You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/05/07 01:40:18 UTC
svn commit: r535680 -
/directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java
Author: erodriguez
Date: Sun May 6 16:40:17 2007
New Revision: 535680
URL: http://svn.apache.org/viewvc?view=rev&rev=535680
Log:
Update to Change Password protocol to support multiple key types:
o Change Password now simply writes the plaintext password to the DIT.
o Key derivation is performed by the KeyDerivationService.
o DES key writing in Change Password is replaced with interceptor writing of DES, DES3, AES128, AES256, and RC4-HMAC keys.
Modified:
directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java
Modified: directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java?view=diff&rev=535680&r1=535679&r2=535680
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java (original)
+++ directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java Sun May 6 16:40:17 2007
@@ -20,7 +20,6 @@
package org.apache.directory.server.changepw.service;
-import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.changepw.exceptions.ChangePasswordException;
@@ -44,26 +43,24 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
PrincipalStore store = changepwContext.getStore();
Authenticator authenticator = changepwContext.getAuthenticator();
- String password = changepwContext.getPassword();
+ String newPassword = changepwContext.getPassword();
+ KerberosPrincipal clientPrincipal = authenticator.getClientPrincipal();
// usec and seq-number must be present per MS but aren't in legacy kpasswd
// seq-number must have same value as authenticator
// ignore r-address
- // generate key from password
- KerberosPrincipal clientPrincipal = authenticator.getClientPrincipal();
- KerberosKey newKey = new KerberosKey( clientPrincipal, password.toCharArray(), "DES" );
-
// store password in database
try
{
- String principalName = store.changePassword( clientPrincipal, newKey );
+ String principalName = store.changePassword( clientPrincipal, newPassword );
log.debug( "Successfully modified principal {}", principalName );
}
catch ( Exception e )
@@ -76,7 +73,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}