You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2011/11/13 00:58:42 UTC
svn commit: r1201362 [1/6] - in /directory/apacheds/branches/apacheds-osgi:
interceptor-kerberos/
interceptor-kerberos/src/main/java/org/apache/directory/server/core/kerberos/
interceptors/admin/
interceptors/admin/src/main/java/org/apache/directory/se...
Author: elecharny
Date: Sat Nov 12 23:58:40 2011
New Revision: 1201362
URL: http://svn.apache.org/viewvc?rev=1201362&view=rev
Log:
Merged trunk into the osgi branch
Modified:
directory/apacheds/branches/apacheds-osgi/interceptor-kerberos/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptor-kerberos/src/main/java/org/apache/directory/server/core/kerberos/KeyDerivationInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/admin/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/authn/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java
directory/apacheds/branches/apacheds-osgi/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/authz/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/authz/src/main/java/org/apache/directory/server/core/authz/AciAuthorizationInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/authz/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/authz/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java
directory/apacheds/branches/apacheds-osgi/interceptors/changelog/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/changelog/src/main/java/org/apache/directory/server/core/changelog/ChangeLogInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/collective/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/collective/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/event/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/event/src/main/java/org/apache/directory/server/core/event/EventInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/exception/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/exception/src/main/java/org/apache/directory/server/core/exception/ExceptionInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/CryptPasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/Md5PasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/PasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/Sha256PasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/Sha384PasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/Sha512PasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/ShaPasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/Smd5PasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/Ssha256PasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/Ssha384PasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/Ssha512PasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/hash/src/main/java/org/apache/directory/server/core/hash/SshaPasswordHashingInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/journal/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/journal/src/main/java/org/apache/directory/server/core/journal/JournalInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/logger/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/logger/src/main/java/org/apache/directory/server/core/logger/TimerInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/normalization/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/normalization/src/main/java/org/apache/directory/server/core/normalization/NormalizationInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/operational/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/operational/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/referral/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/referral/src/main/java/org/apache/directory/server/core/referral/ReferralInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/schema/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/schema/src/main/java/org/apache/directory/server/core/schema/SchemaInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/schema/src/main/java/org/apache/directory/server/core/schema/SchemaLdifToPartitionExtractor.java
directory/apacheds/branches/apacheds-osgi/interceptors/schema/src/main/java/org/apache/directory/server/core/schema/SchemaSubentryModifier.java
directory/apacheds/branches/apacheds-osgi/interceptors/subtree/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/subtree/src/main/java/org/apache/directory/server/core/subtree/SubentryInterceptor.java
directory/apacheds/branches/apacheds-osgi/interceptors/trigger/ (props changed)
directory/apacheds/branches/apacheds-osgi/interceptors/trigger/src/main/java/org/apache/directory/server/core/trigger/TriggerInterceptor.java
Propchange: directory/apacheds/branches/apacheds-osgi/interceptor-kerberos/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Sat Nov 12 23:58:40 2011
@@ -3,5 +3,5 @@
/directory/apacheds/branches/apacheds-dnfactory-experiment/interceptor-kerberos:980138-980935
/directory/apacheds/branches/apacheds-kerberos-codec-2.0/interceptor-kerberos:1040956-1043765
/directory/apacheds/branches/milestones/interceptor-kerberos:1072812-1075328
-/directory/apacheds/trunk/interceptor-kerberos:1066126-1067785,1068026-1072718,1072800-1075329,1185682-1188093,1188104-1197059
+/directory/apacheds/trunk/interceptor-kerberos:1066126-1067785,1068026-1072718,1072800-1075329,1185681-1201346
/directory/studio/trunk/interceptor-kerberos:1067786-1067997
Modified: directory/apacheds/branches/apacheds-osgi/interceptor-kerberos/src/main/java/org/apache/directory/server/core/kerberos/KeyDerivationInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-osgi/interceptor-kerberos/src/main/java/org/apache/directory/server/core/kerberos/KeyDerivationInterceptor.java?rev=1201362&r1=1201361&r2=1201362&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-osgi/interceptor-kerberos/src/main/java/org/apache/directory/server/core/kerberos/KeyDerivationInterceptor.java (original)
+++ directory/apacheds/branches/apacheds-osgi/interceptor-kerberos/src/main/java/org/apache/directory/server/core/kerberos/KeyDerivationInterceptor.java Sat Nov 12 23:58:40 2011
@@ -28,7 +28,6 @@ import java.util.Map;
import org.apache.directory.server.core.api.entry.ClonedServerEntry;
import org.apache.directory.server.core.api.interceptor.BaseInterceptor;
import org.apache.directory.server.core.api.interceptor.Interceptor;
-import org.apache.directory.server.core.api.interceptor.NextInterceptor;
import org.apache.directory.server.core.api.interceptor.context.AddOperationContext;
import org.apache.directory.server.core.api.interceptor.context.LookupOperationContext;
import org.apache.directory.server.core.api.interceptor.context.ModifyOperationContext;
@@ -41,11 +40,11 @@ import org.apache.directory.shared.kerbe
import org.apache.directory.shared.kerberos.components.EncryptionKey;
import org.apache.directory.shared.kerberos.exceptions.KerberosException;
import org.apache.directory.shared.ldap.model.constants.SchemaConstants;
+import org.apache.directory.shared.ldap.model.entry.Attribute;
import org.apache.directory.shared.ldap.model.entry.BinaryValue;
import org.apache.directory.shared.ldap.model.entry.DefaultAttribute;
import org.apache.directory.shared.ldap.model.entry.DefaultModification;
import org.apache.directory.shared.ldap.model.entry.Entry;
-import org.apache.directory.shared.ldap.model.entry.Attribute;
import org.apache.directory.shared.ldap.model.entry.Modification;
import org.apache.directory.shared.ldap.model.entry.ModificationOperation;
import org.apache.directory.shared.ldap.model.entry.StringValue;
@@ -73,15 +72,24 @@ public class KeyDerivationInterceptor ex
private static final Logger log = LoggerFactory.getLogger( KeyDerivationInterceptor.class );
/** The service name. */
- public static final String NAME = "keyDerivationService";
+ private static final String NAME = "keyDerivationService";
/**
+ * Creates an instance of a KeyDerivationInterceptor.
+ */
+ public KeyDerivationInterceptor()
+ {
+ super( NAME );
+ }
+
+
+ /**
* Intercept the addition of the 'userPassword' and 'krb5PrincipalName' attributes. Use the 'userPassword'
* and 'krb5PrincipalName' attributes to derive Kerberos keys for the principal. If the 'userPassword' is
* the special keyword 'randomKey', set random keys for the principal. Set the key version number (kvno)
* to '0'.
*/
- public void add( NextInterceptor next, AddOperationContext addContext ) throws LdapException
+ public void add( AddOperationContext addContext ) throws LdapException
{
Dn normName = addContext.getDn();
@@ -121,7 +129,7 @@ public class KeyDerivationInterceptor ex
.getName() );
}
- next.add( addContext );
+ next( addContext );
}
@@ -136,7 +144,7 @@ public class KeyDerivationInterceptor ex
*
* If the 'userPassword' is the special keyword 'randomKey', set random keys for the principal.
*/
- public void modify( NextInterceptor next, ModifyOperationContext modContext ) throws LdapException
+ public void modify( ModifyOperationContext modContext ) throws LdapException
{
ModifySubContext subContext = new ModifySubContext();
@@ -152,7 +160,7 @@ public class KeyDerivationInterceptor ex
deriveKeys( modContext, subContext );
}
- next.modify( modContext );
