You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2008/05/23 04:37:00 UTC
svn commit: r659374 - /directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java

Author: elecharny
Date: Thu May 22 19:36:59 2008
New Revision: 659374

URL: http://svn.apache.org/viewvc?rev=659374&view=rev
Log:
Moved the OperationContext from the doAddOperation to the caller, in order to get ready for the JNDI removal

Modified:
    directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java

Modified: directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java?rev=659374&r1=659373&r2=659374&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java (original)
+++ directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java Thu May 22 19:36:59 2008
@@ -48,13 +48,13 @@
 import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
 import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
 import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
 import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
 import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
 import org.apache.directory.server.core.invocation.InvocationStack;
 import org.apache.directory.server.core.jndi.LdapJndiProperties;
 import org.apache.directory.server.core.jndi.ServerContext;
 import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
-import org.apache.directory.shared.ldap.message.MessageTypeEnum;
 import org.apache.directory.shared.ldap.name.LdapDN;
 import org.apache.directory.shared.ldap.util.StringTools;
 import org.slf4j.Logger;
@@ -198,7 +198,7 @@
                     " for DN = '" + opContext.getDn().getUpName() + "'" );
         }
 
-        checkAuthenticated( MessageTypeEnum.ADD_REQUEST );
+        checkAuthenticated( opContext );
         next.add( opContext );
     }
 
@@ -210,7 +210,7 @@
             LOG.debug( "Deleting name = '" + opContext.getDn().getUpName() + "'" );
         }
 
-        checkAuthenticated( MessageTypeEnum.DEL_REQUEST );
+        checkAuthenticated( opContext );
         next.delete( opContext );
         invalidateAuthenticatorCaches( opContext.getDn() );
     }
@@ -223,7 +223,7 @@
             LOG.debug( "Matching name = '" + opContext.getDn().getUpName() + "'" );
         }
 
-        checkAuthenticated();
+        checkAuthenticated( opContext );
         return next.getMatchedName( opContext );
     }
 
@@ -235,7 +235,7 @@
             LOG.debug( "Getting root DSE" );
         }
 
-        checkAuthenticated();
+        checkAuthenticated( opContext );
         return next.getRootDSE( opContext );
     }
 
@@ -247,7 +247,7 @@
             LOG.debug( "Getting suffix for name = '" + opContext.getDn().getUpName() + "'" );
         }
 
-        checkAuthenticated();
+        checkAuthenticated( opContext );
         return next.getSuffix( opContext );
     }
 
@@ -259,7 +259,7 @@
             LOG.debug( "Testing if entry name = '" + opContext.getDn().getUpName() + "' exists" );
         }
 
-        checkAuthenticated();
+        checkAuthenticated( opContext );
         return next.hasEntry( opContext );
     }
 
@@ -271,7 +271,7 @@
             LOG.debug( "Listing base = '" + opContext.getDn().getUpName() + "'" );
         }
 
-        checkAuthenticated();
+        checkAuthenticated( opContext );
         return next.list( opContext );
     }
 
@@ -283,7 +283,7 @@
             LOG.debug( "Listing suffixes" );
         }
 
-        checkAuthenticated();
+        checkAuthenticated( opContext );
         return next.listSuffixes( opContext );
     }
 
@@ -304,7 +304,7 @@
             }
         }
 
-        checkAuthenticated();
+        checkAuthenticated( opContext );
         return next.lookup( opContext );
     }
 
@@ -330,7 +330,7 @@
             LOG.debug( opContext.toString() );
         }
 
-        checkAuthenticated( MessageTypeEnum.MODIFY_REQUEST );
+        checkAuthenticated( opContext );
         next.modify( opContext );
         invalidateAuthenticatorCaches( opContext.getDn() );
     }
@@ -345,7 +345,7 @@
                     "oldRDN = '" + opContext.getDelOldDn() + "'" );
         }
 
-        checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST );
+        checkAuthenticated( opContext );
         next.rename( opContext );
         invalidateAuthenticatorCaches( opContext.getDn() );
     }
@@ -362,7 +362,7 @@
                     opContext.getDelOldDn() + "'" );
         }
 
-        checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST );
+        checkAuthenticated( opContext );
         next.moveAndRename( opContext );
         invalidateAuthenticatorCaches( opContext.getDn() );
     }
@@ -376,7 +376,7 @@
                     opContext.getParent().getUpName() + "'" );
         }
 
-        checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST );
+        checkAuthenticated( opContext );
         next.move( opContext );
         invalidateAuthenticatorCaches( opContext.getDn() );
     }
@@ -389,39 +389,27 @@
             LOG.debug( "Search for base = '" + opContext.getDn().getUpName() + "'" );
         }
 
-        checkAuthenticated( MessageTypeEnum.SEARCH_REQUEST );
+        checkAuthenticated( opContext );
         return next.search( opContext );
     }
 
 
-    private void checkAuthenticated( MessageTypeEnum operation ) throws Exception
-    {
-        try
-        {
-            checkAuthenticated();
-        }
-        catch ( IllegalStateException ise )
-        {
-            LOG.error( "Attempted operation {} by unauthenticated caller.", operation.name() );
-
-            throw new IllegalStateException( "Attempted operation by unauthenticated caller." );
-        }
-    }
-
-    private void checkAuthenticated() throws Exception
+    /**
+     * Check if the curretn operation has a valid PrincipalDN or not.
+     *
+     * @param opContext the OperationContext for this operation
+     * @param operation the operation type
+     * @throws Exception
+     */
+    private void checkAuthenticated( OperationContext opContext ) throws Exception
     {
-        ServerContext ctx = ( ServerContext ) InvocationStack.getInstance().peek().getCaller();
-
-        if ( ctx.getPrincipal() != null )
+        if ( opContext.getPrincipalDN() != null )
         {
-            if ( ctx.getEnvironment().containsKey( Context.SECURITY_CREDENTIALS ) )
-            {
-                ctx.removeFromEnvironment( Context.SECURITY_CREDENTIALS );
-            }
-
             return;
         }
 
+        LOG.error( "Attempted operation '{}' by unauthenticated caller.", opContext.getName() );
+
         throw new IllegalStateException( "Attempted operation by unauthenticated caller." );
     }