitExceededException;attrIDs namingEnumtempAttr#Ljavax/naming/directory/Attributes;userinforealNameX^getUsers'(Ljava/lang/String;)[Ljava/lang/String;attr"Ljavax/naming/directory/Attribute;iuvecLjava/util/Vector;users= getGroupsL(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)[[Ljava/lang/String;rsrDirCtx searchCtls attrNamesrFilter rNamingEnumnameExenvHashregfilterforusergvecdescrsrAttr getAttributes'(Ljava/lang/String;)Ljava/util/HashMap;valuecceLjava/lang/ClassCastException;attvaluesattName attvaluesattrsen&Ljava/util/Vector;a(Ljava/lang/String;)Ljava/util/HashMap;>; SourceFile AuthLdap.java  java/util/Hashtable   ldap.url   ldap.base  ldap.referral ldap.connectTimeLimit ldap.searchTimeLimit  ldap.searchCountLimit java/lang/Exception java/lang/InstantiationExceptionjava/lang/StringBuilder!Could not instantiate AuthLdap -     , java/net/ConnectExceptionInvalid LDAP user credential: . Missing ','   $AuthLdap.authenticate - identifier: , uid: , user:  JAuthLdap.authenticate - Calling ldapAuthenticate with user as identifier: ] @-)AuthLdap.authenticate - Not Authenticated+AuthLdap.authenticate - Looking up DN for: ;AuthLdap.authenticate - No DN found from getIdentifyingName:AuthLdap.authenticate - DN found from getIdentifyingName:  $AuthLdap.authenticate - DN decoded: ldap 5AuthLdap.authenticate - identifier starts with "ldap"/   KAuthLdap.authenticate - Calling ldapAuthenticate: with user as identifier:  and refUrl as:  and refBase as: @A9AuthLdap.authenticate - identifier doesnt start with ldapIAuthLdap.authenticate - Calling ldapAuthenticatewith user as identifier: java/lang/NullPointerException\AuthLdap.authenticate - NullPointerException while authenticating in AuthLdap.authenticate:    javax/naming/NamingExceptionXAuthLdap.authenticate - Naming exception while authenticating in AuthLdap.authenticate: #AuthLdap.ldapAuthenticate - dn is: )AuthLdap.ldapAuthenticate - position is: 'AuthLdap.ldapAuthenticate - userDN is: 'AuthLdap.ldapAuthenticate - server is: 4AuthLdap.ldapAuthenticate - Trying to authenticate:  Using server: javax/naming/Contextjava.naming.factory.initial com.sun.jndi.ldap.LdapCtxFactory java.naming.provider.urljava.naming.referralthrow $javax/naming/AuthenticationException.AuthLdap.ldapAuthenticate - failed to login : hi.AuthLdap.ldapAuthenticate - an aliased object  was found for the DN *. We will try to authenticate this new DN .,AuthLdap.ldapAuthenticate - NamingException ? happend when the ldap server authenticated the aliased object java/io/IOException(AuthLdap.ldapAuthenticate - IOException (org/dataone/service/types/v1/SubjectInfo#org/dataone/service/types/v1/Person$org/dataone/service/types/v1/Subject   mail  java/util/Vector java/lang/String  givenName sn Error looking up person  "org/dataone/service/types/v1/Group   Error looking up group  mnignore$javax/naming/ldap/InitialLdapContext !javax/naming/ldap/StartTlsRequest "javax/naming/ldap/StartTlsResponse  %javax/naming/directory/SearchControls  (objectClass=*)      #javax/naming/directory/SearchResult    :AuthLdap.authenticateTLS - Trying to authenticate with TLS #java.naming.security.authenticationsimple java.naming.security.principal java.naming.security.credentials 0AuthLdap.authenticateTLS - Connection time thru  was:  seconds.5AuthLdap.authenticateTLS - Authentication exception: DAuthLdap.authenticateTLS - Naming error when athenticating via TLS: AAuthLdap.authenticateTLS - I/O error when athenticating via TLS: =&AuthLdap.getIdentifyingName - uid is: &AuthLdap.getIdentifyingName - org is: (javax/naming/directory/InitialDirContext (&(uid=)(o=))GAuthLdap.getIdentifyingName - Searching for DNs with following filter: javax/naming/ReferralException,AuthLdap.getIdentifyingName - Got referral:  !javax/naming/directory/DirContextFNamingException when getting referral contex. Skipping this referral.  