ldap Context accountMapping

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/IAuthenticationServer.java

@@ -25,5 +25,6 @@ package org.maxkey.authn.realm;
 public interface IAuthenticationServer {
 
     public boolean authenticate(String username, String password);
-
+    
+    public boolean isMapping();
 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/ActiveDirectoryServer.java

@@ -36,6 +36,8 @@ public final class ActiveDirectoryServer implements IAuthenticationServer {
 
 	String filter;
 	
+	boolean mapping;
+	
 	/* (non-Javadoc)
 	 * @see com.connsec.web.authentication.realm.IAuthenticationServer#authenticate(java.lang.String, java.lang.String)
 	 */
@@ -75,4 +77,11 @@ public final class ActiveDirectoryServer implements IAuthenticationServer {
 		this.filter = filter;
 	}
 
+	public boolean isMapping() {
+		return mapping;
+	}
+
+	public void setMapping(boolean mapping) {
+		this.mapping = mapping;
+	}
 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/LdapAuthenticationRealm.java

@@ -61,8 +61,12 @@ public class LdapAuthenticationRealm  extends AbstractAuthenticationRealm{
 	public boolean passwordMatches(UserInfo userInfo, String password) {
 		 boolean isAuthenticated=false;
 		 for (final IAuthenticationServer ldapServer : this.ldapServers) {
-            _logger.debug("Attempting to authenticate {} at {}", userInfo.getUsername(), ldapServer);
-            isAuthenticated= ldapServer.authenticate(userInfo.getUsername(), password);
+			 String username = userInfo.getUsername();
+			 if(ldapServer.isMapping()) {//if ldap Context accountMapping equals YES 
+				 username = userInfo.getWindowsAccount();
+			 }
+            _logger.debug("Attempting to authenticate {} at {}", username, ldapServer);
+            isAuthenticated= ldapServer.authenticate(username, password);
             if (isAuthenticated ) {
             	return true;
             }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/LdapAuthenticationRealmService.java

@@ -60,6 +60,9 @@ public class LdapAuthenticationRealmService {
 			            								ldapContext.getCredentials(),
 			            								ldapContext.getMsadDomain());
 			            ldapServer.setActiveDirectoryUtils(ldapUtils);
+			            if(ldapContext.getAccountMapping().equalsIgnoreCase("YES")) {
+			            	ldapServer.setMapping(true);
+			            }
 			            ldapAuthenticationServers.add(ldapServer);
 						
 					}else {
@@ -71,6 +74,9 @@ public class LdapAuthenticationRealmService {
 													ldapContext.getBasedn());
 						standardLdapServer.setLdapUtils(ldapUtils);
 						standardLdapServer.setFilterAttribute(ldapContext.getFilters());
+						if(ldapContext.getAccountMapping().equalsIgnoreCase("YES")) {
+							standardLdapServer.setMapping(true);
+			            }
 						ldapAuthenticationServers.add(standardLdapServer);
 					}
 				}

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/StandardLdapServer.java

@@ -41,6 +41,8 @@ public final class StandardLdapServer implements IAuthenticationServer {
 	
 	String filterAttribute;
 	
+	boolean mapping;
+	
 	/* (non-Javadoc)
 	 * @see com.connsec.web.authentication.realm.IAuthenticationServer#authenticate(java.lang.String, java.lang.String)
 	 */
@@ -95,4 +97,12 @@ public final class StandardLdapServer implements IAuthenticationServer {
 		this.filterAttribute = filterAttribute;
 	}
 
+	public boolean isMapping() {
+		return mapping;
+	}
+
+	public void setMapping(boolean mapping) {
+		this.mapping = mapping;
+	}
+
 }

maxkey-core/src/main/java/org/maxkey/entity/LdapContext.java

@@ -54,6 +54,8 @@ public class LdapContext extends JpaBaseEntity implements Serializable {
     @Column
     String msadDomain;
     @Column
+    String accountMapping;
+    @Column
     String sslSwitch;
     @Column
     String trustStore;
@@ -152,6 +154,14 @@ public class LdapContext extends JpaBaseEntity implements Serializable {
 		this.sslSwitch = sslSwitch;
 	}
 
