You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/05/24 06:08:58 UTC
svn commit: r541149 [1/3] - in /directory/apacheds/trunk: ./
constants/src/main/java/org/apache/directory/server/ldap/
constants/src/main/java/org/apache/directory/server/ldap/constants/
core/src/main/java/org/apache/directory/server/core/ core/src/mai...
Author: erodriguez
Date: Wed May 23 21:08:50 2007
New Revision: 541149
URL: http://svn.apache.org/viewvc?view=rev&rev=541149
Log:
Merged 'apacheds-sasl-branch' branch back into ApacheDS trunk at peg revision r541143.
Added:
directory/apacheds/trunk/constants/src/main/java/org/apache/directory/server/ldap/
- copied from r541143, directory/apacheds/branches/apacheds-sasl-branch/constants/src/main/java/org/apache/directory/server/ldap/
directory/apacheds/trunk/constants/src/main/java/org/apache/directory/server/ldap/constants/
- copied from r541143, directory/apacheds/branches/apacheds-sasl-branch/constants/src/main/java/org/apache/directory/server/ldap/constants/
directory/apacheds/trunk/constants/src/main/java/org/apache/directory/server/ldap/constants/SupportedSASLMechanisms.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/constants/src/main/java/org/apache/directory/server/ldap/constants/SupportedSASLMechanisms.java
directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/StrongAuthenticator.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/StrongAuthenticator.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapConfiguration.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapConfiguration.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/gui/package-info.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/gui/package-info.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/package-info.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/package-info.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/
- copied from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/AbstractSaslCallbackHandler.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/AbstractSaslCallbackHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/BindHandlerChain.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/BindHandlerChain.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ChainGuard.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ChainGuard.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/CramMd5CallbackHandler.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/CramMd5CallbackHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/CramMd5MechanismHandler.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/CramMd5MechanismHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/DigestMd5CallbackHandler.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/DigestMd5CallbackHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/DigestMd5MechanismHandler.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/DigestMd5MechanismHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetBindDn.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetBindDn.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetLdapContext.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetLdapContext.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetPrincipal.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetPrincipal.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GssapiCallbackHandler.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GssapiCallbackHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GssapiMechanismHandler.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GssapiMechanismHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/HandleSasl.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/HandleSasl.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/HandleSimple.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/HandleSimple.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/MechanismHandler.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/MechanismHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ReturnSuccess.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ReturnSuccess.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/SaslFilter.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/SaslFilter.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/package-info.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/package-info.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/extended/package-info.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/extended/package-info.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/package-info.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/package-info.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ssl/
- copied from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ssl/
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ssl/LdapsInitializer.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ssl/LdapsInitializer.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ssl/ServerX509TrustManager.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ssl/ServerX509TrustManager.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ssl/package-info.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ssl/package-info.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/starttls/
- copied from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/starttls/
directory/apacheds/trunk/protocol-ldap/src/test/java/org/apache/directory/server/ldap/support/
- copied from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/test/java/org/apache/directory/server/ldap/support/
directory/apacheds/trunk/protocol-ldap/src/test/java/org/apache/directory/server/ldap/support/bind/
- copied from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/test/java/org/apache/directory/server/ldap/support/bind/
directory/apacheds/trunk/protocol-ldap/src/test/java/org/apache/directory/server/ldap/support/starttls/
- copied from r541143, directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/test/java/org/apache/directory/server/ldap/support/starttls/
directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/SaslBindITest.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/server-unit/src/test/java/org/apache/directory/server/SaslBindITest.java
directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/SaslGssapiBindITest.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/server-unit/src/test/java/org/apache/directory/server/SaslGssapiBindITest.java
directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/ssl/
- copied from r541143, directory/apacheds/branches/apacheds-sasl-branch/server-unit/src/test/java/org/apache/directory/server/ssl/
directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/ssl/LdapsITest.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/server-unit/src/test/java/org/apache/directory/server/ssl/LdapsITest.java
directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/ssl/support/
- copied from r541143, directory/apacheds/branches/apacheds-sasl-branch/server-unit/src/test/java/org/apache/directory/server/ssl/support/
directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/ssl/support/BogusSSLContextFactory.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/server-unit/src/test/java/org/apache/directory/server/ssl/support/BogusSSLContextFactory.java
directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/ssl/support/BogusTrustManagerFactory.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/server-unit/src/test/java/org/apache/directory/server/ssl/support/BogusTrustManagerFactory.java
directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/ssl/support/SSLSocketFactory.java
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/server-unit/src/test/java/org/apache/directory/server/ssl/support/SSLSocketFactory.java
directory/apacheds/trunk/server-unit/src/test/resources/bogus.cert
- copied unchanged from r541143, directory/apacheds/branches/apacheds-sasl-branch/server-unit/src/test/resources/bogus.cert
Removed:
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProviderMonitor.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/LdapMessageHandler.java
directory/apacheds/trunk/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/LdapLoader.java
directory/apacheds/trunk/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/LoadStrategy.java
directory/apacheds/trunk/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/PropsLoader.java
directory/apacheds/trunk/server-sasl/
directory/apacheds/trunk/server-ssl/
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/configuration/MutableStartupConfiguration.java
directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java
directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java
directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/SingleBaseSearch.java
directory/apacheds/trunk/pom.xml
directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordConfiguration.java
directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java
directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.java
directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java
directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicket.java
directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java
directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsConfiguration.java
directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsServer.java
directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/SingleBaseSearch.java
directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java
directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java
directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java
directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java
directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java
directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java
directory/apacheds/trunk/protocol-ldap/pom.xml
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/SessionRegistry.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/AbandonHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/AddHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/BindHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/CompareHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/DeleteHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ExtendedHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ModifyDnHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ModifyHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchHandler.java
directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/UnbindHandler.java
directory/apacheds/trunk/protocol-ldap/src/test/java/org/apache/directory/server/ldap/LdapProtocolProviderTest.java
directory/apacheds/trunk/protocol-ntp/src/main/java/org/apache/directory/server/ntp/NtpConfiguration.java
directory/apacheds/trunk/protocol-ntp/src/main/java/org/apache/directory/server/ntp/NtpServer.java
directory/apacheds/trunk/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/ServiceConfiguration.java
directory/apacheds/trunk/server-jndi/pom.xml
directory/apacheds/trunk/server-jndi/src/main/java/org/apache/directory/server/configuration/MutableServerStartupConfiguration.java
directory/apacheds/trunk/server-jndi/src/main/java/org/apache/directory/server/configuration/ServerStartupConfiguration.java
directory/apacheds/trunk/server-jndi/src/main/java/org/apache/directory/server/jndi/ServerContextFactory.java
directory/apacheds/trunk/server-main/pom.xml
directory/apacheds/trunk/server-main/server.xml
directory/apacheds/trunk/server-tools/src/main/java/org/apache/directory/server/tools/commands/diagnosticcmd/DiagnosticCommandExecutor.java
directory/apacheds/trunk/server-tools/src/main/java/org/apache/directory/server/tools/commands/disconnectnotificationcmd/DisconnectNotificationCommandExecutor.java
directory/apacheds/trunk/server-tools/src/main/java/org/apache/directory/server/tools/commands/exportcmd/ExportCommandExecutor.java
directory/apacheds/trunk/server-tools/src/main/java/org/apache/directory/server/tools/commands/gracefulshutdowncmd/GracefulShutdownCommandExecutor.java
directory/apacheds/trunk/server-tools/src/main/java/org/apache/directory/server/tools/commands/importcmd/ImportCommandExecutor.java
directory/apacheds/trunk/server-tools/src/main/java/org/apache/directory/server/tools/commands/storedprocedurecmd/StoredProcedureCommandExecutor.java
directory/apacheds/trunk/server-unit/src/main/java/org/apache/directory/server/unit/AbstractServerTest.java
directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/DefaultServerTriggerServiceTest.java
directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/KeyDerivationServiceITest.java
directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/StoredProcedureTest.java
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java Wed May 23 21:08:50 2007
@@ -22,11 +22,11 @@
import java.io.File;
import java.io.IOException;
+import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
-import java.util.HashSet;
import javax.naming.Context;
import javax.naming.NamingException;
@@ -85,7 +85,6 @@
import org.apache.directory.shared.ldap.schema.OidNormalizer;
import org.apache.directory.shared.ldap.util.DateUtils;
import org.apache.directory.shared.ldap.util.StringTools;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -389,10 +388,22 @@
}
/*
+ * If bind is strong make sure we have the principal name
+ * set within the environment, otherwise complain
+ */
+ if ( "strong".equalsIgnoreCase( authentication ) )
+ {
+ if ( principal == null )
+ {
+ throw new LdapConfigurationException( "missing required " + Context.SECURITY_PRINCIPAL
+ + " property for strong authentication" );
+ }
+ }
+ /*
* If bind is simple make sure we have the credentials and the
* principal name set within the environment, otherwise complain
*/
- if ( "simple".equalsIgnoreCase( authentication ) )
+ else if ( "simple".equalsIgnoreCase( authentication ) )
{
if ( credential == null )
{
@@ -418,6 +429,7 @@
+ "settings encountered where bind is anonymous yet " + Context.SECURITY_CREDENTIALS
+ " property is set" );
}
+
if ( principal != null )
{
throw new LdapConfigurationException( "ambiguous bind "
@@ -433,8 +445,7 @@
else
{
/*
- * If bind is anything other than simple or none we need to
- * complain because SASL is not a supported auth method yet
+ * If bind is anything other than strong, simple, or none we need to complain
*/
throw new LdapAuthenticationNotSupportedException( "Unknown authentication type: '" + authentication + "'",
ResultCodeEnum.AUTH_METHOD_NOT_SUPPORTED );
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/configuration/MutableStartupConfiguration.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/configuration/MutableStartupConfiguration.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/configuration/MutableStartupConfiguration.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/configuration/MutableStartupConfiguration.java Wed May 23 21:08:50 2007
@@ -45,12 +45,12 @@
{
}
-
+
/**
* Creates a new instance that operates on the {@link DirectoryService} with
* the specified ID.
*/
- public MutableStartupConfiguration(String instanceId)
+ public MutableStartupConfiguration( String instanceId )
{
super( instanceId );
}
@@ -60,25 +60,13 @@
{
super.setSystemPartitionConfiguration( systemPartitionConfiguration );
}
-
-
+
+
public void setMaxThreads( int maxThreads )
{
super.setMaxThreads( maxThreads );
}
-
-
- public void setMaxTimeLimit( int maxTimeLimit )
- {
- super.setMaxTimeLimit( maxTimeLimit );
- }
-
-
- public void setMaxSizeLimit( int maxSizeLimit )
- {
- super.setMaxSizeLimit( maxSizeLimit );
- }
-
+
public void setInstanceId( String instanceId )
{
@@ -138,8 +126,8 @@
{
super.setExitVmOnShutdown( exitVmOnShutdown );
}
-
-
+
+
public void setDenormalizeOpAttrsEnabled( boolean denormalizeOpAttrsEnabled )
{
super.setDenormalizeOpAttrsEnabled( denormalizeOpAttrsEnabled );
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java Wed May 23 21:08:50 2007
@@ -33,6 +33,7 @@
import org.apache.directory.server.core.authn.AnonymousAuthenticator;
import org.apache.directory.server.core.authn.AuthenticationService;
import org.apache.directory.server.core.authn.SimpleAuthenticator;
+import org.apache.directory.server.core.authn.StrongAuthenticator;
import org.apache.directory.server.core.authz.AuthorizationService;
import org.apache.directory.server.core.authz.DefaultAuthorizationService;
import org.apache.directory.server.core.collective.CollectiveAttributeService;
@@ -75,8 +76,6 @@
private boolean accessControlEnabled = false; // turn off by default
private boolean denormalizeOpAttrsEnabled = false;
private int maxThreads = MAX_THREADS_DEFAULT; // set to default value
- private int maxSizeLimit = MAX_SIZE_LIMIT_DEFAULT; // set to default value
- private int maxTimeLimit = MAX_TIME_LIMIT_DEFAULT; // set to default value (milliseconds)
private Set authenticatorConfigurations; // Set<AuthenticatorConfiguration>
private List interceptorConfigurations; // Set<InterceptorConfiguration>
private PartitionConfiguration systemPartitionConfiguration;
@@ -116,6 +115,9 @@
// Simple
set.add( new MutableAuthenticatorConfiguration( "Simple", new SimpleAuthenticator() ) );
+ // Strong
+ set.add( new MutableAuthenticatorConfiguration( "Strong", new StrongAuthenticator() ) );
+
setAuthenticatorConfigurations( set );
}
@@ -434,30 +436,6 @@
public int getMaxThreads()
{
return maxThreads;
- }
-
-
- protected void setMaxSizeLimit( int maxSizeLimit )
- {
- this.maxSizeLimit = maxSizeLimit;
- }
-
-
- public int getMaxSizeLimit()
- {
- return maxSizeLimit;
- }
-
-
- protected void setMaxTimeLimit( int maxTimeLimit )
- {
- this.maxTimeLimit = maxTimeLimit;
- }
-
-
- public int getMaxTimeLimit()
- {
- return maxTimeLimit;
}
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java Wed May 23 21:08:50 2007
@@ -54,6 +54,7 @@
import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration;
import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition;
+import org.apache.directory.server.ldap.constants.SupportedSASLMechanisms;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
import org.apache.directory.shared.ldap.MultiException;
@@ -159,6 +160,13 @@
attr = new AttributeImpl( "supportedExtension" );
rootDSE.put( attr );
attr.add( NoticeOfDisconnect.EXTENSION_OID );
+
+ // Add the supportedSASLMechanisms attribute to rootDSE
+ attr = new AttributeImpl( SupportedSASLMechanisms.ATTRIBUTE );
+ rootDSE.put( attr );
+ attr.add( SupportedSASLMechanisms.GSSAPI );