AAuthLdap.getIdentifyingName - Naming exception while getting dn: 1Naming exception in AuthLdap.getIdentifyingName: 3AuthLdap.getUserInfo - get the user info for user =AuthLdap.getUserInfo - can't get the alias name for the user  since *AuthLdap.getUserInfo - the aliased dn for  is cno !"(&( # $cn: o: mail: 'javax/naming/SizeLimitExceededExceptionXAuthLdap.getUserInfo - LDAP Server size limit exceeded. Returning incomplete record set.-AuthLdap.getUserInfo - Problem getting users:+Problem getting users in AuthLdap.getUsers: uniqueMember % &' javax/naming/directory/Attribute (UAuthLdap.getUsers - LDAP Server size limit exceeded. Returning incomplete record set. ) *+KAuthLdap.getUsers - Problem getting users for a group in AuthLdap.getUsers:(AuthLdap.getGroups - getGroups() called.!com.sun.jndi.ldap.connect.timeout description , -. (objectClass=groupOfUniqueNames)(& (uniqueMember=&AuthLdap.getGroups - group filter is:  description: 8AuthLdap.getGroups - Search result entry is relative ...AuthLdap.getGroups - group  added to the group vector8AuthLdap.getGroups - Search result entry is absolute ...(&(objectClass=referral)(ref=?!AuthLdap.getGroups - rFilter is: 0AuthLdap.getGroups - referral search result is: cn=,o=AuthLdap.getGroups - group cn=.AuthLdap.getGroups - Caught naming exception: /0 11AuthLdap.getGroups - caught referral exception: :AuthLdap.getGroups - The user is in the following groups: .AuthLdap.getGroups - caught naming exception: java/util/HashMap 2 3java/lang/ClassCastExceptionCould not cast LDAP attribute (!) to a String value, so skipping.4AuthLdap.getAttributes - Problem getting attributes:5Problem getting attributes in AuthLdap.getAttributes:)org/dataone/portal/servlets/ldap/AuthLdap4 56java/lang/Objectjavax/naming/ldap/LdapContextjavax/naming/NamingEnumeration!javax/naming/directory/Attributesjava/lang/Throwable(I)V"org/dataone/configuration/SettingsgetConfiguration2()Lorg/apache/commons/configuration/Configuration;.org/apache/commons/configuration/Configuration getString&(Ljava/lang/String;)Ljava/lang/String;java/lang/IntegerparseInt(Ljava/lang/String;)Iappend-(Ljava/lang/String;)Ljava/lang/StringBuilder; getMessage()Ljava/lang/String;toString(Ljava/lang/String;)VindexOf substring(II)Ljava/lang/String;length()Iorg/apache/commons/logging/Logdebug(Ljava/lang/Object;)Vjava/net/URLDecoderdecode startsWith(Ljava/lang/String;)Z lastIndexOf(Ljava/lang/String;I)I(I)Ljava/lang/String;-(Ljava/lang/Object;)Ljava/lang/StringBuilder;errorprintStackTrace(I)Ljava/lang/StringBuilder;warnput8(Ljava/lang/Object;Ljava/lang/Object;)Ljava/lang/Object;setValue setSubject)(Lorg/dataone/service/types/v1/Subject;)V containsKey(Ljava/lang/Object;)Zget&(Ljava/lang/Object;)Ljava/lang/Object; firstElement()Ljava/lang/Object;addEmail addGivenName setFamilyName*(Ljava/lang/Object;Ljava/lang/Throwable;)V addHasMember addIsMemberOfaddGroup'(Lorg/dataone/service/types/v1/Group;)V