You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ak...@apache.org on 2005/02/01 04:42:28 UTC
svn commit: r149364 - in
incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos:
kdc/store/PrincipalStoreEntry.java sam/SamException.java
sam/SamSubsystem.java sam/SamType.java sam/SamVerifier.java
Author: akarasulu
Date: Mon Jan 31 19:42:26 2005
New Revision: 149364
URL: http://svn.apache.org/viewcvs?view=rev&rev=149364
Log:
changes ...
o added SamType type safe enum for SAM provider types
o modified SamVerifier to report type using enum
o added SamSubsystem (will change later) to load the SamVerifier associated
with the Kerberos principal store entry's SamType
todos ...
o still need to modify the principal store to lookup and set the user's
sam type - we can use a null SamType to denote a regular user that does
not use a SAM
Added:
incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamSubsystem.java
incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamType.java
Modified:
incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/store/PrincipalStoreEntry.java
incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamException.java
incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamVerifier.java
Modified: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/store/PrincipalStoreEntry.java
URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/store/PrincipalStoreEntry.java?view=diff&r1=149363&r2=149364
==============================================================================
--- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/store/PrincipalStoreEntry.java (original)
+++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/store/PrincipalStoreEntry.java Mon Jan 31 19:42:26 2005
@@ -18,6 +18,7 @@
import org.apache.kerberos.crypto.encryption.*;
import org.apache.kerberos.messages.value.*;
+import org.apache.kerberos.sam.SamType;
import javax.security.auth.kerberos.*;
@@ -34,6 +35,7 @@
private int _maxLife;
private int _maxRenew;
private int _kdcFlags;
+ private SamType samType = SamType.PA_SAM_TYPE_APACHE;
private EncryptionKey _key;
private String _realmName;
@@ -86,5 +88,10 @@
public KerberosTime getValidStart() {
return _validStart;
}
+
+ public SamType getSamType()
+ {
+ return samType;
+ }
}
Modified: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamException.java
URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamException.java?view=diff&r1=149363&r2=149364
==============================================================================
--- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamException.java (original)
+++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamException.java Mon Jan 31 19:42:26 2005
@@ -26,26 +26,76 @@
*/
public class SamException extends Exception
{
- public SamException()
+ /** the SAM type that caused this exception */
+ private final SamType type;
+
+
+ /**
+ * Creates a SamException for a specific SamType.
+ *
+ * @param type the type value for the SAM algorithm associated with this exception
+ */
+ public SamException( SamType type )
{
super();
+
+ this.type = type;
}
- public SamException( String message )
+ /**
+ * Creates a SamException for a specific SamType, with message.
+ *
+ * @param type the type value for the SAM algorithm associated with this exception
+ * @param message a message regarding the nature of the fault
+ */
+ public SamException( SamType type, String message )
{
super( message );
+
+ this.type = type;
}
- public SamException( Throwable cause )
+ /**
+ * Creates a SamException for a specific SamType, with the cause resulted in
+ * this exception.
+ *
+ * @param type the type value for the SAM algorithm associated with this exception
+ * @param cause the throwable that resulted in this exception being thrown
+ */
+ public SamException( SamType type, Throwable cause )
{
super( cause );
+
+ this.type = type;
}
- public SamException( String message, Throwable cause )
+ /**
+ * Creates a SamException for a specific SamType, with a message and the
+ * cause that resulted in this exception.
+ *
+ *
+ * @param type the type value for the SAM algorithm associated with this exception
+ * @param message a message regarding the nature of the fault
+ * @param cause the throwable that resulted in this exception being thrown
+ */
+ public SamException( SamType type, String message, Throwable cause )
{
super( message, cause );
+
+ this.type = type;
+ }
+
+
+ /**
+ * Gets the registered SAM algorithm type associated with this SamException.
+ *
+ * @return the type value for the SAM algorithm associated with this exception
+ */
+ public SamType getSamType()
+ {
+ return this.type;
}
}
Added: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamSubsystem.java
URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamSubsystem.java?view=auto&rev=149364
==============================================================================
--- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamSubsystem.java (added)
+++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamSubsystem.java Mon Jan 31 19:42:26 2005
@@ -0,0 +1,92 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.kerberos.sam;
+
+
+import org.apache.kerberos.kdc.store.PrincipalStoreEntry;
+
+
+/**
+ * The Subsystem that enables the Kerberos server to use plugable Single-use
+ * Authentication mechanisms.
+ *
+ * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
+ * @version $Rev$
+ */
+public final class SamSubsystem
+{
+ /** the property key base used for SAM algorithm verifiers */
+ public static final String PROPKEY_BASE = "kerberos.sam.type.";
+
+
+ /**
+ * Uses the principal entry information to load the approapriate SamVerifier
+ * and verify the Single-use password.
+ *
+ * @param entry the store entry for the Kerberos principal
+ * @param sup the single use password value
+ * @return true if verification passed, false otherwise
+ * @throws SamException thrown when there is a failure within the verifier
+ * or a verifier cannot be found.
