You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ak...@apache.org on 2008/08/04 02:43:52 UTC
svn commit: r682235 - in /directory/apacheds/branches/bigbang:
kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/
kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/
protocol-changep...
Author: akarasulu
Date: Sun Aug 3 17:43:52 2008
New Revision: 682235
URL: http://svn.apache.org/viewvc?rev=682235&view=rev
Log:
fixing broken code in kerberos infrastructure for accessing principal entries
o converted ContextOperation to use CoreSession instead of DirContext
o renamed ContextOperation to DirectoryOperation
o added new StoreUtils class for utility methods shared by most DirectoryOp
classes
o removed old JNDI based state and object factories replacing them with code
working with ServerEntry objects
Added:
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/DirectoryPrincipalStore.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/StoreUtils.java
directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/DirectoryServiceOperation.java
- copied, changed from r682228, directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/ContextOperation.java
Removed:
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/JndiPrincipalStoreImpl.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalObjectFactory.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalStateFactory.java
directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/ContextOperation.java
Modified:
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/MultiBaseSearch.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/AddPrincipal.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/ChangePassword.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/DeletePrincipal.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java
directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
directory/apacheds/branches/bigbang/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java
directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java
directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/AbstractSaslCallbackHandler.java
directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiCallbackHandler.java
directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/catalog/GetCatalog.java
Added: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/DirectoryPrincipalStore.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/DirectoryPrincipalStore.java?rev=682235&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/DirectoryPrincipalStore.java (added)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/DirectoryPrincipalStore.java Sun Aug 3 17:43:52 2008
@@ -0,0 +1,97 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.store;
+
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.directory.server.core.DirectoryService;
+import org.apache.directory.shared.ldap.NotImplementedException;
+
+
+/**
+ * A PrincipalStore backing entries in a DirectoryService.
+ *
+ * TODO implement it!!
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class DirectoryPrincipalStore implements PrincipalStore
+{
+ /** The directory service backing store for this PrincipalStore. */
+ private DirectoryService directoryService;
+
+
+ /**
+ * Creates a new instance of DirectoryPrincipalStore.
+ *
+ * @param directoryService backing store for this PrincipalStore
+ */
+ public DirectoryPrincipalStore( DirectoryService directoryService )
+ {
+ this.directoryService = directoryService;
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.apache.directory.server.kerberos.shared.store.PrincipalStore#addPrincipal(org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry)
+ */
+ public String addPrincipal( PrincipalStoreEntry entry ) throws Exception
+ {
+ throw new NotImplementedException();
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.apache.directory.server.kerberos.shared.store.PrincipalStore#changePassword(javax.security.auth.kerberos.KerberosPrincipal, java.lang.String)
+ */
+ public String changePassword( KerberosPrincipal principal, String newPassword ) throws Exception
+ {
+ throw new NotImplementedException();
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.apache.directory.server.kerberos.shared.store.PrincipalStore#deletePrincipal(javax.security.auth.kerberos.KerberosPrincipal)
+ */
+ public String deletePrincipal( KerberosPrincipal principal ) throws Exception
+ {
+ throw new NotImplementedException();
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.apache.directory.server.kerberos.shared.store.PrincipalStore#getAllPrincipals(java.lang.String)
+ */
+ public PrincipalStoreEntry[] getAllPrincipals( String realm ) throws Exception
+ {
+ throw new NotImplementedException();
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.apache.directory.server.kerberos.shared.store.PrincipalStore#getPrincipal(javax.security.auth.kerberos.KerberosPrincipal)
+ */
+ public PrincipalStoreEntry getPrincipal( KerberosPrincipal principal ) throws Exception