addPerson((Lorg/dataone/service/types/v1/Person;)V4(Ljava/util/Hashtable;[Ljavax/naming/ldap/Control;)VextendedOperationI(Ljavax/naming/ldap/ExtendedRequest;)Ljavax/naming/ldap/ExtendedResponse; negotiate()Ljavax/net/ssl/SSLSession;setSearchScopesearchm(Ljava/lang/String;Ljava/lang/String;Ljavax/naming/directory/SearchControls;)Ljavax/naming/NamingEnumeration;hasMore()Znext isRelativegetNameInNamespaceclosejava/lang/SystemcurrentTimeMillis()JaddToEnvironment8(Ljava/lang/String;Ljava/lang/Object;)Ljava/lang/Object; reconnect([Ljavax/naming/ldap/Control;)V(D)Ljava/lang/StringBuilder;(Ljava/util/Hashtable;)VgetNamegetReferralInfogetReferralContext()Ljavax/naming/Context; skipReferralsetReturningAttributes([Ljava/lang/String;)V%()Ljavax/naming/directory/Attributes;6(Ljava/lang/String;)Ljavax/naming/directory/Attribute;J(Ljava/lang/String;[Ljava/lang/String;)Ljavax/naming/directory/Attributes;getAll"()Ljavax/naming/NamingEnumeration;addsize elementAt(I)Ljava/lang/Object; setTimeLimit setCountLimit(J)VerrLjava/io/PrintStream;(Ljava/io/PrintStream;)V7(Ljava/lang/String;)Ljavax/naming/directory/Attributes;getID%org/apache/commons/logging/LogFactorygetLog3(Ljava/lang/Class;)Lorg/apache/commons/logging/Log;!    !**Y **  *  * **"LYY+*kn":VNYZ-[;\I]Z^kcn_o`bfg#o$%&'(n)*+,-!T *N* :6+:+ #!YY"+#$++ %:++ +&%L'Y()*++'Y,-*,.6q'/-'Y0-*-1:'2-'Y3-4:'Y5-:: : 67'8+9:`%:  6  `;6  `<: 9:`<:'Y=> ? -*,  @6M'A-Y:'YB-*,.6e:'YDEFG!YYDE$:'YIEFJ!C!C`H`H"/tu vwz{;~HW26:>HRcly!#?D`b~#le. yX/ 0:1 >2 #=34b!56&'78 {x9:u;H><(:;)=========IB>~?"+!@-!M*+,** @"# &';8+!HC@A! 6::'YK+-+9:6'YLM+N-:+ Y+:+:'YN-P+`%:+`<:'YO-'YN-'YPQRYS:  UVWW XWW YZWW* ,[6: 'Y] ^-: * _:  C'Y` ab cR*  ,[6\: 'Yd ef F.: 'Yh if F5@C\gHgg"% &.JPS\y|!+5@CEdgqv      #)$6 )$B gC EDE &'F8GH9:I  J.. K  (] y )======LZ )======LMrM=B?mN*OP!  jYkMlYmNnYo:+p-q*+r:st-suvwxyzt-zuvwx{|t-|uvwx}:'~*+::66E2: Y: nYo:   2p   - , :',-,%!"z%,6J T!h#r$)'(-./012345.:89< >#z ,ZQR $%,ST #UV 5WX UYZ $[ &' \]^_`aVK ,ZQb(] J)=cdefB*  )=cdeH)=cdeBg hi!h >*+," FG#* &' j k:K  +Hglmn! :, ,YWWY,::Y::Y::+:  $ :   : "ZNOPRST"U5X<ZE[K\O]]^g_s`{bcefgij#p sop &'jk:CqrstE[uvOQw]Cxy K ( =+z{ |=}' +Hg~!4 '-:9Y+:Y:  : W,W-W9'Y*go-i:'Y^R:\YYe:\YYi \ H g"Zp r uvy'z1|8}D~OZbh#z rh41kst 8d "E56B&'J8K (Mc?`N +\!Q:YS:UVWWYZWWXY,-WW+ 6++ `%:'Y-++`;`+`;%:'Y-Y: Y:  Y: 'Y R6     :   ::6 : 'Y E- H6@ : 6:'YeF W6[=:'Y¶EFHYYöEĿ>E?BEsH:HHI>H?H".  :BGIYu)5<?BEGfkns}#5 p#xy (56nB:Gi$  : Bq.YZ<"q uv w 8$6&'7; ( I=L )====L==|=} )====L==|=(T?,)====LB?9+H! xN'YŶ+-Y :UVWWX*WW:*+_:-:'Yƶ+ǶR'Yȶ+ɶ-LY* WWY:Y:xYSYSYsS:: YͶ++ %: + : :  L :  : Y ʹEж7(-Y ʹEa!$%' *-+S-q/t3w0y16<89;>#R($%7:p y  uvXw ly !i 8$6&'78X+D(P)==L=*),y )==L=|=}dGHB )==L=?9+!!} MY N-UVWW-Y* WW-X*WWY-:xYS:+:vY::5:  :   Wǧ:'߹FxM6,xS!:'YEF,U+H"nJM NO P+U5X@ZL\U^h_t`a`dhefklmlqzst|#}$y t# ^<y 5@XLxU$6&'WX (V ^ )=L}}B  )=L?+!! '+vY:vY:::*UVWW*YZWW*X*WW**WWY*:Y: xYSYSYS:     * *: : -  : 'Y -: 'Y -6  F*   :::YE7,YE <W$YEW67ld'+Y* W'Y* -'+Y :UVWWYWWX*WW*WWY:Y:xYS:**Y** %:'Y+* :::'Y+YʹEж7YYʹE<Y˹E<* W'YYʹE<Y˹E<* -YʹE˹E* W'YʹE˹E* -@:'+O6 3:'YE-*x6 6@:6:'YeFW6'YR:6  + 2 xS 2 xS :'-'YR:6  + 2 xS 2 xS :'YR:6+2xS2xSNH HVFHVF!!!#!"} ".:HVcl #*GMv ",6BNYbmtz    C\!!%D&[%_'r()',1./035O79;:<?BCE F LHI0J6K9L<O?TF_eaqb~cdbfVYZ_abcdbf!_BaNb[cld}bf#V"pYNbEvm:Xy6"#p y(56B:sH: cluv X w  t2 q8YZ$62 8YZQ2N8YZ&'78sjg"d( )===|==#}h u)===|==}L|=}<)===|==}LB?)===|==2T?,4 )===1)===?B1)===/)===1+!! #YM*NY :UVWWY* WWX-WWY:+:::vY: : :  B x:   W: 'Y +,  W}?:'Y EF!YY E$,7H"vrs vw"x.y7~BLU_kt}!# # kmtd }[ Ry BLUy:$6#&'#QR  Ktd Qb(U)=f=L}0 )=f=L}=}`' )=f=L} )=f=L?;+! !"   '"Q