You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/10/04 04:26:00 UTC
svn commit: r581763 - in /directory/sandbox/erodriguez/core-catalog: ./ src/
src/main/ src/main/java/ src/main/java/org/ src/main/java/org/apache/
src/main/java/org/apache/directory/
src/main/java/org/apache/directory/server/ src/main/java/org/apache/d...
Author: erodriguez
Date: Wed Oct 3 19:25:59 2007
New Revision: 581763
URL: http://svn.apache.org/viewvc?rev=581763&view=rev
Log:
Initial commit of a proposal for a "catalog interceptor" that redirects LDAP queries to LDAP URL's by processing regex's contained in the system partition.
Added:
directory/sandbox/erodriguez/core-catalog/ (with props)
directory/sandbox/erodriguez/core-catalog/pom.xml (with props)
directory/sandbox/erodriguez/core-catalog/src/
directory/sandbox/erodriguez/core-catalog/src/main/
directory/sandbox/erodriguez/core-catalog/src/main/java/
directory/sandbox/erodriguez/core-catalog/src/main/java/org/
directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/
directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/
directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/
directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/
directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/
directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogEntry.java (with props)
directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogService.java (with props)
directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogStore.java (with props)
directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/MapCatalogStoreImpl.java (with props)
directory/sandbox/erodriguez/core-catalog/src/main/resources/
directory/sandbox/erodriguez/core-catalog/src/test/
directory/sandbox/erodriguez/core-catalog/src/test/java/
directory/sandbox/erodriguez/core-catalog/src/test/java/org/
directory/sandbox/erodriguez/core-catalog/src/test/java/org/apache/
directory/sandbox/erodriguez/core-catalog/src/test/java/org/apache/directory/
directory/sandbox/erodriguez/core-catalog/src/test/java/org/apache/directory/server/
directory/sandbox/erodriguez/core-catalog/src/test/java/org/apache/directory/server/core/
directory/sandbox/erodriguez/core-catalog/src/test/java/org/apache/directory/server/core/catalog/
directory/sandbox/erodriguez/core-catalog/src/test/java/org/apache/directory/server/core/catalog/CatalogServiceTest.java (with props)
directory/sandbox/erodriguez/core-catalog/src/test/resources/
Propchange: directory/sandbox/erodriguez/core-catalog/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Wed Oct 3 19:25:59 2007
@@ -0,0 +1,16 @@
+bin
+build
+target
+classes
+.classpath
+.project
+.settings
+.wtpmodules
+.deployables
+*.iml
+*.ipr
+*.iws
+*.log
+lib
+bundle
+dist
Added: directory/sandbox/erodriguez/core-catalog/pom.xml
URL: http://svn.apache.org/viewvc/directory/sandbox/erodriguez/core-catalog/pom.xml?rev=581763&view=auto
==============================================================================
--- directory/sandbox/erodriguez/core-catalog/pom.xml (added)
+++ directory/sandbox/erodriguez/core-catalog/pom.xml Wed Oct 3 19:25:59 2007
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- $Rev: $ $Date: $ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-parent</artifactId>
+ <version>1.5.2-SNAPSHOT</version>
+ </parent>
+ <artifactId>apacheds-core-catalog</artifactId>
+ <name>ApacheDS Core Catalog</name>
+ <packaging>jar</packaging>
+
+ <description>
+ Interceptor demonstrating catalog mappings between regex's and DN's.
+ </description>
+
+ <dependencies>
+
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-core</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+
+ </dependencies>
+
+</project>
+
Propchange: directory/sandbox/erodriguez/core-catalog/pom.xml
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogEntry.java
URL: http://svn.apache.org/viewvc/directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogEntry.java?rev=581763&view=auto
==============================================================================
--- directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogEntry.java (added)
+++ directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogEntry.java Wed Oct 3 19:25:59 2007
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.catalog;
+
+
+/**
+ * An entry for the catalog is a mapping between name patterns and rules.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class CatalogEntry
+{
+ private String namePattern;
+ private String rule;
+
+
+ /**
+ * Creates a new instance of CatalogEntry.