+ {
+ throw new NotImplementedException();
+ }
+}
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/MultiBaseSearch.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/MultiBaseSearch.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/MultiBaseSearch.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/MultiBaseSearch.java Sun Aug 3 17:43:52 2008
@@ -36,7 +36,7 @@
import org.apache.directory.server.protocol.shared.ServiceConfigurationException;
import org.apache.directory.server.protocol.shared.catalog.Catalog;
import org.apache.directory.server.protocol.shared.catalog.GetCatalog;
-import org.apache.directory.server.protocol.shared.store.ContextOperation;
+import org.apache.directory.server.protocol.shared.store.DirectoryServiceOperation;
/**
@@ -139,7 +139,7 @@
}
- private Object execute( CoreSession session, ContextOperation operation ) throws Exception
+ private Object execute( CoreSession session, DirectoryServiceOperation operation ) throws Exception
{
return operation.execute( session, null );
}
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java Sun Aug 3 17:43:52 2008
@@ -25,14 +25,16 @@
import java.util.Map;
import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.server.core.entry.ServerStringValue;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.io.decoder.EncryptionKeyDecoder;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.SamType;
+import org.apache.directory.shared.ldap.entry.EntryAttribute;
+import org.apache.directory.shared.ldap.entry.Value;
/**
@@ -277,22 +279,18 @@
* @throws NamingException
* @throws IOException
*/
- public Map<EncryptionType, EncryptionKey> reconstituteKeyMap( Attribute krb5key ) throws NamingException,
- IOException
+ public Map<EncryptionType, EncryptionKey> reconstituteKeyMap( EntryAttribute krb5key ) throws Exception
{
Map<EncryptionType, EncryptionKey> map = new HashMap<EncryptionType, EncryptionKey>();
- for ( int ii = 0; ii < krb5key.size(); ii++ )
+ for ( Value<?> val : krb5key )
{
- Object key = krb5key.get( ii );
-
- if ( key instanceof String )
+ if ( val instanceof ServerStringValue )
{
- throw new NamingException(
- "JNDI should not return a string for the Kerberos key: JNDI property java.naming.ldap.attributes.binary must include the krb5key attribute." );
+ throw new IllegalStateException( "Kerberos key should not be a String." );
}
- byte[] encryptionKeyBytes = ( byte[] ) key;
+ byte[] encryptionKeyBytes = ( byte[] ) val.get();
EncryptionKey encryptionKey = EncryptionKeyDecoder.decode( encryptionKeyBytes );
map.put( encryptionKey.getKeyType(), encryptionKey );
}
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/AddPrincipal.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/AddPrincipal.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/AddPrincipal.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/AddPrincipal.java Sun Aug 3 17:43:52 2008
@@ -17,19 +17,12 @@
* under the License.
*
*/
-
package org.apache.directory.server.kerberos.shared.store.operations;
-import javax.naming.Name;
-import javax.naming.NamingException;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.DirContext;
-import javax.naming.spi.DirStateFactory;
-import javax.naming.spi.DirStateFactory.Result;
-
+import org.apache.directory.server.core.CoreSession;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
-import org.apache.directory.server.protocol.shared.store.ContextOperation;
+import org.apache.directory.server.protocol.shared.store.DirectoryServiceOperation;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -39,7 +32,7 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class AddPrincipal implements ContextOperation
+public class AddPrincipal implements DirectoryServiceOperation
{
private static final long serialVersionUID = -1032737167622217786L;
@@ -58,27 +51,15 @@
}
- public Object execute( DirContext ctx, Name searchBaseDn )
+ public Object execute( CoreSession session, LdapDN searchBaseDn ) throws Exception
{
if ( entry == null )
{
return null;
}
-
- try
- {
- DirStateFactory factory = new PrincipalStateFactory();
- Result result = factory.getStateToBind( entry, null, null, null, null );
- Attributes attrs = result.getAttributes();
- LdapDN name = new LdapDN( "uid=" + entry.getUserId() + ",ou=Users" );
- ctx.rebind( name, null, attrs );
- return name.toString();
- }
- catch ( NamingException ne )
- {
- ne.printStackTrace();
- }
-
- return null;
+
+ LdapDN name = new LdapDN( "uid=" + entry.getUserId() + ",ou=Users" );
+ session.add( StoreUtils.toServerEntry( session, name, entry ) );
+ return name.toString();
}
}
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/ChangePassword.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/ChangePassword.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/ChangePassword.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/ChangePassword.java Sun Aug 3 17:43:52 2008
@@ -20,24 +20,23 @@
