You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ak...@apache.org on 2006/02/10 11:49:57 UTC
svn commit: r376623 [32/38] - in /directory/sandbox/akarasulu/rc1/apacheds:
core-plugin/src/main/java/org/apache/directory/server/core/tools/schema/
core-plugin/src/test/java/org/apache/directory/server/core/tools/schema/
core-shared/src/main/java/org/...
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GetSessionKey.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GetSessionKey.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GetSessionKey.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GetSessionKey.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.authentication;
+
import java.security.SecureRandom;
import org.apache.directory.server.protocol.shared.chain.Context;
@@ -23,21 +24,24 @@
import org.apache.kerberos.messages.value.EncryptionKey;
import org.apache.kerberos.service.DesStringToKey;
+
public class GetSessionKey extends DesStringToKey
{
private static final SecureRandom random = new SecureRandom();
+
public boolean execute( Context context ) throws Exception
{
- AuthenticationContext authContext = (AuthenticationContext) context;
+ AuthenticationContext authContext = ( AuthenticationContext ) context;
authContext.setSessionKey( getNewSessionKey() );
return CONTINUE_CHAIN;
}
+
private EncryptionKey getNewSessionKey()
{
- byte[] confounder = new byte[ 8 ];
+ byte[] confounder = new byte[8];
// SecureRandom.nextBytes is already synchronized
random.nextBytes( confounder );
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/SealReply.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/SealReply.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/SealReply.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/SealReply.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.authentication;
+
import org.apache.directory.server.protocol.shared.chain.Context;
import org.apache.directory.server.protocol.shared.chain.impl.CommandBase;
import org.apache.kerberos.messages.AuthenticationReply;
@@ -23,13 +24,14 @@
import org.apache.kerberos.messages.value.EncryptionKey;
import org.apache.kerberos.service.LockBox;
+
public class SealReply extends CommandBase
{
public boolean execute( Context context ) throws Exception
{
- AuthenticationContext authContext = (AuthenticationContext) context;
+ AuthenticationContext authContext = ( AuthenticationContext ) context;
- AuthenticationReply reply = (AuthenticationReply) authContext.getReply();
+ AuthenticationReply reply = ( AuthenticationReply ) authContext.getReply();
EncryptionKey clientKey = authContext.getClientKey();
LockBox lockBox = authContext.getLockBox();
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/PreAuthenticationChain.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/PreAuthenticationChain.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/PreAuthenticationChain.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/PreAuthenticationChain.java Fri Feb 10 02:48:07 2006
@@ -16,7 +16,9 @@
*/
package org.apache.directory.server.kerberos.kdc.preauthentication;
+
import org.apache.directory.server.protocol.shared.chain.impl.ChainBase;
+
public class PreAuthenticationChain extends ChainBase
{
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifierBase.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifierBase.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifierBase.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifierBase.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.preauthentication;
+
import java.io.IOException;
import org.apache.directory.server.protocol.shared.chain.impl.CommandBase;
@@ -27,20 +28,21 @@
import org.apache.kerberos.messages.value.PreAuthenticationDataModifier;
import org.apache.kerberos.messages.value.PreAuthenticationDataType;
+
public abstract class VerifierBase extends CommandBase
{
public byte[] preparePreAuthenticationError()
{
- PreAuthenticationData[] paDataSequence = new PreAuthenticationData[ 2 ];
+ PreAuthenticationData[] paDataSequence = new PreAuthenticationData[2];
PreAuthenticationDataModifier modifier = new PreAuthenticationDataModifier();
modifier.setDataType( PreAuthenticationDataType.PA_ENC_TIMESTAMP );
- modifier.setDataValue( new byte[ 0 ] );
+ modifier.setDataValue( new byte[0] );
- paDataSequence[ 0 ] = modifier.getPreAuthenticationData();
+ paDataSequence[0] = modifier.getPreAuthenticationData();
- EncryptionTypeInfoEntry[] entries = new EncryptionTypeInfoEntry[ 1 ];
- entries[ 0 ] = new EncryptionTypeInfoEntry( EncryptionType.DES_CBC_MD5, null );
+ EncryptionTypeInfoEntry[] entries = new EncryptionTypeInfoEntry[1];
+ entries[0] = new EncryptionTypeInfoEntry( EncryptionType.DES_CBC_MD5, null );
byte[] encTypeInfo = null;
@@ -57,7 +59,7 @@
encTypeModifier.setDataType( PreAuthenticationDataType.PA_ENCTYPE_INFO );
encTypeModifier.setDataValue( encTypeInfo );
- paDataSequence[ 1 ] = encTypeModifier.getPreAuthenticationData();
+ paDataSequence[1] = encTypeModifier.getPreAuthenticationData();
try
{
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.preauthentication;
+
import java.io.IOException;
import org.apache.directory.server.kerberos.kdc.KdcConfiguration;
@@ -35,14 +36,16 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+
public class VerifyEncryptedTimestamp extends VerifierBase
{
/** the log for this class */
private static final Logger log = LoggerFactory.getLogger( VerifyEncryptedTimestamp.class );
+
public boolean execute( Context ctx ) throws Exception
{
- AuthenticationContext authContext = (AuthenticationContext) ctx;
+ AuthenticationContext authContext = ( AuthenticationContext ) ctx;
if ( authContext.getClientKey() != null )
{
@@ -63,7 +66,7 @@
if ( log.isDebugEnabled() )
{
log.debug( "entry for client principal " + clientName
- + " has no SAM type: proceeding with standard pre-authentication" );
+ + " has no SAM type: proceeding with standard pre-authentication" );
}
clientKey = clientEntry.getEncryptionKey();
@@ -79,22 +82,20 @@
if ( preAuthData == null )
{
- throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED,
- preparePreAuthenticationError() );
+ throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError() );
}
EncryptedTimeStamp timestamp = null;
for ( int ii = 0; ii < preAuthData.length; ii++ )
{
- if ( preAuthData[ ii ].getDataType().equals(
- PreAuthenticationDataType.PA_ENC_TIMESTAMP ) )
+ if ( preAuthData[ii].getDataType().equals( PreAuthenticationDataType.PA_ENC_TIMESTAMP ) )
{
EncryptedData dataValue;
try
{
- dataValue = EncryptedDataDecoder.decode( preAuthData[ ii ].getDataValue() );
+ dataValue = EncryptedDataDecoder.decode( preAuthData[ii].getDataValue() );
}
catch ( IOException ioe )
{
@@ -105,14 +106,14 @@
throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
}
- timestamp = (EncryptedTimeStamp) lockBox.unseal( EncryptedTimeStamp.class, clientKey, dataValue );
+ timestamp = ( EncryptedTimeStamp ) lockBox.unseal( EncryptedTimeStamp.class, clientKey,
+ dataValue );
}
}
if ( timestamp == null )
{
- throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED,
- preparePreAuthenticationError() );
+ throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError() );
}
if ( !timestamp.getTimeStamp().isInClockSkew( config.getClockSkew() ) )
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifySam.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifySam.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifySam.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifySam.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.preauthentication;
+
import javax.security.auth.kerberos.KerberosKey;
import org.apache.directory.server.kerberos.kdc.authentication.AuthenticationContext;
@@ -34,6 +35,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+
public class VerifySam extends VerifierBase
{
/** the log for this class */
@@ -45,10 +47,11 @@
SamSubsystem.getInstance().setIntegrityChecker( new TimestampChecker() );
}
+
public boolean execute( Context ctx ) throws Exception
{
log.debug( "Verifying using SAM subsystem." );
- AuthenticationContext authContext = (AuthenticationContext) ctx;
+ AuthenticationContext authContext = ( AuthenticationContext ) ctx;
KdcRequest request = authContext.getRequest();
PrincipalStoreEntry clientEntry = authContext.getClientEntry();
String clientName = clientEntry.getPrincipal().getName();
@@ -60,28 +63,26 @@
if ( log.isDebugEnabled() )
{
log.debug( "entry for client principal " + clientName
- + " has a valid SAM type: invoking SAM subsystem for pre-authentication" );
+ + " has a valid SAM type: invoking SAM subsystem for pre-authentication" );
}
PreAuthenticationData[] preAuthData = request.getPreAuthData();
if ( preAuthData == null || preAuthData.length == 0 )
{
- throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED,
- preparePreAuthenticationError() );
+ throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError() );
}
try
{
for ( int ii = 0; ii < preAuthData.length; ii++ )
{
- if ( preAuthData[ ii ].getDataType().equals(
- PreAuthenticationDataType.PA_ENC_TIMESTAMP ) )
+ if ( preAuthData[ii].getDataType().equals( PreAuthenticationDataType.PA_ENC_TIMESTAMP ) )
{
KerberosKey samKey = SamSubsystem.getInstance().verify( clientEntry,
- preAuthData[ ii ].getDataValue() );
- clientKey = new EncryptionKey( EncryptionType.getTypeByOrdinal( samKey
- .getKeyType() ), samKey.getEncoded() );
+ preAuthData[ii].getDataValue() );
+ clientKey = new EncryptionKey( EncryptionType.getTypeByOrdinal( samKey.getKeyType() ), samKey
+ .getEncoded() );
}
}
}
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/BuildReply.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/BuildReply.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/BuildReply.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/BuildReply.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import org.apache.directory.server.protocol.shared.chain.Context;
import org.apache.directory.server.protocol.shared.chain.impl.CommandBase;
import org.apache.kerberos.messages.KdcRequest;
@@ -25,11 +26,12 @@
import org.apache.kerberos.messages.value.LastRequest;
import org.apache.kerberos.messages.value.TicketFlags;
+
public class BuildReply extends CommandBase
{
public boolean execute( Context context ) throws Exception
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
KdcRequest request = tgsContext.getRequest();
Ticket tgt = tgsContext.getTgt();
Ticket newTicket = tgsContext.getNewTicket();
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/ConfigureTicketGrantingChain.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/ConfigureTicketGrantingChain.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/ConfigureTicketGrantingChain.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/ConfigureTicketGrantingChain.java Fri Feb 10 02:48:07 2006
@@ -16,20 +16,23 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import org.apache.directory.server.protocol.shared.chain.Context;
import org.apache.directory.server.protocol.shared.chain.impl.CommandBase;
import org.apache.kerberos.replay.InMemoryReplayCache;
import org.apache.kerberos.replay.ReplayCache;
import org.apache.kerberos.service.LockBox;
+
public class ConfigureTicketGrantingChain extends CommandBase
{
private static final ReplayCache replayCache = new InMemoryReplayCache();
private static final LockBox lockBox = new LockBox();
+
public boolean execute( Context context ) throws Exception
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
tgsContext.setReplayCache( replayCache );
tgsContext.setLockBox( lockBox );
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GenerateTicket.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GenerateTicket.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GenerateTicket.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GenerateTicket.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@@ -40,11 +41,12 @@
import org.apache.kerberos.messages.value.TicketFlags;
import org.apache.kerberos.service.LockBox;
+
public class GenerateTicket extends CommandBase
{
public boolean execute( Context context ) throws Exception
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
KdcRequest request = tgsContext.getRequest();
Ticket tgt = tgsContext.getTgt();
@@ -66,7 +68,8 @@
if ( request.getEncAuthorizationData() != null )
{
- AuthorizationData authData = (AuthorizationData) lockBox.unseal( AuthorizationData.class, authenticator.getSubSessionKey(), request.getEncAuthorizationData() );
+ AuthorizationData authData = ( AuthorizationData ) lockBox.unseal( AuthorizationData.class, authenticator
+ .getSubSessionKey(), request.getEncAuthorizationData() );
authData.add( tgt.getAuthorizationData() );
newTicketBody.setAuthorizationData( authData );
}
@@ -103,8 +106,9 @@
return CONTINUE_CHAIN;
}
+
private void processFlags( KdcConfiguration config, KdcRequest request, Ticket tgt,
- EncTicketPartModifier newTicketBody ) throws KerberosException
+ EncTicketPartModifier newTicketBody ) throws KerberosException
{
if ( request.getOption( KdcOptions.FORWARDABLE ) )
{
@@ -208,8 +212,9 @@
}
}
+
private void processTimes( KdcConfiguration config, KdcRequest request, EncTicketPartModifier newTicketBody,
- Ticket tgt ) throws KerberosException
+ Ticket tgt ) throws KerberosException
{
KerberosTime now = new KerberosTime();
@@ -234,7 +239,7 @@
newTicketBody.setStartTime( now );
long oldLife = tgt.getEndTime().getTime() - tgt.getStartTime().getTime();
newTicketBody.setEndTime( new KerberosTime( Math
- .min( tgt.getRenewTill().getTime(), now.getTime() + oldLife ) ) );
+ .min( tgt.getRenewTill().getTime(), now.getTime() + oldLife ) ) );
}
else
{
@@ -258,11 +263,11 @@
minimizer.add( till );
minimizer.add( new KerberosTime( now.getTime() + config.getMaximumTicketLifetime() ) );
minimizer.add( tgt.getEndTime() );
- KerberosTime minTime = (KerberosTime) Collections.min( minimizer );
+ KerberosTime minTime = ( KerberosTime ) Collections.min( minimizer );
newTicketBody.setEndTime( minTime );
if ( request.getOption( KdcOptions.RENEWABLE_OK ) && minTime.lessThan( request.getTill() )
- && tgt.getFlag( TicketFlags.RENEWABLE ) )
+ && tgt.getFlag( TicketFlags.RENEWABLE ) )
{
// we set the RENEWABLE option for later processing
request.setOption( KdcOptions.RENEWABLE );
@@ -307,10 +312,11 @@
minimizer.add( new KerberosTime( now.getTime() + config.getMaximumRenewableLifetime() ) );
minimizer.add( tgt.getRenewTill() );
- newTicketBody.setRenewTill( (KerberosTime) Collections.min( minimizer ) );
+ newTicketBody.setRenewTill( ( KerberosTime ) Collections.min( minimizer ) );
}
}
+
/*
if (realm_tgt_is_for(tgt) := tgt.realm) then
// tgt issued by local realm
@@ -328,6 +334,7 @@
// TODO - currently no transited support other than local
newTicketBody.setTransitedEncoding( tgt.getTransitedEncoding() );
}
+
protected void echoTicket( EncTicketPartModifier newTicketBody, Ticket tgt )
{
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import java.io.IOException;
import org.apache.directory.server.protocol.shared.chain.Context;
@@ -29,6 +30,7 @@
import org.apache.kerberos.messages.value.PreAuthenticationData;
import org.apache.kerberos.messages.value.PreAuthenticationDataType;
+
/*
* differs from the changepw getAuthHeader by verifying the presence of TGS_REQ
*/
@@ -36,7 +38,7 @@
{
public boolean execute( Context context ) throws Exception
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
KdcRequest request = tgsContext.getRequest();
ApplicationRequest authHeader = getAuthHeader( request );
@@ -48,6 +50,7 @@
return CONTINUE_CHAIN;
}
+
protected ApplicationRequest getAuthHeader( KdcRequest request ) throws KerberosException, IOException
{
byte[] undecodedAuthHeader = null;
@@ -55,9 +58,9 @@
for ( int ii = 0; ii < preAuthData.length; ii++ )
{
- if ( preAuthData[ ii ].getDataType() == PreAuthenticationDataType.PA_TGS_REQ )
+ if ( preAuthData[ii].getDataType() == PreAuthenticationDataType.PA_TGS_REQ )
{
- undecodedAuthHeader = preAuthData[ ii ].getDataValue();
+ undecodedAuthHeader = preAuthData[ii].getDataValue();
}
}
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetRequestPrincipalEntry.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetRequestPrincipalEntry.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetRequestPrincipalEntry.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetRequestPrincipalEntry.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.protocol.shared.chain.Context;
@@ -24,11 +25,12 @@
import org.apache.kerberos.store.PrincipalStore;
import org.apache.kerberos.store.PrincipalStoreEntry;
+
public class GetRequestPrincipalEntry extends GetPrincipalStoreEntry
{
public boolean execute( Context context ) throws Exception
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
KerberosPrincipal principal = tgsContext.getRequest().getServerPrincipal();
PrincipalStore store = tgsContext.getStore();
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import java.security.SecureRandom;
import org.apache.directory.server.protocol.shared.chain.Context;
@@ -23,21 +24,24 @@
import org.apache.kerberos.messages.value.EncryptionKey;
import org.apache.kerberos.service.DesStringToKey;
+
public class GetSessionKey extends DesStringToKey
{
private static final SecureRandom random = new SecureRandom();
+
public boolean execute( Context context ) throws Exception
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
tgsContext.setSessionKey( getNewSessionKey() );
return CONTINUE_CHAIN;
}
+
private EncryptionKey getNewSessionKey()
{
- byte[] confounder = new byte[ 8 ];
+ byte[] confounder = new byte[8];
// SecureRandom.nextBytes is already synchronized
random.nextBytes( confounder );
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetTicketPrincipalEntry.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetTicketPrincipalEntry.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetTicketPrincipalEntry.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetTicketPrincipalEntry.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.protocol.shared.chain.Context;
@@ -24,11 +25,12 @@
import org.apache.kerberos.store.PrincipalStore;
import org.apache.kerberos.store.PrincipalStoreEntry;
+
public class GetTicketPrincipalEntry extends GetPrincipalStoreEntry
{
public boolean execute( Context context ) throws Exception
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
KerberosPrincipal principal = tgsContext.getTgt().getServerPrincipal();
PrincipalStore store = tgsContext.getStore();
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import java.net.InetAddress;
import javax.security.auth.kerberos.KerberosPrincipal;
@@ -33,18 +34,20 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+
public class MonitorContext extends CommandBase
{
/** the log for this class */
private static final Logger log = LoggerFactory.getLogger( MonitorContext.class );
+
public boolean execute( Context context ) throws Exception
{
if ( log.isDebugEnabled() )
{
try
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
PrincipalStore store = tgsContext.getStore();
ApplicationRequest authHeader = tgsContext.getAuthHeader();
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import org.apache.directory.server.protocol.shared.chain.Context;
import org.apache.directory.server.protocol.shared.chain.impl.CommandBase;
import org.apache.kerberos.messages.TicketGrantReply;
@@ -24,13 +25,14 @@
import org.apache.kerberos.messages.value.EncryptedData;
import org.apache.kerberos.service.LockBox;
+
public class SealReply extends CommandBase
{
public boolean execute( Context ctx ) throws Exception
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) ctx;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) ctx;
- TicketGrantReply reply = (TicketGrantReply) tgsContext.getReply();
+ TicketGrantReply reply = ( TicketGrantReply ) tgsContext.getReply();
Ticket tgt = tgsContext.getTgt();
LockBox lockBox = tgsContext.getLockBox();
Authenticator authenticator = tgsContext.getAuthenticator();
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingContext.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingContext.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingContext.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingContext.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import org.apache.directory.server.kerberos.kdc.KdcContext;
import org.apache.kerberos.messages.ApplicationRequest;
import org.apache.kerberos.messages.components.Authenticator;
@@ -24,6 +25,7 @@
import org.apache.kerberos.replay.ReplayCache;
import org.apache.kerberos.store.PrincipalStoreEntry;
+
public class TicketGrantingContext extends KdcContext
{
private static final long serialVersionUID = 2130665703752837491L;
@@ -38,6 +40,7 @@
private PrincipalStoreEntry ticketPrincipalEntry;
private PrincipalStoreEntry requestPrincipalEntry;
+
/**
* @return Returns the requestPrincipalEntry.
*/
@@ -46,6 +49,7 @@
return requestPrincipalEntry;
}
+
/**
* @param requestPrincipalEntry The requestPrincipalEntry to set.