+ attr.add( SupportedSASLMechanisms.DIGEST_MD5 );
+ attr.add( SupportedSASLMechanisms.CRAM_MD5 );
attr = new AttributeImpl( "supportedControl" );
rootDSE.put( attr );
Modified: directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/SingleBaseSearch.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/SingleBaseSearch.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/SingleBaseSearch.java (original)
+++ directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/SingleBaseSearch.java Wed May 23 21:08:50 2007
@@ -49,23 +49,20 @@
class SingleBaseSearch implements PrincipalStore
{
private DirContext ctx;
+ private Hashtable<String, Object> env;
+ private InitialContextFactory factory;
SingleBaseSearch( ServiceConfiguration config, InitialContextFactory factory )
{
- Hashtable<String, Object> env = new Hashtable<String, Object>( config.toJndiEnvironment() );
+ env = new Hashtable<String, Object>( config.toJndiEnvironment() );
env.put( Context.INITIAL_CONTEXT_FACTORY, config.getInitialContextFactory() );
- env.put( Context.PROVIDER_URL, config.getEntryBaseDn() );
+ env.put( Context.PROVIDER_URL, config.getSearchBaseDn() );
+ env.put( Context.SECURITY_AUTHENTICATION, config.getSecurityAuthentication() );
+ env.put( Context.SECURITY_CREDENTIALS, config.getSecurityCredentials() );
+ env.put( Context.SECURITY_PRINCIPAL, config.getSecurityPrincipal() );
- try
- {
- ctx = ( DirContext ) factory.getInitialContext( env );
- }
- catch ( NamingException ne )
- {
- String message = "Failed to get initial context " + ( String ) env.get( Context.PROVIDER_URL );
- throw new ConfigurationException( message, ne );
- }
+ this.factory = factory;
}
@@ -101,6 +98,19 @@
private Object execute( ContextOperation operation ) throws Exception
{
+ if ( ctx == null )
+ {
+ try
+ {
+ ctx = ( DirContext ) factory.getInitialContext( env );
+ }
+ catch ( NamingException ne )
+ {
+ String message = "Failed to get initial context " + ( String ) env.get( Context.PROVIDER_URL );
+ throw new ConfigurationException( message, ne );
+ }
+ }
+
return operation.execute( ctx, null );
}
}
Modified: directory/apacheds/trunk/pom.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/pom.xml?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/pom.xml (original)
+++ directory/apacheds/trunk/pom.xml Wed May 23 21:08:50 2007
@@ -251,10 +251,6 @@
<module>mitosis</module>
<module>server-replication</module>
- <!-- extra for jdk 1.5 -->
- <module>server-ssl</module>
- <!-- extra for jdk 1.5 -->
-
</modules>
<developers>
Modified: directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordConfiguration.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordConfiguration.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordConfiguration.java (original)
+++ directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordConfiguration.java Wed May 23 21:08:50 2007
@@ -21,22 +21,17 @@
import java.util.ArrayList;
-import java.util.Dictionary;
-import java.util.HashMap;
import java.util.List;
-import java.util.Map;
import javax.security.auth.kerberos.KerberosPrincipal;
-import org.apache.directory.server.core.DirectoryService;
-import org.apache.directory.server.core.configuration.ConfigurationException;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
-import org.apache.directory.server.protocol.shared.LoadStrategy;
import org.apache.directory.server.protocol.shared.ServiceConfiguration;
-import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
/**
+ * Contains the configuration parameters for the Change Password protocol provider.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
@@ -44,297 +39,173 @@
{
private static final long serialVersionUID = 3509208713288140629L;
- /** the prop key const for changepw.principal */
- private static final String PRINCIPAL_KEY = "principal";
+ /** The default change password principal name. */
+ private static final String SERVICE_PRINCIPAL_DEFAULT = "kadmin/changepw@EXAMPLE.COM";
- /** the default change password principal */
- private static final String DEFAULT_PRINCIPAL = "kadmin/changepw@EXAMPLE.COM";
+ /** The default change password base DN. */
+ public static final String SEARCH_BASEDN_DEFAULT = "ou=users,dc=example,dc=com";
- /** the default change password base DN */
- public static final String CHANGEPW_ENTRY_BASEDN = "ou=users,dc=example,dc=com";
+ /** The default change password realm. */
+ private static final String REALM_DEFAULT = "EXAMPLE.COM";
- /** the prop key const for primary.realm */
- private static final String REALM_KEY = "realm";
+ /** The default change password port. */
+ private static final int IP_PORT_DEFAULT = 464;
- /** the default change password realm */
- private static final String DEFAULT_REALM = "EXAMPLE.COM";
-
- /** the default change password port */
- private static final String DEFAULT_IP_PORT = "464";
-
- /** the prop key const for encryption.types */
- private static final String ENCRYPTION_TYPES_KEY = "encryption.types";
-
- /** the default encryption types */
- public static final String[] DEFAULT_ENCRYPTION_TYPES = new String[]
+ /** The default encryption types. */
+ public static final String[] ENCRYPTION_TYPES_DEFAULT = new String[]
{ "des-cbc-md5" };
- /** the prop key const for allowable.clockskew */
- private static final String ALLOWABLE_CLOCKSKEW_KEY = "allowable.clockskew";
-
- /** the default changepw buffer size */
+ /** The default changepw buffer size. */
private static final long DEFAULT_ALLOWABLE_CLOCKSKEW = 5 * MINUTE;
- /** the prop key const for empty.addresses.allowed */
- private static final String EMPTY_ADDRESSES_ALLOWED_KEY = "empty.addresses.allowed";
-
- /** the default empty addresses */
+ /** The default empty addresses. */
private static final boolean DEFAULT_EMPTY_ADDRESSES_ALLOWED = true;
- /** the prop key constants for password policy */
- public static final String PASSWORD_LENGTH_KEY = "password.length";
- public static final String CATEGORY_COUNT_KEY = "category.count";
- public static final String TOKEN_SIZE_KEY = "token.size";
-
- /** the default change password password policies */
+ /** The default change password password policy for password length. */
public static final int DEFAULT_PASSWORD_LENGTH = 6;
- public static final int DEFAULT_CATEGORY_COUNT = 3;
- public static final int DEFAULT_TOKEN_SIZE = 3;
-
- private static final String DEFAULT_PID = "org.apache.changepw";
- private static final String DEFAULT_NAME = "Apache Change Password Service";
- private static final String DEFAULT_PREFIX = "changepw.";
-
- private EncryptionType[] encryptionTypes;
-
-
- /**
- * Creates a new instance with default settings.
- */
- public ChangePasswordConfiguration()
- {
- this( getDefaultConfig(), LoadStrategy.LDAP );
- }
-
-
- /**
- * Creates a new instance with default settings that operates on the
- * {@link DirectoryService} with the specified ID.
- */
- public ChangePasswordConfiguration( String instanceId )
- {
- this( getDefaultConfig(), LoadStrategy.LDAP );
- setInstanceId( instanceId );
- }
+ /** The default change password password policy for category count. */
+ public static final int DEFAULT_CATEGORY_COUNT = 3;
- public ChangePasswordConfiguration( Map<String, Object> properties )
- {
- this( properties, LoadStrategy.LDAP );
- }
-
-
- public ChangePasswordConfiguration( Map<String, Object> properties, int strategy )
- {
- if ( properties == null )
- {
- configuration = getDefaultConfig();
- }
- else
- {
- loadProperties( DEFAULT_PREFIX, properties, strategy );
- }
-
- int port = getPort();
-
- if ( port < 1 || port > 0xFFFF )
- {
- throw new ConfigurationException( "Invalid value: " + IP_PORT_KEY + "=" + port );
- }
-
- prepareEncryptionTypes();
- }
+ /** The default change password password policy for token size. */
+ public static final int DEFAULT_TOKEN_SIZE = 3;
+ /** The default service PID. */
+ private static final String SERVICE_PID_DEFAULT = "org.apache.directory.server.changepw";
- public static Map<String, Object> getDefaultConfig()
- {
- Map<String, Object> defaults = new HashMap<String, Object>();
+ /** The default service name. */
+ private static final String SERVICE_NAME_DEFAULT = "ApacheDS Change Password Service";
- defaults.put( SERVICE_PID, DEFAULT_PID );
- defaults.put( IP_PORT_KEY, DEFAULT_IP_PORT );
+ /** The encryption types. */
+ private EncryptionType[] encryptionTypes;
- return defaults;
- }
+ /** The primary realm. */
+ private String primaryRealm = REALM_DEFAULT;
+ /** The service principal name. */
+ private String servicePrincipal = SERVICE_PRINCIPAL_DEFAULT;
- public boolean isDifferent( Dictionary config )
- {
- int port = getPort();
+ /** The allowable clock skew. */
+ private long allowableClockSkew = DEFAULT_ALLOWABLE_CLOCKSKEW;
- if ( port == Integer.parseInt( ( String ) config.get( IP_PORT_KEY ) ) )
- {
- return false;
- }
+ /** Whether empty addresses are allowed. */
+ private boolean isEmptyAddressesAllowed = DEFAULT_EMPTY_ADDRESSES_ALLOWED;
- return true;
- }
+ /** The policy for password length. */
+ private int policyPasswordLength;
+ /** The policy for category count. */
+ private int policyCategoryCount;
- public String getName()
- {
- return DEFAULT_NAME;
- }
+ /** The policy for token size. */
+ private int policyTokenSize;
- public int getPort()
+ /**
+ * Creates a new instance of ChangePasswordConfiguration.
+ */
+ public ChangePasswordConfiguration()
{
- String key = IP_PORT_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return Integer.parseInt( get( key ) );
- }
+ super.setServiceName( SERVICE_NAME_DEFAULT );
+ super.setIpPort( IP_PORT_DEFAULT );
+ super.setServicePid( SERVICE_PID_DEFAULT );
+ super.setSearchBaseDn( SEARCH_BASEDN_DEFAULT );
- return Integer.parseInt( DEFAULT_IP_PORT );
+ prepareEncryptionTypes();
}
+ /**
+ * Returns the primary realm.
+ *
+ * @return The primary realm.
+ */
public String getPrimaryRealm()
{
- String key = REALM_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return get( key );
- }
-
- return DEFAULT_REALM;
+ return primaryRealm;
}
+ /**
+ * Returns the encryption types.
+ *
+ * @return The encryption types.
+ */
public EncryptionType[] getEncryptionTypes()
{
return encryptionTypes;
}
- public Map<String, Object> getProperties()
- {
- // Request that the krb5key value be returned as binary
- configuration.put( JndiPropertyConstants.JNDI_LDAP_ATTRIBUTES_BINARY, "krb5Key" );
-
- return configuration;
- }
-
-
- public long getClockSkew()
- {
- String key = ALLOWABLE_CLOCKSKEW_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return MINUTE * Long.parseLong( get( key ) );
- }
-
- return DEFAULT_ALLOWABLE_CLOCKSKEW;
- }
-
-
- public int getBufferSize()
+ /**
+ * Returns the allowable clock skew.
+ *
+ * @return The allowable clock skew.
+ */
+ public long getAllowableClockSkew()
{
- String key = BUFFER_SIZE_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return Integer.parseInt( get( key ) );
- }
-
- return DEFAULT_BUFFER_SIZE;
+ return allowableClockSkew;
}
- public KerberosPrincipal getChangepwPrincipal()
- {
- String key = PRINCIPAL_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return new KerberosPrincipal( get( key ) );
- }
-
- return new KerberosPrincipal( DEFAULT_PRINCIPAL );
- }
-
-
- public String getEntryBaseDn()
+ /**
+ * Returns the Change Password service principal.
+ *
+ * @return The Change Password service principal.
+ */
+ public KerberosPrincipal getServicePrincipal()
{
- String key = ENTRY_BASEDN_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return get( key );
- }
-
- return CHANGEPW_ENTRY_BASEDN;
+ return new KerberosPrincipal( servicePrincipal );
}
+ /**
+ * Returns whether empty addresses are allowed.
+ *
+ * @return Whether empty addresses are allowed.
+ */
public boolean isEmptyAddressesAllowed()
{
- String key = EMPTY_ADDRESSES_ALLOWED_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return "true".equalsIgnoreCase( get( key ) );
- }
-
- return DEFAULT_EMPTY_ADDRESSES_ALLOWED;
+ return isEmptyAddressesAllowed;
}
+ /**
+ * Returns the password length.
+ *
+ * @return The password length.
+ */
public int getPasswordLengthPolicy()
{
- String key = PASSWORD_LENGTH_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return Integer.parseInt( get( key ) );
- }
-
- return DEFAULT_PASSWORD_LENGTH;
+ return policyPasswordLength;
}
+ /**
+ * Returns the category count.
+ *
+ * @return The category count.
+ */
public int getCategoryCountPolicy()
{
- String key = CATEGORY_COUNT_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return Integer.parseInt( get( key ) );
- }
-
- return DEFAULT_CATEGORY_COUNT;
+ return policyCategoryCount;
}
+ /**
+ * Returns the token size.
+ *
+ * @return The token size.
+ */
public int getTokenSizePolicy()
{
- String key = TOKEN_SIZE_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return Integer.parseInt( get( key ) );
- }
-
- return DEFAULT_TOKEN_SIZE;
+ return policyTokenSize;
}
private void prepareEncryptionTypes()
{
- String[] encryptionTypeStrings = null;
-
- String key = ENCRYPTION_TYPES_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- encryptionTypeStrings = ( get( key ) ).split( "\\s" );
- }
- else
- {
- encryptionTypeStrings = DEFAULT_ENCRYPTION_TYPES;
- }
+ String[] encryptionTypeStrings = ENCRYPTION_TYPES_DEFAULT;
List<EncryptionType> encTypes = new ArrayList<EncryptionType>();
Modified: directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java (original)
+++ directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java Wed May 23 21:08:50 2007
@@ -68,8 +68,8 @@
this.acceptor = acceptor;
this.store = store;
- String name = config.getName();
- int port = config.getPort();
+ String name = config.getServiceName();
+ int port = config.getIpPort();
try
{
@@ -103,11 +103,11 @@
*/
public void destroy()
{
- acceptor.unbind( new InetSocketAddress( config.getPort() ) );
+ acceptor.unbind( new InetSocketAddress( config.getIpPort() ) );
acceptor = null;
handler = null;
- log.debug( "{} has stopped listening on port {}", config.getName(), new Integer( config.getPort() ) );
+ log.debug( "{} has stopped listening on port {}", config.getServiceName(), new Integer( config.getIpPort() ) );
}
}
Modified: directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.java (original)
+++ directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.java Wed May 23 21:08:50 2007
@@ -143,7 +143,7 @@
log.warn( ke.getMessage() );
}
- ErrorMessage errorMessage = getErrorMessage( config.getChangepwPrincipal(), ke );
+ ErrorMessage errorMessage = getErrorMessage( config.getServicePrincipal(), ke );
ChangePasswordErrorModifier modifier = new ChangePasswordErrorModifier();
modifier.setErrorMessage( errorMessage );
@@ -154,7 +154,7 @@
{
log.error( "Unexpected exception: " + e.getMessage(), e );
- session.write( getErrorMessage( config.getChangepwPrincipal(), new ChangePasswordException(
+ session.write( getErrorMessage( config.getServicePrincipal(), new ChangePasswordException(
ErrorType.KRB5_KPASSWD_UNKNOWN_ERROR ) ) );
}
}
Modified: directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java (original)
+++ directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java Wed May 23 21:08:50 2007
@@ -64,7 +64,7 @@
ApplicationRequest authHeader = changepwContext.getAuthHeader();
Ticket ticket = changepwContext.getTicket();
ReplayCache replayCache = changepwContext.getReplayCache();
- long clockSkew = changepwContext.getConfig().getClockSkew();
+ long clockSkew = changepwContext.getConfig().getAllowableClockSkew();
Authenticator authenticator = changepwContext.getAuthenticator();
KerberosPrincipal clientPrincipal = authenticator.getClientPrincipal();
Modified: directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicket.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicket.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicket.java (original)
+++ directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicket.java Wed May 23 21:08:50 2007
@@ -42,7 +42,7 @@
ChangePasswordConfiguration config = changepwContext.getConfig();
Ticket ticket = changepwContext.getTicket();
String primaryRealm = config.getPrimaryRealm();
- KerberosPrincipal changepwPrincipal = config.getChangepwPrincipal();
+ KerberosPrincipal changepwPrincipal = config.getServicePrincipal();
verifyTicket( ticket, primaryRealm, changepwPrincipal );
Modified: directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java (original)
+++ directory/apacheds/trunk/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java Wed May 23 21:08:50 2007
@@ -53,7 +53,7 @@
EncryptionType encryptionType = ticket.getEncPart().getEncryptionType();
EncryptionKey serverKey = changepwContext.getServerEntry().getKeyMap().get( encryptionType );
- long clockSkew = changepwContext.getConfig().getClockSkew();
+ long clockSkew = changepwContext.getConfig().getAllowableClockSkew();
ReplayCache replayCache = changepwContext.getReplayCache();
boolean emptyAddressesAllowed = changepwContext.getConfig().isEmptyAddressesAllowed();
InetAddress clientAddress = changepwContext.getClientAddress();
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsConfiguration.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsConfiguration.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsConfiguration.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsConfiguration.java Wed May 23 21:08:50 2007
@@ -20,17 +20,12 @@
package org.apache.directory.server.dns;
-import java.util.Dictionary;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.directory.server.core.DirectoryService;
-import org.apache.directory.server.core.configuration.ConfigurationException;
-import org.apache.directory.server.protocol.shared.LoadStrategy;
import org.apache.directory.server.protocol.shared.ServiceConfiguration;
/**
+ * Contains the configuration parameters for the DNS protocol provider.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
@@ -38,117 +33,23 @@
{
private static final long serialVersionUID = 6943138644427163149L;
- /** the default port */
- private static final String DEFAULT_IP_PORT = "53";
+ /** The default IP port. */
+ private static final int IP_PORT_DEFAULT = 53;
- /** the default pid */
- private static final String DEFAULT_PID = "org.apache.dns";
+ /** The default service pid. */
+ private static final String SERVICE_PID_DEFAULT = "org.apache.directory.server.dns";
- /** the default name */
- private static final String DEFAULT_NAME = "Apache DNS Service";
-
- /** the default prefix */
- private static final String DEFAULT_PREFIX = "dns.";
+ /** The default service name. */
+ private static final String SERVICE_NAME_DEFAULT = "ApacheDS DNS Service";
/**
- * Creates a new instance with default settings.
