You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2005/03/22 10:32:43 UTC
svn commit: r158585 -
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/operations
Author: erodriguez
Date: Tue Mar 22 01:32:41 2005
New Revision: 158585
URL: http://svn.apache.org/viewcvs?view=rev&rev=158585
Log:
Refactored the Kerberos store operations to use the Command pattern.
Added:
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/ContextOperation.java
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/PrincipalStoreImpl.java
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/operations/
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/operations/GetPrincipal.java
Removed:
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/ChangePasswordActionImpl.java
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/LookupPrincipalActionImpl.java
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/PasswordStore.java
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseFactory.java
Modified:
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/KerberosService.java
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/PrincipalStore.java
directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseNormalizer.java
Modified: directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/KerberosService.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/KerberosService.java?view=diff&r1=158584&r2=158585
==============================================================================
--- directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/KerberosService.java (original)
+++ directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/service/KerberosService.java Tue Mar 22 01:32:41 2005
@@ -48,6 +48,8 @@
import org.apache.kerberos.replay.InMemoryReplayCache;
import org.apache.kerberos.replay.ReplayCache;
import org.apache.kerberos.store.PrincipalStore;
+import org.apache.kerberos.store.PrincipalStoreEntry;
+import org.apache.kerberos.store.operations.GetPrincipal;
public class KerberosService
@@ -70,20 +72,60 @@
checksumEngines.put( ChecksumType.SHA1, new Sha1Checksum() );
}
- public EncryptionKey getKeyForPrincipal( KerberosPrincipal principal )
+ public EncryptionKey getClientKey( KerberosPrincipal clientPrincipal )
+ throws KerberosException
{
- EncryptionKey key = null;
-
- try
- {
- key = store.getEntry( principal ).getEncryptionKey();
- }
- catch (Exception e)
- {
- e.printStackTrace();
- }
-
- return key;
+ return getKey( clientPrincipal, ErrorType.KDC_ERR_C_PRINCIPAL_UNKNOWN );
+ }
+
+ public EncryptionKey getServerKey( KerberosPrincipal serverPrincipal )
+ throws KerberosException
+ {
+ return getKey( serverPrincipal, ErrorType.KDC_ERR_S_PRINCIPAL_UNKNOWN );
+ }
+
+ private EncryptionKey getKey( KerberosPrincipal principal, ErrorType errorType )
+ throws KerberosException
+ {
+ PrincipalStoreEntry entry = null;
+
+ try
+ {
+ entry = (PrincipalStoreEntry)store.execute( new GetPrincipal( principal ) );
+ }
+ catch (Exception e)
+ {
+ throw new KerberosException( errorType );
+ }
+
+ if ( entry == null || entry.getEncryptionKey() == null )
+ {
+ throw new KerberosException( errorType );
+ }
+
+ return entry.getEncryptionKey();
+ }
+
+ public PrincipalStoreEntry getEntryForClient( KerberosPrincipal clientPrincipal )
+ throws KerberosException
+ {
+ PrincipalStoreEntry entry = null;
+
+ try
+ {
+ entry = (PrincipalStoreEntry)store.execute( new GetPrincipal( clientPrincipal ) );
+ }
+ catch (Exception e)
+ {
+ throw new KerberosException( ErrorType.KDC_ERR_C_PRINCIPAL_UNKNOWN );
+ }
+
+ if ( entry == null )
+ {
+ throw new KerberosException( ErrorType.KDC_ERR_C_PRINCIPAL_UNKNOWN );
+ }
+
+ return entry;
}
protected EncryptionType getBestEncryptionType( EncryptionType[] requestedTypes )
@@ -144,7 +186,7 @@
}
else
{
- serverKey = getKeyForPrincipal( serverPrincipal );
+ serverKey = getServerKey( serverPrincipal );
}
if ( serverKey == null )
Added: directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/ContextOperation.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/ContextOperation.java?view=auto&rev=158585
==============================================================================
--- directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/ContextOperation.java (added)
+++ directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/ContextOperation.java Tue Mar 22 01:32:41 2005
@@ -0,0 +1,30 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.store;
+
+import java.io.Serializable;
+
+import javax.naming.Name;
+import javax.naming.directory.DirContext;
+
+
+public interface ContextOperation extends Serializable
+{
+ public Object execute( DirContext ctx, Name searchBaseDn ) throws Exception;
+}
+
Modified: directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/PrincipalStore.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/PrincipalStore.java?view=diff&r1=158584&r2=158585
==============================================================================
--- directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/PrincipalStore.java (original)
+++ directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/PrincipalStore.java Tue Mar 22 01:32:41 2005
@@ -14,14 +14,12 @@
* limitations under the License.
*
*/
-package org.apache.kerberos.store;
-import javax.security.auth.kerberos.KerberosPrincipal;
+package org.apache.kerberos.store;
-import org.apache.kerberos.exceptions.KerberosException;
-public interface PrincipalStore {
- public void init();
- public PrincipalStoreEntry getEntry(KerberosPrincipal principal) throws KerberosException;
+public interface PrincipalStore
+{
+ public Object execute( ContextOperation operation ) throws Exception;
}
Added: directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/PrincipalStoreImpl.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/PrincipalStoreImpl.java?view=auto&rev=158585
==============================================================================
--- directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/PrincipalStoreImpl.java (added)
+++ directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/PrincipalStoreImpl.java Tue Mar 22 01:32:41 2005
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.store;
+
+import javax.naming.Name;
+import javax.naming.ldap.LdapContext;
+
+
+public class PrincipalStoreImpl implements PrincipalStore
+{
+ /** a handle on the provider context */
+ protected LdapContext ctx;
+ /** the search base relative to provider URL to use for reading entries */
+ protected Name searchBaseDn;
+
+ /**
+ * Creates the action to be used against the embedded ApacheDS DIT.
