You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ak...@apache.org on 2004/12/07 03:36:23 UTC

svn commit: r110066 - in incubator/directory/eve/trunk: eve jndi-provider/src/java/org/apache/eve/jndi jndi-provider/src/test/org/apache/eve/jndi protocol/src/java/org/apache/eve/protocol

Author: akarasulu
Date: Mon Dec  6 18:36:21 2004
New Revision: 110066

URL: http://svn.apache.org/viewcvs?view=rev&rev=110066
Log:
Changes ...

 o patched protocol provider to check for anonymous binds and deny them if 
   disallowed by configuration
 o fliped anonymous property to be disabling rather than enabling: 
   eve.disable.anonymous
 o anonymous binds are enabled by default now to allow config-less operation
 o corrected test cases to pass with new default behavoir modifications

I think we can resolve this issue now:

   http://nagoya.apache.org/jira/browse/DIREVE-102


Modified:
   incubator/directory/eve/trunk/eve/eve.properties
   incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java
   incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java
   incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java

Modified: incubator/directory/eve/trunk/eve/eve.properties
Url: http://svn.apache.org/viewcvs/incubator/directory/eve/trunk/eve/eve.properties?view=diff&rev=110066&p1=incubator/directory/eve/trunk/eve/eve.properties&r1=110065&p2=incubator/directory/eve/trunk/eve/eve.properties&r2=110066
==============================================================================
--- incubator/directory/eve/trunk/eve/eve.properties	(original)
+++ incubator/directory/eve/trunk/eve/eve.properties	Mon Dec  6 18:36:21 2004
@@ -20,5 +20,5 @@
 #
 
 eve.wkdir=eve
-eve.enable.anonymous=true
+eve.disable.anonymous=true
 

Modified: incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java
Url: http://svn.apache.org/viewcvs/incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java?view=diff&rev=110066&p1=incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java&r1=110065&p2=incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java&r2=110066
==============================================================================
--- incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java	(original)
+++ incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java	Mon Dec  6 18:36:21 2004
@@ -108,7 +108,7 @@
     /** a comma separated list of schema class files to load */
     public static final String SCHEMAS_ENV = "eve.schemas";
     /** bootstrap prop: if key is present it enables anonymous users */
-    public static final String ANONYMOUS_ENV = "eve.enable.anonymous";
+    public static final String DISABLE_ANONYMOUS_ENV = "eve.disable.anonymous";
 
 
     /** key used to disable the networking layer (wire protocol) */
@@ -243,11 +243,11 @@
         {
             // we need to check this here instead of in AuthenticationService
             // because otherwise we are going to start up the system incorrectly
-            if ( isAnonymous( env ) && ! env.containsKey( ANONYMOUS_ENV ) )
+            if ( isAnonymous( env ) && env.containsKey( DISABLE_ANONYMOUS_ENV ) )
             {
                 throw new LdapNoPermissionException( "cannot bind as anonymous "
-                    + " on startup without enabling anonymous bind property: "
-                    + ANONYMOUS_ENV );
+                    + "on startup while disabling anonymous binds w/ property: "
+                    + DISABLE_ANONYMOUS_ENV );
             }
 
             this.initialEnv = env;
@@ -507,7 +507,7 @@
         InvocationStateEnum[] state = new InvocationStateEnum[]{
             InvocationStateEnum.PREINVOCATION
         };
-        boolean allowAnonymous = initialEnv.containsKey( ANONYMOUS_ENV );
+        boolean allowAnonymous = ! initialEnv.containsKey( DISABLE_ANONYMOUS_ENV );
         Interceptor interceptor = new AuthenticationService( nexus, allowAnonymous );
         provider.addInterceptor( interceptor, state );
 

Modified: incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java
Url: http://svn.apache.org/viewcvs/incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java?view=diff&rev=110066&p1=incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java&r1=110065&p2=incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java&r2=110066
==============================================================================
--- incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java	(original)
+++ incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java	Mon Dec  6 18:36:21 2004
@@ -24,7 +24,6 @@
 import javax.naming.directory.InitialDirContext;
 import javax.naming.directory.Attribute;
 import javax.naming.*;
-import javax.naming.ldap.LdapContext;
 import javax.naming.ldap.InitialLdapContext;
 
 import org.apache.ldap.common.util.ArrayUtils;
@@ -179,6 +178,7 @@
         doDelete( new File( "target" + File.separator + "eve" ) );
         Hashtable env = new Hashtable();
         env.put( Context.SECURITY_AUTHENTICATION, "none" );
+        env.put( EveContextFactory.DISABLE_ANONYMOUS_ENV, "true" );
 
         try
         {
@@ -191,7 +191,6 @@
 
         // ok this should start up the system now as admin
         Hashtable anonymous = new Hashtable();
-        anonymous.put( EveContextFactory.ANONYMOUS_ENV, "true" );
         InitialLdapContext ctx = ( InitialLdapContext ) setSysRoot( anonymous );
         assertNotNull( ctx );
 

Modified: incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java
Url: http://svn.apache.org/viewcvs/incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java?view=diff&rev=110066&p1=incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java&r1=110065&p2=incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java&r2=110066
==============================================================================
--- incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java	(original)
+++ incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java	Mon Dec  6 18:36:21 2004
@@ -27,6 +27,7 @@
 import org.apache.seda.listener.ClientKey;
 import org.apache.seda.event.EventRouter;
 import org.apache.seda.event.DisconnectEvent;
+import org.apache.ldap.common.exception.LdapNoPermissionException;
 
 
 /**
@@ -137,8 +138,13 @@
 
         if ( ictx == null && allowAnonymous )
         {
-            ictx = new InitialLdapContext( env, connCtls );
-            // @todo log something with a monitor here eventually!
+            if ( env.containsKey( "eve.disable.anonymous" ) )
+            {
+                throw new LdapNoPermissionException( "Anonymous binds have been disabled!" );
+            }
+
+            Hashtable cloned = ( Hashtable ) env.clone();
+            ictx = new InitialLdapContext( cloned, connCtls );
         }
 
         return ictx;