+ * Creates a new instance of DnsConfiguration.
*/
public DnsConfiguration()
{
- this( getDefaultConfig(), LoadStrategy.LDAP );
- }
-
-
- /**
- * Creates a new instance with default settings that operates on the
- * {@link DirectoryService} with the specified ID.
- */
- public DnsConfiguration( String instanceId )
- {
- this( getDefaultConfig(), LoadStrategy.LDAP );
- setInstanceId( instanceId );
- }
-
-
- public DnsConfiguration( Map<String, Object> properties )
- {
- this( properties, LoadStrategy.LDAP );
- }
-
-
- public DnsConfiguration( Map<String, Object> properties, int strategy )
- {
- if ( properties == null )
- {
- configuration = getDefaultConfig();
- }
- else
- {
- loadProperties( DEFAULT_PREFIX, properties, strategy );
- }
-
- int port = getPort();
-
- if ( port < 1 || port > 0xFFFF )
- {
- throw new ConfigurationException( "Invalid value: " + IP_PORT_KEY + "=" + port );
- }
- }
-
-
- public static Map<String, Object> getDefaultConfig()
- {
- Map<String, Object> defaults = new HashMap<String, Object>();
-
- defaults.put( SERVICE_PID, DEFAULT_PID );
- defaults.put( IP_PORT_KEY, DEFAULT_IP_PORT );
-
- return defaults;
- }
-
-
- public boolean isDifferent( Dictionary config )
- {
- int port = getPort();
-
- if ( port == Integer.parseInt( ( String ) config.get( IP_PORT_KEY ) ) )
- {
- return false;
- }
-
- return true;
- }
-
-
- public String getName()
- {
- return DEFAULT_NAME;
- }
-
-
- public int getPort()
- {
- String key = IP_PORT_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return Integer.parseInt( get( key ) );
- }
-
- return Integer.parseInt( DEFAULT_IP_PORT );
- }
-
-
- public int getBufferSize()
- {
- String key = BUFFER_SIZE_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return Integer.parseInt( get( key ) );
- }
-
- return DEFAULT_BUFFER_SIZE;
+ super.setIpPort( IP_PORT_DEFAULT );
+ super.setServicePid( SERVICE_PID_DEFAULT );
+ super.setServiceName( SERVICE_NAME_DEFAULT );
}
}
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsServer.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsServer.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/DnsServer.java Wed May 23 21:08:50 2007
@@ -29,11 +29,15 @@
import org.apache.directory.server.dns.store.RecordStore;
import org.apache.mina.common.IoAcceptor;
import org.apache.mina.common.IoHandler;
+import org.apache.mina.common.IoServiceConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
+ * A wrapper encapsulating configuration, a MINA IoAcceptor, and a RecordStore
+ * to implement a complete DNS server.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
@@ -48,20 +52,28 @@
private IoHandler handler;
- public DnsServer(DnsConfiguration config, IoAcceptor acceptor, RecordStore store)
+
+ /**
+ * Creates a new instance of DnsServer.
+ *
+ * @param config
+ * @param acceptor
+ * @param store
+ */
+ public DnsServer( DnsConfiguration config, IoAcceptor acceptor, IoServiceConfig serviceConfig, RecordStore store )
{
this.config = config;
this.acceptor = acceptor;
this.store = store;
- String name = config.getName();
- int port = config.getPort();
+ String name = config.getServiceName();
+ int port = config.getIpPort();
try
{
handler = new DnsProtocolHandler( config, this.store );
- acceptor.bind( new InetSocketAddress( port ), handler );
+ acceptor.bind( new InetSocketAddress( port ), handler, serviceConfig );
log.debug( "{} listening on port {}", name, new Integer( port ) );
}
@@ -80,11 +92,11 @@
public void destroy()
{
- acceptor.unbind( new InetSocketAddress( config.getPort() ) );
+ acceptor.unbind( new InetSocketAddress( config.getIpPort() ) );
- acceptor= null;
+ acceptor = null;
handler = null;
- log.debug( "{} has stopped listening on port {}", config.getName(), new Integer( config.getPort() ) );
+ log.debug( "{} has stopped listening on port {}", config.getServiceName(), new Integer( config.getIpPort() ) );
}
}
Modified: directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/SingleBaseSearch.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/SingleBaseSearch.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/SingleBaseSearch.java (original)
+++ directory/apacheds/trunk/protocol-dns/src/main/java/org/apache/directory/server/dns/store/SingleBaseSearch.java Wed May 23 21:08:50 2007
@@ -51,24 +51,20 @@
private static final Logger log = LoggerFactory.getLogger( SingleBaseSearch.class );
private DirContext ctx;
+ private Hashtable<String, Object> env;
+ private InitialContextFactory factory;
- SingleBaseSearch(DnsConfiguration config, InitialContextFactory factory)
+ SingleBaseSearch( DnsConfiguration config, InitialContextFactory factory )
{
- Hashtable env = new Hashtable( config.toJndiEnvironment() );
+ env = new Hashtable<String, Object>( config.toJndiEnvironment() );
env.put( Context.INITIAL_CONTEXT_FACTORY, config.getInitialContextFactory() );
- env.put( Context.PROVIDER_URL, config.getEntryBaseDn() );
+ env.put( Context.PROVIDER_URL, config.getSearchBaseDn() );
+ env.put( Context.SECURITY_AUTHENTICATION, config.getSecurityAuthentication() );
+ env.put( Context.SECURITY_CREDENTIALS, config.getSecurityCredentials() );
+ env.put( Context.SECURITY_PRINCIPAL, config.getSecurityPrincipal() );
- try
- {
- ctx = ( DirContext ) factory.getInitialContext( env );
- }
- catch ( NamingException ne )
- {
- log.error( ne.getMessage(), ne );
- String message = "Failed to get initial context " + ( String ) env.get( Context.PROVIDER_URL );
- throw new ConfigurationException( message, ne );
- }
+ this.factory = factory;
}
@@ -80,6 +76,20 @@
private Object execute( ContextOperation operation ) throws Exception
{
+ if ( ctx == null )
+ {
+ try
+ {
+ ctx = ( DirContext ) factory.getInitialContext( env );
+ }
+ catch ( NamingException ne )
+ {
+ log.error( ne.getMessage(), ne );
+ String message = "Failed to get initial context " + ( String ) env.get( Context.PROVIDER_URL );
+ throw new ConfigurationException( message, ne );
+ }
+ }
+
return operation.execute( ctx, null );
}
}
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java Wed May 23 21:08:50 2007
@@ -17,27 +17,22 @@
* under the License.