+ next( modContext );
}
@@ -164,8 +172,7 @@ public class KeyDerivationInterceptor ex
* @param subContext
* @throws LdapException
*/
- void detectPasswordModification( ModifyOperationContext modContext, ModifySubContext subContext )
- throws LdapException
+ void detectPasswordModification( ModifyOperationContext modContext, ModifySubContext subContext ) throws LdapException
{
List<Modification> mods = modContext.getModItems();
@@ -238,19 +245,17 @@ public class KeyDerivationInterceptor ex
* @param subContext
* @throws LdapException
*/
- void lookupPrincipalAttributes( ModifyOperationContext modContext, ModifySubContext subContext )
- throws LdapException
+ void lookupPrincipalAttributes( ModifyOperationContext modContext, ModifySubContext subContext ) throws LdapException
{
Dn principalDn = modContext.getDn();
LookupOperationContext lookupContext = modContext.newLookupContext( principalDn );
- //lookupContext.setByPassed( USERLOOKUP_BYPASS );
lookupContext.setAttrsId( new String[]
- {
+ {
SchemaConstants.OBJECT_CLASS_AT,
KerberosAttribute.KRB5_PRINCIPAL_NAME_AT,
KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT
- } );
+ } );
Entry userEntry = directoryService.getPartitionNexus().lookup( lookupContext );
@@ -397,6 +402,7 @@ public class KeyDerivationInterceptor ex
}
}
+
static class ModifySubContext
{
private boolean isPrincipal = false;
Propchange: directory/apacheds/branches/apacheds-osgi/interceptors/admin/
------------------------------------------------------------------------------
--- svn:mergeinfo (added)
+++ svn:mergeinfo Sat Nov 12 23:58:40 2011
@@ -0,0 +1,10 @@
+/directory/apacheds/branches/apacheds-codec-merge/interceptors/admin:982369-987590
+/directory/apacheds/branches/apacheds-config/interceptors/admin:1023442-1029077
+/directory/apacheds/branches/apacheds-kerberos-codec-2.0/interceptors/admin:1040956-1043765
+/directory/apacheds/branches/apacheds-replication/interceptors/admin:749790-764110
+/directory/apacheds/branches/apacheds-schema/interceptors/admin:806623-896441
+/directory/apacheds/branches/apacheds-subtree/interceptors/admin:965203-965686
+/directory/apacheds/branches/milestones/interceptors/admin:1072812-1075328
+/directory/apacheds/branches/xdbm-refactoring/interceptors/admin:945827-946347
+/directory/apacheds/trunk/interceptors/admin:1066126-1067785,1068026-1072718,1072800-1075329,1185681-1201347
+/directory/studio/trunk/interceptors/admin:1067786-1067997
Modified: directory/apacheds/branches/apacheds-osgi/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-osgi/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java?rev=1201362&r1=1201361&r2=1201362&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-osgi/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java (original)
+++ directory/apacheds/branches/apacheds-osgi/interceptors/admin/src/main/java/org/apache/directory/server/core/admin/AdministrativePointInterceptor.java Sat Nov 12 23:58:40 2011
@@ -34,6 +34,7 @@ import org.apache.directory.server.const
import org.apache.directory.server.core.shared.DefaultCoreSession;
import org.apache.directory.server.core.api.CoreSession;
import org.apache.directory.server.core.api.DirectoryService;
+import org.apache.directory.server.core.api.InterceptorEnum;
import org.apache.directory.server.core.api.LdapPrincipal;
import org.apache.directory.server.core.api.administrative.AccessControlAAP;
import org.apache.directory.server.core.api.administrative.AccessControlAdministrativePoint;
@@ -54,8 +55,6 @@ import org.apache.directory.server.core.
import org.apache.directory.server.core.api.entry.ClonedServerEntry;
import org.apache.directory.server.core.api.filtering.EntryFilteringCursor;
import org.apache.directory.server.core.api.interceptor.BaseInterceptor;
-import org.apache.directory.server.core.api.interceptor.Interceptor;
-import org.apache.directory.server.core.api.interceptor.NextInterceptor;
import org.apache.directory.server.core.api.interceptor.context.AddOperationContext;
import org.apache.directory.server.core.api.interceptor.context.DeleteOperationContext;
import org.apache.directory.server.core.api.interceptor.context.ModifyOperationContext;
@@ -184,6 +183,16 @@ public class AdministrativePointIntercep
/** A lock to guarantee the AP cache consistency */
private ReentrantReadWriteLock mutex = new ReentrantReadWriteLock();
+
+ /**
+ * Creates a new instance of a AdministrativePointInterceptor.
+ */
+ public AdministrativePointInterceptor()
+ {
+ super( InterceptorEnum.ADMINISTRATIVE_POINT_INTERCEPTOR );
+ }
+
+
/**
* Get a read-lock on the AP cache.
