You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Denis Mikhalkin (JIRA)" <ji...@apache.org> on 2013/04/02 11:47:15 UTC
[jira] [Created] (DIRSERVER-1815) Configuring custom authenticator
for ApacheDS 2.0.0-M11
Denis Mikhalkin created DIRSERVER-1815:
------------------------------------------
Summary: Configuring custom authenticator for ApacheDS 2.0.0-M11
Key: DIRSERVER-1815
URL: https://issues.apache.org/jira/browse/DIRSERVER-1815
Project: Directory ApacheDS
Issue Type: Bug
Components: core
Affects Versions: 2.0.0-M11
Environment: Java 6u33
Reporter: Denis Mikhalkin
I'm written a custom authenticator (org.apache.directory.server.core.authn.Authenticator) and configured it at "ou=authenticators,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config". I can see that my class is getting loaded (constructor invoked), however its authenticate method never gets called.
After digging through the source code I found the following suspicious sequence of actions:
- The DirectoryService is getting created by createDirectoryService in ServiceBuilder
- That calls createInterceptors() which creates the AuthenticationInterceptor. It reads the properties and creates my authenticator class
- It then calls setAuthenticators with the array of authenticators which then calls register for each one of them
- Register calls init however the directoryService is null (?!?) [1]
at org.apache.directory.server.core.authn.AuthenticationInterceptor.register(AuthenticationInterceptor.java:276)
at org.apache.directory.server.core.authn.AuthenticationInterceptor.setAuthenticators(AuthenticationInterceptor.java:240)
at org.apache.directory.server.config.builder.ServiceBuilder.createInterceptors(ServiceBuilder.java:182)
at org.apache.directory.server.config.builder.ServiceBuilder.createDirectoryService(ServiceBuilder.java:1380)
at org.apache.directory.server.ApacheDsService.initDirectoryService(ApacheDsService.java:300)
at org.apache.directory.server.ApacheDsService.start(ApacheDsService.java:179)
at org.apache.directory.server.UberjarMain.start(UberjarMain.java:76)
at org.apache.directory.server.UberjarMain.main(UberjarMain.java:54)
Later, there is a call to DefaultDirectoryService.initialize which calls Authenticator.init on each Authenticator again. However, my class does not get invoked.
What happens is that DefaultDirectoryService.initialize eventually gets to AuthenticationInterceptor, which reads the list of authenticators from the authenticators field. This field gets populated in setDefaultAuthenticators, but does not get updated since then. In the end, even though custom authenticators are initialized, only the default authenticators are registered with the interceptor [2].
I'm puzzled by the behavior [1] however the most critical one is [2]. Because of it I can't seem to be able to have my authenticator get invoked during authentication.
I've done a manual quick fix by adding the update of the AuthenticationInterceptor.authenticators set during the AuthenticationInterceptor.register method and it seems to have fixed the issue. Not sure whether this is the right fix. May be I'm not configuring my authenticator correctly? The user guide does not seem to talk abut custom authenticators anymore...
AuthenticationInterceptor:
private void register( Authenticator authenticator, DirectoryService directoryService ) throws LdapException
{
authenticator.init( directoryService );
Collection<Authenticator> authenticatorList = getAuthenticators( authenticator.getAuthenticatorType() );
if ( authenticatorList == null )
{
authenticatorList = new ArrayList<Authenticator>();
authenticatorsMapByType.put( authenticator.getAuthenticatorType(), authenticatorList );
}
authenticatorList.add( authenticator );
+ authenticators.add( authenticator );
}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira