You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2005/12/29 17:47:06 UTC
svn commit: r359843 - in
/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store:
./ operations/
Author: erodriguez
Date: Thu Dec 29 08:46:57 2005
New Revision: 359843
URL: http://svn.apache.org/viewcvs?rev=359843&view=rev
Log:
Replaced SearchStrategy interface with PrincipalStore.
Added:
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java (with props)
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java (with props)
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java (with props)
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java (with props)
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java (with props)
Removed:
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SearchStrategy.java
Modified:
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/JndiPrincipalStoreImpl.java
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/MultiBaseSearch.java
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStore.java
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntry.java
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntryModifier.java
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SingleBaseSearch.java
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/ChangePassword.java
directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetPrincipal.java
Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/JndiPrincipalStoreImpl.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/JndiPrincipalStoreImpl.java?rev=359843&r1=359842&r2=359843&view=diff
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/JndiPrincipalStoreImpl.java (original)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/JndiPrincipalStoreImpl.java Thu Dec 29 08:46:57 2005
@@ -39,27 +39,42 @@
/** a handle on the provider factory */
private InitialContextFactory factory;
/** a handle on the search strategy */
- private SearchStrategy strategy;
+ private PrincipalStore store;
public JndiPrincipalStoreImpl( ServiceConfiguration config, InitialContextFactory factory )
{
this.config = config;
this.factory = factory;
- strategy = getSearchStrategy();
+ store = getStore();
+ }
+
+ public String addPrincipal( PrincipalStoreEntry entry ) throws Exception
+ {
+ return store.addPrincipal( entry );
+ }
+
+ public String deletePrincipal( KerberosPrincipal principal ) throws Exception
+ {
+ return store.deletePrincipal( principal );
+ }
+
+ public PrincipalStoreEntry[] getAllPrincipals( String realm ) throws Exception
+ {
+ return store.getAllPrincipals( realm );
}
public PrincipalStoreEntry getPrincipal( KerberosPrincipal principal ) throws Exception
{
- return strategy.getPrincipal( principal );
+ return store.getPrincipal( principal );
}
public String changePassword( KerberosPrincipal principal, KerberosKey newKey ) throws Exception
{
- return strategy.changePassword( principal, newKey );
+ return store.changePassword( principal, newKey );
}
- private SearchStrategy getSearchStrategy()
+ private PrincipalStore getStore()
{
if ( config.getCatalogBaseDn() != null )
{
Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/MultiBaseSearch.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/MultiBaseSearch.java?rev=359843&r1=359842&r2=359843&view=diff
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/MultiBaseSearch.java (original)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/MultiBaseSearch.java Thu Dec 29 08:46:57 2005
@@ -27,7 +27,10 @@
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.kerberos.store.operations.AddPrincipal;
import org.apache.kerberos.store.operations.ChangePassword;
+import org.apache.kerberos.store.operations.DeletePrincipal;
+import org.apache.kerberos.store.operations.GetAllPrincipals;
import org.apache.kerberos.store.operations.GetPrincipal;
import org.apache.ldap.server.configuration.ConfigurationException;
import org.apache.protocol.common.ServiceConfiguration;
@@ -43,7 +46,7 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-class MultiBaseSearch implements SearchStrategy
+class MultiBaseSearch implements PrincipalStore
{
private InitialContextFactory factory;
private Hashtable env;
@@ -67,6 +70,54 @@
{
String message = "Failed to get catalog context " + (String) env.get( Context.PROVIDER_URL );
throw new ConfigurationException( message, e );
+ }
+ }
+
+ public String addPrincipal( PrincipalStoreEntry entry ) throws Exception
+ {
+ env.put( Context.PROVIDER_URL, catalog.getBaseDn( entry.getRealmName() ) );
+
+ try
+ {
+ DirContext ctx = (DirContext) factory.getInitialContext( env );
+ return (String) execute( ctx, new AddPrincipal( entry ) );
+ }
+ catch ( NamingException ne )
+ {
+ String message = "Failed to get initial context " + (String) env.get( Context.PROVIDER_URL );
+ throw new ConfigurationException( message, ne );
+ }
+ }
+
+ public String deletePrincipal( KerberosPrincipal principal ) throws Exception
+ {
+ env.put( Context.PROVIDER_URL, catalog.getBaseDn( principal.getRealm() ) );
+
+ try
+ {
+ DirContext ctx = (DirContext) factory.getInitialContext( env );
+ return (String) execute( ctx, new DeletePrincipal( principal ) );
+ }
+ catch ( NamingException ne )
+ {
+ String message = "Failed to get initial context " + (String) env.get( Context.PROVIDER_URL );
+ throw new ConfigurationException( message, ne );
+ }
+ }
+
+ public PrincipalStoreEntry[] getAllPrincipals( String realm ) throws Exception
+ {
+ env.put( Context.PROVIDER_URL, catalog.getBaseDn( realm ) );
+
+ try
+ {
+ DirContext ctx = (DirContext) factory.getInitialContext( env );
+ return (PrincipalStoreEntry[]) execute( ctx, new GetAllPrincipals() );
+ }
+ catch ( NamingException ne )
+ {
+ String message = "Failed to get initial context " + (String) env.get( Context.PROVIDER_URL );
+ throw new ConfigurationException( message, ne );
}
}
Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStore.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStore.java?rev=359843&r1=359842&r2=359843&view=diff
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStore.java (original)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStore.java Thu Dec 29 08:46:57 2005
@@ -20,15 +20,20 @@
import javax.security.auth.kerberos.KerberosPrincipal;
/**
- * The store interface used by Kerberos protocols to lookup principals and
- * to change their passwords.
+ * The store interface used by Kerberos services.
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
+ * @version $Rev:330489 $, $Date$
*/
public interface PrincipalStore
{
- public PrincipalStoreEntry getPrincipal( KerberosPrincipal principal ) throws Exception;
+ public String addPrincipal( PrincipalStoreEntry entry ) throws Exception;
public String changePassword( KerberosPrincipal principal, KerberosKey newKey ) throws Exception;
+
+ public String deletePrincipal( KerberosPrincipal principal ) throws Exception;
+
+ public PrincipalStoreEntry[] getAllPrincipals( String realm ) throws Exception;
+
+ public PrincipalStoreEntry getPrincipal( KerberosPrincipal principal ) throws Exception;
}
Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntry.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntry.java?rev=359843&r1=359842&r2=359843&view=diff
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntry.java (original)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntry.java Thu Dec 29 08:46:57 2005
@@ -25,43 +25,52 @@
public class PrincipalStoreEntry
{
- // 'Principal'
- private String commonName;
- private KerberosPrincipal principal;
-
- // 'KDCEntry'
- private KerberosTime validStart;
- private KerberosTime validEnd;
- private KerberosTime passwordEnd;
- private int maxLife;
- private int maxRenew;
- private int kdcFlags;
- private SamType samType = null;
- private EncryptionKey key;
-
- private String realmName;
-
- PrincipalStoreEntry( String commonName, KerberosPrincipal principal, int keyVersionNumber,
- KerberosTime validStart, KerberosTime validEnd, KerberosTime passwordEnd, int maxLife,
- int maxRenew, int kdcFlags, int keyType, byte[] key, String realmName, SamType samType )
+ // principal
+ private String commonName;
+ private KerberosPrincipal principal;
+ private String realmName;
+
+ // uidObject
+ private String userId;
+
+ // KDCEntry
+ private KerberosTime validStart;
+ private KerberosTime validEnd;
+ private KerberosTime passwordEnd;
+ private int maxLife;
+ private int maxRenew;
+ private int kdcFlags;
+ private SamType samType;
+ private EncryptionKey key;
+
+ PrincipalStoreEntry( String commonName, String userId, KerberosPrincipal principal, int keyVersionNumber,
+ KerberosTime validStart, KerberosTime validEnd, KerberosTime passwordEnd, int maxLife, int maxRenew,
+ int kdcFlags, int keyType, byte[] key, String realmName, SamType samType )
{
- this.commonName = commonName;
- this.principal = principal;
- this.validStart = validStart;
- this.validEnd = validEnd;
- this.passwordEnd = passwordEnd;
- this.maxLife = maxLife;
- this.maxRenew = maxRenew;
- this.kdcFlags = kdcFlags;
- this.realmName = realmName;
- this.samType = samType;
-
- this.key = new EncryptionKey(EncryptionType.getTypeByOrdinal(keyType), key, keyVersionNumber);
- }
-
- public String getCommonName()
+ this.commonName = commonName;
+ this.userId = userId;
+ this.principal = principal;
+ this.validStart = validStart;
+ this.validEnd = validEnd;
+ this.passwordEnd = passwordEnd;
+ this.maxLife = maxLife;
+ this.maxRenew = maxRenew;
+ this.kdcFlags = kdcFlags;
+ this.realmName = realmName;
+
+ this.samType = samType;
+
+ this.key = new EncryptionKey( EncryptionType.getTypeByOrdinal( keyType ), key, keyVersionNumber );
+ }
+
+ public String getCommonName()
{
return commonName;
+ }
+
+ public String getUserId()
+ {
+ return userId;
}
public EncryptionKey getEncryptionKey()
Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntryModifier.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntryModifier.java?rev=359843&r1=359842&r2=359843&view=diff
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntryModifier.java (original)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntryModifier.java Thu Dec 29 08:46:57 2005
@@ -23,35 +23,42 @@
public class PrincipalStoreEntryModifier
{
- // 'Principal'
- private String commonName;
- private KerberosPrincipal principal;
+ // principal
+ private String commonName;
+ private KerberosPrincipal principal;
+ private String realmName;
- // 'KDCEntry'
- private int keyVersionNumber; // must
- // may
- private KerberosTime validStart;
- private KerberosTime validEnd;
- private KerberosTime passwordEnd;
- private int maxLife;
- private int maxRenew;
- private int kdcFlags;
- private int encryptionType;
- private SamType samType;
- private byte[] key;
+ // uidObject
+ private String userId;
- private String realmName;
+ // KDCEntry
+ // must
+ private int keyVersionNumber;
+ // may
+ private KerberosTime validStart;
+ private KerberosTime validEnd;
+ private KerberosTime passwordEnd;
+ private int maxLife;
+ private int maxRenew;
+ private int kdcFlags;
+ private int encryptionType;
+ private SamType samType;
+ private byte[] key;
- public PrincipalStoreEntry getEntry()
+ public PrincipalStoreEntry getEntry()
{
- return new PrincipalStoreEntry( commonName, principal, keyVersionNumber, validStart,
- validEnd, passwordEnd, maxLife, maxRenew, kdcFlags, encryptionType, key, realmName,
- samType );
+ return new PrincipalStoreEntry( commonName, userId, principal, keyVersionNumber, validStart, validEnd,
+ passwordEnd, maxLife, maxRenew, kdcFlags, encryptionType, key, realmName, samType );
}
public void setCommonName( String commonName )
{
this.commonName = commonName;
+ }
+
+ public void setUserId( String userId )
+ {
+ this.userId = userId;
}
public void setEncryptionType( int encryptionType )
Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SingleBaseSearch.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SingleBaseSearch.java?rev=359843&r1=359842&r2=359843&view=diff
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SingleBaseSearch.java (original)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SingleBaseSearch.java Thu Dec 29 08:46:57 2005
@@ -26,7 +26,10 @@
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.kerberos.store.operations.AddPrincipal;
import org.apache.kerberos.store.operations.ChangePassword;
+import org.apache.kerberos.store.operations.DeletePrincipal;
+import org.apache.kerberos.store.operations.GetAllPrincipals;
import org.apache.kerberos.store.operations.GetPrincipal;
import org.apache.ldap.server.configuration.ConfigurationException;
import org.apache.protocol.common.ServiceConfiguration;
@@ -39,7 +42,7 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-class SingleBaseSearch implements SearchStrategy
+class SingleBaseSearch implements PrincipalStore
{
private DirContext ctx;
@@ -58,6 +61,21 @@
String message = "Failed to get initial context " + (String) env.get( Context.PROVIDER_URL );
throw new ConfigurationException( message, ne );
}
+ }
+
+ public String addPrincipal( PrincipalStoreEntry entry ) throws Exception
+ {