+ */
+ public static boolean verify( PrincipalStoreEntry entry, String sup ) throws SamException
+ {
+ String key = PROPKEY_BASE + entry.getSamType().getOrdinal();
+
+ if ( System.getProperties().containsKey( key ) )
+ {
+ throw new SamException( entry.getSamType(), "Could not find property '" + key + "'" );
+ }
+
+ String fqcn = System.getProperty( key );
+
+ try
+ {
+ Class c = Class.forName( fqcn );
+
+ SamVerifier verifier = ( SamVerifier ) c.newInstance();
+
+ String user = entry.getPrincipal().getName();
+
+ return verifier.verify( user, entry.getRealmName(), sup );
+ }
+ catch ( ClassNotFoundException e )
+ {
+ String msg = "Could not find verifier class '" + fqcn;
+
+ msg += "' for SamType( " + entry.getSamType() + " ) " ;
+
+ throw new SamException( entry.getSamType(), msg, e );
+ }
+ catch ( IllegalAccessException e )
+ {
+ String msg = "No public default constructor on class '" + fqcn;
+
+ msg += "' for SamType( " + entry.getSamType() + " ) " ;
+
+ throw new SamException( entry.getSamType(), msg, e );
+ }
+ catch ( InstantiationException e )
+ {
+ String msg = "Failed on default constructor invocation for class '" + fqcn;
+
+ msg += "' for SamType( " + entry.getSamType() + " ) " ;
+
+ throw new SamException( entry.getSamType(), msg, e );
+ }
+ }
+}
Added: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamType.java
URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamType.java?view=auto&rev=149364
==============================================================================
--- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamType.java (added)
+++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamType.java Mon Jan 31 19:42:26 2005
@@ -0,0 +1,140 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.kerberos.sam;
+
+
+import java.util.List;
+import java.util.Arrays;
+import java.util.Collections;
+
+
+/**
+ * Type safe enumeration of Single-use Authentication Mechanism types
+ *
+ * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
+ * @version $Rev$
+ */
+public final class SamType implements Comparable
+{
+ /*
+ * Enumeration elements are constructed once upon class loading.
+ * Order of appearance here determines the order of compareTo.
+ */
+
+ /** safe SAM type enum for Enigma Logic */
+ public static final SamType PA_SAM_TYPE_ENIGMA = new SamType( 1, "Enigma Logic" );
+
+ /** safe SAM type enum for Digital Pathways */
+ public static final SamType PA_SAM_TYPE_DIGI_PATH = new SamType( 2, "Digital Pathways" );
+
+ /** safe SAM type enum for S/key where KDC has key 0 */
+ public static final SamType PA_SAM_TYPE_SKEY_K0 = new SamType( 3, "S/key where KDC has key 0" );
+
+ /** safe SAM type enum for Traditional S/Key */
+ public static final SamType PA_SAM_TYPE_SKEY = new SamType( 4, "Traditional S/Key" );
+
+ /** safe SAM type enum for Security Dynamics */
+ public static final SamType PA_SAM_TYPE_SECURID = new SamType( 5, "Security Dynamics" );
+
+ /** safe SAM type enum for CRYPTOCard */
+ public static final SamType PA_SAM_TYPE_CRYPTOCARD = new SamType( 6, "CRYPTOCard" );
+
+ /** safe SAM type enum for Apache Software Foundation */
+ public static final SamType PA_SAM_TYPE_APACHE = new SamType( 7, "Apache Software Foundation" );
+
+ /** Array for building a List of VALUES. */
+ private static final SamType[] values = {
+ PA_SAM_TYPE_ENIGMA, PA_SAM_TYPE_DIGI_PATH, PA_SAM_TYPE_SKEY_K0,
+ PA_SAM_TYPE_SKEY, PA_SAM_TYPE_SECURID, PA_SAM_TYPE_CRYPTOCARD,
+ PA_SAM_TYPE_APACHE
+ };
+
+ /** a list of all the sam type constants */
+ public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+
+ /** the name of the sam type */
+ private final String name;
+
+ /** the value/code for the sam type */
+ private final int ordinal;
+
+
+ /**
+ * Private constructor prevents construction outside of this class.
+ */
+ private SamType( int ordinal, String name )
+ {
+ this.ordinal = ordinal;
+ this.name = name;
+ }
+
+
+ /**
+ * Returns the name of the SamType.
+ *
+ * @return the name of the SAM type
+ */
+ public String toString()
+ {
+ return name;
+ }
+
+
+ /**
+ * Compares this type to another object hopefully one that is of the same
+ * type.
+ *
+ * @param that the object to compare this SamType to
+ * @return ordinal - ( ( SamType ) that ).ordinal;
+ */
+ public int compareTo( Object that )
+ {
+ return ordinal - ( ( SamType ) that ).ordinal;
+ }
+
+
+ /**
+ * Gets the ordinal by its ordinal value.
+ *
+ * @param ordinal the ordinal value of the ordinal
+ * @return the type corresponding to the ordinal value
+ */
+ public static SamType getTypeByOrdinal( int ordinal )
+ {
+ for ( int ii = 0; ii < values.length; ii++ )
+ {
+ if ( values[ ii ].ordinal == ordinal )
+ {
+ return values[ ii ];
+ }
+ }
+
+ return PA_SAM_TYPE_APACHE;
+ }
+
+
+ /**
+ * Gets the ordinal value associated with this SAM type.
+ *
+ * @return the ordinal value associated with this SAM type
+ */
+ public int getOrdinal()
+ {
+ return ordinal;
+ }
+}
+
Modified: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamVerifier.java
URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamVerifier.java?view=diff&r1=149363&r2=149364
==============================================================================
--- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamVerifier.java (original)
+++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sam/SamVerifier.java Mon Jan 31 19:42:26 2005
@@ -40,5 +40,5 @@
*
* @return the type value for the SAM algorithm used to verify the SUP.
*/
- int getSamType();
+ SamType getSamType();
}