Meikel Bisping
6 months ago
3 changed files with 131 additions and 17 deletions
@ -0,0 +1,69 @@ |
|||||||
|
package de.superx.bin; |
||||||
|
|
||||||
|
import java.io.BufferedWriter; |
||||||
|
import java.io.File; |
||||||
|
import java.io.FileWriter; |
||||||
|
import java.sql.Connection; |
||||||
|
import java.sql.PreparedStatement; |
||||||
|
import java.sql.ResultSet; |
||||||
|
import java.sql.Statement; |
||||||
|
|
||||||
|
import de.memtext.util.GetOpts; |
||||||
|
import de.superx.servlet.LdapPasswordChecker; |
||||||
|
/** |
||||||
|
* Klasse zum Sperren von Benutzern, die in LDAP gesperrt sind |
||||||
|
* Erwartet Eintrag LdapLockoutFilter in superx_standalone_ldap.properties |
||||||
|
* |
||||||
|
* |
||||||
|
*/ |
||||||
|
public class LdapLockout { |
||||||
|
private static String usage = "Gebrauch: java de.superx.bin.LdapLockout -dbproperties=<<Pfad zu db.properties>> -ldapconfig=<<Pfad zu superx_standalone_ldap.properties>>"; |
||||||
|
public static void main(String[] args) { |
||||||
|
GetOpts.setOpts(args); |
||||||
|
String isdrin = GetOpts.isAllRequiredOptionsPresent("-dbproperties,-ldapconfig"); |
||||||
|
if (isdrin != null) { |
||||||
|
System.err.println("Folgende Optionen fehlen: " + isdrin); |
||||||
|
System.err.println(usage); |
||||||
|
System.exit(1); |
||||||
|
} |
||||||
|
|
||||||
|
try { |
||||||
|
File f = new File("LdapLockout.log"); |
||||||
|
if (f.exists()) |
||||||
|
{ |
||||||
|
f.delete(); |
||||||
|
} |
||||||
|
LdapPasswordChecker.setup(new File(GetOpts.getValue("-ldapconfig"))); |
||||||
|
checkUsers(GetOpts.getValue("-dbproperties")); |
||||||
|
|
||||||
|
} catch (Exception e) { |
||||||
|
e.printStackTrace(); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
private static void checkUsers(String dbpropfile) throws Exception { |
||||||
|
SxConnection myConnection = new SxConnection(); |
||||||
|
myConnection.setPropfile(dbpropfile); |
||||||
|
Connection con = myConnection.getConnection(); |
||||||
|
Statement stm = con.createStatement(); |
||||||
|
ResultSet rs = stm.executeQuery("select benutzer from userinfo order by 1"); |
||||||
|
PreparedStatement pst = con.prepareStatement( |
||||||
|
"update userinfo set max_versuch=0,passwd_sha=null, gueltig_bis=today()-1, info='deaktiviert am '||today() where benutzer=? and max_versuch>0"); |
||||||
|
LdapPasswordChecker ldappwc = new LdapPasswordChecker(); |
||||||
|
while (rs.next()) { |
||||||
|
String benutzer = rs.getString("benutzer"); |
||||||
|
System.out.println("Pruefe Nutzer " + benutzer); |
||||||
|
if (ldappwc.isUserLocked(benutzer)) { |
||||||
|
System.out.println(" - Benutzer " + benutzer + " wird gesperrt"); |
||||||
|
pst.clearParameters(); |
||||||
|
pst.setString(1, benutzer); |
||||||
|
pst.executeUpdate(); |
||||||
|
} |
||||||
|
} |
||||||
|
rs.close(); |
||||||
|
stm.close(); |
||||||
|
pst.close(); |
||||||
|
myConnection.close(); |
||||||
|
ldappwc.closeServiceCtxForLockout(); |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,6 @@ |
|||||||
|
#!/bin/bash |
||||||
|
if [ "$1" = "" ] |
||||||
|
then echo "Aufruf: sx_ldap_lockout.x Pfad/zu/db.properties pfad/zu/superx_standalone_ldap.properties" |
||||||
|
exit 0 |
||||||
|
fi |
||||||
|
java -cp "$JDBC_CLASSPATH" de.superx.bin.LdapLockout -dbproperties:$1 -ldapconfig:$2 |
Loading…
Reference in new issue