+ */
+ public PrincipalStoreImpl( LdapContext ctx, Name searchBaseDn )
+ {
+ this.ctx = ctx;
+ this.searchBaseDn = searchBaseDn;
+ }
+
+ public Object execute( ContextOperation operation ) throws Exception
+ {
+ return operation.execute( ctx, searchBaseDn );
+ }
+}
+
Modified: directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseNormalizer.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseNormalizer.java?view=diff&r1=158584&r2=158585
==============================================================================
--- directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseNormalizer.java (original)
+++ directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseNormalizer.java Tue Mar 22 01:32:41 2005
@@ -19,7 +19,7 @@
import javax.naming.Name;
import javax.naming.NamingException;
-import javax.naming.ldap.LdapContext;
+import javax.naming.directory.DirContext;
import org.apache.ldap.common.name.LdapName;
import org.apache.ldap.common.util.NestableRuntimeException;
@@ -27,7 +27,7 @@
public class SearchBaseNormalizer
{
- public static Name getName( String baseDn, LdapContext ctx )
+ public static Name getRelativeName( DirContext ctx, String baseDn )
{
Name searchBaseDn = null;
Added: directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/operations/GetPrincipal.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/operations/GetPrincipal.java?view=auto&rev=158585
==============================================================================
--- directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/operations/GetPrincipal.java (added)
+++ directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/operations/GetPrincipal.java Tue Mar 22 01:32:41 2005
@@ -0,0 +1,129 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.store.operations;
+
+import javax.naming.Name;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.SearchResult;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.kerberos.messages.value.SamType;
+import org.apache.kerberos.store.ContextOperation;
+import org.apache.kerberos.store.KerberosAttribute;
+import org.apache.kerberos.store.PrincipalStoreEntry;
+import org.apache.kerberos.store.PrincipalStoreEntryModifier;
+
+/**
+ * Encapsulates the action of looking up a principal in an embedded ApacheDS DIT.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$
+ */
+public class GetPrincipal implements ContextOperation
+{
+ /** The name of the principal to get. */
+ protected KerberosPrincipal principal;
+
+ /**
+ * Creates the action to be used against the embedded ApacheDS DIT.
+ */
+ public GetPrincipal( KerberosPrincipal principal )
+ {
+ this.principal = principal;
+ }
+
+ public Object execute( DirContext ctx, Name searchBaseDn )
+ {
+ if ( principal == null )
+ {
+ return null;
+ }
+
+ String[] attrIDs = { KerberosAttribute.PRINCIPAL, KerberosAttribute.VERSION,
+ KerberosAttribute.TYPE, KerberosAttribute.KEY };
+
+ Attributes matchAttrs = new BasicAttributes( false ); // case-sensitive
+ matchAttrs.put( new BasicAttribute( KerberosAttribute.PRINCIPAL, principal.getName() ) );
+
+ PrincipalStoreEntry entry = null;
+
+ try
+ {
+ // Search for objects that have those matching attributes
+ NamingEnumeration answer = ctx.search( searchBaseDn, matchAttrs, attrIDs );
+
+ if ( answer.hasMore() )
+ {
+ SearchResult result = (SearchResult) answer.next();
+ Attributes attrs = result.getAttributes();
+
+ if ( attrs == null )
+ {
+ return null;
+ }
+
+ entry = getEntry( attrs );
+ }
+ }
+ catch (NamingException e)
+ {
+ e.printStackTrace();
+ return null;
+ }
+
+ return entry;
+ }
+
+ /**
+ * Marshals an a PrincipalStoreEntry from an Attributes object.
+ *
+ * @param attrs the attributes of the Kerberos principal
+ * @return the entry for the principal
+ * @throws NamingException if there are any access problems
+ */
+ private PrincipalStoreEntry getEntry( Attributes attrs ) throws NamingException
+ {
+ PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier();
+
+ String principal = ( String ) attrs.get( KerberosAttribute.PRINCIPAL ).get();
+ String encryptionType = ( String ) attrs.get( KerberosAttribute.TYPE ).get();
+ String keyVersionNumber = ( String ) attrs.get( KerberosAttribute.VERSION ).get();
+
+ if ( attrs.get( "apacheSamType" ) != null )
+ {
+ String samType = ( String ) attrs.get( "apacheSamType" ).get();
+
+ modifier.setSamType( SamType.getTypeByOrdinal( Integer.parseInt( samType ) ) );
+ }
+
+ byte[] keyBytes = (byte[]) attrs.get( KerberosAttribute.KEY ).get();
+
+ modifier.setPrincipal( new KerberosPrincipal( principal ) );
+ modifier.setEncryptionType( Integer.parseInt( encryptionType ) );
+ modifier.setKeyVersionNumber( Integer.parseInt( keyVersionNumber ) );
+ modifier.setKey( keyBytes );
+
+ return modifier.getEntry();
+ }
+}
+