+ return (String) execute( new AddPrincipal( entry ) );
+ }
+
+ public String deletePrincipal( KerberosPrincipal principal ) throws Exception
+ {
+ return (String) execute( new DeletePrincipal( principal ) );
+ }
+
+ public PrincipalStoreEntry[] getAllPrincipals( String realm ) throws Exception
+ {
+ return (PrincipalStoreEntry[]) execute( new GetAllPrincipals() );
}
public PrincipalStoreEntry getPrincipal( KerberosPrincipal principal ) throws Exception
Added: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java?rev=359843&view=auto
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java (added)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java Thu Dec 29 08:46:57 2005
@@ -0,0 +1,98 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.store.operations;
+
+import javax.naming.Name;
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.ldap.LdapName;
+import javax.naming.spi.DirStateFactory;
+import javax.naming.spi.DirStateFactory.Result;
+
+import org.apache.kerberos.store.PrincipalStoreEntry;
+import org.apache.protocol.common.store.ContextOperation;
+
+/**
+ * Command for adding a principal to a JNDI context.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class AddPrincipal implements ContextOperation
+{
+ private static final long serialVersionUID = -1032737167622217786L;
+
+ /** The Kerberos principal who is to be added. */
+ protected PrincipalStoreEntry entry;
+
+ /**
+ * Creates the action to be used against the embedded ApacheDS DIT.
+ */
+ public AddPrincipal( PrincipalStoreEntry entry )
+ {
+ this.entry = entry;
+ }
+
+ public Object execute( DirContext ctx, Name searchBaseDn )
+ {
+ if ( entry == null )
+ {
+ return null;
+ }
+
+ try
+ {
+ DirStateFactory factory = new PrincipalStateFactory();
+ Result result = factory.getStateToBind( entry, null, null, null, null );
+
+ Attributes attrs = result.getAttributes();
+
+ LdapName name = new LdapName( "uid=" + entry.getUserId() + ",ou=Users" );
+
+ ctx.rebind( name, null, attrs );
+
+ return name.toString();
+ }
+ catch ( NamingException ne )
+ {
+ ne.printStackTrace();
+ }
+
+ return null;
+ }
+}
+
+/*
+ dn: uid=akarasulu, ou=Users, dc=example,dc=com
+ cn: Alex Karasulu
+ sn: Karasulu
+ givenname: Alex
+ objectclass: top
+ objectclass: person
+ objectclass: organizationalPerson
+ objectclass: inetOrgPerson
+ objectclass: krb5Principal
+ objectclass: krb5KDCEntry
+ ou: Directory
+ ou: Users
+ uid: akarasulu
+ krb5PrincipalName: akarasulu@EXAMPLE.COM
+ krb5KeyVersionNumber: 0
+ */
+
Propchange: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/ChangePassword.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/ChangePassword.java?rev=359843&r1=359842&r2=359843&view=diff
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/ChangePassword.java (original)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/ChangePassword.java Thu Dec 29 08:46:57 2005
@@ -39,10 +39,12 @@
* Command for changing a principal's password in a JNDI context.
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$
+ * @version $Rev$, $Date$
*/
public class ChangePassword implements ContextOperation
{
+ private static final long serialVersionUID = -7147685183641418353L;
+
/** The Kerberos principal who's password is to be changed. */
protected KerberosPrincipal principal;
/** The new key for the update. */
Added: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java?rev=359843&view=auto
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java (added)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java Thu Dec 29 08:46:57 2005
@@ -0,0 +1,136 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.store.operations;
+
+import java.util.Properties;
+
+import javax.naming.CompoundName;
+import javax.naming.Name;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.SearchResult;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.kerberos.store.KerberosAttribute;
+import org.apache.protocol.common.store.ContextOperation;
+
+/**
+ * Command for deleting a principal from a JNDI context.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class DeletePrincipal implements ContextOperation
+{
+ private static final long serialVersionUID = -6970986279811261983L;
+
+ /** The Kerberos principal who is to be deleted. */
+ protected KerberosPrincipal principal;
+
+ /**
+ * Creates the action to be used against the embedded ApacheDS DIT.