+	public String getAccountMapping() {
+		return accountMapping;
+	}
+
+	public void setAccountMapping(String accountMapping) {
+		this.accountMapping = accountMapping;
+	}
+
 	public String getTrustStore() {
 		return trustStore;
 	}

maxkey-core/src/main/java/org/maxkey/web/MetadataEndpoint.java

@@ -32,12 +32,12 @@ public class MetadataEndpoint {
 			        
 				  version.append("---------------------------------------------------------------------------------\n");
 				  version.append("+                                JAVA    \n");
-				  version.append(String.format("+                  %s java version %s, class %s\n",
+				  version.append(String.format("+                 %s java version %s, class %s\n",
 			                        SystemUtils.JAVA_VENDOR,
 			                        SystemUtils.JAVA_VERSION,
 			                        SystemUtils.JAVA_CLASS_VERSION
 			                    ));
-				  version.append(String.format("+                  %s (build %s, %s)\n",
+				  version.append(String.format("+                 %s (build %s, %s)\n",
 			                        SystemUtils.JAVA_VM_NAME,
 			                        SystemUtils.JAVA_VM_VERSION,
 			                        SystemUtils.JAVA_VM_INFO

maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message.properties

@@ -531,6 +531,7 @@ ldapcontext.credentials=\u51ED\u8BC1
 ldapcontext.filters=\u8FC7\u6EE4\u5668
 ldapcontext.basedn=\u57FA\u672CDN
 ldapcontext.msadDomain=Active Directory\u57DF
+ldapcontext.accountMapping=\u8D26\u53F7\u6620\u5C04
 ldapcontext.sslSwitch=SSL
 ldapcontext.trustStore=\u8BC1\u4E66
 ldapcontext.trustStorePassword=\u8BC1\u4E66\u5BC6\u94A5

maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_en.properties

@@ -539,6 +539,7 @@ ldapcontext.credentials=Credentials
 ldapcontext.filters=Filters
 ldapcontext.basedn=Base DN
 ldapcontext.msadDomain=Active Directory Domain
+ldapcontext.accountMapping=Account Mapping
 ldapcontext.sslSwitch=SSL
 ldapcontext.trustStore=TrustStore
 ldapcontext.trustStorePassword=TrustStorePassword

maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_zh_CN.properties

@@ -530,6 +530,7 @@ ldapcontext.credentials=\u51ED\u8BC1
 ldapcontext.filters=\u8FC7\u6EE4\u5668
 ldapcontext.basedn=\u57FA\u672CDN
 ldapcontext.msadDomain=Active Directory\u57DF
+ldapcontext.accountMapping=\u8D26\u53F7\u6620\u5C04
 ldapcontext.sslSwitch=SSL
 ldapcontext.trustStore=\u8BC1\u4E66
 ldapcontext.trustStorePassword=\u8BC1\u4E66\u5BC6\u94A5

maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/ldapcontext/updateLdapContext.ftl

@@ -67,9 +67,26 @@
 										</div>
 									</div>
 									<div class="row mb-3">
-                                            <label class="col-md-2 col-form-label"><@locale code="ldapcontext.providerUrl" /></label>
-                                            <div class="col-md-10">
-                                                <input required=""  class="form-control" type="text" id="providerUrl" name="providerUrl" value="${model.providerUrl!}" />
+                                            <div class="col-md-6">
+                                                <div class="form-group row">
+                                                    <label class="col-sm-3 col-form-label"><@locale code="ldapcontext.providerUrl" /></label>
+                                                    <div class="col-sm-9">
+                                                        <input  required="" class="form-control" type="text" id="providerUrl" name="providerUrl"  value="${model.providerUrl!}" />
+                                                        
+                                                    </div>
+                                                    
+                                                </div>
+                                            </div>
+                                            <div class="col-md-6">
+                                                <div class="form-group row">
+                                                    <label class="col-sm-3 col-form-label"><@locale code="ldapcontext.accountMapping" /></label>
+                                                    <div class="col-sm-9">
+                                                        <select id="accountMapping" name="accountMapping"  class="form-control  form-select">
+                                                            <option value="YES" <#if 'YES'==model.accountMapping>selected</#if> ><@locale code="common.text.yes" /></option>
+                                                            <option value="NO" <#if 'NO'==model.accountMapping>selected</#if> ><@locale code="common.text.no" /></option>
+                                                        </select>
+                                                    </div>
+                                                </div>
                                             </div>
                                     </div>
 									<div class="row mb-3">