*/
@@ -54,6 +58,7 @@
this.requestPrincipalEntry = requestPrincipalEntry;
}
+
/**
* @return Returns the ticketPrincipalEntry.
*/
@@ -62,6 +67,7 @@
return ticketPrincipalEntry;
}
+
/**
* @param ticketPrincipalEntry The ticketPrincipalEntry to set.
*/
@@ -70,6 +76,7 @@
this.ticketPrincipalEntry = ticketPrincipalEntry;
}
+
/**
* @return Returns the replayCache.
*/
@@ -78,6 +85,7 @@
return replayCache;
}
+
/**
* @param replayCache The replayCache to set.
*/
@@ -86,6 +94,7 @@
this.replayCache = replayCache;
}
+
/**
* @return Returns the authenticator.
*/
@@ -94,6 +103,7 @@
return authenticator;
}
+
/**
* @param authenticator The authenticator to set.
*/
@@ -102,6 +112,7 @@
this.authenticator = authenticator;
}
+
/**
* @return Returns the newTicket.
*/
@@ -110,6 +121,7 @@
return newTicket;
}
+
/**
* @param newTicket The newTicket to set.
*/
@@ -118,6 +130,7 @@
this.newTicket = newTicket;
}
+
/**
* @return Returns the sessionKey.
*/
@@ -126,6 +139,7 @@
return sessionKey;
}
+
/**
* @param sessionKey The sessionKey to set.
*/
@@ -134,6 +148,7 @@
this.sessionKey = sessionKey;
}
+
/**
* @return Returns the tgt.
*/
@@ -142,6 +157,7 @@
return tgt;
}
+
/**
* @param tgt The tgt to set.
*/
@@ -150,6 +166,7 @@
this.tgt = tgt;
}
+
/**
* @return Returns the authHeader.
*/
@@ -157,6 +174,7 @@
{
return authHeader;
}
+
/**
* @param authHeader The authHeader to set.
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingExceptionHandler.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingExceptionHandler.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingExceptionHandler.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingExceptionHandler.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import org.apache.directory.server.kerberos.kdc.KdcConfiguration;
import org.apache.directory.server.protocol.shared.chain.Context;
import org.apache.kerberos.exceptions.KerberosException;
@@ -24,15 +25,18 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+
public class TicketGrantingExceptionHandler extends ErrorMessageHandler
{
private static final Logger log = LoggerFactory.getLogger( TicketGrantingExceptionHandler.class );
+
public boolean execute( Context context ) throws Exception
{
return CONTINUE_CHAIN;
}
+
public boolean postprocess( Context context, Exception exception )
{
if ( exception == null )
@@ -49,9 +53,9 @@
log.info( exception.getMessage() );
}
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
KdcConfiguration config = tgsContext.getConfig();
- KerberosException ke = (KerberosException) exception;
+ KerberosException ke = ( KerberosException ) exception;
ErrorMessage errorMessage = getErrorMessage( config.getKdcPrincipal(), ke );
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java Fri Feb 10 02:48:07 2006
@@ -16,12 +16,14 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import org.apache.directory.server.kerberos.kdc.MonitorReply;
import org.apache.directory.server.kerberos.kdc.MonitorRequest;
import org.apache.directory.server.protocol.shared.chain.impl.ChainBase;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+
/**
* KRB_TGS_REQ verification and KRB_TGS_REP generation
*/
@@ -29,6 +31,7 @@
{
/** the log for this class */
private static final Logger log = LoggerFactory.getLogger( TicketGrantingServiceChain.class );
+
public TicketGrantingServiceChain()
{
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import org.apache.directory.server.protocol.shared.chain.Context;
import org.apache.directory.server.protocol.shared.chain.impl.CommandBase;
import org.apache.kerberos.crypto.checksum.ChecksumEngine;
@@ -25,11 +26,12 @@
import org.apache.kerberos.exceptions.KerberosException;
import org.apache.kerberos.messages.value.Checksum;
+
public class VerifyBodyChecksum extends CommandBase
{
public boolean execute( Context context ) throws Exception
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
byte[] bodyBytes = tgsContext.getRequest().getBodyBytes();
Checksum checksum = tgsContext.getAuthenticator().getChecksum();
@@ -37,6 +39,7 @@
return CONTINUE_CHAIN;
}
+
private void verifyChecksum( Checksum checksum, byte[] bytes ) throws KerberosException
{
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgt.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgt.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgt.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgt.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.kdc.KdcConfiguration;
@@ -23,11 +24,12 @@
import org.apache.kerberos.messages.components.Ticket;
import org.apache.kerberos.service.VerifyTicket;
+
public class VerifyTgt extends VerifyTicket
{
public boolean execute( Context context ) throws Exception
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
KdcConfiguration config = tgsContext.getConfig();
Ticket tgt = tgsContext.getTgt();
String primaryRealm = config.getPrimaryRealm();
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+
import java.net.InetAddress;
import org.apache.directory.server.protocol.shared.chain.Context;
@@ -27,11 +28,12 @@
import org.apache.kerberos.service.LockBox;
import org.apache.kerberos.service.VerifyAuthHeader;
+
public class VerifyTgtAuthHeader extends VerifyAuthHeader
{
public boolean execute( Context context ) throws Exception
{
- TicketGrantingContext tgsContext = (TicketGrantingContext) context;
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) context;
ApplicationRequest authHeader = tgsContext.getAuthHeader();
Ticket tgt = tgsContext.getTgt();
@@ -43,7 +45,7 @@
LockBox lockBox = tgsContext.getLockBox();
Authenticator authenticator = verifyAuthHeader( authHeader, tgt, serverKey, clockSkew, replayCache,
- emptyAddressesAllowed, clientAddress, lockBox );
+ emptyAddressesAllowed, clientAddress, lockBox );
tgsContext.setAuthenticator( authenticator );
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosDecoder.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.protocol;
+
import java.io.IOException;
import org.apache.kerberos.io.decoder.KdcRequestDecoder;
@@ -24,14 +25,17 @@
import org.apache.mina.filter.codec.ProtocolDecoder;
import org.apache.mina.filter.codec.ProtocolDecoderOutput;
+
public class KerberosDecoder implements ProtocolDecoder
{
private KdcRequestDecoder decoder = new KdcRequestDecoder();
+
public void decode( IoSession session, ByteBuffer in, ProtocolDecoderOutput out ) throws IOException
{
out.write( decoder.decode( in.buf() ) );
}
+
public void dispose( IoSession session ) throws Exception
{
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosEncoder.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosEncoder.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosEncoder.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosEncoder.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.protocol;
+
import java.io.IOException;
import org.apache.kerberos.io.encoder.ErrorMessageEncoder;
@@ -27,24 +28,26 @@
import org.apache.mina.filter.codec.ProtocolEncoder;
import org.apache.mina.filter.codec.ProtocolEncoderOutput;
+
public class KerberosEncoder implements ProtocolEncoder
{
private KdcReplyEncoder replyEncoder = new KdcReplyEncoder();
private ErrorMessageEncoder errorEncoder = new ErrorMessageEncoder();
+
public void encode( IoSession session, Object message, ProtocolEncoderOutput out ) throws IOException
{
ByteBuffer buf = ByteBuffer.allocate( 1024 );
if ( message instanceof KdcReply )
{
- replyEncoder.encode( (KdcReply) message, buf.buf() );
+ replyEncoder.encode( ( KdcReply ) message, buf.buf() );
}
else
{
if ( message instanceof ErrorMessage )
{
- errorEncoder.encode( (ErrorMessage) message, buf.buf() );
+ errorEncoder.encode( ( ErrorMessage ) message, buf.buf() );
}
}
@@ -52,6 +55,7 @@
out.write( buf );
}
+
public void dispose( IoSession arg0 ) throws Exception
{
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java Fri Feb 10 02:48:07 2006
@@ -16,28 +16,34 @@
*/
package org.apache.directory.server.kerberos.protocol;
+
import org.apache.mina.filter.codec.ProtocolCodecFactory;
import org.apache.mina.filter.codec.ProtocolDecoder;
import org.apache.mina.filter.codec.ProtocolEncoder;
+
public class KerberosProtocolCodecFactory implements ProtocolCodecFactory
{
private static final KerberosProtocolCodecFactory INSTANCE = new KerberosProtocolCodecFactory();
+
public static KerberosProtocolCodecFactory getInstance()
{
return INSTANCE;
}
+
private KerberosProtocolCodecFactory()
{
}
+
public ProtocolEncoder getEncoder()
{
// Create a new encoder.