+ */
+ public DeletePrincipal( KerberosPrincipal principal )
+ {
+ this.principal = principal;
+ }
+
+ public Object execute( DirContext ctx, Name searchBaseDn )
+ {
+ if ( principal == null )
+ {
+ return null;
+ }
+
+ String dn = null;
+
+ try
+ {
+ dn = search( ctx, searchBaseDn, principal.getName() );
+ Name rdn = getRelativeName( ctx, dn );
+ ctx.destroySubcontext( rdn );
+ }
+ catch ( NamingException e )
+ {
+ e.printStackTrace();
+ return null;
+ }
+
+ return dn;
+ }
+
+ private String search( DirContext ctx, Name searchBaseDn, String principal ) throws NamingException
+ {
+ String[] attrIDs = { KerberosAttribute.PRINCIPAL, KerberosAttribute.VERSION, KerberosAttribute.TYPE,
+ KerberosAttribute.KEY };
+
+ Attributes matchAttrs = new BasicAttributes( false ); // case-sensitive
+ matchAttrs.put( new BasicAttribute( KerberosAttribute.PRINCIPAL, principal ) );
+
+ // Search for objects that have those matching attributes
+ NamingEnumeration answer = ctx.search( searchBaseDn, matchAttrs, attrIDs );
+
+ if ( answer.hasMore() )
+ {
+ SearchResult sr = (SearchResult) answer.next();
+ if ( sr != null )
+ {
+ return sr.getName();
+ }
+ }
+
+ return null;
+ }
+
+ private Name getRelativeName( DirContext ctx, String baseDn ) throws NamingException
+ {
+ Properties props = new Properties();
+ props.setProperty( "jndi.syntax.direction", "right_to_left" );
+ props.setProperty( "jndi.syntax.separator", "," );
+ props.setProperty( "jndi.syntax.ignorecase", "true" );
+ props.setProperty( "jndi.syntax.trimblanks", "true" );
+
+ Name searchBaseDn;
+
+ try
+ {
+ Name ctxRoot = new CompoundName( ctx.getNameInNamespace(), props );
+ searchBaseDn = new CompoundName( baseDn, props );
+
+ if ( !searchBaseDn.startsWith( ctxRoot ) )
+ {
+ throw new NamingException( "Invalid search base " + baseDn );
+ }
+
+ for ( int ii = 0; ii < ctxRoot.size(); ii++ )
+ {
+ searchBaseDn.remove( 0 );
+ }
+ }
+ catch ( NamingException e )
+ {
+ throw new NamingException( "Failed to initialize search base " + baseDn );
+ }
+
+ return searchBaseDn;
+ }
+}
Propchange: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java?rev=359843&view=auto
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java (added)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java Thu Dec 29 08:46:57 2005
@@ -0,0 +1,119 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.store.operations;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.naming.Name;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.kerberos.messages.value.SamType;
+import org.apache.kerberos.store.KerberosAttribute;
+import org.apache.kerberos.store.PrincipalStoreEntry;
+import org.apache.kerberos.store.PrincipalStoreEntryModifier;
+import org.apache.protocol.common.store.ContextOperation;
+
+/**
+ * Command for getting all principals in a JNDI context.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class GetAllPrincipals implements ContextOperation
+{
+ private static final long serialVersionUID = -1214321426487445132L;
+
+ public Object execute( DirContext ctx, Name searchBaseDn )
+ {
+ SearchControls controls = new SearchControls();
+
+ String filter = "(objectClass=krb5Principal)";
+
+ List answers = new ArrayList();
+
+ try
+ {
+ Attributes attrs = null;
+
+ NamingEnumeration answer = ctx.search( searchBaseDn, filter, controls );
+
+ while ( answer.hasMore() )
+ {
+ SearchResult result = (SearchResult) answer.next();
+ attrs = result.getAttributes();
+ PrincipalStoreEntry entry = getEntry( attrs );
+ System.out.println( "Result name is " + result.getName() );
+ answers.add( entry );
+ }
+
+ answer.close();
+
+ PrincipalStoreEntry[] entries = new PrincipalStoreEntry[ answers.size() ];
+
+ return (PrincipalStoreEntry[]) answers.toArray( entries );
+ }
+ catch ( NamingException e )
+ {
+ e.printStackTrace();
+
+ return null;
+ }
+ }
+
+ /**
+ * Marshals an a PrincipalStoreEntry from an Attributes object.
+ *
+ * @param attrs the attributes of the Kerberos principal
+ * @return the entry for the principal
+ * @throws NamingException if there are any access problems
+ */
+ private PrincipalStoreEntry getEntry( Attributes attrs ) throws NamingException
+ {
+ PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier();
+
+ String principal = (String) attrs.get( KerberosAttribute.PRINCIPAL ).get();
+ String encryptionType = (String) attrs.get( KerberosAttribute.TYPE ).get();
+ String keyVersionNumber = (String) attrs.get( KerberosAttribute.VERSION ).get();
+
+ String commonName = (String) attrs.get( "cn" ).get();
+
+ if ( attrs.get( "apacheSamType" ) != null )
+ {
+ String samType = (String) attrs.get( "apacheSamType" ).get();
+
+ modifier.setSamType( SamType.getTypeByOrdinal( Integer.parseInt( samType ) ) );
+ }
+
+ byte[] keyBytes = (byte[]) attrs.get( KerberosAttribute.KEY ).get();
+
+ modifier.setCommonName( commonName );
+ modifier.setPrincipal( new KerberosPrincipal( principal ) );
+ modifier.setEncryptionType( Integer.parseInt( encryptionType ) );
+ modifier.setKeyVersionNumber( Integer.parseInt( keyVersionNumber ) );
+ modifier.setKey( keyBytes );
+
+ return modifier.getEntry();
+ }
+}
Propchange: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetPrincipal.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetPrincipal.java?rev=359843&r1=359842&r2=359843&view=diff
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetPrincipal.java (original)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetPrincipal.java Thu Dec 29 08:46:57 2005
@@ -36,10 +36,12 @@
* Encapsulates the action of looking up a principal in an embedded ApacheDS DIT.
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$
+ * @version $Rev$, $Date$
*/
public class GetPrincipal implements ContextOperation
{
+ private static final long serialVersionUID = 4598007518413451945L;
+
/** The name of the principal to get. */
private final KerberosPrincipal principal;
Added: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java?rev=359843&view=auto
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java (added)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java Thu Dec 29 08:46:57 2005
@@ -0,0 +1,66 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.store.operations;
+
+import java.util.Hashtable;
+
+import javax.naming.Context;
+import javax.naming.Name;
+import javax.naming.directory.Attributes;
+import javax.naming.spi.DirObjectFactory;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.kerberos.store.KerberosAttribute;
+import org.apache.kerberos.store.PrincipalStoreEntryModifier;
+
+/**
+ * An ObjectFactory that resusitates objects from directory attributes.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class PrincipalObjectFactory implements DirObjectFactory
+{
+ public Object getObjectInstance( Object obj, Name name, Context nameCtx, Hashtable environment, Attributes attrs ) throws Exception
+ {
+ if ( attrs == null || attrs.get( "objectClass" ) == null || ! attrs.get( "objectClass" ).contains( "krb5KDCEntry" ) )
+ {
+ return null;
+ }
+
+ PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier();
+
+ modifier.setUserId( ( String ) attrs.get( "uid" ).get() );
+ modifier.setCommonName( ( String ) attrs.get( "cn" ).get() );
+
+ KerberosPrincipal principal = new KerberosPrincipal( ( String ) attrs.get( KerberosAttribute.PRINCIPAL ).get() );
+ modifier.setPrincipal( principal );
+
+ modifier.setKey( ( byte[] ) attrs.get( KerberosAttribute.KEY ).get() );
+ modifier.setEncryptionType( Integer.parseInt( ( String ) attrs.get( KerberosAttribute.TYPE ).get() ) );
+ modifier.setKeyVersionNumber( Integer.parseInt( ( String ) attrs.get( KerberosAttribute.VERSION ).get() ) );
+
+ return modifier.getEntry();
+ }
+
+ public Object getObjectInstance( Object obj, Name name, Context nameCtx, Hashtable environment ) throws Exception
+ {
+ throw new UnsupportedOperationException( "Attributes are required to add an entry." );
+ }
+}
+
Propchange: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java?rev=359843&view=auto
==============================================================================
--- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java (added)
+++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java Thu Dec 29 08:46:57 2005
@@ -0,0 +1,151 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.store.operations;
+
+import java.util.Hashtable;
+
+import javax.naming.Context;
+import javax.naming.Name;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
+import javax.naming.directory.SchemaViolationException;
+import javax.naming.spi.DirStateFactory;
+
+import org.apache.kerberos.store.KerberosAttribute;
+import org.apache.kerberos.store.PrincipalStoreEntry;
+
+/**
+ * A StateFactory for a server profile.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class PrincipalStateFactory implements DirStateFactory
+{
+ public Result getStateToBind( Object obj, Name name, Context nameCtx, Hashtable environment, Attributes inAttrs )
+ throws NamingException
+ {
+ // Only interested in PrincipalStoreEntry objects
+ if ( obj instanceof PrincipalStoreEntry )
+ {
+ Attributes outAttrs;
+ if (inAttrs == null)
+ {
+ outAttrs = new BasicAttributes(true);
+ }
+ else
+ {
+ outAttrs = (Attributes) inAttrs.clone();
+ }
+
+ // process the objectClass attribute
+ Attribute oc = outAttrs.get( "objectClass" );
+
+ if ( oc == null )
+ {
+ oc = new BasicAttribute( "objectClass" );
+ outAttrs.put( oc );
+ }
+
+ if ( ! oc.contains( "top" ) )
+ {
+ oc.add( "top" );
+ }
+
+ PrincipalStoreEntry p = (PrincipalStoreEntry) obj;
+
+ if ( ! oc.contains( "uidObject" ) )
+ {
+ oc.add( "uidObject" );
+ if ( p.getUserId() != null )
+ {
+ outAttrs.put( "uid", p.getUserId() );
+ }
+ else
+ {
+ throw new SchemaViolationException( "Person must have uid." );
+ }
+ }
+
+ if ( ! oc.contains( "extensibleObject" ) )
+ {
+ oc.add( "extensibleObject" );
+ outAttrs.put( "apacheSamType", "7" );
+ }
+
+ if ( ! oc.contains( "person" ) )
+ {
+ oc.add( "person" );
+
+ // TODO - look into adding sn, gn, and cn to ServerProfiles
+ outAttrs.put( "sn", p.getUserId() );
+ outAttrs.put( "cn", p.getCommonName() );
+ }
+
+ if ( ! oc.contains( "organizationalPerson" ) )
+ {
+ oc.add( "organizationalPerson" );
+ }
+
+ if ( ! oc.contains( "inetOrgPerson" ) )
+ {
+ oc.add( "inetOrgPerson" );
+ }
+
+ if ( ! oc.contains( "krb5Principal" ) )
+ {
+ oc.add( "krb5Principal" );
+ }
+
+ if ( ! oc.contains( "krb5KDCEntry" ) )
+ {
+ oc.add( "krb5KDCEntry" );
+
+ String principal = p.getPrincipal().getName();
+ byte[] keyBytes = p.getEncryptionKey().getKeyValue();
+ int keyType = p.getEncryptionKey().getKeyType().getOrdinal();
+ int keyVersion = p.getEncryptionKey().getKeyVersion();
+
+ outAttrs.put( KerberosAttribute.PRINCIPAL, principal );
+ outAttrs.put( KerberosAttribute.KEY, keyBytes );
+ outAttrs.put( KerberosAttribute.TYPE, Integer.toString( keyType ) );
+ outAttrs.put( KerberosAttribute.VERSION, Integer.toString( keyVersion ) );
+ }
+
+ Result r = new Result( obj, outAttrs );
+
+ System.out.println( "Result from obj " + obj );
+ System.out.println( "Result attrs " + outAttrs );
+
+ return r;
+ }
+
+ System.out.println( "ERROR: entry was not correct type " + obj );
+ return null;
+ }
+
+ public Object getStateToBind( Object obj, Name name, Context nameCtx, Hashtable environment )
+ throws NamingException
+ {
+ throw new UnsupportedOperationException( "Structural objectClass needed with additional attributes!" );
+ }
+}
+
Propchange: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java
------------------------------------------------------------------------------
svn:eol-style = native