* No read operation can be done on the AP cache if this
@@ -247,7 +256,7 @@ public class AdministrativePointIntercep
SubschemaAdministrativePoint ssAap = new SubschemaAAP( dn, uuid );
directoryService.getSubschemaAPCache().add( dn, ssAap );
- // TODO : Here, we have to update the children, removing any
+ // TODO : Here, we have to update the children, removing any
// reference to any other underlying AP
// If it's an AAP, we can get out immediately
@@ -264,8 +273,8 @@ public class AdministrativePointIntercep
AccessControlAdministrativePoint sap = new AccessControlSAP( dn, uuid );
directoryService.getAccessControlAPCache().add( dn, sap );
- // TODO : Here, we have to update the children, removing any
- // reference to any other underlying AccessControl IAP or SAP
+ // TODO : Here, we have to update the children, removing any
+ // reference to any other underlying AccessControl IAP or SAP
continue;
}
@@ -284,9 +293,9 @@ public class AdministrativePointIntercep
CollectiveAttributeAdministrativePoint sap = new CollectiveAttributeSAP( dn, uuid );
directoryService.getCollectiveAttributeAPCache().add( dn, sap );
- // TODO : Here, we have to update the children, removing any
- // reference to any other underlying CollectiveAttribute IAP or SAP
-
+ // TODO : Here, we have to update the children, removing any
+ // reference to any other underlying CollectiveAttribute IAP or SAP
+
continue;
}
@@ -304,8 +313,8 @@ public class AdministrativePointIntercep
SubschemaAdministrativePoint sap = new SubschemaSAP( dn, uuid );
directoryService.getSubschemaAPCache().add( dn, sap );
- // TODO : Here, we have to update the children, removing any
- // reference to any other underlying Subschema IAP or SAP
+ // TODO : Here, we have to update the children, removing any
+ // reference to any other underlying Subschema IAP or SAP
continue;
}
@@ -316,9 +325,9 @@ public class AdministrativePointIntercep
TriggerExecutionAdministrativePoint sap = new TriggerExecutionSAP( dn, uuid );
directoryService.getTriggerExecutionAPCache().add( dn, sap );
- // TODO : Here, we have to update the children, removing any
+ // TODO : Here, we have to update the children, removing any
// reference to any other underlying TriggerExecution IAP or SAP
-
+
continue;
}
@@ -360,7 +369,7 @@ public class AdministrativePointIntercep
// The SS AAP
SubschemaAdministrativePoint ssAap = new SubschemaAAP( dn, uuid );
ssapCache.add( dn, ssAap );
-
+
// If it's an AAP, we can get out immediately
return;
}
@@ -450,7 +459,7 @@ public class AdministrativePointIntercep
// The SS AAP
ssapCache.remove( dn );
-
+
return;
}
@@ -487,7 +496,7 @@ public class AdministrativePointIntercep
}
}
-
+
private AdministrativePoint getParent( AdministrativePoint ap, List<AdministrativePoint> aps,
AdministrativeRole role, DnNode<List<AdministrativePoint>> currentNode )
{
@@ -525,7 +534,7 @@ public class AdministrativePointIntercep
/**
* Find the parent for the given administrative point. If the AP is an AAP, the parent will be the closest
- * AAP or the closest SAP. If we have a SAP between the added AAP and a AAP, then
+ * AAP or the closest SAP. If we have a SAP between the added AAP and a AAP, then
*/
private AdministrativePoint findParent( AdministrativePoint ap, DnNode<List<AdministrativePoint>> currentNode )
{
@@ -612,7 +621,7 @@ public class AdministrativePointIntercep
throw new LdapUnwillingToPerformException( message );
}
- // If we are trying to add an AAP, we have to check that
+ // If we are trying to add an AAP, we have to check that
// it's the only role in the AdminPoint AT
if ( isAutonomousAreaRole( roleStr ) )
{
@@ -629,7 +638,7 @@ public class AdministrativePointIntercep
return;
}
}
-
+
// Check that we don't have already an AAP in the AdminPoint AT when we try to
// add a role
if ( adminPoint.contains( SchemaConstants.AUTONOMOUS_AREA ) )
@@ -667,24 +676,24 @@ public class AdministrativePointIntercep
throw new LdapUnwillingToPerformException( message );
}
- // Now we are trying to delete an Administrative point. We have to check that
+ // Now we are trying to delete an Administrative point. We have to check that
// we only have one role if the deleted role is an AAP
if ( isAutonomousAreaRole( roleStr ) )
{
- // We know have to check that removing the AAP, we will not
+ // We know have to check that removing the AAP, we will not
// left any pending IAP. We should check for the 3 potential IAPs :
// AccessControl, CollectiveAttribute and TriggerExecution.
// If the removed AP has a parent, no need to go any further :
// the children IAPs will depend on this parent.
-
+
// Process the ACs
DnNode<AccessControlAdministrativePoint> acAps = directoryService.getAccessControlAPCache();
-
+
if ( !acAps.hasParent( dn ) )
{
// No parent, check for any IAP
List<AccessControlAdministrativePoint> children = acAps.getDescendantElements( dn );
-
+
for ( AccessControlAdministrativePoint child : children )
{
if ( child.isInner() )
@@ -696,15 +705,15 @@ public class AdministrativePointIntercep
}
}
}
-
+
// Process the CAs
DnNode<CollectiveAttributeAdministrativePoint> caAps = directoryService.getCollectiveAttributeAPCache();
-
+
if ( !acAps.hasParent( dn ) )
{
// No parent, check for any IAP
List<CollectiveAttributeAdministrativePoint> children = caAps.getDescendantElements( dn );
-
+
for ( CollectiveAttributeAdministrativePoint child : children )
{
if ( child.isInner() )
@@ -716,15 +725,15 @@ public class AdministrativePointIntercep
}
}
}
-
+
// Process the TEs
DnNode<TriggerExecutionAdministrativePoint> teAps = directoryService.getTriggerExecutionAPCache();
-
+
if ( !acAps.hasParent( dn ) )
{
// No parent, check for any IAP
List<TriggerExecutionAdministrativePoint> children = teAps.getDescendantElements( dn );
-
+
for ( TriggerExecutionAdministrativePoint child : children )
{
if ( child.isInner() )
@@ -740,14 +749,6 @@ public class AdministrativePointIntercep
}
- /**
- * Creates an Administrative service interceptor.
- */
- public AdministrativePointInterceptor()
- {
- }
-
-
//-------------------------------------------------------------------------------------------
// Helper methods
//-------------------------------------------------------------------------------------------
@@ -783,7 +784,7 @@ public class AdministrativePointIntercep
entries.add( entry );
}
-
+
results.close();
}
catch ( Exception e )
@@ -826,11 +827,10 @@ public class AdministrativePointIntercep
/**
* Update The Administrative Points cache, removing the given AdminPoint
*/
- private void deleteAdminPointCache( Attribute adminPoint, DeleteOperationContext deleteContext )
- throws LdapException
+ private void deleteAdminPointCache( Attribute adminPoint, DeleteOperationContext deleteContext ) throws LdapException
{
Dn dn = deleteContext.getDn();
-
+
// Remove the APs in the AP cache
for ( Value<?> value : adminPoint )
{
@@ -897,7 +897,7 @@ public class AdministrativePointIntercep
private boolean isAccessControlInnerRole( String role )
{
return role.equalsIgnoreCase( SchemaConstants.ACCESS_CONTROL_INNER_AREA ) ||
- role.equals( SchemaConstants.ACCESS_CONTROL_INNER_AREA_OID );
+ role.equals( SchemaConstants.ACCESS_CONTROL_INNER_AREA_OID );
}
@@ -907,7 +907,7 @@ public class AdministrativePointIntercep
private boolean isAccessControlSpecificRole( String role )
{
return role.equalsIgnoreCase( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA ) ||
- role.equals( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA_OID );
+ role.equals( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA_OID );
}
@@ -917,7 +917,7 @@ public class AdministrativePointIntercep
private boolean isCollectiveAttributeInnerRole( String role )
{
return role.equalsIgnoreCase( SchemaConstants.COLLECTIVE_ATTRIBUTE_INNER_AREA ) ||
- role.equals( SchemaConstants.COLLECTIVE_ATTRIBUTE_INNER_AREA_OID );
+ role.equals( SchemaConstants.COLLECTIVE_ATTRIBUTE_INNER_AREA_OID );
}
@@ -927,7 +927,7 @@ public class AdministrativePointIntercep
private boolean isCollectiveAttributeSpecificRole( String role )
{
return role.equalsIgnoreCase( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA ) ||
- role.equals( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA_OID );
+ role.equals( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA_OID );
}
@@ -937,7 +937,7 @@ public class AdministrativePointIntercep
private boolean isTriggerExecutionInnerRole( String role )
{
return role.equalsIgnoreCase( SchemaConstants.TRIGGER_EXECUTION_INNER_AREA ) ||
- role.equals( SchemaConstants.TRIGGER_EXECUTION_INNER_AREA_OID );
+ role.equals( SchemaConstants.TRIGGER_EXECUTION_INNER_AREA_OID );
}
@@ -947,7 +947,7 @@ public class AdministrativePointIntercep
private boolean isTriggerExecutionSpecificRole( String role )
{
return role.equalsIgnoreCase( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA ) ||
- role.equals( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA_OID );