*
*/
-
package org.apache.directory.server.kerberos.kdc;
import java.util.ArrayList;
-import java.util.Dictionary;
-import java.util.HashMap;
import java.util.List;
-import java.util.Map;
import javax.security.auth.kerberos.KerberosPrincipal;
-import org.apache.directory.server.core.DirectoryService;
-import org.apache.directory.server.core.configuration.ConfigurationException;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
-import org.apache.directory.server.protocol.shared.LoadStrategy;
import org.apache.directory.server.protocol.shared.ServiceConfiguration;
import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
/**
+ * Contains the configuration parameters for the Kerberos protocol provider.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
@@ -45,485 +40,335 @@
{
private static final long serialVersionUID = 522567370475574165L;
- /** the prop key const for kdc principal */
- public static final String PRINCIPAL_KEY = "principal";
-
- /** the prop key const for the kdc's primary realm */
- public static final String REALM_KEY = "realm";
-
- /** the prop key const for encryption types */
- public static final String ENCRYPTION_TYPES_KEY = "encryption.types";
-
- /** the prop key const for allowable clockskew */
- public static final String ALLOWABLE_CLOCKSKEW_KEY = "allowable.clockskew";
-
- /** the prop key const for empty addresses allowed */
- public static final String EMPTY_ADDRESSES_ALLOWED_KEY = "empty.addresses.allowed";
-
- /** the prop key const for requiring encrypted timestamps */
- public static final String PA_ENC_TIMESTAMP_REQUIRED_KEY = "pa.enc.timestamp.required";
-
- /** the prop key const for the maximum ticket lifetime */
- public static final String TGS_MAXIMUM_TICKET_LIFETIME_KEY = "tgs.maximum.ticket.lifetime";
-
- /** the prop key const for the maximum renewable lifetime */
- public static final String TGS_MAXIMUM_RENEWABLE_LIFETIME_KEY = "tgs.maximum.renewable.lifetime";
+ /** The default kdc port */
+ private static final int DEFAULT_IP_PORT = 88;
- /** the prop key const for allowing forwardable tickets */
- public static final String TGS_FORWARDABLE_ALLOWED_KEY = "tgs.forwardable.allowed";
+ /** The default kdc search base DN */
+ public static final String DEFAULT_SEARCH_BASEDN = "ou=users,dc=example,dc=com";
- /** the prop key const for allowing proxiable tickets */
- public static final String TGS_PROXIABLE_ALLOWED_KEY = "tgs.proxiable.allowed";
+ /** The default kdc service pid */
+ private static final String DEFAULT_PID = "org.apache.directory.server.kerberos";
- /** the prop key const for allowing postdated tickets */
- public static final String TGS_POSTDATE_ALLOWED_KEY = "tgs.postdate.allowed";
+ /** The default kdc service name */
+ private static final String DEFAULT_NAME = "ApacheDS Kerberos Service";
- /** the prop key const for allowing renewable tickets */
- public static final String TGS_RENEWABLE_ALLOWED_KEY = "tgs.renewable.allowed";
-
- /** the default kdc principal */
+ /** The default kdc service principal */
private static final String DEFAULT_PRINCIPAL = "krbtgt/EXAMPLE.COM@EXAMPLE.COM";
- /** the default kdc base DN */
- public static final String KDC_ENTRY_BASEDN = "ou=users,dc=example,dc=com";
-
- /** the default kdc realm */
+ /** The default kdc realm */
private static final String DEFAULT_REALM = "EXAMPLE.COM";
- /** the default kdc port */
- private static final String DEFAULT_IP_PORT = "88";
-
- /** the default allowable clockskew */
+ /** The default allowable clockskew */
private static final long DEFAULT_ALLOWABLE_CLOCKSKEW = 5 * MINUTE;
- /** the default encryption types */
+ /** The default encryption types */
private static final String[] DEFAULT_ENCRYPTION_TYPES = new String[]
{ "des-cbc-md5" };
- /** the default for allowing empty addresses */
+ /** The default for allowing empty addresses */
private static final boolean DEFAULT_EMPTY_ADDRESSES_ALLOWED = true;
- /** the default for requiring encrypted timestamps */
+ /** The default for requiring encrypted timestamps */
private static final boolean DEFAULT_PA_ENC_TIMESTAMP_REQUIRED = true;
- /** the default for the maximum ticket lifetime */
+ /** The default for the maximum ticket lifetime */
private static final int DEFAULT_TGS_MAXIMUM_TICKET_LIFETIME = MINUTE * 1440;
- /** the default for the maximum renewable lifetime */
+ /** The default for the maximum renewable lifetime */
private static final int DEFAULT_TGS_MAXIMUM_RENEWABLE_LIFETIME = MINUTE * 10080;
- /** the default for allowing forwardable tickets */
+ /** The default for allowing forwardable tickets */
private static final boolean DEFAULT_TGS_FORWARDABLE_ALLOWED = true;
- /** the default for allowing proxiable tickets */
+ /** The default for allowing proxiable tickets */
private static final boolean DEFAULT_TGS_PROXIABLE_ALLOWED = true;
- /** the default for allowing postdatable tickets */
+ /** The default for allowing postdatable tickets */
private static final boolean DEFAULT_TGS_POSTDATE_ALLOWED = true;
- /** the default for allowing renewable tickets */
+ /** The default for allowing renewable tickets */
private static final boolean DEFAULT_TGS_RENEWABLE_ALLOWED = true;
- private static final String DEFAULT_PID = "org.apache.kerberos";
- private static final String DEFAULT_NAME = "Apache Kerberos Service";
- private static final String DEFAULT_PREFIX = "kdc.";
-
+ /** The encryption types. */
private EncryptionType[] encryptionTypes;
+ /** The primary realm */
+ private String primaryRealm = DEFAULT_REALM;
+
+ /** The service principal name. */
+ private String servicePrincipal = DEFAULT_PRINCIPAL;
+
+ /** The allowable clock skew. */
+ private long allowableClockSkew = DEFAULT_ALLOWABLE_CLOCKSKEW;
+
+ /** Whether pre-authentication by encrypted timestamp is required. */
+ private boolean isPaEncTimestampRequired = DEFAULT_PA_ENC_TIMESTAMP_REQUIRED;
+
+ /** The maximum ticket lifetime. */
+ private long maximumTicketLifetime = DEFAULT_TGS_MAXIMUM_TICKET_LIFETIME;
+
+ /** The maximum renewable lifetime. */
+ private long maximumRenewableLifetime = DEFAULT_TGS_MAXIMUM_RENEWABLE_LIFETIME;
+
+ /** Whether empty addresses are allowed. */
+ private boolean isEmptyAddressesAllowed = DEFAULT_EMPTY_ADDRESSES_ALLOWED;
+
+ /** Whether forwardable addresses are allowed. */
+ private boolean isForwardableAllowed = DEFAULT_TGS_FORWARDABLE_ALLOWED;
+
+ /** Whether proxiable addresses are allowed. */
+ private boolean isProxiableAllowed = DEFAULT_TGS_PROXIABLE_ALLOWED;
+
+ /** Whether postdating is allowed. */
+ private boolean isPostdateAllowed = DEFAULT_TGS_POSTDATE_ALLOWED;
+
+ /** Whether renewable tickets are allowed. */
+ private boolean isRenewableAllowed = DEFAULT_TGS_RENEWABLE_ALLOWED;
+
/**
- * Creates a new instance with default settings.