return new KerberosEncoder();
}
+
public ProtocolDecoder getDecoder()
{
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.protocol;
+
import java.net.InetAddress;
import java.net.InetSocketAddress;
@@ -35,6 +36,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+
/**
* The Kerberos protocol handler for MINA which handles requests for the authentication
* service and the ticket granting service of the KDC.
@@ -52,7 +54,8 @@
private Command authService;
private Command tgsService;
- public KerberosProtocolHandler( KdcConfiguration config, PrincipalStore store )
+
+ public KerberosProtocolHandler(KdcConfiguration config, PrincipalStore store)
{
this.config = config;
this.store = store;
@@ -61,6 +64,7 @@
tgsService = new TicketGrantingServiceChain();
}
+
public void sessionCreated( IoSession session ) throws Exception
{
if ( log.isDebugEnabled() )
@@ -69,9 +73,10 @@
}
session.getFilterChain().addFirst( "codec",
- new ProtocolCodecFilter( KerberosProtocolCodecFactory.getInstance() ) );
+ new ProtocolCodecFilter( KerberosProtocolCodecFactory.getInstance() ) );
}
+
public void sessionOpened( IoSession session )
{
if ( log.isDebugEnabled() )
@@ -80,6 +85,7 @@
}
}
+
public void sessionClosed( IoSession session )
{
if ( log.isDebugEnabled() )
@@ -88,6 +94,7 @@
}
}
+
public void sessionIdle( IoSession session, IdleStatus status )
{
if ( log.isDebugEnabled() )
@@ -96,12 +103,14 @@
}
}
+
public void exceptionCaught( IoSession session, Throwable cause )
{
log.error( session.getRemoteAddress() + " EXCEPTION", cause );
session.close();
}
+
public void messageReceived( IoSession session, Object message )
{
if ( log.isDebugEnabled() )
@@ -109,8 +118,8 @@
log.debug( session.getRemoteAddress() + " RCVD: " + message );
}
- InetAddress clientAddress = ( (InetSocketAddress) session.getRemoteAddress() ).getAddress();
- KdcRequest request = (KdcRequest) message;
+ InetAddress clientAddress = ( ( InetSocketAddress ) session.getRemoteAddress() ).getAddress();
+ KdcRequest request = ( KdcRequest ) message;
int messageType = request.getMessageType().getOrdinal();
@@ -155,6 +164,7 @@
log.error( e.getMessage() );
}
}
+
public void messageSent( IoSession session, Object message )
{
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/KeyIntegrityChecker.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/KeyIntegrityChecker.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/KeyIntegrityChecker.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/KeyIntegrityChecker.java Fri Feb 10 02:48:07 2006
@@ -16,7 +16,9 @@
*/
package org.apache.directory.server.kerberos.sam;
+
import javax.security.auth.kerberos.KerberosKey;
+
/**
* Checks the integrity of a kerberos key to decode-decrypt an encrypted
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamException.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamException.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamException.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamException.java Fri Feb 10 02:48:07 2006
@@ -16,8 +16,10 @@
*/
package org.apache.directory.server.kerberos.sam;
+
import org.apache.kerberos.messages.value.SamType;
+
/**
* Base class for all SAM subsystem errors.
*
@@ -32,31 +34,34 @@
/** the SAM type that caused this exception */
private final SamType type;
+
/**
* Creates a SamException for a specific SamType.
*
* @param type the type value for the SAM algorithm associated with this exception
*/
- public SamException( SamType type )
+ public SamException(SamType type)
{
super();
this.type = type;
}
+
/**
* Creates a SamException for a specific SamType, with message.
*
* @param type the type value for the SAM algorithm associated with this exception
* @param message a message regarding the nature of the fault
*/
- public SamException( SamType type, String message )
+ public SamException(SamType type, String message)
{
super( message );
this.type = type;
}
+
/**
* Creates a SamException for a specific SamType, with the cause resulted in
* this exception.
@@ -64,13 +69,14 @@
* @param type the type value for the SAM algorithm associated with this exception
* @param cause the throwable that resulted in this exception being thrown
*/
- public SamException( SamType type, Throwable cause )
+ public SamException(SamType type, Throwable cause)
{
super( cause );
this.type = type;
}
+
/**
* Creates a SamException for a specific SamType, with a message and the
* cause that resulted in this exception.
@@ -80,12 +86,13 @@
* @param message a message regarding the nature of the fault
* @param cause the throwable that resulted in this exception being thrown
*/
- public SamException( SamType type, String message, Throwable cause )
+ public SamException(SamType type, String message, Throwable cause)
{
super( message, cause );
this.type = type;
}
+
/**
* Gets the registered SAM algorithm type associated with this SamException.
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.sam;
+
import java.util.HashMap;
import java.util.Hashtable;
@@ -25,6 +26,7 @@
import org.apache.kerberos.store.PrincipalStoreEntry;
+
/**
* The Subsystem that enables the Kerberos server to use plugable Single-use
* Authentication mechanisms.
@@ -49,6 +51,7 @@
private DirContext userContext;
private String userBaseRdn;
+
/**
* Gets the singleton instance of the SamSubsystem.
*
@@ -64,6 +67,7 @@
return instance;
}
+
/**
* Sets the KeyIntegrityChecker used by the entire SamSubsystem.
*
@@ -74,6 +78,7 @@
this.keyChecker = keyChecker;
}
+
/**
* Uses the principal entry information to load the approapriate SamVerifier
* and verify the Single-use password.
@@ -100,7 +105,7 @@
if ( verifiers.containsKey( entry.getSamType() ) )
{
- verifier = (SamVerifier) verifiers.get( entry.getSamType() );
+ verifier = ( SamVerifier ) verifiers.get( entry.getSamType() );
return verifier.verify( entry.getPrincipal(), sad );
}
@@ -125,17 +130,17 @@
throw new SamException( entry.getSamType(), msg );
}
- String fqcn = (String) env.get( key );
+ String fqcn = ( String ) env.get( key );
try
{
Class c = Class.forName( fqcn );
- verifier = (SamVerifier) c.newInstance();
+ verifier = ( SamVerifier ) c.newInstance();
try
{
- verifier.setUserContext( (DirContext) userContext.lookup( userBaseRdn ) );
+ verifier.setUserContext( ( DirContext ) userContext.lookup( userBaseRdn ) );
}
catch ( NamingException e )
{
@@ -185,6 +190,7 @@
throw new SamException( entry.getSamType(), msg, e );
}
}
+
/**
* Sets the context under which user entries can be found.
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java Fri Feb 10 02:48:07 2006
@@ -16,12 +16,14 @@
*/
package org.apache.directory.server.kerberos.sam;
+
import javax.naming.directory.DirContext;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.kerberos.messages.value.SamType;
+
/**
* Single-use Authentication Mechanism verifier (subsystem) interface.
* SamVerifiers are modules that can be configured and are dynamically
@@ -46,9 +48,11 @@
/** Starts one of many pluggable SAM type subsystem*/
void startup() throws SamException;
+
/** Shuts down one of many pluggable SAM type subsystem*/
void shutdown();
+
/**
* SamVerifiers require a KeyIntegrityChecker to calculate the integrity of
* a generated KerberosKey. The Kerberos service exposes this interface
@@ -61,6 +65,7 @@
*/
void setIntegrityChecker( KeyIntegrityChecker keyChecker );
+
/**
* Verifies the single use password supplied.
*
@@ -69,12 +74,14 @@
*/
KerberosKey verify( KerberosPrincipal principal, byte[] sad ) throws SamException;
+
/**
* Gets the registered SAM algorithm type implemented by this SamVerifier.
*
* @return the type value for the SAM algorithm used to verify the SUP.
*/
SamType getSamType();
+
/** sets the user context where users are stored for the primary realm */
void setUserContext( DirContext userContext );
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.sam;
+
import java.io.IOException;
import javax.security.auth.kerberos.KerberosKey;
@@ -29,11 +30,13 @@
import org.apache.kerberos.messages.value.KerberosTime;
import org.apache.kerberos.service.LockBox;
+
public class TimestampChecker implements KeyIntegrityChecker
{
private static final long FIVE_MINUTES = 300000;
private static final LockBox lockBox = new LockBox();
+
public boolean checkKeyIntegrity( byte[] encryptedData, KerberosKey kerberosKey )
{
EncryptionType keyType = EncryptionType.getTypeByOrdinal( kerberosKey.getKeyType() );
@@ -47,7 +50,8 @@
// Decrypt the EncryptedData structure to get the PA-ENC-TS-ENC
// Decode the decrypted timestamp into our timestamp object.
- EncryptedTimeStamp timestamp = (EncryptedTimeStamp) lockBox.unseal( EncryptedTimeStamp.class, key, sadValue );
+ EncryptedTimeStamp timestamp = ( EncryptedTimeStamp ) lockBox.unseal( EncryptedTimeStamp.class, key,
+ sadValue );
// Since we got here we must have a valid timestamp structure that we can
// validate to be within a five minute skew.
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/kdc/TestUtils.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/kdc/TestUtils.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/kdc/TestUtils.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/kdc/TestUtils.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.kdc;
+
import java.io.BufferedInputStream;
import java.io.CharArrayWriter;
import java.io.IOException;
@@ -23,6 +24,7 @@
import java.io.InputStreamReader;
import java.io.Reader;
+
public class TestUtils
{
public static char[] getControlDocument( String resource ) throws IOException
@@ -35,7 +37,7 @@
try
{
- char[] buf = new char[ 2048 ];
+ char[] buf = new char[2048];
int len = 0;
while ( len >= 0 )
{
@@ -61,23 +63,26 @@
return isca;
}
+
public static byte[] getBytesFromResource( String resource ) throws IOException
{
InputStream is = ClassLoader.getSystemClassLoader().getResourceAsStream( resource );
BufferedInputStream stream = new BufferedInputStream( is );
int len = stream.available();
- byte[] bytes = new byte[ len ];
+ byte[] bytes = new byte[len];
stream.read( bytes, 0, len );
return bytes;
}
+
public static void hexdump( byte[] data )
{
hexdump( data, true );
}
+
public static void hexdump( byte[] data, boolean delimit )
{
String delimiter = new String( "-------------------------------------------------" );
@@ -90,14 +95,14 @@
int lineLength = 0;
for ( int ii = 0; ii < data.length; ii++ )
{
- System.out.print( byte2hexString( data[ ii ] ) + " " );
+ System.out.print( byte2hexString( data[ii] ) + " " );
lineLength++;
-
+
if ( lineLength == 8 )
{
System.out.print( " " );
}
-
+
if ( lineLength == 16 )
{
System.out.println();
@@ -112,58 +117,63 @@
}
}
- public static final String[] hex_digit = { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9",
- "a", "b", "c", "d", "e", "f" };
+ public static final String[] hex_digit =
+ { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f" };
+
public static String byte2hexString( byte x )
{
String s = "";
for ( int ii = 0; ii < 2; ii++ )
{
- s = hex_digit[ ( ( ( x ) & 0xff ) & ( 15 << ( ii * 4 ) ) ) >>> ( ii * 4 ) ] + s;
+ s = hex_digit[( ( ( x ) & 0xff ) & ( 15 << ( ii * 4 ) ) ) >>> ( ii * 4 )] + s;
}
return s;
}
+
public static String int2hexString( int x )
{
String s = "";
for ( int ii = 0; ii < 8; ii++ )
{
- s = hex_digit[ ( x & ( 15 << ( ii * 4 ) ) ) >>> ( ii * 4 ) ] + s;
+ s = hex_digit[( x & ( 15 << ( ii * 4 ) ) ) >>> ( ii * 4 )] + s;
}
return s;
}
+
public static String int2binString( int x )
{
String s = "";
for ( int ii = 0; ii < 32; ii++ )
{
- if ( ( ii > 0 ) && ( ii % 4 == 0 ) )