+ role.equals( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA_OID );
}
@@ -957,7 +957,7 @@ public class AdministrativePointIntercep
private boolean isSubschemaSpecficRole( String role )
{
return role.equalsIgnoreCase( SchemaConstants.SUB_SCHEMA_ADMIN_SPECIFIC_AREA ) ||
- role.equals( SchemaConstants.SUB_SCHEMA_ADMIN_SPECIFIC_AREA_OID );
+ role.equals( SchemaConstants.SUB_SCHEMA_ADMIN_SPECIFIC_AREA_OID );
}
@@ -967,7 +967,7 @@ public class AdministrativePointIntercep
private boolean isAutonomousAreaRole( String role )
{
return role.equalsIgnoreCase( SchemaConstants.AUTONOMOUS_AREA ) ||
- role.equals( SchemaConstants.AUTONOMOUS_AREA_OID );
+ role.equals( SchemaConstants.AUTONOMOUS_AREA_OID );
}
@@ -984,7 +984,7 @@ public class AdministrativePointIntercep
private boolean hasAccessControlSpecificRole( Attribute adminPoint )
{
return adminPoint.contains( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA ) ||
- adminPoint.contains( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA_OID );
+ adminPoint.contains( SchemaConstants.ACCESS_CONTROL_SPECIFIC_AREA_OID );
}
@@ -997,14 +997,14 @@ public class AdministrativePointIntercep
private boolean hasCollectiveAttributeSpecificRole( Attribute adminPoint )
{
return adminPoint.contains( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA ) ||
- adminPoint.contains( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA_OID );
+ adminPoint.contains( SchemaConstants.COLLECTIVE_ATTRIBUTE_SPECIFIC_AREA_OID );
}
private boolean hasTriggerExecutionSpecificRole( Attribute adminPoint )
{
return adminPoint.contains( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA ) ||
- adminPoint.contains( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA_OID );
+ adminPoint.contains( SchemaConstants.TRIGGER_EXECUTION_SPECIFIC_AREA_OID );
}
@@ -1067,16 +1067,15 @@ public class AdministrativePointIntercep
* Check that the IAPs (if any) have a parent. We will check for each kind or role :
* AC, CA and TE.
*/
- private void checkIAPHasParent( String role, Attribute adminPoint, Dn dn )
- throws LdapUnwillingToPerformException
+ private void checkIAPHasParent( String role, Attribute adminPoint, Dn dn ) throws LdapUnwillingToPerformException
{
// Check for the AC role
if ( isAccessControlInnerRole( role ) )
{
DnNode<AccessControlAdministrativePoint> acCache = directoryService.getAccessControlAPCache();
-
+
DnNode<AccessControlAdministrativePoint> parent = acCache.getNode( dn );
-
+
if ( parent == null )
{
// We don't have any AC administrativePoint in the tree, this is an error
@@ -1088,9 +1087,9 @@ public class AdministrativePointIntercep
else if ( isCollectiveAttributeInnerRole( role ) )
{
DnNode<CollectiveAttributeAdministrativePoint> caCache = directoryService.getCollectiveAttributeAPCache();
-
+
boolean hasAP = caCache.hasParentElement( dn );
-
+
if ( !hasAP )
{
// We don't have any AC administrativePoint in the tree, this is an error
@@ -1102,9 +1101,9 @@ public class AdministrativePointIntercep
else if ( isTriggerExecutionInnerRole( role ) )
{
DnNode<TriggerExecutionAdministrativePoint> caCache = directoryService.getTriggerExecutionAPCache();
-
+
DnNode<TriggerExecutionAdministrativePoint> parent = caCache.getNode( dn );
-
+
if ( parent == null )
{
// We don't have any AC administrativePoint in the tree, this is an error
@@ -1148,7 +1147,7 @@ public class AdministrativePointIntercep
// get the list of all the AAPs
List<Entry> administrativePoints = getAdministrativePoints();
-
+
lockWrite();
addAdminPointCache( administrativePoints );
unlock();
@@ -1181,12 +1180,11 @@ public class AdministrativePointIntercep
* <ul>
* <li>If it's an AA, then the added role should be the only one</li>
* <li>It's not possible to add IA and SA at the same time</li>
- *
- * @param next The next {@link Interceptor} in the chain
* @param addContext The {@link AddOperationContext} instance
+ *
* @throws LdapException If we had some error while processing the Add operation
*/
- public void add( NextInterceptor next, AddOperationContext addContext ) throws LdapException
+ public void add( AddOperationContext addContext ) throws LdapException
{
LOG.debug( ">>> Entering into the Administrative Interceptor, addRequest" );
Entry entry = addContext.getEntry();
@@ -1198,7 +1196,7 @@ public class AdministrativePointIntercep
if ( adminPoint == null )
{
// Nope, go on.
