You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2008/05/23 04:37:00 UTC
svn commit: r659374 -
/directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
Author: elecharny
Date: Thu May 22 19:36:59 2008
New Revision: 659374
URL: http://svn.apache.org/viewvc?rev=659374&view=rev
Log:
Moved the OperationContext from the doAddOperation to the caller, in order to get ready for the JNDI removal
Modified:
directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
Modified: directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java?rev=659374&r1=659373&r2=659374&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java (original)
+++ directory/apacheds/branches/bigbang/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java Thu May 22 19:36:59 2008
@@ -48,13 +48,13 @@
import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.jndi.LdapJndiProperties;
import org.apache.directory.server.core.jndi.ServerContext;
import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
-import org.apache.directory.shared.ldap.message.MessageTypeEnum;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.util.StringTools;
import org.slf4j.Logger;
@@ -198,7 +198,7 @@
" for DN = '" + opContext.getDn().getUpName() + "'" );
}
- checkAuthenticated( MessageTypeEnum.ADD_REQUEST );
+ checkAuthenticated( opContext );
next.add( opContext );
}
@@ -210,7 +210,7 @@
LOG.debug( "Deleting name = '" + opContext.getDn().getUpName() + "'" );
}
- checkAuthenticated( MessageTypeEnum.DEL_REQUEST );
+ checkAuthenticated( opContext );
next.delete( opContext );
invalidateAuthenticatorCaches( opContext.getDn() );
}
@@ -223,7 +223,7 @@
LOG.debug( "Matching name = '" + opContext.getDn().getUpName() + "'" );
}
- checkAuthenticated();
+ checkAuthenticated( opContext );
return next.getMatchedName( opContext );
}
@@ -235,7 +235,7 @@
LOG.debug( "Getting root DSE" );
}
- checkAuthenticated();
+ checkAuthenticated( opContext );
return next.getRootDSE( opContext );
}
@@ -247,7 +247,7 @@
LOG.debug( "Getting suffix for name = '" + opContext.getDn().getUpName() + "'" );
}
- checkAuthenticated();
+ checkAuthenticated( opContext );
return next.getSuffix( opContext );
}
@@ -259,7 +259,7 @@
LOG.debug( "Testing if entry name = '" + opContext.getDn().getUpName() + "' exists" );
}
- checkAuthenticated();
+ checkAuthenticated( opContext );
return next.hasEntry( opContext );
}
@@ -271,7 +271,7 @@
LOG.debug( "Listing base = '" + opContext.getDn().getUpName() + "'" );
}
- checkAuthenticated();
+ checkAuthenticated( opContext );
return next.list( opContext );
}
@@ -283,7 +283,7 @@
LOG.debug( "Listing suffixes" );
}
- checkAuthenticated();
+ checkAuthenticated( opContext );
return next.listSuffixes( opContext );
}
@@ -304,7 +304,7 @@
}
}
- checkAuthenticated();
+ checkAuthenticated( opContext );
return next.lookup( opContext );
}
@@ -330,7 +330,7 @@
LOG.debug( opContext.toString() );
}
- checkAuthenticated( MessageTypeEnum.MODIFY_REQUEST );
+ checkAuthenticated( opContext );
next.modify( opContext );
invalidateAuthenticatorCaches( opContext.getDn() );
}
@@ -345,7 +345,7 @@
"oldRDN = '" + opContext.getDelOldDn() + "'" );
}
- checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST );
+ checkAuthenticated( opContext );
next.rename( opContext );
invalidateAuthenticatorCaches( opContext.getDn() );
}
@@ -362,7 +362,7 @@
opContext.getDelOldDn() + "'" );
}
- checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST );
+ checkAuthenticated( opContext );
next.moveAndRename( opContext );
invalidateAuthenticatorCaches( opContext.getDn() );
}
@@ -376,7 +376,7 @@
opContext.getParent().getUpName() + "'" );
}
- checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST );
+ checkAuthenticated( opContext );
next.move( opContext );
invalidateAuthenticatorCaches( opContext.getDn() );
}
@@ -389,39 +389,27 @@
LOG.debug( "Search for base = '" + opContext.getDn().getUpName() + "'" );
}
- checkAuthenticated( MessageTypeEnum.SEARCH_REQUEST );
+ checkAuthenticated( opContext );
return next.search( opContext );
}
- private void checkAuthenticated( MessageTypeEnum operation ) throws Exception
- {
- try
- {
- checkAuthenticated();
- }
- catch ( IllegalStateException ise )
- {
- LOG.error( "Attempted operation {} by unauthenticated caller.", operation.name() );
-
- throw new IllegalStateException( "Attempted operation by unauthenticated caller." );
- }
- }
-
- private void checkAuthenticated() throws Exception
+ /**
+ * Check if the curretn operation has a valid PrincipalDN or not.
+ *
+ * @param opContext the OperationContext for this operation
+ * @param operation the operation type
+ * @throws Exception
+ */
+ private void checkAuthenticated( OperationContext opContext ) throws Exception
{
- ServerContext ctx = ( ServerContext ) InvocationStack.getInstance().peek().getCaller();
-
- if ( ctx.getPrincipal() != null )
+ if ( opContext.getPrincipalDN() != null )
{
- if ( ctx.getEnvironment().containsKey( Context.SECURITY_CREDENTIALS ) )
- {
- ctx.removeFromEnvironment( Context.SECURITY_CREDENTIALS );
- }
-
return;
}
+ LOG.error( "Attempted operation '{}' by unauthenticated caller.", opContext.getName() );
+
throw new IllegalStateException( "Attempted operation by unauthenticated caller." );
}