+ *
+ * @param namePattern
+ * @param rule
+ */
+ CatalogEntry( String namePattern, String rule )
+ {
+ this.namePattern = namePattern;
+ this.rule = rule;
+ }
+
+
+ /**
+ * @return the namePattern
+ */
+ public String getNamePattern()
+ {
+ return namePattern;
+ }
+
+
+ /**
+ * @return the rule
+ */
+ public String getRule()
+ {
+ return rule;
+ }
+}
Propchange: directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogEntry.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogService.java
URL: http://svn.apache.org/viewvc/directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogService.java?rev=581763&view=auto
==============================================================================
--- directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogService.java (added)
+++ directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogService.java Wed Oct 3 19:25:59 2007
@@ -0,0 +1,184 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.catalog;
+
+
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.SearchResult;
+
+import org.apache.directory.server.core.DirectoryServiceConfiguration;
+import org.apache.directory.server.core.configuration.InterceptorConfiguration;
+import org.apache.directory.server.core.configuration.StartupConfiguration;
+import org.apache.directory.server.core.interceptor.BaseInterceptor;
+import org.apache.directory.server.core.interceptor.Interceptor;
+import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
+import org.apache.directory.server.core.invocation.Invocation;
+import org.apache.directory.server.core.invocation.InvocationStack;
+import org.apache.directory.server.core.normalization.NormalizationService;
+import org.apache.directory.server.core.partition.PartitionNexusProxy;
+import org.apache.directory.shared.ldap.codec.util.LdapURL;
+import org.apache.directory.shared.ldap.codec.util.LdapURLEncodingException;
+import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * An {@link Interceptor} that intercepts reads of the catalog search base DN and
+ * evaluates the search against catalog mapping rules.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class CatalogService extends BaseInterceptor
+{
+ /** The log for this class. */
+ private static final Logger log = LoggerFactory.getLogger( CatalogService.class );
+
+ /** The service name. */
+ public static final String NAME = "catalogService";
+
+ /** The default base DN for the catalog entries. */
+ public static final String DEFAULT_CATALOG_BASE = "ou=catalog,ou=system";
+
+ MapCatalogStoreImpl catalog = new MapCatalogStoreImpl();
+
+ /**
+ * Define the interceptors to bypass upon user lookup. The {@link NormalizationService}
+ * can NOT be skipped since we are adding a new search base DN.
+ */
+ private static final Collection<String> USERLOOKUP_BYPASS;
+ static
+ {
+ Set<String> c = new HashSet<String>();
+
+ c.add( StartupConfiguration.AUTHENTICATION_SERVICE_NAME );
+ c.add( StartupConfiguration.REFERRAL_SERVICE_NAME );
+ c.add( StartupConfiguration.AUTHORIZATION_SERVICE_NAME );
+ c.add( StartupConfiguration.DEFAULT_AUTHORIZATION_SERVICE_NAME );
+ c.add( StartupConfiguration.EXCEPTION_SERVICE_NAME );
+ c.add( StartupConfiguration.OPERATIONAL_ATTRIBUTE_SERVICE_NAME );
+ c.add( StartupConfiguration.SCHEMA_SERVICE_NAME );
+ c.add( StartupConfiguration.SUBENTRY_SERVICE_NAME );
+ c.add( StartupConfiguration.COLLECTIVE_ATTRIBUTE_SERVICE_NAME );
+ c.add( StartupConfiguration.EVENT_SERVICE_NAME );
+ c.add( StartupConfiguration.TRIGGER_SERVICE_NAME );
+ c.add( CatalogService.NAME );
+
+ USERLOOKUP_BYPASS = Collections.unmodifiableCollection( c );
+ }
+
+
+ /**
+ * TODO - Load catalog mappings into entry cache.
+ */
+ public void init( DirectoryServiceConfiguration factoryCfg, InterceptorConfiguration cfg ) throws NamingException
+ {
+ log.debug( "******** Trapped call to init()." );
+ }
+
+
+ /**
+ * Search.
+ *
+ * @param next
+ * @param opContext
+ * @return The search results.
