Compare commits
2 Commits
4eba45de27
...
101760c314
Author | SHA1 | Date |
---|---|---|
Meikel Bisping | 101760c314 | 6 months ago |
Meikel Bisping | df01e01138 | 6 months ago |
5 changed files with 161 additions and 22 deletions
@ -0,0 +1,69 @@
@@ -0,0 +1,69 @@
|
||||
package de.superx.bin; |
||||
|
||||
import java.io.BufferedWriter; |
||||
import java.io.File; |
||||
import java.io.FileWriter; |
||||
import java.sql.Connection; |
||||
import java.sql.PreparedStatement; |
||||
import java.sql.ResultSet; |
||||
import java.sql.Statement; |
||||
|
||||
import de.memtext.util.GetOpts; |
||||
import de.superx.servlet.LdapPasswordChecker; |
||||
/** |
||||
* Klasse zum Sperren von Benutzern, die in LDAP gesperrt sind |
||||
* Erwartet Eintrag LdapLockoutFilter in superx_standalone_ldap.properties |
||||
* |
||||
* |
||||
*/ |
||||
public class LdapLockout { |
||||
private static String usage = "Gebrauch: java de.superx.bin.LdapLockout -dbproperties=<<Pfad zu db.properties>> -ldapconfig=<<Pfad zu superx_standalone_ldap.properties>>"; |
||||
public static void main(String[] args) { |
||||
GetOpts.setOpts(args); |
||||
String isdrin = GetOpts.isAllRequiredOptionsPresent("-dbproperties,-ldapconfig"); |
||||
if (isdrin != null) { |
||||
System.err.println("Folgende Optionen fehlen: " + isdrin); |
||||
System.err.println(usage); |
||||
System.exit(1); |
||||
} |
||||
|
||||
try { |
||||
File f = new File("LdapLockout.log"); |
||||
if (f.exists()) |
||||
{ |
||||
f.delete(); |
||||
} |
||||
LdapPasswordChecker.setup(new File(GetOpts.getValue("-ldapconfig"))); |
||||
checkUsers(GetOpts.getValue("-dbproperties")); |
||||
|
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
} |
||||
} |
||||
|
||||
private static void checkUsers(String dbpropfile) throws Exception { |
||||
SxConnection myConnection = new SxConnection(); |
||||
myConnection.setPropfile(dbpropfile); |
||||
Connection con = myConnection.getConnection(); |
||||
Statement stm = con.createStatement(); |
||||
ResultSet rs = stm.executeQuery("select benutzer from userinfo order by 1"); |
||||
PreparedStatement pst = con.prepareStatement( |
||||
"update userinfo set max_versuch=0,passwd_sha=null, gueltig_bis=today()-1, info='deaktiviert am '||today() where benutzer=? and max_versuch>0"); |
||||
LdapPasswordChecker ldappwc = new LdapPasswordChecker(); |
||||
while (rs.next()) { |
||||
String benutzer = rs.getString("benutzer"); |
||||
System.out.println("Pruefe Nutzer " + benutzer); |
||||
if (ldappwc.isUserLocked(benutzer)) { |
||||
System.out.println(" - Benutzer " + benutzer + " wird gesperrt"); |
||||
pst.clearParameters(); |
||||
pst.setString(1, benutzer); |
||||
pst.executeUpdate(); |
||||
} |
||||
} |
||||
rs.close(); |
||||
stm.close(); |
||||
pst.close(); |
||||
myConnection.close(); |
||||
ldappwc.closeServiceCtxForLockout(); |
||||
} |
||||
} |
@ -0,0 +1,6 @@
@@ -0,0 +1,6 @@
|
||||
#!/bin/bash |
||||
if [ "$1" = "" ] |
||||
then echo "Aufruf: sx_ldap_lockout.x Pfad/zu/db.properties pfad/zu/superx_standalone_ldap.properties" |
||||
exit 0 |
||||
fi |
||||
java -cp "$JDBC_CLASSPATH" de.superx.bin.LdapLockout -dbproperties:$1 -ldapconfig:$2 |
Loading…
Reference in new issue