You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ak...@apache.org on 2004/12/07 03:36:23 UTC
svn commit: r110066 - in incubator/directory/eve/trunk: eve jndi-provider/src/java/org/apache/eve/jndi jndi-provider/src/test/org/apache/eve/jndi protocol/src/java/org/apache/eve/protocol
Author: akarasulu
Date: Mon Dec 6 18:36:21 2004
New Revision: 110066
URL: http://svn.apache.org/viewcvs?view=rev&rev=110066
Log:
Changes ...
o patched protocol provider to check for anonymous binds and deny them if
disallowed by configuration
o fliped anonymous property to be disabling rather than enabling:
eve.disable.anonymous
o anonymous binds are enabled by default now to allow config-less operation
o corrected test cases to pass with new default behavoir modifications
I think we can resolve this issue now:
http://nagoya.apache.org/jira/browse/DIREVE-102
Modified:
incubator/directory/eve/trunk/eve/eve.properties
incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java
incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java
incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java
Modified: incubator/directory/eve/trunk/eve/eve.properties
Url: http://svn.apache.org/viewcvs/incubator/directory/eve/trunk/eve/eve.properties?view=diff&rev=110066&p1=incubator/directory/eve/trunk/eve/eve.properties&r1=110065&p2=incubator/directory/eve/trunk/eve/eve.properties&r2=110066
==============================================================================
--- incubator/directory/eve/trunk/eve/eve.properties (original)
+++ incubator/directory/eve/trunk/eve/eve.properties Mon Dec 6 18:36:21 2004
@@ -20,5 +20,5 @@
#
eve.wkdir=eve
-eve.enable.anonymous=true
+eve.disable.anonymous=true
Modified: incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java
Url: http://svn.apache.org/viewcvs/incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java?view=diff&rev=110066&p1=incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java&r1=110065&p2=incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java&r2=110066
==============================================================================
--- incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java (original)
+++ incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/EveContextFactory.java Mon Dec 6 18:36:21 2004
@@ -108,7 +108,7 @@
/** a comma separated list of schema class files to load */
public static final String SCHEMAS_ENV = "eve.schemas";
/** bootstrap prop: if key is present it enables anonymous users */
- public static final String ANONYMOUS_ENV = "eve.enable.anonymous";
+ public static final String DISABLE_ANONYMOUS_ENV = "eve.disable.anonymous";
/** key used to disable the networking layer (wire protocol) */
@@ -243,11 +243,11 @@
{
// we need to check this here instead of in AuthenticationService
// because otherwise we are going to start up the system incorrectly
- if ( isAnonymous( env ) && ! env.containsKey( ANONYMOUS_ENV ) )
+ if ( isAnonymous( env ) && env.containsKey( DISABLE_ANONYMOUS_ENV ) )
{
throw new LdapNoPermissionException( "cannot bind as anonymous "
- + " on startup without enabling anonymous bind property: "
- + ANONYMOUS_ENV );
+ + "on startup while disabling anonymous binds w/ property: "
+ + DISABLE_ANONYMOUS_ENV );
}
this.initialEnv = env;
@@ -507,7 +507,7 @@
InvocationStateEnum[] state = new InvocationStateEnum[]{
InvocationStateEnum.PREINVOCATION
};
- boolean allowAnonymous = initialEnv.containsKey( ANONYMOUS_ENV );
+ boolean allowAnonymous = ! initialEnv.containsKey( DISABLE_ANONYMOUS_ENV );
Interceptor interceptor = new AuthenticationService( nexus, allowAnonymous );
provider.addInterceptor( interceptor, state );
Modified: incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java
Url: http://svn.apache.org/viewcvs/incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java?view=diff&rev=110066&p1=incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java&r1=110065&p2=incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java&r2=110066
==============================================================================
--- incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java (original)
+++ incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java Mon Dec 6 18:36:21 2004
@@ -24,7 +24,6 @@
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.Attribute;
import javax.naming.*;
-import javax.naming.ldap.LdapContext;
import javax.naming.ldap.InitialLdapContext;
import org.apache.ldap.common.util.ArrayUtils;
@@ -179,6 +178,7 @@
doDelete( new File( "target" + File.separator + "eve" ) );
Hashtable env = new Hashtable();
env.put( Context.SECURITY_AUTHENTICATION, "none" );
+ env.put( EveContextFactory.DISABLE_ANONYMOUS_ENV, "true" );
try
{
@@ -191,7 +191,6 @@
// ok this should start up the system now as admin
Hashtable anonymous = new Hashtable();
- anonymous.put( EveContextFactory.ANONYMOUS_ENV, "true" );
InitialLdapContext ctx = ( InitialLdapContext ) setSysRoot( anonymous );
assertNotNull( ctx );
Modified: incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java
Url: http://svn.apache.org/viewcvs/incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java?view=diff&rev=110066&p1=incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java&r1=110065&p2=incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java&r2=110066
==============================================================================
--- incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java (original)
+++ incubator/directory/eve/trunk/protocol/src/java/org/apache/eve/protocol/SessionRegistry.java Mon Dec 6 18:36:21 2004
@@ -27,6 +27,7 @@
import org.apache.seda.listener.ClientKey;
import org.apache.seda.event.EventRouter;
import org.apache.seda.event.DisconnectEvent;
+import org.apache.ldap.common.exception.LdapNoPermissionException;
/**
@@ -137,8 +138,13 @@
if ( ictx == null && allowAnonymous )
{
- ictx = new InitialLdapContext( env, connCtls );
- // @todo log something with a monitor here eventually!
+ if ( env.containsKey( "eve.disable.anonymous" ) )
+ {
+ throw new LdapNoPermissionException( "Anonymous binds have been disabled!" );
+ }
+
+ Hashtable cloned = ( Hashtable ) env.clone();
+ ictx = new InitialLdapContext( cloned, connCtls );
}
return ictx;