+ * @throws NamingException
+ */
+ public NamingEnumeration<SearchResult> search( NextInterceptor next, OperationContext opContext )
+ throws NamingException
+ {
+ SearchOperationContext searchContext = ( SearchOperationContext ) opContext;
+ String upName = searchContext.getDn().getUpName();
+
+ if ( upName.equals( DEFAULT_CATALOG_BASE ) )
+ {
+ log.debug( "Intercepted call to catalog with filter '" + searchContext.getFilter() + "'." );
+
+ String[] attrs = searchContext.getSearchControls().getReturningAttributes();
+ List<String> list = Arrays.asList( attrs );
+
+ if ( list.contains( "krb5PrincipalName" ) )
+ {
+ String[] split = searchContext.getFilter().toString().split( "=" );
+ String principalName = split[1];
+ principalName = principalName.replaceAll( "\\)", "" ).trim();
+
+ String url = catalog.getKerberosPrincipal( principalName );
+
+ log.debug( "Intercepted catalog request for '" + principalName + "'. Redirecting to '" + url + "'." );
+
+ try
+ {
+ return search( searchContext, url );
+ }
+ catch ( NamingException ne )
+ {
+ ne.printStackTrace();
+ }
+ catch ( LdapURLEncodingException luee )
+ {
+ luee.printStackTrace();
+ }
+ }
+ }
+
+ return next.search( searchContext );
+ }
+
+
+ /**
+ * Execute the search with redirection to a new LDAP URL.
+ */
+ protected NamingEnumeration<SearchResult> search( SearchOperationContext searchContext, String url )
+ throws NamingException, LdapURLEncodingException
+ {
+ LdapURL ldapUrl = new LdapURL( url );
+ LdapDN newDn = ldapUrl.getDn();
+ searchContext.setDn( newDn );
+
+ Invocation invocation = InvocationStack.getInstance().peek();
+ PartitionNexusProxy proxy = invocation.getProxy();
+
+ try
+ {
+ return proxy.search( searchContext, USERLOOKUP_BYPASS );
+ }
+ catch ( Exception cause )
+ {
+ log.error( "Error redirecting search.", cause );
+ LdapAuthenticationException e = new LdapAuthenticationException();
+ e.setRootCause( cause );
+ throw e;
+ }
+ }
+}
Propchange: directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogService.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogStore.java
URL: http://svn.apache.org/viewvc/directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogStore.java?rev=581763&view=auto
==============================================================================
--- directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogStore.java (added)
+++ directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogStore.java Wed Oct 3 19:25:59 2007
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.catalog;
+
+
+/**
+ * Store interface for catalog entries. A catalog entry is a mapping from a
+ * Kerberos principal name to an LDAP URL.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public interface CatalogStore
+{
+ /**
+ * For a given Kerberos principal name, return the mapped LDAP URL.
+ *
+ * @param principalName
+ * @return The mapped LDAP URL.
+ */
+ public String getKerberosPrincipal( String principalName );
+}
Propchange: directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/CatalogStore.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/MapCatalogStoreImpl.java
URL: http://svn.apache.org/viewvc/directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/MapCatalogStoreImpl.java?rev=581763&view=auto
==============================================================================
--- directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/MapCatalogStoreImpl.java (added)
+++ directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/MapCatalogStoreImpl.java Wed Oct 3 19:25:59 2007
@@ -0,0 +1,140 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.catalog;
+
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+
+/**
+ * A store for testing the {@link CatalogService}, backed by a HashMap.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class MapCatalogStoreImpl implements CatalogStore
+{
+ /** Maps for representing the catalog entries. */
+ private static final Map<String, String> EXAMPLE_ENTRIES;
+ private static final Map<String, String> APACHE_ENTRIES;
+ private static final Map<String, Map<String, String>> REALM_ENTRIES;