+ if ( ( ii > 0 ) && ( ii % 4 == 0 ) )
{
s = " " + s;
}
- s = hex_digit[ ( x & ( 1 << ii ) ) >>> ii ] + s;
+ s = hex_digit[( x & ( 1 << ii ) ) >>> ii] + s;
}
return s;
}
+
public static String long2hexString( long x )
{
String s = "";
for ( int ii = 0; ii < 16; ii++ )
{
- s = hex_digit[ (int) ( ( x & ( 15L << ( ii * 4 ) ) ) >>> ( ii * 4 ) ) ] + s;
+ s = hex_digit[( int ) ( ( x & ( 15L << ( ii * 4 ) ) ) >>> ( ii * 4 ) )] + s;
}
return s;
}
+
public static String long2binString( long x )
{
String s = "";
@@ -174,22 +184,25 @@
s = " " + s;
}
- s = hex_digit[ (int) ( ( x & ( 1L << ii ) ) >>> ii ) ] + s;
+ s = hex_digit[( int ) ( ( x & ( 1L << ii ) ) >>> ii )] + s;
}
return s;
}
+
public static String byte2hexString( byte[] input )
{
return byte2hexString( input, 0, input.length );
}
+
public static String byte2hexString( byte[] input, int offset )
{
return byte2hexString( input, offset, input.length );
}
+
public static String byte2hexString( byte[] input, int offset, int length )
{
String result = "";
@@ -197,7 +210,7 @@
{
if ( ii + offset < input.length )
{
- result += byte2hexString( input[ ii + offset ] );
+ result += byte2hexString( input[ii + offset] );
}
}
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java Fri Feb 10 02:48:07 2006
@@ -16,6 +16,7 @@
*/
package org.apache.directory.server.kerberos.messages.value;
+
import java.util.Arrays;
import org.apache.kerberos.messages.value.KdcOptions;
@@ -23,9 +24,12 @@
import junit.framework.TestCase;
+
public class OptionsTest extends TestCase
{
- private byte[] fpriOptions = { (byte) 0x50, (byte) 0x00, (byte) 0x00, (byte) 0x10 };
+ private byte[] fpriOptions =
+ { ( byte ) 0x50, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x10 };
+
public void testToString()
{
@@ -37,6 +41,7 @@
assertEquals( flags.toString(), "FORWARDABLE PROXIABLE RENEWABLE INITIAL" );
}
+
public void testDuplicateSetting()
{
TicketFlags flags = new TicketFlags();
@@ -47,6 +52,7 @@
flags.set( TicketFlags.RENEWABLE );
assertEquals( flags.toString(), "FORWARDABLE PROXIABLE MAY_POSTDATE RENEWABLE" );
}
+
public void testConstruction()
{
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/ExtendedOperationHandler.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/ExtendedOperationHandler.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/ExtendedOperationHandler.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/ExtendedOperationHandler.java Fri Feb 10 02:48:07 2006
@@ -41,7 +41,8 @@
* Returns the EXTENSION_OID of the extended request this handler can handle.
*/
String getOid();
-
+
+
/**
* The OIDs of the extensions supported by this handler. This includes the
* request as well as any responses associated with the request. These OIDs
@@ -50,7 +51,8 @@
* @return the OIDs supported by this handler.
*/
Set getExtensionOids();
-
+
+
/**
* Handles the specified extended operation.
*
@@ -60,21 +62,24 @@
* @throws Exception if failed to handle the operation
*/
void handleExtendedOperation( IoSession session, SessionRegistry registry, ExtendedRequest req ) throws Exception;
-
+
+
/**
* Sets the LDAP provider for this extendedOperation handler.
*
* @param provider the ldap protocol provider
*/
void setLdapProvider( LdapProtocolProvider provider );
-
+
+
/**
* Sets the LDAP service for the this extenedOperation handler.
*
* @param service the MINA service for LDAP or LDAPS
*/
void setLdapService( Service service );
-
+
+
/**
* Sets the MINA service registry for this extendedOperation handler.
*
Modified: directory/sandbox/akarasulu/rc1/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java
URL: http://svn.apache.org/viewcvs/directory/sandbox/akarasulu/rc1/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java?rev=376623&r1=376622&r2=376623&view=diff
==============================================================================
--- directory/sandbox/akarasulu/rc1/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java (original)
+++ directory/sandbox/akarasulu/rc1/apacheds/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java Fri Feb 10 02:48:07 2006
@@ -101,7 +101,7 @@
private static final Map DEFAULT_HANDLERS;
/** a set of supported controls */
private static final Set SUPPORTED_CONTROLS;
-
+
static
{
HashMap map = new HashMap();
@@ -147,10 +147,10 @@
map.put( UnbindRequestImpl.class.getName(), UnbindHandler.class );
DEFAULT_HANDLERS = Collections.unmodifiableMap( map );
-
+
HashSet set = new HashSet();
- set.add( PersistentSearchControl.CONTROL_OID );
- set.add( EntryChangeControl.CONTROL_OID );
+ set.add( PersistentSearchControl.CONTROL_OID );
+ set.add( EntryChangeControl.CONTROL_OID );
set.add( ManageDsaITControl.CONTROL_OID );
SUPPORTED_CONTROLS = Collections.unmodifiableSet( set );
}
@@ -161,6 +161,7 @@
/** the MINA protocol handler */
private final LdapProtocolHandler handler = new LdapProtocolHandler();
+
// ------------------------------------------------------------------------
// C O N S T R U C T O R S
// ------------------------------------------------------------------------
@@ -171,7 +172,7 @@
* @param env environment properties used to configure the provider and
* underlying codec providers if any
*/
- public LdapProtocolProvider( Hashtable env ) throws LdapNamingException
+ public LdapProtocolProvider(Hashtable env) throws LdapNamingException
{
Hashtable copy = ( Hashtable ) env.clone();
copy.put( Context.PROVIDER_URL, "" );
@@ -179,19 +180,19 @@
new SessionRegistry( copy );
Iterator requestTypes = DEFAULT_HANDLERS.keySet().iterator();
- while( requestTypes.hasNext() )
+ while ( requestTypes.hasNext() )
{
MessageHandler handler = null;
String type = ( String ) requestTypes.next();
Class clazz = null;
- if( copy.containsKey( type ) )
+ if ( copy.containsKey( type ) )
{
try
{
clazz = Class.forName( ( String ) copy.get( type ) );
}
- catch( ClassNotFoundException e )
+ catch ( ClassNotFoundException e )
{
LdapNamingException lne;
String msg = "failed to load class " + clazz;
@@ -212,7 +213,7 @@
handler = ( MessageHandler ) clazz.newInstance();
this.handler.addMessageHandler( typeClass, handler );
}
- catch( Exception e )
+ catch ( Exception e )
{
LdapNamingException lne;
String msg = "failed to create handler instance of " + clazz;
@@ -226,6 +227,7 @@
this.codecFactory = new ProtocolCodecFactoryImpl( copy );
}
+
/**
* Creates a MINA LDAP protocol provider.
