You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/05/29 05:58:43 UTC
svn commit: r542400 -
/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/kerberos/KeyDerivationService.java
Author: erodriguez
Date: Mon May 28 20:58:42 2007
New Revision: 542400
URL: http://svn.apache.org/viewvc?view=rev&rev=542400
Log:
Added more Javadocs and comments to KeyDerivationService.
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/kerberos/KeyDerivationService.java
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/kerberos/KeyDerivationService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/kerberos/KeyDerivationService.java?view=diff&rev=542400&r1=542399&r2=542400
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/kerberos/KeyDerivationService.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/kerberos/KeyDerivationService.java Mon May 28 20:58:42 2007
@@ -112,6 +112,12 @@
}
+ /**
+ * Intercept the addition of the 'userPassword' and 'krb5PrincipalName' attributes. Use the 'userPassword'
+ * and 'krb5PrincipalName' attributes to derive Kerberos keys for the principal. If the 'userPassword' is
+ * the special keyword 'randomKey', set random keys for the principal. Set the key version number (kvno)
+ * to '0'.
+ */
public void add( NextInterceptor next, OperationContext addContext ) throws NamingException
{
LdapDN normName = addContext.getDn();
@@ -163,12 +169,10 @@
/**
- * Detect case.
- * Log detection.
- * Retrieve old value.
- * Log retrieved values.
- * Make now attr/mods.
- * Log new values.
+ * Intercept the modification of the 'userPassword' attribute. Use the 'userPassword' and 'krb5PrincipalName'
+ * attributes to derive Kerberos keys for the principal. If the 'userPassword' is the special keyword
+ * 'randomKey', set random keys for the principal. Perform a lookup to check for an existing key version
+ * number (kvno). If a kvno exists, increment the kvno; otherwise, set the kvno to '0'.
*/
public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
{
@@ -319,7 +323,7 @@
log.debug( "Found kvno '" + oldKeyVersionNumber + "', setting to '" + newKeyVersionNumber + "'." );
}
- // TODO - just checking ...
+ // TODO - We may wish to lookup the principal name if one is not present in the modification items.
Attribute principalName = userEntry.get( KerberosAttribute.PRINCIPAL );
log.debug( "Found principal = " + ( String ) principalName.get() );