- next.add( addContext );
+ next( addContext );
LOG.debug( "Exit from Administrative Interceptor, no AP in the added entry" );
@@ -1209,7 +1207,7 @@ public class AdministrativePointIntercep
// Protect the AP caches against concurrent access
lockWrite();
-
+
// Loop on all the added roles to check if they are valid
for ( Value<?> role : adminPoint )
{
@@ -1217,7 +1215,7 @@ public class AdministrativePointIntercep
}
// Ok, we are golden.
- next.add( addContext );
+ next( addContext );
String apUuid = entry.get( ENTRY_UUID_AT ).getString();
@@ -1226,7 +1224,7 @@ public class AdministrativePointIntercep
// Release the APCaches lock
unlock();
-
+
LOG.debug( "Added an Administrative Point at {}", dn );
return;
@@ -1234,14 +1232,14 @@ public class AdministrativePointIntercep
/**
- * We have to check that we can remove the associated AdministrativePoint : <br/>
+ * We have to check that we can remove the associated AdministrativePoint : <br/>
* <ul>
* <li> if we remove an AAP, no descendant IAP should remain orphan</li>
* <li> If we remove a SAP, no descendant IAP should remain orphan</li>
- * </ul>
+ * </ul>
* {@inheritDoc}
*/
- public void delete( NextInterceptor next, DeleteOperationContext deleteContext ) throws LdapException
+ public void delete( DeleteOperationContext deleteContext ) throws LdapException
{
LOG.debug( ">>> Entering into the Administrative Interceptor, delRequest" );
Entry entry = deleteContext.getEntry();
@@ -1253,7 +1251,7 @@ public class AdministrativePointIntercep
if ( adminPoint == null )
{
// Nope, go on.
- next.delete( deleteContext );
+ next( deleteContext );
LOG.debug( "Exit from Administrative Interceptor" );
@@ -1261,10 +1259,10 @@ public class AdministrativePointIntercep
}
LOG.debug( "Deletion of an administrative point at {} for the role {}", dn, adminPoint );
-
+
// Protect the AP caches against concurrent access
lockWrite();
-
+
// Check that the removed AdministrativeRoles are valid. We don't have to do
// any other check, as the deleted entry has no children.
for ( Value<?> role : adminPoint )
@@ -1278,14 +1276,14 @@ public class AdministrativePointIntercep
}
// Ok, we can remove the AP
- next.delete( deleteContext );
+ next( deleteContext );
// Now, update the AdminPoint cache
deleteAdminPointCache( adminPoint, deleteContext );
// Release the APCaches lock
unlock();
-
+
LOG.debug( "Deleted an Administrative Point at {}", dn );
return;
@@ -1303,7 +1301,7 @@ public class AdministrativePointIntercep
*
* {@inheritDoc}
*/
- public void modify( NextInterceptor next, ModifyOperationContext modifyContext ) throws LdapException
+ public void modify( ModifyOperationContext modifyContext ) throws LdapException
{
LOG.debug( ">>> Entering into the Administrative Interceptor, modifyRequest" );
// We have to check that the modification is acceptable
@@ -1329,7 +1327,7 @@ public class AdministrativePointIntercep
DnNode<CollectiveAttributeAdministrativePoint> caapCacheCopy = directoryService.getCollectiveAttributeAPCache().clone();
DnNode<TriggerExecutionAdministrativePoint> teapCacheCopy = directoryService.getTriggerExecutionAPCache().clone();
DnNode<SubschemaAdministrativePoint> ssapCacheCopy = directoryService.getSubschemaAPCache().clone();
-
+
// Loop on the modification to select the AdministrativeRole and process it :
// we will create a new AT containing all the roles after having applied the modifications
// on it
@@ -1425,14 +1423,14 @@ public class AdministrativePointIntercep
// At this point, we have a new AdministrativeRole AT, and we need to get the lists of
// added roles and removed roles, in order to process them
- next.modify( modifyContext );
+ next( modifyContext );
}
/**
* {@inheritDoc}
*/
- public void move( NextInterceptor next, MoveOperationContext moveContext ) throws LdapException
+ public void move( MoveOperationContext moveContext ) throws LdapException
{
LOG.debug( ">>> Entering into the Administrative Interceptor, moveRequest" );
Entry entry = moveContext.getOriginalEntry();
@@ -1443,7 +1441,7 @@ public class AdministrativePointIntercep
if ( adminPoint == null )
{
// Nope, go on.