+ private static final List<String> RULE_ORDER;
+
+ static
+ {
+ Map<String, String> map = new HashMap<String, String>();
+
+ map.put( "(.*)/admin", "ldap:///ou=admins,dc=example,dc=com??sub?krb5PrincipalName=$1/admin@EXAMPLE.COM" );
+ map.put( "(.*)/cgi",
+ "ldap:///cn=cgi,cn=applications,dc=example,dc=com??sub?krb5PrincipalName=$1/cgi@EXAMPLE.COM" );
+ map.put( "(.*)\\$", "ldap:///ou=machines,dc=example,dc=com??sub?krb5PrincipalName=$1\\$@EXAMPLE.COM" );
+ map.put( "(.*)", "ldap:///ou=users,dc=example,dc=com??sub?(krb5PrincipalName=$1@EXAMPLE.COM)" );
+
+ EXAMPLE_ENTRIES = Collections.unmodifiableMap( map );
+ }
+
+ static
+ {
+ Map<String, String> map = new HashMap<String, String>();
+
+ map.put( "(.*)/admin", "ldap:///ou=admins,dc=apache,dc=org??sub?krb5PrincipalName=$1/admin@APACHE.ORG" );
+ map
+ .put( "(.*)/cgi",
+ "ldap:///cn=cgi,cn=applications,dc=apache,dc=org??sub?krb5PrincipalName=$1/cgi@APACHE.ORG" );
+ map.put( "(.*)\\$", "ldap:///ou=machines,dc=apache,dc=org??sub?krb5PrincipalName=$1\\$@APACHE.ORG" );
+ map.put( "(.*)", "ldap:///ou=users,dc=apache,dc=org??sub?krb5PrincipalName=$1@APACHE.ORG" );
+
+ APACHE_ENTRIES = Collections.unmodifiableMap( map );
+ }
+
+ static
+ {
+ List<String> list = new ArrayList<String>();
+
+ list.add( "(.*)/admin" );
+ list.add( "(.*)/cgi" );
+ list.add( "(.*)\\$" );
+ list.add( "(.*)" );
+
+ RULE_ORDER = Collections.unmodifiableList( list );
+ }
+
+ static
+ {
+ Map<String, Map<String, String>> map = new HashMap<String, Map<String, String>>();
+
+ map.put( "example.com", EXAMPLE_ENTRIES );
+ map.put( "apache.org", APACHE_ENTRIES );
+
+ REALM_ENTRIES = Collections.unmodifiableMap( map );
+ }
+
+
+ public String getKerberosPrincipal( String principalName )
+ {
+ String[] split = principalName.split( "@" );
+ String nameComponent = split[0];
+ String realm = split[1];
+
+ return getResult( nameComponent, realm );
+ }
+
+
+ private String getResult( String nameComponent, String realm )
+ {
+ Map<String, String> realmMap = REALM_ENTRIES.get( realm.toLowerCase() );
+
+ Iterator<String> it = RULE_ORDER.iterator();
+
+ while ( it.hasNext() )
+ {
+ String namePattern = it.next();
+ String rule = realmMap.get( namePattern );
+
+ if ( rule != null )
+ {
+ Pattern pat = Pattern.compile( namePattern );
+
+ Matcher matcher = pat.matcher( nameComponent );
+ if ( matcher.matches() )
+ {
+ matcher.reset();
+
+ StringBuffer replaceResult = new StringBuffer();
+
+ matcher.find();
+ matcher.appendReplacement( replaceResult, rule );
+ matcher.appendTail( replaceResult );
+
+ return replaceResult.toString();
+ }
+ }
+ }
+
+ return null;
+ }
+}
Propchange: directory/sandbox/erodriguez/core-catalog/src/main/java/org/apache/directory/server/core/catalog/MapCatalogStoreImpl.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/sandbox/erodriguez/core-catalog/src/test/java/org/apache/directory/server/core/catalog/CatalogServiceTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/erodriguez/core-catalog/src/test/java/org/apache/directory/server/core/catalog/CatalogServiceTest.java?rev=581763&view=auto
==============================================================================
--- directory/sandbox/erodriguez/core-catalog/src/test/java/org/apache/directory/server/core/catalog/CatalogServiceTest.java (added)
+++ directory/sandbox/erodriguez/core-catalog/src/test/java/org/apache/directory/server/core/catalog/CatalogServiceTest.java Wed Oct 3 19:25:59 2007
@@ -0,0 +1,117 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.catalog;
+
+
+import junit.framework.TestCase;
+
+import org.apache.directory.shared.ldap.codec.util.LdapURL;
+
+
+/**
+ * An {@link TestCase} testing catalog entries. A catalog entry is a
+ * mapping between an administrative boundary, such as a Kerberos realm or a DNS zone,
+ * and a search base DN used to lookup entries, such as Kerberos principals or DNS
+ * resource records.
+ *
+ * Default for GSSAPI is krb5PrincipalName.
+ * Default for CRAM-MD5 and DIGEST-MD5 is uid.
+ *
+ * Some possibilities:
+ * 1) hostname$ maps to machine principals.