+ * Creates a new instance of KdcConfiguration.
*/
public KdcConfiguration()
{
- this( getDefaultConfig(), LoadStrategy.LDAP );
+ super.setServiceName( DEFAULT_NAME );
+ super.setIpPort( DEFAULT_IP_PORT );
+ super.setServicePid( DEFAULT_PID );
+ super.setSearchBaseDn( DEFAULT_SEARCH_BASEDN );
+
+ prepareEncryptionTypes();
}
/**
- * Creates a new instance with default settings that operates on the
- * {@link DirectoryService} with the specified ID.
- *
- * @param instanceId
+ * Returns the allowable clock skew.
+ *
+ * @return The allowable clock skew.
*/
- public KdcConfiguration( String instanceId )
+ public long getAllowableClockSkew()
{
- this( getDefaultConfig(), LoadStrategy.LDAP );
- setInstanceId( instanceId );
+ return allowableClockSkew;
}
/**
- * Creates a new instance of KdcConfiguration.
- *
- * @param properties
+ * @return the isEmptyAddressesAllowed
*/
- public KdcConfiguration( Map<String, Object> properties )
+ public boolean isEmptyAddressesAllowed()
{
- this( properties, LoadStrategy.LDAP );
+ return isEmptyAddressesAllowed;
}
/**
- * Creates a new instance of KdcConfiguration.
- *
- * @param properties
- * @param strategy
+ * @return the isForwardableAllowed
*/
- public KdcConfiguration( Map<String, Object> properties, int strategy )
+ public boolean isForwardableAllowed()
{
- if ( properties == null )
- {
- configuration = getDefaultConfig();
- }
- else
- {
- loadProperties( DEFAULT_PREFIX, properties, strategy );
- }
-
- int port = getPort();
-
- if ( port < 1 || port > 0xFFFF )
- {
- throw new ConfigurationException( "Invalid value: " + IP_PORT_KEY + "=" + port );
- }
-
- prepareEncryptionTypes();
+ return isForwardableAllowed;
}
/**
- * Returns a Map of the default config.
- *
- * @return The default config.
+ * @return the isPostdateAllowed
*/
- public static Map<String, Object> getDefaultConfig()
+ public boolean isPostdateAllowed()
{
- Map<String, Object> defaults = new HashMap<String, Object>();
-
- defaults.put( SERVICE_PID, DEFAULT_PID );
- defaults.put( IP_PORT_KEY, DEFAULT_IP_PORT );
-
- return defaults;
+ return isPostdateAllowed;
}
/**
- * Returns whether the Dictionary of config is different from this config.
- *
- * @param config
- * @return true if the configs are different.
+ * @return the isProxiableAllowed
*/
- public boolean isDifferent( Dictionary config )
+ public boolean isProxiableAllowed()
{
- int port = getPort();
-
- if ( port == Integer.parseInt( ( String ) config.get( IP_PORT_KEY ) ) )
- {
- return false;
- }
-
- return true;
+ return isProxiableAllowed;
}
/**
- * Returns the name of this service.
- *
- * @return The name of this service.
+ * @return the isRenewableAllowed
*/
- public String getName()
+ public boolean isRenewableAllowed()
{
- return DEFAULT_NAME;
+ return isRenewableAllowed;
}
/**
- * Returns the primary realm.
- *
- * @return The primary realm.
+ * @return the maximumRenewableLifetime
*/
- public String getPrimaryRealm()
+ public long getMaximumRenewableLifetime()
{
- String key = REALM_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return get( key );
- }
-
- return DEFAULT_REALM;
+ return maximumRenewableLifetime;
}
/**
- * Returns the KDC principal.
- *
- * @return The KDC principal.
+ * @return the maximumTicketLifetime
*/
- public KerberosPrincipal getKdcPrincipal()
+ public long getMaximumTicketLifetime()
{
- String key = PRINCIPAL_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return new KerberosPrincipal( get( key ) );
- }
-
- return new KerberosPrincipal( DEFAULT_PRINCIPAL );
+ return maximumTicketLifetime;
}
- public String getEntryBaseDn()
+ /**
+ * @param allowableClockSkew the allowableClockSkew to set
+ */
+ public void setAllowableClockSkew( long allowableClockSkew )
{
- String key = ENTRY_BASEDN_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return get( key );
- }
-
- return KDC_ENTRY_BASEDN;
+ this.allowableClockSkew = allowableClockSkew;
}
/**
- * Returns the encryption types.
- *
- * @return The encryption types.
+ * @param encryptionTypes the encryptionTypes to set
*/
- public EncryptionType[] getEncryptionTypes()
+ public void setEncryptionTypes( EncryptionType[] encryptionTypes )
{
- return encryptionTypes;
+ this.encryptionTypes = encryptionTypes;
}
/**
- * Returns the properties.
- *
- * @return The properties.
+ * @param isEmptyAddressesAllowed the isEmptyAddressesAllowed to set
*/
- public Map<String, Object> getProperties()
+ public void setEmptyAddressesAllowed( boolean isEmptyAddressesAllowed )
{
- // Request that the krb5key value be returned as binary
- configuration.put( JndiPropertyConstants.JNDI_LDAP_ATTRIBUTES_BINARY, "krb5Key" );
-
- return configuration;
+ this.isEmptyAddressesAllowed = isEmptyAddressesAllowed;
}
/**
- * Returns the clock skew.
- *
- * @return The clock skew.
+ * @param isForwardableAllowed the isForwardableAllowed to set
*/
- public long getClockSkew()
+ public void setForwardableAllowed( boolean isForwardableAllowed )
{
- String key = ALLOWABLE_CLOCKSKEW_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return MINUTE * Long.parseLong( get( key ) );
- }
-
- return DEFAULT_ALLOWABLE_CLOCKSKEW;
+ this.isForwardableAllowed = isForwardableAllowed;
}
/**
- * Returns the port.
- *
- * @return The port.
+ * @param isPaEncTimestampRequired the isPaEncTimestampRequired to set
*/
- public int getPort()
+ public void setPaEncTimestampRequired( boolean isPaEncTimestampRequired )
{
- String key = IP_PORT_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return Integer.parseInt( get( key ) );
- }
-
- return Integer.parseInt( DEFAULT_IP_PORT );
+ this.isPaEncTimestampRequired = isPaEncTimestampRequired;
}
/**
- * Returns the buffer size.
- *
- * @return The buffer size.
+ * @param isPostdateAllowed the isPostdateAllowed to set
*/
- public int getBufferSize()
+ public void setPostdateAllowed( boolean isPostdateAllowed )
{
- String key = BUFFER_SIZE_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return Integer.parseInt( get( key ) );
- }
-
- return DEFAULT_BUFFER_SIZE;
+ this.isPostdateAllowed = isPostdateAllowed;
}
/**
- * Returns whether pre-authentication by encrypted timestamp is required.
- *
- * @return true if pre-authentication by encrypted timestamp is required.
+ * @param isProxiableAllowed the isProxiableAllowed to set
*/
- public boolean isPaEncTimestampRequired()
+ public void setProxiableAllowed( boolean isProxiableAllowed )
{
- String key = PA_ENC_TIMESTAMP_REQUIRED_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return "true".equalsIgnoreCase( get( key ) );
- }
-
- return DEFAULT_PA_ENC_TIMESTAMP_REQUIRED;
+ this.isProxiableAllowed = isProxiableAllowed;
}
/**
- * Returns the maximum ticket lifetime.
- *
- * @return The maximum ticket lifetime.
+ * @param isRenewableAllowed the isRenewableAllowed to set
*/
- public long getMaximumTicketLifetime()
+ public void setRenewableAllowed( boolean isRenewableAllowed )
{
- String key = TGS_MAXIMUM_TICKET_LIFETIME_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return MINUTE * Long.parseLong( get( key ) );
- }
-
- return DEFAULT_TGS_MAXIMUM_TICKET_LIFETIME;
+ this.isRenewableAllowed = isRenewableAllowed;
}
/**
- * Returns the maximum renewable lifetime.
- *
- * @return The maximum renewable lifetime.
+ * @param kdcPrincipal the kdcPrincipal to set
*/
- public long getMaximumRenewableLifetime()
+ public void setKdcPrincipal( String kdcPrincipal )
{
- String key = TGS_MAXIMUM_RENEWABLE_LIFETIME_KEY;
+ this.servicePrincipal = kdcPrincipal;
+ }
- if ( configuration.containsKey( key ) )
- {
- return MINUTE * Long.parseLong( get( key ) );
- }
- return DEFAULT_TGS_MAXIMUM_RENEWABLE_LIFETIME;
+ /**
+ * @param maximumRenewableLifetime the maximumRenewableLifetime to set
+ */
+ public void setMaximumRenewableLifetime( long maximumRenewableLifetime )
+ {
+ this.maximumRenewableLifetime = maximumRenewableLifetime;
}
/**
- * Returns whether empty addresses are allowed.
- *
- * @return true if empty addresses are allowed.
+ * @param maximumTicketLifetime the maximumTicketLifetime to set
*/
- public boolean isEmptyAddressesAllowed()
+ public void setMaximumTicketLifetime( long maximumTicketLifetime )
{
- String key = EMPTY_ADDRESSES_ALLOWED_KEY;
+ this.maximumTicketLifetime = maximumTicketLifetime;
+ }
- if ( configuration.containsKey( key ) )
- {
- return "true".equalsIgnoreCase( get( key ) );
- }
- return DEFAULT_EMPTY_ADDRESSES_ALLOWED;
+ /**
+ * @param primaryRealm the primaryRealm to set
+ */
+ public void setPrimaryRealm( String primaryRealm )
+ {
+ this.primaryRealm = primaryRealm;
}
/**
- * Returns whether forwardable tickets are allowed.
+ * Returns the primary realm.
*
- * @return true if forwardable tickets are allowed.
+ * @return The primary realm.
*/
- public boolean isForwardableAllowed()
+ public String getPrimaryRealm()
{
- String key = TGS_FORWARDABLE_ALLOWED_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return "true".equalsIgnoreCase( get( key ) );
- }
-
- return DEFAULT_TGS_FORWARDABLE_ALLOWED;
+ return primaryRealm;
}
/**
- * Returns whether proxiable tickets are allowed.
+ * Returns the service principal for this KDC service.
*
- * @return true if proxiable tickets are allowed.
+ * @return The service principal for this KDC service.
*/
- public boolean isProxiableAllowed()
+ public KerberosPrincipal getServicePrincipal()
{
- String key = TGS_PROXIABLE_ALLOWED_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return "true".equalsIgnoreCase( get( key ) );
- }
-
- return DEFAULT_TGS_PROXIABLE_ALLOWED;
+ return new KerberosPrincipal( servicePrincipal );
}
/**
- * Returns whether postdated tickets are allowed.
+ * Returns the encryption types.
*
- * @return true if postdated tickets are allowed.
+ * @return The encryption types.
*/
- public boolean isPostdateAllowed()
+ public EncryptionType[] getEncryptionTypes()
{
- String key = TGS_POSTDATE_ALLOWED_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return "true".equalsIgnoreCase( get( key ) );
- }
-
- return DEFAULT_TGS_POSTDATE_ALLOWED;
+ return encryptionTypes;
}
/**
- * Returns whether renewable tickets are allowed.
+ * Returns whether pre-authentication by encrypted timestamp is required.
*
- * @return true if renewable tickets are allowed.
+ * @return Whether pre-authentication by encrypted timestamp is required.
*/
- public boolean isRenewableAllowed()
+ public boolean isPaEncTimestampRequired()
{
- String key = TGS_RENEWABLE_ALLOWED_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- return "true".equalsIgnoreCase( get( key ) );
- }
-
- return DEFAULT_TGS_RENEWABLE_ALLOWED;
+ return isPaEncTimestampRequired;
}
private void prepareEncryptionTypes()
{
- String[] encryptionTypeStrings = null;
-
- String key = ENCRYPTION_TYPES_KEY;
-
- if ( configuration.containsKey( key ) )
- {
- encryptionTypeStrings = ( get( key ) ).split( "\\s" );
- }
- else
- {
- encryptionTypeStrings = DEFAULT_ENCRYPTION_TYPES;
- }
+ String[] encryptionTypeStrings = DEFAULT_ENCRYPTION_TYPES;
List<EncryptionType> encTypes = new ArrayList<EncryptionType>();
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java Wed May 23 21:08:50 2007
@@ -68,8 +68,8 @@
this.acceptor = acceptor;
this.store = store;
- String name = config.getName();
- int port = config.getPort();
+ String name = config.getServiceName();
+ int port = config.getIpPort();
try
{
@@ -90,7 +90,7 @@
* Returns whether configuration being proposed as new is really different.
*
* @param newConfig
- * @return Whether configuration being proposed as new is really different.
+ * @return <code>True</true> if the configuration is different.
*/
public boolean isDifferent( Dictionary newConfig )
{
@@ -103,11 +103,11 @@
*/
public void destroy()
{
- acceptor.unbind( new InetSocketAddress( config.getPort() ) );
+ acceptor.unbind( new InetSocketAddress( config.getIpPort() ) );
acceptor = null;
handler = null;
- log.debug( config.getName() + " has stopped listening on port " + config.getPort() );
+ log.debug( config.getServiceName() + " has stopped listening on port " + config.getIpPort() );
}
}
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java Wed May 23 21:08:50 2007
@@ -128,7 +128,7 @@
preparePreAuthenticationError( config.getEncryptionTypes() ) );
}
- if ( !timestamp.getTimeStamp().isInClockSkew( config.getClockSkew() ) )
+ if ( !timestamp.getTimeStamp().isInClockSkew( config.getAllowableClockSkew() ) )
{
throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_FAILED );
}
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java Wed May 23 21:08:50 2007
@@ -62,7 +62,7 @@
PrincipalStore store = tgsContext.getStore();
ApplicationRequest authHeader = tgsContext.getAuthHeader();
Ticket tgt = tgsContext.getTgt();
- long clockSkew = tgsContext.getConfig().getClockSkew();
+ long clockSkew = tgsContext.getConfig().getAllowableClockSkew();
ReplayCache replayCache = tgsContext.getReplayCache();
ChecksumType checksumType = tgsContext.getAuthenticator().getChecksum().getChecksumType();
InetAddress clientAddress = tgsContext.getClientAddress();
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java?view=diff&rev=541149&r1=541148&r2=541149
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java Wed May 23 21:08:50 2007
@@ -50,7 +50,7 @@
EncryptionType encryptionType = tgt.getEncPart().getEncryptionType();
EncryptionKey serverKey = tgsContext.getTicketPrincipalEntry().getKeyMap().get( encryptionType );
- long clockSkew = tgsContext.getConfig().getClockSkew();
+ long clockSkew = tgsContext.getConfig().getAllowableClockSkew();
ReplayCache replayCache = tgsContext.getReplayCache();
boolean emptyAddressesAllowed = tgsContext.getConfig().isEmptyAddressesAllowed();
InetAddress clientAddress = tgsContext.getClientAddress();