package org.apache.directory.server.kerberos.shared.store.operations;
-import java.util.Properties;
+import java.util.ArrayList;
+import java.util.List;
-import javax.naming.CompoundName;
-import javax.naming.Name;
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
-import javax.naming.directory.SearchResult;
import javax.security.auth.kerberos.KerberosPrincipal;
-import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
-import org.apache.directory.server.protocol.shared.store.ContextOperation;
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.entry.DefaultServerAttribute;
+import org.apache.directory.server.core.entry.ServerAttribute;
+import org.apache.directory.server.core.entry.ServerEntry;
+import org.apache.directory.server.core.entry.ServerModification;
+import org.apache.directory.server.protocol.shared.store.DirectoryServiceOperation;
+import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.shared.ldap.constants.SchemaConstants;
-import org.apache.directory.shared.ldap.message.AttributeImpl;
-import org.apache.directory.shared.ldap.message.AttributesImpl;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.directory.shared.ldap.entry.Modification;
+import org.apache.directory.shared.ldap.entry.ModificationOperation;
+import org.apache.directory.shared.ldap.name.LdapDN;
/**
@@ -46,7 +45,7 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class ChangePassword implements ContextOperation
+public class ChangePassword implements DirectoryServiceOperation
{
private static final long serialVersionUID = -7147685183641418353L;
@@ -69,75 +68,29 @@
}
- public Object execute( DirContext ctx, Name searchBaseDn ) throws NamingException
+ public Object execute( CoreSession session, LdapDN searchBaseDn ) throws Exception
{
if ( principal == null )
{
return null;
}
- ModificationItemImpl[] mods = new ModificationItemImpl[2];
- Attribute newPasswordAttribute = new AttributeImpl( SchemaConstants.USER_PASSWORD_AT, newPassword );
- mods[0] = new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, newPasswordAttribute );
- Attribute principalAttribute = new AttributeImpl( "krb5PrincipalName", principal.getName() );
- mods[1] = new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, principalAttribute );
-
- String dn = null;
-
- dn = search( ctx, principal.getName() );
- Name rdn = getRelativeName( ctx.getNameInNamespace(), dn );
- ctx.modifyAttributes( rdn, mods );
+ AttributeTypeRegistry registry = session.getDirectoryService().getRegistries().getAttributeTypeRegistry();
+
+ List<Modification> mods = new ArrayList<Modification>(2);
+
+ ServerAttribute newPasswordAttribute = new DefaultServerAttribute(
+ registry.lookup( SchemaConstants.USER_PASSWORD_AT_OID ), newPassword );
+ mods.set( 0, new ServerModification( ModificationOperation.REPLACE_ATTRIBUTE, newPasswordAttribute ) );
+
+ ServerAttribute principalAttribute = new DefaultServerAttribute(
+ registry.lookup( "krb5PrincipalName" ), principal.getName() );
+ mods.set( 1, new ServerModification( DirContext.REPLACE_ATTRIBUTE, principalAttribute ) );
+
+
+ ServerEntry entry = StoreUtils.findPrincipalEntry( session, searchBaseDn, principal.getName() );
+ session.modify( entry.getDn(), mods );
- return dn;
- }
-
-
- private String search( DirContext ctx, String principal ) throws NamingException
- {
- String[] attrIDs =
- { KerberosAttribute.KRB5_PRINCIPAL_NAME_AT, KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT, KerberosAttribute.KRB5_KEY_AT };
-
- Attributes matchAttrs = new AttributesImpl( true );
- matchAttrs.put( new AttributeImpl( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT, principal ) );
-
- NamingEnumeration<SearchResult> answer = ctx.search( "", matchAttrs, attrIDs );
-
- if ( answer.hasMore() )
- {
- SearchResult sr = answer.next();
- if ( sr != null )
- {
- return sr.getName();
- }
- }
-
- return null;
- }
-
-
- private Name getRelativeName( String nameInNamespace, String baseDn ) throws NamingException
- {
- Properties props = new Properties();
- props.setProperty( "jndi.syntax.direction", "right_to_left" );
- props.setProperty( "jndi.syntax.separator", "," );
- props.setProperty( "jndi.syntax.ignorecase", "true" );
- props.setProperty( "jndi.syntax.trimblanks", "true" );
-
- Name searchBaseDn = null;
-
- Name ctxRoot = new CompoundName( nameInNamespace, props );
- searchBaseDn = new CompoundName( baseDn, props );
-
- if ( !searchBaseDn.startsWith( ctxRoot ) )
- {
- throw new NamingException( "Invalid search base " + baseDn );
- }
-
- for ( int ii = 0; ii < ctxRoot.size(); ii++ )
- {
- searchBaseDn.remove( 0 );
- }
-
- return searchBaseDn;
+ return entry.getDn();
}
}
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/DeletePrincipal.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/DeletePrincipal.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/DeletePrincipal.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/DeletePrincipal.java Sun Aug 3 17:43:52 2008
@@ -17,25 +17,15 @@
* under the License.