+ * 2) hnelson/admin maps to administrative accounts.
+ * 3) hnelson maps to users.
+ * 4) ldap/fqdn maps to services.
+ * 5) host/fqdn maps to services.
+ *
+ * TODO - Integration test compiling mappings from DIT.
+ * TODO - Integration test returning mappings from DIT.
+ * TODO - Integration test compound queries (queries that both re-map and fulfill
+ * the search).
+ * TODO - Possibly test as internal vs. external.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class CatalogServiceTest extends TestCase
+{
+ private CatalogStore catalog = new MapCatalogStoreImpl();
+
+
+ /**
+ * Tests that queries against the catalog with a Kerberos principal return
+ * the correct LDAP URLs.
+ */
+ public void testKerberosPrincipals()
+ {
+ String principalName = "hnelson/admin@EXAMPLE.COM";
+ assertEquals( "Result 1",
+ "ldap:///ou=admins,dc=example,dc=com??sub?krb5PrincipalName=hnelson/admin@EXAMPLE.COM", catalog
+ .getKerberosPrincipal( principalName ) );
+
+ principalName = "enrique/cgi@EXAMPLE.COM";
+ assertEquals( "Result 2",
+ "ldap:///cn=cgi,cn=applications,dc=example,dc=com??sub?krb5PrincipalName=enrique/cgi@EXAMPLE.COM", catalog
+ .getKerberosPrincipal( principalName ) );
+
+ principalName = "enrique@EXAMPLE.COM";
+ assertEquals( "Result 3", "ldap:///ou=users,dc=example,dc=com??sub?(krb5PrincipalName=enrique@EXAMPLE.COM)",
+ catalog.getKerberosPrincipal( principalName ) );
+
+ principalName = "enrique$@EXAMPLE.COM";
+ assertEquals( "Result 4", "ldap:///ou=machines,dc=example,dc=com??sub?krb5PrincipalName=enrique$@EXAMPLE.COM",
+ catalog.getKerberosPrincipal( principalName ) );
+
+ principalName = "hnelson/admin@APACHE.ORG";
+ assertEquals( "Result 5", "ldap:///ou=admins,dc=apache,dc=org??sub?krb5PrincipalName=hnelson/admin@APACHE.ORG",
+ catalog.getKerberosPrincipal( principalName ) );
+
+ principalName = "enrique/cgi@APACHE.ORG";
+ assertEquals( "Result 6",
+ "ldap:///cn=cgi,cn=applications,dc=apache,dc=org??sub?krb5PrincipalName=enrique/cgi@APACHE.ORG", catalog
+ .getKerberosPrincipal( principalName ) );
+
+ principalName = "enrique@APACHE.ORG";
+ assertEquals( "Result 7", "ldap:///ou=users,dc=apache,dc=org??sub?krb5PrincipalName=enrique@APACHE.ORG",
+ catalog.getKerberosPrincipal( principalName ) );
+
+ principalName = "enrique$@APACHE.ORG";
+ assertEquals( "Result 8", "ldap:///ou=machines,dc=apache,dc=org??sub?krb5PrincipalName=enrique$@APACHE.ORG",
+ catalog.getKerberosPrincipal( principalName ) );
+ }
+
+
+ /**
+ * Tests parsing of an LDAP URL.
+ *
+ * @throws Exception
+ */
+ public void testLdapUrlParsing() throws Exception
+ {
+ String url = "ldap:///ou=users,dc=example,dc=com?krb5PrincipalName?sub?(krb5PrincipalName=hnelson@EXAMPLE.COM)";
+
+ LdapURL ldapUrl = new LdapURL( url );
+ assertEquals( "krb5PrincipalName", ldapUrl.getAttributes().get( 0 ) );
+ assertEquals( "ou=users,dc=example,dc=com", ldapUrl.getDn().toString() );
+ assertEquals( "(krb5PrincipalName=hnelson@EXAMPLE.COM)", ldapUrl.getFilter() );
+ assertEquals( "ldap://", ldapUrl.getScheme() );
+ assertEquals( 2, ldapUrl.getScope() );
+ }
+}
Propchange: directory/sandbox/erodriguez/core-catalog/src/test/java/org/apache/directory/server/core/catalog/CatalogServiceTest.java
------------------------------------------------------------------------------
svn:eol-style = native