You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2006/01/17 11:39:22 UTC
svn commit: r369744 - in
/directory/trunks/common/ldap/src/main/java/org/apache/ldap/common/codec/bind:
BindRequestGrammar.java SaslCredentials.java
Author: elecharny
Date: Tue Jan 17 02:39:18 2006
New Revision: 369744
URL: http://svn.apache.org/viewcvs?rev=369744&view=rev
Log:
- Added a transition in the grammar to handle correctly sasl
- Changed logs
- Fixed the sasl encoding
Modified:
directory/trunks/common/ldap/src/main/java/org/apache/ldap/common/codec/bind/BindRequestGrammar.java
directory/trunks/common/ldap/src/main/java/org/apache/ldap/common/codec/bind/SaslCredentials.java
Modified: directory/trunks/common/ldap/src/main/java/org/apache/ldap/common/codec/bind/BindRequestGrammar.java
URL: http://svn.apache.org/viewcvs/directory/trunks/common/ldap/src/main/java/org/apache/ldap/common/codec/bind/BindRequestGrammar.java?rev=369744&r1=369743&r2=369744&view=diff
==============================================================================
--- directory/trunks/common/ldap/src/main/java/org/apache/ldap/common/codec/bind/BindRequestGrammar.java (original)
+++ directory/trunks/common/ldap/src/main/java/org/apache/ldap/common/codec/bind/BindRequestGrammar.java Tue Jan 17 02:39:18 2006
@@ -104,13 +104,23 @@
LdapStatesEnum.BIND_REQUEST_VALUE, LdapStatesEnum.BIND_REQUEST_VERSION_TAG,
new GrammarAction( "Init BindRequest" )
{
- public void action( IAsn1Container container )
+ public void action( IAsn1Container container ) throws DecoderException
{
LdapMessageContainer ldapMessageContainer = ( LdapMessageContainer )
container;
LdapMessage ldapMessage =
ldapMessageContainer.getLdapMessage();
+ // We will check that the request is not null
+ TLV tlv = ldapMessageContainer.getCurrentTLV();
+
+ if ( tlv.getLength().getLength() == 0 )
+ {
+ String msg = "The BindRequest must not be null";
+ log.error( msg );
+ throw new DecoderException( msg );
+ }
+
// Now, we can allocate the BindRequest Object
ldapMessage.setProtocolOP( new BindRequest() );
}
@@ -147,22 +157,23 @@
if ( version != 3 )
{
- log.error("The version " + version + " is invalid : it must be 3" );
+ log.error("The version {} is invalid : it must be 3", new Integer( version ) );
throw new DecoderException( "Ldap Version " + version + " is not supported" );
}
if ( log.isDebugEnabled() )
{
- log.debug( "Ldap version " + version );
+ log.debug( "Ldap version ", new Integer( version ) );
}
bindRequestMessage.setVersion( version );
}
catch ( IntegerDecoderException ide )
{
- log.error("The version " + StringTools.dumpBytes( value.getData() ) +
- " is invalid : " + ide.getMessage() + ". The version must be between (0 .. 127)" );
+ log.error("The version {} is invalid : {}. The version must be between (0 .. 127)",
+ StringTools.dumpBytes( value.getData() ),
+ ide.getMessage() );
throw new DecoderException( ide.getMessage() );
}
@@ -213,13 +224,13 @@
catch ( InvalidNameException ine )
{
String msg = "Incorrect DN given : " + StringTools.dumpBytes( tlv.getValue().getData() ) + " : " + ine.getMessage();
- log.error( msg + " : " + ine.getMessage());
+ log.error( "{} : {}", msg, ine.getMessage());
throw new DecoderException( msg, ine );
}
catch ( NamingException ne )
{
String msg = "Incorrect DN given : " + StringTools.dumpBytes( tlv.getValue().getData() ) + " : " + ne.getMessage();
- log.error( msg + " : " + ne.getMessage() );
+ log.error( "{} : {}", msg, ne.getMessage() );
throw new DecoderException( msg, ne );
}
@@ -228,7 +239,7 @@
if ( log.isDebugEnabled() )
{
- log.debug( " The Bind name is " + bindRequestMessage.getName() );
+ log.debug( " The Bind name is {}", bindRequestMessage.getName() );
}
return;
@@ -289,13 +300,13 @@
if ( log.isDebugEnabled() )
{
- log.debug( "The simple authentication is : " + authentication.getSimple() );
+ log.debug( "The simple authentication is : {}", authentication.getSimple() );
}
}
} );
//--------------------------------------------------------------------------------------------
- // If it's 0x83, it is a Sasl Credentials.
