You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Emmanuel Lecharny (JIRA)" <ji...@apache.org> on 2013/06/20 11:47:20 UTC

[jira] [Updated] (DIRSERVER-1829) bug in initializing authenticators for AuthenticatorInterceptor

     [ https://issues.apache.org/jira/browse/DIRSERVER-1829?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Emmanuel Lecharny updated DIRSERVER-1829:
-----------------------------------------

    Fix Version/s:     (was: 2.0.0-RC1)
                   2.0.0-M13
    
> bug in initializing authenticators for AuthenticatorInterceptor
> ---------------------------------------------------------------
>
>                 Key: DIRSERVER-1829
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1829
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 2.0.0-M11
>            Reporter: James C. Wu
>            Priority: Minor
>             Fix For: 2.0.0-M13
>
>
> Le 4/16/13 8:05 PM, Wu, James C. a écrit :
> > Hi,
> >
> > I am looking at this two method definition in the AuthenticationInterceptor.java class.  This two method should both set to the authenticators for the interceptor to the input given in the parameter given both are a setter.  However, the logic of method body of these two methods are quite different. The first method just set the member variable (authenticators) to the input parameters, while the second method will register the authenticator and strangely enough, it does not set the member variable (authenticators) to the input parameter.
> >
> >     /**
> >      * @param authenticators authenticators to be used by this AuthenticationInterceptor
> >      */
> >     public void setAuthenticators( Set<Authenticator> authenticators )
> >     {
> >         if ( authenticators == null )
> >         {
> >             this.authenticators.clear();
> >         }
> >         else
> >         {
> >             this.authenticators = authenticators;
> >         }
> >     }
> >
> >
> >     /**
> >      * @param authenticators authenticators to be used by this AuthenticationInterceptor
> >      */
> >     public void setAuthenticators( Authenticator[] authenticators )
> >     {
> >         if ( authenticators == null )
> >         {
> >             throw new IllegalArgumentException( "The given authenticators set is null" );
> >         }
> >
> >         this.authenticators.clear();
> >         this.authenticatorsMapByType.clear();
> >
> >         for ( Authenticator authenticator : authenticators )
> >         {
> >             try
> >             {
> >                 register( authenticator, directoryService );
> >             }
> >             catch ( LdapException le )
> >             {
> >                 LOG.error( "Cannot register authenticator {}", authenticator );
> >             }
> >         }
> >     }
> >
> >
> > I traced the execution of the start of the apacheds service. During the startup of the apacheds service, three authenticators will be created, and the setAuthenticators( Authenticator[] authenticators ) method will be called. But due to the fact that, the member variable authenticators is not set, when the execution gets to init method of the authenticatorinterceptor, three new default authenticator will be created because the authenticators is null and default authenticators are created. Now we have six authenticators. Three of them (Simple, Strong, Anonymous) created by the setDefaultAuthenticators are in the authenticators list, the other three (Simple, Strong, Anonymous) created by createInterceptors  in the ServiceBuilder class are in the authenticatorsMapByType map.
> >
> > I am thinking this is a bug. First of all, these two methods should behave in the same way. Second, we should not have duplicated authenticators, plus the three authenticators created by the createInterceptors   method in the ServiceBuilder class is not properly initialized. Their directoryService field is null.
> This is clearly a wrong initialization. My understanding is that we have stacked layers on top of layers during years, but never cleaned up the class.
> I also modified this code 8 weeks ago, I don't remember why I change it this way (cf http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java?r1=1424688&r2=1446503&diff_format=h),
> but this is clearly wrong...

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira