You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/05/07 01:40:18 UTC

svn commit: r535680 - /directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java

Author: erodriguez
Date: Sun May  6 16:40:17 2007
New Revision: 535680

URL: http://svn.apache.org/viewvc?view=rev&rev=535680
Log:
Update to Change Password protocol to support multiple key types:
o  Change Password now simply writes the plaintext password to the DIT.
o  Key derivation is performed by the KeyDerivationService.
o  DES key writing in Change Password is replaced with interceptor writing of DES, DES3, AES128, AES256, and RC4-HMAC keys.

Modified:
    directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java

Modified: directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java?view=diff&rev=535680&r1=535679&r2=535680
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java (original)
+++ directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java Sun May  6 16:40:17 2007
@@ -20,7 +20,6 @@
 package org.apache.directory.server.changepw.service;
 
 
-import javax.security.auth.kerberos.KerberosKey;
 import javax.security.auth.kerberos.KerberosPrincipal;
 
 import org.apache.directory.server.changepw.exceptions.ChangePasswordException;
@@ -44,26 +43,24 @@
 
     private String contextKey = "context";
 
+
     public void execute( NextCommand next, IoSession session, Object message ) throws Exception
     {
         ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
 
         PrincipalStore store = changepwContext.getStore();
         Authenticator authenticator = changepwContext.getAuthenticator();
-        String password = changepwContext.getPassword();
+        String newPassword = changepwContext.getPassword();
+        KerberosPrincipal clientPrincipal = authenticator.getClientPrincipal();
 
         // usec and seq-number must be present per MS but aren't in legacy kpasswd
         // seq-number must have same value as authenticator
         // ignore r-address
 
-        // generate key from password
-        KerberosPrincipal clientPrincipal = authenticator.getClientPrincipal();
-        KerberosKey newKey = new KerberosKey( clientPrincipal, password.toCharArray(), "DES" );
-
         // store password in database
         try
         {
-            String principalName = store.changePassword( clientPrincipal, newKey );
+            String principalName = store.changePassword( clientPrincipal, newPassword );
             log.debug( "Successfully modified principal {}", principalName );
         }
         catch ( Exception e )
@@ -76,7 +73,7 @@
     }
 
 
-    public String getContextKey()
+    protected String getContextKey()
     {
         return ( this.contextKey );
     }