*
*/
-
package org.apache.directory.server.kerberos.shared.store.operations;
-import java.util.Properties;
-
-import javax.naming.CompoundName;
-import javax.naming.Name;
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.SearchResult;
import javax.security.auth.kerberos.KerberosPrincipal;
-import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
-import org.apache.directory.server.protocol.shared.store.ContextOperation;
-import org.apache.directory.shared.ldap.message.AttributeImpl;
-import org.apache.directory.shared.ldap.message.AttributesImpl;
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.entry.ServerEntry;
+import org.apache.directory.server.protocol.shared.store.DirectoryServiceOperation;
+import org.apache.directory.shared.ldap.name.LdapDN;
/**
@@ -44,7 +34,7 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class DeletePrincipal implements ContextOperation
+public class DeletePrincipal implements DirectoryServiceOperation
{
private static final long serialVersionUID = -6970986279811261983L;
@@ -63,85 +53,15 @@
}
- public Object execute( DirContext ctx, Name searchBaseDn )
+ public Object execute( CoreSession session, LdapDN searchBaseDn ) throws Exception
{
if ( principal == null )
{
return null;
}
- String dn = null;
-
- try
- {
- dn = search( ctx, searchBaseDn, principal.getName() );
- Name rdn = getRelativeName( ctx, dn );
- ctx.destroySubcontext( rdn );
- }
- catch ( NamingException e )
- {
- e.printStackTrace();
- return null;
- }
-
- return dn;
- }
-
-
- private String search( DirContext ctx, Name searchBaseDn, String principal ) throws NamingException
- {
- String[] attrIDs =
- { KerberosAttribute.KRB5_PRINCIPAL_NAME_AT, KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT, KerberosAttribute.KRB5_KEY_AT };
-
- Attributes matchAttrs = new AttributesImpl( true );
- matchAttrs.put( new AttributeImpl( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT, principal ) );
-
- // Search for objects that have those matching attributes
- NamingEnumeration<SearchResult> answer = ctx.search( searchBaseDn, matchAttrs, attrIDs );
-
- if ( answer.hasMore() )
- {
- SearchResult sr = answer.next();
- if ( sr != null )
- {
- return sr.getName();
- }
- }
-
- return null;
- }
-
-
- private Name getRelativeName( DirContext ctx, String baseDn ) throws NamingException
- {
- Properties props = new Properties();
- props.setProperty( "jndi.syntax.direction", "right_to_left" );
- props.setProperty( "jndi.syntax.separator", "," );
- props.setProperty( "jndi.syntax.ignorecase", "true" );
- props.setProperty( "jndi.syntax.trimblanks", "true" );
-
- Name searchBaseDn;
-
- try
- {
- Name ctxRoot = new CompoundName( ctx.getNameInNamespace(), props );
- searchBaseDn = new CompoundName( baseDn, props );
-
- if ( !searchBaseDn.startsWith( ctxRoot ) )
- {
- throw new NamingException( "Invalid search base " + baseDn );
- }
-
- for ( int ii = 0; ii < ctxRoot.size(); ii++ )
- {
- searchBaseDn.remove( 0 );
- }
- }
- catch ( NamingException e )
- {
- throw new NamingException( "Failed to initialize search base " + baseDn );
- }
-
- return searchBaseDn;
+ ServerEntry entry = StoreUtils.findPrincipalEntry( session, searchBaseDn, principal.getName() );
+ session.delete( entry.getDn() );
+ return entry.getDn();
}
}
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java Sun Aug 3 17:43:52 2008
@@ -26,25 +26,31 @@
import java.util.List;
import java.util.Map;
-import javax.naming.Name;
-import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.DirContext;
import javax.naming.directory.InvalidAttributeValueException;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.entry.ServerAttribute;
+import org.apache.directory.server.core.entry.ServerEntry;
+import org.apache.directory.server.core.entry.ServerStringValue;
+import org.apache.directory.server.core.filtering.EntryFilteringCursor;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.SamType;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntryModifier;
-import org.apache.directory.server.protocol.shared.store.ContextOperation;
+import org.apache.directory.server.protocol.shared.store.DirectoryServiceOperation;
+import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.shared.ldap.constants.SchemaConstants;
+import org.apache.directory.shared.ldap.entry.Value;
+import org.apache.directory.shared.ldap.filter.EqualityNode;
+import org.apache.directory.shared.ldap.filter.ExprNode;
+import org.apache.directory.shared.ldap.filter.SearchScope;
+import org.apache.directory.shared.ldap.message.AliasDerefMode;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.schema.AttributeType;
/**
@@ -53,34 +59,47 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class GetAllPrincipals implements ContextOperation
+public class GetAllPrincipals implements DirectoryServiceOperation
{
private static final long serialVersionUID = -1214321426487445132L;
