You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ak...@apache.org on 2005/10/25 04:13:16 UTC
svn commit: r328236 - in /directory/apacheds/trunk:
core/src/main/java/org/apache/ldap/server/authn/AbstractAuthenticator.java
core/src/main/java/org/apache/ldap/server/authn/SimpleAuthenticator.java
main/src/test/org/apache/ldap/server/MiscTest.java
Author: akarasulu
Date: Mon Oct 24 19:13:10 2005
New Revision: 328236
URL: http://svn.apache.org/viewcvs?rev=328236&view=rev
Log:
changes ...
o added test case from DIREVE-284
o fixed bug in SimAuth where principal name was not being looked with
normalization in effect so it was failing because it could not find the
user entry
o uncommented stuff that caused problems for endi
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/AbstractAuthenticator.java
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/SimpleAuthenticator.java
directory/apacheds/trunk/main/src/test/org/apache/ldap/server/MiscTest.java
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/AbstractAuthenticator.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/AbstractAuthenticator.java?rev=328236&r1=328235&r2=328236&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/AbstractAuthenticator.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/AbstractAuthenticator.java Mon Oct 24 19:13:10 2005
@@ -23,6 +23,8 @@
import org.apache.ldap.server.DirectoryServiceConfiguration;
import org.apache.ldap.server.configuration.AuthenticatorConfiguration;
import org.apache.ldap.server.jndi.ServerContext;
+import org.apache.ldap.common.aci.AuthenticationLevel;
+import org.apache.ldap.common.name.LdapName;
/**
@@ -59,7 +61,7 @@
{
return factoryCfg;
}
-
+
/**
* Returns the configuration of this authenticator.
*/
@@ -111,7 +113,7 @@
this.cfg = null;
}
}
-
+
/**
* Implement your deinitialization code here.
*/
@@ -132,9 +134,9 @@
* @throws NamingException if there is a problem parsing <tt>name</tt>
*/
// does not seem to be used
-// protected static LdapPrincipal createLdapPrincipal( String name, AuthenticationLevel authenticationLeve ) throws NamingException
-// {
-// LdapName principalDn = new LdapName( name );
-// return new LdapPrincipal( principalDn, AuthenticationLevel.SIMPLE );
-// }
+ protected static LdapPrincipal createLdapPrincipal( String name, AuthenticationLevel authenticationLeve ) throws NamingException
+ {
+ LdapName principalDn = new LdapName( name );
+ return new LdapPrincipal( principalDn, AuthenticationLevel.SIMPLE );
+ }
}
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/SimpleAuthenticator.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/SimpleAuthenticator.java?rev=328236&r1=328235&r2=328236&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/SimpleAuthenticator.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/SimpleAuthenticator.java Mon Oct 24 19:13:10 2005
@@ -28,6 +28,14 @@
import org.apache.ldap.common.aci.AuthenticationLevel;
import org.apache.ldap.server.jndi.ServerContext;
import org.apache.ldap.server.partition.DirectoryPartitionNexus;
+import org.apache.ldap.server.partition.DirectoryPartitionNexusProxy;
+import org.apache.ldap.server.invocation.Invocation;
+import org.apache.ldap.server.invocation.InvocationStack;
+
+import java.util.HashSet;
+import java.util.Collections;
+import java.util.Set;
+import java.util.Collection;
/**
@@ -38,6 +46,22 @@
*/
public class SimpleAuthenticator extends AbstractAuthenticator
{
+ private static final Collection USERLOOKUP_BYPASS;
+
+ static
+ {
+ Set c = new HashSet();
+ c.add( "authenticationService" );
+ c.add( "authorizationService" );
+ c.add( "oldAuthorizationService" );
+ c.add( "schemaService" );
+ c.add( "subentryService" );
+ c.add( "operationalAttributeService" );
+ c.add( "eventService" );
+ USERLOOKUP_BYPASS = Collections.unmodifiableCollection( c );
+ }
+
+
/**
* Creates a new instance.
*/
@@ -46,6 +70,7 @@
super( "simple" );
}
+
/**
* Looks up <tt>userPassword</tt> attribute of the entry whose name is
* the value of {@link Context#SECURITY_PRINCIPAL} environment variable,
@@ -87,16 +112,16 @@
// ---- lookup the principal entry's userPassword attribute
LdapName principalDn = new LdapName( principal );
-
- DirectoryPartitionNexus nexus = getFactoryConfiguration().getPartitionNexus();
+ Invocation invocation = InvocationStack.getInstance().peek();
+ DirectoryPartitionNexusProxy proxy = invocation.getProxy();
Attributes userEntry;
-
+
try
{
- userEntry = nexus.lookup( principalDn, new String[] {"userPassword"} );
+ userEntry = proxy.lookup( principalDn, new String[] {"userPassword"}, USERLOOKUP_BYPASS );
if ( userEntry == null )
{
- throw new LdapAuthenticationException();
+ throw new LdapAuthenticationException( "Failed to lookup user for authentication: " + principal );
}
}
catch( Exception cause )
Modified: directory/apacheds/trunk/main/src/test/org/apache/ldap/server/MiscTest.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/main/src/test/org/apache/ldap/server/MiscTest.java?rev=328236&r1=328235&r2=328236&view=diff
==============================================================================
--- directory/apacheds/trunk/main/src/test/org/apache/ldap/server/MiscTest.java (original)
+++ directory/apacheds/trunk/main/src/test/org/apache/ldap/server/MiscTest.java Mon Oct 24 19:13:10 2005
@@ -17,7 +17,12 @@
package org.apache.ldap.server;
+import org.apache.ldap.server.configuration.MutableDirectoryPartitionConfiguration;
+
import java.util.Hashtable;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.Collections;
import javax.naming.Context;
import javax.naming.InitialContext;
@@ -57,6 +62,24 @@
{
configuration.setAllowAnonymousAccess( false );
}
+ else if ( this.getName().equals( "testUserAuthOnMixedCaseSuffix" ) )
+ {
+ Set partitions = new HashSet();
+ partitions.addAll( configuration.getContextPartitionConfigurations() );
+ MutableDirectoryPartitionConfiguration partition = new MutableDirectoryPartitionConfiguration();
+ partition.setSuffix( "dc=aPache,dc=org" );
+ Attributes entry = new BasicAttributes( "dc", "aPache", true );
+ Attribute oc = new BasicAttribute( "objectClass" );
+ entry.put( oc );
+ oc.add( "top" );
+ oc.add( "domain" );
+ partition.setName( "apache" );
+ partition.setContextEntry( entry );
+ partition.setIndexedAttributes( Collections.singleton( "dc" ) );
+ partitions.add( partition );
+ configuration.setContextPartitionConfigurations( partitions );
+ }
+
super.setUp();
}
@@ -168,5 +191,44 @@
list.close();
Attribute creatorsName = result.getAttributes().get( "creatorsName" );
assertEquals( "", creatorsName.get() );
+ }
+
+
+ /**
+ * Test case for <a href="http://issues.apache.org/jira/browse/DIREVE-284" where users in
+ * mixed case partitions were not able to authenticate properly. This test case creates
+ * a new partition under dc=aPache,dc=org, it then creates the example user in the JIRA
+ * issue and attempts to authenticate as that user.
+ *
+ * @throws Exception if the user cannot authenticate or test fails
+ */
+ public void testUserAuthOnMixedCaseSuffix() throws Exception
+ {
+ final Hashtable env = new Hashtable();
+
+ env.put( Context.PROVIDER_URL, "ldap://localhost:" + port + "/dc=aPache,dc=org" );
+ env.put("java.naming.ldap.version", "3");
+ env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+ InitialDirContext ctx = new InitialDirContext( env );
+ Attributes attrs = ctx.getAttributes( "" );
+ assertTrue( attrs.get( "dc" ).get().equals( "aPache" ) );
+
+ Attributes user = new BasicAttributes( "cn", "Kate Bush", true );
+ Attribute oc = new BasicAttribute( "objectClass" );
+ oc.add( "top" );
+ oc.add( "person" );
+ oc.add( "organizationalPerson" );
+ oc.add( "inetOrgPerson" );
+ user.put( oc );
+ user.put( "sn", "Bush" );
+ user.put( "userPassword", "Aerial" );
+ ctx.createSubcontext( "cn=Kate Bush", user );
+
+ env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+ env.put( Context.SECURITY_CREDENTIALS, "Aerial" );
+ env.put( Context.SECURITY_PRINCIPAL, "cn=Kate Bush,dc=aPache,dc=org" );
+
+ InitialDirContext userCtx = new InitialDirContext( env );
+ assertNotNull( userCtx );
}
}