+ // If it's 0xA3, it is a Sasl Credentials.
// AuthenticationChoice ::= CHOICE {
// ...
// sasl [3] SaslCredentials }
@@ -306,9 +317,69 @@
//--------------------------------------------------------------------------------------------
// AuthenticationChoice ::= CHOICE {
// sasl [3] saslCredentials, (Tag)
- // Nothing to do. In fact, 0x83 is the mechanism tag.
+ // Nothing to do. In fact, 0xA3 is the mechanism tag.
super.transitions[LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_CHOICE_TAG][LdapConstants.BIND_REQUEST_SASL_TAG] =
new GrammarTransition( LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_CHOICE_TAG,
+ LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_SASL_VALUE, null );
+
+ //--------------------------------------------------------------------------------------------
+ // If it's 0x83, it is a Sasl Credentials.
+ // AuthenticationChoice ::= CHOICE {
+ // ...
+ // sasl [3] SaslCredentials }
+ //
+ // SaslCredentials ::= SEQUENCE {
+ // mechanism LDAPSTRING,
+ // credentials OCTET STRING OPTIONNAL }
+ //--------------------------------------------------------------------------------------------
+ // AuthenticationChoice ::= CHOICE {
+ // sasl [3] saslCredentials, (Value)
+ // We will just check that the structure is not null, and create the structure
+ super.transitions[LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_SASL_VALUE][LdapConstants.BIND_REQUEST_SASL_TAG] =
+ new GrammarTransition( LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_CHOICE_TAG,
+ LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_MECHANISM_TAG,
+ new GrammarAction( "Create Bind sasl Authentication Object" )
+ {
+ public void action( IAsn1Container container ) throws DecoderException
+ {
+
+ LdapMessageContainer ldapMessageContainer = ( LdapMessageContainer )
+ container;
+ BindRequest bindRequestMessage =
+ ldapMessageContainer.getLdapMessage().getBindRequest();
+ TLV tlv = ldapMessageContainer.getCurrentTLV();
+
+ // We will check that the sasl is not null
+ if ( tlv.getLength().getLength() == 0 )
+ {
+ String msg = "The SaslCredential must not be null";
+ log.error( msg );
+ throw new DecoderException( msg );
+ }
+
+ // Create the SaslCredentials Object
+ SaslCredentials authentication = new SaslCredentials();
+
+ authentication.setParent( bindRequestMessage );
+
+ bindRequestMessage.setAuthentication( authentication );
+
+ log.debug( "The SaslCredential has been created" );
+
+ return;
+ }
+ } );
+
+ //--------------------------------------------------------------------------------------------
+ // AuthenticationChoice ::= CHOICE {
+ // sasl [3] saslCredentials, (Tag)
+ //
+ // SaslCredentials ::= SEQUENCE {
+ // mechanism LDAPSTRING, (Value)
+ // ...
+ // Nothing to do.
+ super.transitions[LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_MECHANISM_TAG][UniversalTag.OCTET_STRING_TAG] =
+ new GrammarTransition( LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_MECHANISM_TAG,
LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_MECHANISM_VALUE, null );
// AuthenticationChoice ::= CHOICE {
@@ -318,7 +389,7 @@
// mechanism LDAPSTRING, (Value)
// ...
// We have to store the mechanism.
- super.transitions[LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_MECHANISM_VALUE][LdapConstants.BIND_REQUEST_SASL_TAG] =
+ super.transitions[LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_MECHANISM_VALUE][UniversalTag.OCTET_STRING_TAG] =
new GrammarTransition( LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_MECHANISM_VALUE,
LdapStatesEnum.BIND_REQUEST_AUTHENTICATION_CREDENTIALS_TAG,
new GrammarAction( "Create Bind sasl Authentication Object" )
@@ -332,12 +403,8 @@
ldapMessageContainer.getLdapMessage().getBindRequest();
TLV tlv = ldapMessageContainer.getCurrentTLV();
- // Create the SaslCredentials Object
- SaslCredentials authentication = new SaslCredentials();
-
- authentication.setParent( bindRequestMessage );
-
- bindRequestMessage.setAuthentication( authentication );
+ // Get the SaslCredentials Object
+ SaslCredentials authentication = bindRequestMessage.getSaslAuthentication();
// We have to handle the special case of a 0 length mechanism
if (tlv.getLength().getLength() == 0)
@@ -352,7 +419,9 @@
}
catch ( LdapStringEncodingException lsee )
{
- log.error( "Invalid mechanism : " + StringTools.dumpBytes( tlv.getValue().getData() ) + " : " + lsee.getMessage() );
+ log.error( "Invalid mechanism : {} : {}",
+ StringTools.dumpBytes( tlv.getValue().getData() ),
+ lsee.getMessage() );
throw new DecoderException( lsee.getMessage() );
}
}
@@ -362,7 +431,7 @@
if ( log.isDebugEnabled() )
{
- log.debug( "The mechanism is : " + authentication.getMechanism() );
+ log.debug( "The mechanism is : {}", authentication.getMechanism() );
}
return;
@@ -435,7 +504,7 @@
if ( log.isDebugEnabled() )
{
- log.debug( "The credentials are : " + credentials.getCredentials() );
+ log.debug( "The credentials are : {}", credentials.getCredentials() );
}
return;
Modified: directory/trunks/common/ldap/src/main/java/org/apache/ldap/common/codec/bind/SaslCredentials.java
URL: http://svn.apache.org/viewcvs/directory/trunks/common/ldap/src/main/java/org/apache/ldap/common/codec/bind/SaslCredentials.java?rev=369744&r1=369743&r2=369744&view=diff
==============================================================================
--- directory/trunks/common/ldap/src/main/java/org/apache/ldap/common/codec/bind/SaslCredentials.java (original)
+++ directory/trunks/common/ldap/src/main/java/org/apache/ldap/common/codec/bind/SaslCredentials.java Tue Jan 17 02:39:18 2006
@@ -50,6 +50,12 @@
/** optional credentials of the user */
private byte[] credentials;
+
+ /** The mechanism length */
+ private transient int mechanismLength;
+
+ /** The credentials length */
+ private transient int credentialsLength;
//~ Methods ------------------------------------------------------------------------------------
@@ -99,27 +105,33 @@
*
* Sasl authentication :
*
- * 0x83 L1 mechanism
- * [0x04 L2 credentials]
- *
- * L1 = Length(mechanism)
- * L2 = Length(credentials)
- *
- * Length(Sasl authentication) = Length(0x83) + Length(L1) + Length(mechanism)
- * [+ Length(0x04) + Length(L2) + Length(credentials)]
+ * 0xA3 L1
+ * 0x04 L2 mechanism
+ * [0x04 L3 credentials]
+ *
+ * L2 = Length(mechanism)
+ * L3 = Length(credentials)
+ * L1 = L2 + L3
+ *
+ * Length(Sasl authentication) = Length(0xA3) + Length(L1) +
+ * Length(0x04) + Length(L2) + Length(mechanism)
+ * [+ Length(0x04) + Length(L3) + Length(credentials)]
*/
public int computeLength()
{
- int saslLength = 1 + Length.getNbBytes( mechanism.getNbBytes() ) + mechanism.getNbBytes();
+ mechanismLength = 1 + Length.getNbBytes( mechanism.getNbBytes() ) + mechanism.getNbBytes();
+ credentialsLength = 0;
if (credentials != null)
{
- saslLength += 1 + Length.getNbBytes( credentials.length ) + credentials.length;
+ credentialsLength = 1 + Length.getNbBytes( credentials.length ) + credentials.length;
}
-
+
+ int saslLength = 1 + Length.getNbBytes( mechanismLength + credentialsLength) + mechanismLength + credentialsLength;
+
if ( log.isDebugEnabled() )
{
- log.debug( "SASL Authentication length : " + saslLength );
+ log.debug( "SASL Authentication length : {}", new Integer( saslLength ) );
}
return saslLength;
@@ -130,8 +142,9 @@
*
* SimpleAuthentication :
*
- * 0x83 LL mechanism
- * [0x04 LL credentials]
+ * 0xA3 L1
+ * 0x04 L2 mechanism
+ * [0x04 L3 credentials]
*
* @param buffer The buffer where to put the PDU
* @return The PDU.
@@ -148,8 +161,10 @@
{
// The saslAuthentication Tag
buffer.put( (byte) LdapConstants.BIND_REQUEST_SASL_TAG );
- buffer.put( Length.getBytes( mechanism.getNbBytes() ) ) ;
- buffer.put( mechanism.getBytes() ) ;
+
+ buffer.put( Length.getBytes( mechanismLength + credentialsLength ) ) ;
+
+ Value.encode( buffer, mechanism.toString() );
if ( credentials != null )
{