- private static final String filter = "(objectClass=krb5Principal)";
-
-
- public Object execute( DirContext ctx, Name searchBaseDn )
+ private ExprNode filter;
+
+
+ private ExprNode getFilter( CoreSession session ) throws Exception
{
- SearchControls controls = new SearchControls();
+ if ( filter != null )
+ {
+ return filter;
+ }
+
+ AttributeTypeRegistry registry = session.getDirectoryService().getRegistries().getAttributeTypeRegistry();
+ AttributeType type = registry.lookup( "objectClass" );
+ Value<String> value = new ServerStringValue( type, "krb5Principal" );
+ filter = new EqualityNode<String>( "objectClass", value );
+
+ return filter;
+ }
+
+ public Object execute( CoreSession session, LdapDN searchBaseDn ) throws Exception
+ {
List<PrincipalStoreEntry> answers = new ArrayList<PrincipalStoreEntry>();
try
{
- Attributes attrs = null;
-
- NamingEnumeration<SearchResult> answer = ctx.search( searchBaseDn, filter, controls );
+ EntryFilteringCursor cursor = session.search( searchBaseDn, SearchScope.ONELEVEL, getFilter( session ),
+ AliasDerefMode.DEREF_ALWAYS, null );
- while ( answer.hasMore() )
+ cursor.beforeFirst();
+ while ( cursor.next() )
{
- SearchResult result = answer.next();
- attrs = result.getAttributes();
- PrincipalStoreEntry entry = getEntry( attrs );
+ ServerEntry result = cursor.get();
+ PrincipalStoreEntry entry = getEntry( result );
answers.add( entry );
}
- answer.close();
+ cursor.close();
PrincipalStoreEntry[] entries = new PrincipalStoreEntry[answers.size()];
@@ -102,25 +121,25 @@
* @return the entry for the principal
* @throws NamingException if there are any access problems
*/
- private PrincipalStoreEntry getEntry( Attributes attrs ) throws NamingException
+ private PrincipalStoreEntry getEntry( ServerEntry attrs ) throws Exception
{
PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier();
- String principal = ( String ) attrs.get( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT ).get();
- String keyVersionNumber = ( String ) attrs.get( KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT ).get();
+ String principal = ( String ) attrs.get( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT ).get().get();
+ String keyVersionNumber = ( String ) attrs.get( KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT ).get().get();
- String commonName = ( String ) attrs.get( SchemaConstants.CN_AT ).get();
+ String commonName = ( String ) attrs.get( SchemaConstants.CN_AT ).get().get();
if ( attrs.get( KerberosAttribute.APACHE_SAM_TYPE_AT ) != null )
{
- String samType = ( String ) attrs.get( KerberosAttribute.APACHE_SAM_TYPE_AT ).get();
+ String samType = ( String ) attrs.get( KerberosAttribute.APACHE_SAM_TYPE_AT ).get().get();
modifier.setSamType( SamType.getTypeByOrdinal( Integer.parseInt( samType ) ) );
}
if ( attrs.get( KerberosAttribute.KRB5_KEY_AT ) != null )
{
- Attribute krb5key = attrs.get( KerberosAttribute.KRB5_KEY_AT );
+ ServerAttribute krb5key = ( ServerAttribute ) attrs.get( KerberosAttribute.KRB5_KEY_AT );
try
{
Map<EncryptionType, EncryptionKey> keyMap = modifier.reconstituteKeyMap( krb5key );
Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java (original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java Sun Aug 3 17:43:52 2008
@@ -22,24 +22,14 @@
import java.io.IOException;
import java.text.ParseException;
-import java.util.HashSet;
import java.util.Map;
-import java.util.Set;
-import javax.naming.Name;
-import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.DirContext;
import javax.naming.directory.InvalidAttributeValueException;
-import javax.naming.directory.SearchResult;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.core.CoreSession;
-import org.apache.directory.server.core.entry.ClonedServerEntry;
import org.apache.directory.server.core.entry.ServerEntry;
-import org.apache.directory.server.core.filtering.EntryFilteringCursor;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
@@ -47,14 +37,9 @@
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntryModifier;
-import org.apache.directory.server.protocol.shared.store.ContextOperation;
-import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
+import org.apache.directory.server.protocol.shared.store.DirectoryServiceOperation;
import org.apache.directory.shared.ldap.entry.EntryAttribute;
-import org.apache.directory.shared.ldap.message.AliasDerefMode;
-import org.apache.directory.shared.ldap.message.AttributeImpl;
-import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
-import org.apache.directory.shared.ldap.schema.AttributeTypeOptions;
/**
@@ -63,7 +48,7 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class GetPrincipal implements ContextOperation
+public class GetPrincipal implements DirectoryServiceOperation
{
private static final long serialVersionUID = 4598007518413451945L;
@@ -86,65 +71,14 @@
* Note that the base is a relative path from the existing context.
* It is not a DN.
