You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2010/07/03 18:32:32 UTC
svn commit: r960235 -
/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
Author: elecharny
Date: Sat Jul 3 16:32:32 2010
New Revision: 960235
URL: http://svn.apache.org/viewvc?rev=960235&view=rev
Log:
o Added a dedicated logger for ACI (ACI_LOG)
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java?rev=960235&r1=960234&r2=960235&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java Sat Jul 3 16:32:32 2010
@@ -64,6 +64,7 @@ import org.apache.directory.shared.ldap.
import org.apache.directory.shared.ldap.aci.ACITuple;
import org.apache.directory.shared.ldap.aci.MicroOperation;
import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
+import org.apache.directory.shared.ldap.constants.Loggers;
import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.entry.Entry;
import org.apache.directory.shared.ldap.entry.EntryAttribute;
@@ -89,6 +90,9 @@ public class AciAuthorizationInterceptor
{
/** the logger for this class */
private static final Logger LOG = LoggerFactory.getLogger( AciAuthorizationInterceptor.class );
+
+ /** the dedicated logger for ACI */
+ private static final Logger ACI_LOG = LoggerFactory.getLogger( Loggers.ACI_LOG.getName() );
private static final Collection<MicroOperation> ADD_PERMS;
private static final Collection<MicroOperation> READ_PERMS;
@@ -410,6 +414,16 @@ public class AciAuthorizationInterceptor
public void add( NextInterceptor next, AddOperationContext addContext ) throws LdapException
{
+ // bypass authz code if it was disabled
+ if ( !addContext.getSession().getDirectoryService().isAccessControlEnabled() )
+ {
+ ACI_LOG.debug( "ACI interceptor disabled" );
+ next.add( addContext );
+ return;
+ }
+
+ ACI_LOG.debug( "Adding the entry {}", addContext.getEntry() );
+
// Access the principal requesting the operation, and bypass checks if it is the admin
LdapPrincipal principal = addContext.getSession().getEffectivePrincipal();
DN principalDn = principal.getDN();
@@ -418,16 +432,11 @@ public class AciAuthorizationInterceptor
DN dn = addContext.getDn();
- // bypass authz code if it was disabled
- if ( !addContext.getSession().getDirectoryService().isAccessControlEnabled() )
- {
- next.add( addContext );
- return;
- }
-
// bypass authz code but manage caches if operation is performed by the admin
if ( isPrincipalAnAdministrator( principalDn ) )
{
+ ACI_LOG.debug( "Addition done by the administartor : no check" );
+
next.add( addContext );
tupleCache.subentryAdded( dn, serverEntry );
groupCache.groupAdded( dn, serverEntry );