*/
@@ -235,7 +237,7 @@
new SessionRegistry( null );
Iterator requestTypes = DEFAULT_HANDLERS.keySet().iterator();
- while( requestTypes.hasNext() )
+ while ( requestTypes.hasNext() )
{
MessageHandler handler = null;
String type = ( String ) requestTypes.next();
@@ -249,7 +251,7 @@
handler = ( MessageHandler ) clazz.newInstance();
this.handler.addMessageHandler( typeClass, handler );
}
- catch( Exception e )
+ catch ( Exception e )
{
LdapNamingException lne;
String msg = "failed to create handler instance of " + clazz;
@@ -263,6 +265,7 @@
this.codecFactory = new ProtocolCodecFactoryImpl();
}
+
// ------------------------------------------------------------------------
// ProtocolProvider Methods
// ------------------------------------------------------------------------
@@ -272,16 +275,19 @@
return SERVICE_NAME;
}
+
public ProtocolCodecFactory getCodecFactory()
{
return codecFactory;
}
+
public IoHandler getHandler()
{
return handler;
}
-
+
+
/**
* Registeres the specified {@link ExtendedOperationHandler} to this
* protocol provider to provide a specific LDAP extended operation.
@@ -293,7 +299,8 @@
eh = ( ExtendedHandler ) handler.getMessageHandler( ExtendedRequestImpl.class );
eh.addHandler( eoh );
}
-
+
+
/**
* Deregisteres an {@link ExtendedOperationHandler} with the specified <tt>oid</tt>
* from this protocol provider.
@@ -305,7 +312,8 @@
eh = ( ExtendedHandler ) handler.getMessageHandler( ExtendedRequestImpl.class );
eh.removeHandler( oid );
}
-
+
+
/**
* Returns an {@link ExtendedOperationHandler} with the specified <tt>oid</tt>
* which is registered to this protocol provider.
@@ -315,7 +323,8 @@
ExtendedHandler eh = ( ExtendedHandler ) handler.getMessageHandler( ExtendedRequest.class );
return eh.getHandler( oid );
}
-
+
+
/**
* Returns a {@link Map} of all registered OID-{@link ExtendedOperationHandler}
* pairs.
@@ -325,27 +334,30 @@
ExtendedHandler eh = ( ExtendedHandler ) handler.getMessageHandler( ExtendedRequest.class );
return eh.getHandlerMap();
}
+
/**
* A snickers based BER Decoder factory.
*/
- private static final class ProtocolCodecFactoryImpl implements
- ProtocolCodecFactory
+ private static final class ProtocolCodecFactoryImpl implements ProtocolCodecFactory
{
final Hashtable env;
+
public ProtocolCodecFactoryImpl()
{
this.env = null;
}
- ProtocolCodecFactoryImpl( Hashtable env )
+
+ ProtocolCodecFactoryImpl(Hashtable env)
{
this.env = env;
}
+
public ProtocolEncoder getEncoder()
{
- if( env == null || env.get( Provider.BERLIB_PROVIDER ) == null )
+ if ( env == null || env.get( Provider.BERLIB_PROVIDER ) == null )
{
return new Asn1CodecEncoder( new MessageEncoder() );
}
@@ -355,9 +367,10 @@
}
}
+
public ProtocolDecoder getDecoder()
{
- if( env == null || env.get( Provider.BERLIB_PROVIDER ) == null )
+ if ( env == null || env.get( Provider.BERLIB_PROVIDER ) == null )
{
return new Asn1CodecDecoder( new MessageDecoder() );
}
@@ -376,12 +389,14 @@
filters.addLast( "codec", new ProtocolCodecFilter( codecFactory ) );
filters.addLast( "logger", new LoggingFilter() );
}
-
+
+
public void sessionClosed( IoSession session )
{
SessionRegistry.getSingleton().remove( session );
}
+
public void messageReceived( IoSession session, Object message ) throws Exception
{
// Translate SSLFilter messages into LDAP extended request
@@ -394,22 +409,22 @@
// handler should react to only SESSION_UNSECURED message
// and degrade authentication level to 'anonymous' as specified
// in the RFC, and this is no threat.
-
- if( message == SSLFilter.SESSION_SECURED )
+
+ if ( message == SSLFilter.SESSION_SECURED )
{
ExtendedRequest req = new ExtendedRequestImpl( 0 );
req.setOid( "1.3.6.1.4.1.1466.20037" );
req.setPayload( "SECURED".getBytes( "ISO-8859-1" ) );
message = req;
}
- else if( message == SSLFilter.SESSION_UNSECURED )
+ else if ( message == SSLFilter.SESSION_UNSECURED )
{
ExtendedRequest req = new ExtendedRequestImpl( 0 );
req.setOid( "1.3.6.1.4.1.1466.20037" );
req.setPayload( "UNSECURED".getBytes( "ISO-8859-1" ) );
message = req;
}
-
+
if ( ( ( Request ) message ).getControls().size() > 0 && message instanceof ResultResponseRequest )
{
ResultResponseRequest req = ( ResultResponseRequest ) message;
@@ -417,7 +432,7 @@
while ( controls.hasNext() )
{
Control control = ( Control ) controls.next();
- if ( control.isCritical() && ! SUPPORTED_CONTROLS.contains( control.getID() ) )
+ if ( control.isCritical() && !SUPPORTED_CONTROLS.contains( control.getID() ) )
{
ResultResponse resp = req.getResultResponse();
resp.getLdapResult().setErrorMessage( "Unsupport critical control: " + control.getID() );
@@ -427,14 +442,14 @@
}
}
}
-
+
super.messageReceived( session, message );
}
-
+
public void exceptionCaught( IoSession session, Throwable cause )
{
- SessionLog.warn( session,
+ SessionLog.warn( session,
"Unexpected exception forcing session to close: sending disconnect notice to client.", cause );
session.write( NoticeOfDisconnect.PROTOCOLERROR );
SessionRegistry.getSingleton().remove( session );