*/
- public Object execute( CoreSession session, LdapDN base )
+ public Object execute( CoreSession session, LdapDN base ) throws Exception
{
if ( principal == null )
{
return null;
}
- String[] attrIDs =
- {
- KerberosAttribute.KRB5_PRINCIPAL_NAME_AT,
- KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT,
- KerberosAttribute.KRB5_KEY_AT,
- KerberosAttribute.APACHE_SAM_TYPE_AT,
- KerberosAttribute.KRB5_ACCOUNT_DISABLED_AT,
- KerberosAttribute.KRB5_ACCOUNT_EXPIRATION_TIME_AT,
- KerberosAttribute.KRB5_ACCOUNT_LOCKEDOUT_AT
- };
-
- Set<AttributeTypeOptions> matchAttrs = new HashSet<AttributeTypeOptions>();
- AttributeTypeRegistry atRegistry = session.getDirectoryService().getRegistries().getAttributeTypeRegistry();
- AttributeTypeOptions krb5PrincipalAT = null;
-
- try
- {
- krb5PrincipalAT = new AttributeTypeOptions( atRegistry.lookup( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT ) );
- }
- catch ( NamingException ne )
- {
- return null;
- }
-
- matchAttrs.add( krb5PrincipalAT );
-
- PrincipalStoreEntry entry = null;
-
- try
- {
- EntryFilteringCursor cursor = session.list( LdapDN.EMPTY_LDAPDN, AliasDerefMode.DEREF_ALWAYS, matchAttrs );
-
- cursor.beforeFirst();
-
- if ( cursor.next() )
- {
- ClonedServerEntry result = cursor.get();
-
- if ( !result.containsAttribute( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT ) )
- {
- return null;
- }
-
- entry = getEntry( result );
- }
- }
- catch ( Exception e )
- {
- return null;
- }
-
- return entry;
+ return getEntry( StoreUtils.findPrincipalEntry( session, base, principal.getName() ) );
}
@@ -156,7 +90,7 @@
* @return the entry for the principal
* @throws NamingException if there are any access problems
*/
- private PrincipalStoreEntry getEntry( ServerEntry entry ) throws NamingException
+ private PrincipalStoreEntry getEntry( ServerEntry entry ) throws Exception
{
PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier();
Added: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/StoreUtils.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/StoreUtils.java?rev=682235&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/StoreUtils.java (added)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/StoreUtils.java Sun Aug 3 17:43:52 2008
@@ -0,0 +1,160 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.store.operations;
+
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.entry.ServerEntry;
+import org.apache.directory.server.core.entry.ServerStringValue;
+import org.apache.directory.server.core.filtering.EntryFilteringCursor;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.io.encoder.EncryptionKeyEncoder;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
+import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
+import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
+import org.apache.directory.shared.ldap.entry.Value;
+import org.apache.directory.shared.ldap.filter.EqualityNode;
+import org.apache.directory.shared.ldap.filter.ExprNode;
+import org.apache.directory.shared.ldap.filter.SearchScope;
+import org.apache.directory.shared.ldap.message.AliasDerefMode;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.schema.AttributeType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * Commonly used store utility operations.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class StoreUtils
+{
+ private static final Logger LOG = LoggerFactory.getLogger( StoreUtils.class );
+
+
+ /**
+ * Creates a ServerEntry for a PrincipalStoreEntry, doing what a state
+ * factory does but for ServerEntry instead of Attributes.
+ *
+ * @param session the session to use to access the directory's registries
+ * @param dn the distinguished name of the principal to be
+ * @param principalEntry the principal entry to convert into a ServerEntry
+ * @return the resultant server entry for the PrincipalStoreEntry argument
+ * @throws Exception if there are problems accessing registries
+ */
+ public static ServerEntry toServerEntry( CoreSession session, LdapDN dn, PrincipalStoreEntry principalEntry )
+ throws Exception
+ {
+ ServerEntry outAttrs = session.getDirectoryService().newEntry( dn );
+
+ // process the objectClass attribute
+ outAttrs.add( SchemaConstants.OBJECT_CLASS_AT,
+ SchemaConstants.TOP_OC, SchemaConstants.UID_OBJECT_AT,
+ "uidObject", SchemaConstants.EXTENSIBLE_OBJECT_OC,
+ SchemaConstants.PERSON_OC, SchemaConstants.ORGANIZATIONAL_PERSON_OC,
+ SchemaConstants.INET_ORG_PERSON_OC, SchemaConstants.KRB5_PRINCIPAL_OC,
+ "krb5KDCEntry" );
+
+ outAttrs.add( SchemaConstants.UID_AT, principalEntry.getUserId() );
+ outAttrs.add( KerberosAttribute.APACHE_SAM_TYPE_AT, "7" );
+ outAttrs.add( SchemaConstants.SN_AT, principalEntry.getUserId() );
+ outAttrs.add( SchemaConstants.CN_AT, principalEntry.getCommonName() );
+
+ EncryptionKey encryptionKey = principalEntry.getKeyMap().get( EncryptionType.DES_CBC_MD5 );
+ outAttrs.add( KerberosAttribute.KRB5_KEY_AT, EncryptionKeyEncoder.encode( encryptionKey ) );
+
+ int keyVersion = encryptionKey.getKeyVersion();
+
+ outAttrs.add( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT, principalEntry.getPrincipal().getName() );
+ outAttrs.add( KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT, Integer.toString( keyVersion ) );
+
+ return outAttrs;
+ }
+
+
+ /**
+ * Constructs a filter expression tree for the filter used to search the
+ * directory.
+ *
+ * @param registry the registry to use for attribute lookups
+ * @param principal the principal to use for building the filter
+ * @return the filter expression tree
+ * @throws Exception if there are problems while looking up attributes
+ */
+ private static ExprNode getFilter( AttributeTypeRegistry registry, String principal ) throws Exception
+ {
+ AttributeType type = registry.lookup( "krb5Principal" );
+ Value<String> value = new ServerStringValue( type, principal );
+ return new EqualityNode<String>( "krb5Principal", value );
+ }
+
+
+ /**
+ * Finds the ServerEntry associated with the Kerberos principal name.
+ *
+ * @param session the session to use for the search
+ * @param searchBaseDn the base to use while searching
+ * @param principal the name of the principal to search for
+ * @return the server entry for the principal or null if non-existent
+ * @throws Exception if there are problems while searching the directory
+ */
+ public static ServerEntry findPrincipalEntry( CoreSession session, LdapDN searchBaseDn, String principal )
+ throws Exception
+ {
+ EntryFilteringCursor cursor = null;
+
+ try
+ {
+ AttributeTypeRegistry registry = session.getDirectoryService().getRegistries().getAttributeTypeRegistry();
+ cursor = session.search( searchBaseDn, SearchScope.SUBTREE,
+ getFilter( registry, principal ), AliasDerefMode.DEREF_ALWAYS, null );
+
+ cursor.beforeFirst();
+ if ( cursor.next() )
+ {
+ ServerEntry entry = cursor.get();
+ LOG.debug( "Found entry {} for kerberos principal name {}", entry, principal );
+
+ while ( cursor.next() )
+ {
+ LOG.error( "More than one server entry found for kerberos principal name {}: ",
+ principal, cursor.next() );
+ }
+
+ return entry;
+ }
+ else
+ {
+ LOG.warn( "No server entry found for kerberos principal name {}", principal );
+ return null;
+ }
+ }
+ finally
+ {
+ if ( cursor != null )
+ {
+ cursor.close();
+ }
+ }
+ }
+}
Modified: directory/apacheds/branches/bigbang/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java (original)
+++ directory/apacheds/branches/bigbang/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java Sun Aug 3 17:43:52 2008
@@ -30,7 +30,7 @@
import org.apache.directory.server.changepw.protocol.ChangePasswordProtocolHandler;
import org.apache.directory.server.constants.ServerDNConstants;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
-import org.apache.directory.server.kerberos.shared.store.JndiPrincipalStoreImpl;
+import org.apache.directory.server.kerberos.shared.store.DirectoryPrincipalStore;
import org.apache.directory.server.kerberos.shared.store.PrincipalStore;
import org.apache.directory.server.protocol.shared.DirectoryBackedService;
import org.apache.mina.transport.socket.nio.DatagramAcceptorConfig;
@@ -260,9 +260,8 @@
*/
public void start() throws IOException
{
- PrincipalStore store = new JndiPrincipalStoreImpl( getSearchBaseDn(),
- getSearchBaseDn(), getDirectoryService() );
-
+ PrincipalStore store = new DirectoryPrincipalStore( getDirectoryService() );
+
if ( getDatagramAcceptor() != null )
{
DatagramAcceptorConfig udpConfig = new DatagramAcceptorConfig();
Modified: directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java (original)
+++ directory/apacheds/branches/bigbang/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java Sun Aug 3 17:43:52 2008
@@ -30,7 +30,7 @@
import org.apache.directory.server.constants.ServerDNConstants;
import org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
-import org.apache.directory.server.kerberos.shared.store.JndiPrincipalStoreImpl;
+import org.apache.directory.server.kerberos.shared.store.DirectoryPrincipalStore;
import org.apache.directory.server.kerberos.shared.store.PrincipalStore;
import org.apache.directory.server.protocol.shared.DirectoryBackedService;
import org.apache.mina.transport.socket.nio.DatagramAcceptorConfig;
@@ -424,14 +424,21 @@
{
PrincipalStore store;
- if ( isCatelogBased() )
- {
- store = new JndiPrincipalStoreImpl( getSearchBaseDn(), null, getDirectoryService() );
- }
- else
- {
- store = new JndiPrincipalStoreImpl( null, getSearchBaseDn(), getDirectoryService() );
- }
+ // TODO - for now ignoring this catelog crap
+
+ store = new DirectoryPrincipalStore( getDirectoryService() );
+
+
+// if ( isCatelogBased() )
+// {
+// store = new JndiPrincipalStoreImpl( getSearchBaseDn(), null, getDirectoryService() );
+// }
+// else
+// {
+// store = new JndiPrincipalStoreImpl( null, getSearchBaseDn(), getDirectoryService() );
+// }
+
+
if ( getDatagramAcceptor() != null )
{
Modified: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/AbstractSaslCallbackHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/AbstractSaslCallbackHandler.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/AbstractSaslCallbackHandler.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/AbstractSaslCallbackHandler.java Sun Aug 3 17:43:52 2008
@@ -132,7 +132,7 @@
*
* @param callback An {@link AuthorizeCallback}.
*/
- protected abstract void authorize( AuthorizeCallback callback );
+ protected abstract void authorize( AuthorizeCallback callback ) throws Exception;
/**
@@ -198,7 +198,15 @@
// false (CRAM-MD5, DIGEST-MD5, GSSAPI)
LOG.debug( "AuthorizeCallback isAuthorized: {}", authorizeCB.isAuthorized() );
- authorize( authorizeCB );
+ try
+ {
+ authorize( authorizeCB );
+ }
+ catch ( Exception e )
+ {
+ // TODO - figure out how to handle this properly.
+ throw new RuntimeException( "Failed authorization in callback handler.", e );
+ }
}
}
}
Modified: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiCallbackHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiCallbackHandler.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiCallbackHandler.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiCallbackHandler.java Sun Aug 3 17:43:52 2008
@@ -70,7 +70,7 @@
}
- protected void authorize( AuthorizeCallback authorizeCB )
+ protected void authorize( AuthorizeCallback authorizeCB ) throws Exception
{
LOG.debug( "Processing conversion of principal name to DN." );
@@ -81,7 +81,7 @@
String username = authorizeCB.getAuthorizationID();
GetPrincipal getPrincipal = new GetPrincipal( new KerberosPrincipal( username ) );
- PrincipalStoreEntry entry = ( PrincipalStoreEntry ) getPrincipal.execute( ldapSession.getCoreSession(), (LdapDN)null );
+ PrincipalStoreEntry entry = ( PrincipalStoreEntry ) getPrincipal.execute( ldapSession.getCoreSession(), new LdapDN() );
String bindDn = entry.getDistinguishedName();
LOG.debug( "Converted username {} to DN {}.", username, bindDn );
Modified: directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/catalog/GetCatalog.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/catalog/GetCatalog.java?rev=682235&r1=682234&r2=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/catalog/GetCatalog.java (original)
+++ directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/catalog/GetCatalog.java Sun Aug 3 17:43:52 2008
@@ -28,7 +28,7 @@
import org.apache.directory.server.core.CoreSession;
import org.apache.directory.server.core.entry.ServerEntry;
import org.apache.directory.server.core.filtering.EntryFilteringCursor;
-import org.apache.directory.server.protocol.shared.store.ContextOperation;
+import org.apache.directory.server.protocol.shared.store.DirectoryServiceOperation;
import org.apache.directory.shared.ldap.entry.EntryAttribute;
import org.apache.directory.shared.ldap.filter.FilterParser;
import org.apache.directory.shared.ldap.filter.SearchScope;
@@ -42,7 +42,7 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class GetCatalog implements ContextOperation
+public class GetCatalog implements DirectoryServiceOperation
{
private static final long serialVersionUID = -6657995003127926278L;
Copied: directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/DirectoryServiceOperation.java (from r682228, directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/ContextOperation.java)
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/DirectoryServiceOperation.java?p2=directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/DirectoryServiceOperation.java&p1=directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/ContextOperation.java&r1=682228&r2=682235&rev=682235&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/ContextOperation.java (original)
+++ directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/DirectoryServiceOperation.java Sun Aug 3 17:43:52 2008
@@ -27,12 +27,12 @@
/**
- * Interface to support the command pattern with JNDI contexts.
+ * Interface to support the command pattern for LDAP operations.
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public interface ContextOperation extends Serializable
+public interface DirectoryServiceOperation extends Serializable
{
/**
* The command pattern execute method.