- next.move( moveContext );
+ next( moveContext );
LOG.debug( "Exit from Administrative Interceptor" );
@@ -1460,8 +1458,7 @@ public class AdministrativePointIntercep
/**
* {@inheritDoc}
*/
- public void moveAndRename( NextInterceptor next, MoveAndRenameOperationContext moveAndRenameContext )
- throws LdapException
+ public void moveAndRename( MoveAndRenameOperationContext moveAndRenameContext ) throws LdapException
{
LOG.debug( ">>> Entering into the Administrative Interceptor, moveAndRenameRequest" );
Entry entry = moveAndRenameContext.getOriginalEntry();
@@ -1472,7 +1469,7 @@ public class AdministrativePointIntercep
if ( adminPoint == null )
{
// Nope, go on.
- next.moveAndRename( moveAndRenameContext );
+ next( moveAndRenameContext );
LOG.debug( "Exit from Administrative Interceptor" );
@@ -1489,7 +1486,7 @@ public class AdministrativePointIntercep
/**
* {@inheritDoc}
*/
- public void rename( NextInterceptor next, RenameOperationContext renameContext ) throws LdapException
+ public void rename( RenameOperationContext renameContext ) throws LdapException
{
LOG.debug( ">>> Entering into the Administrative Interceptor, renameRequest" );
Entry entry = renameContext.getEntry();
@@ -1500,7 +1497,7 @@ public class AdministrativePointIntercep
if ( adminPoint == null )
{
// Nope, go on.
- next.rename( renameContext );
+ next( renameContext );
LOG.debug( "Exit from Administrative Interceptor" );
Propchange: directory/apacheds/branches/apacheds-osgi/interceptors/authn/
------------------------------------------------------------------------------
--- svn:mergeinfo (added)
+++ svn:mergeinfo Sat Nov 12 23:58:40 2011
@@ -0,0 +1,10 @@
+/directory/apacheds/branches/apacheds-codec-merge/interceptors/authn:982369-987590
+/directory/apacheds/branches/apacheds-config/interceptors/authn:1023442-1029077
+/directory/apacheds/branches/apacheds-kerberos-codec-2.0/interceptors/authn:1040956-1043765
+/directory/apacheds/branches/apacheds-replication/interceptors/authn:749790-764110
+/directory/apacheds/branches/apacheds-schema/interceptors/authn:806623-896441
+/directory/apacheds/branches/apacheds-subtree/interceptors/authn:965203-965686
+/directory/apacheds/branches/milestones/interceptors/authn:1072812-1075328
+/directory/apacheds/branches/xdbm-refactoring/interceptors/authn:945827-946347
+/directory/apacheds/trunk/interceptors/authn:1066126-1067785,1068026-1072718,1072800-1075329,1185681-1201347
+/directory/studio/trunk/interceptors/authn:1067786-1067997
Modified: directory/apacheds/branches/apacheds-osgi/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-osgi/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java?rev=1201362&r1=1201361&r2=1201362&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-osgi/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java (original)
+++ directory/apacheds/branches/apacheds-osgi/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java Sat Nov 12 23:58:40 2011
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
- *
+ * under the License.
+ *
*/
package org.apache.directory.server.core.authn;
@@ -32,6 +32,7 @@ import static org.apache.directory.share
import java.util.Date;
import org.apache.directory.server.core.api.DirectoryService;
+import org.apache.directory.server.core.api.InterceptorEnum;
import org.apache.directory.server.core.api.authn.ppolicy.PasswordPolicyConfiguration;
import org.apache.directory.server.core.api.authn.ppolicy.PasswordPolicyException;
import org.apache.directory.shared.ldap.model.constants.AuthenticationLevel;
@@ -116,7 +117,7 @@ public abstract class AbstractAuthentica
/**
* Calls {@link #doDestroy()} method, and clears default properties
* (<tt>factoryConfiguration</tt> and <tt>configuration</tt>).
- * Please put your deinitialization code into {@link #doDestroy()}.
+ * Please put your deinitialization code into {@link #doDestroy()}.
*/
public final void destroy()
{
@@ -157,7 +158,8 @@ public abstract class AbstractAuthentica
return;
}
- AuthenticationInterceptor authenticationInterceptor = (AuthenticationInterceptor)directoryService.getInterceptor( AuthenticationInterceptor.class.getSimpleName() );
+ AuthenticationInterceptor authenticationInterceptor = (AuthenticationInterceptor)directoryService.getInterceptor(
+ InterceptorEnum.AUTHENTICATION_INTERCEPTOR.getName() );
PasswordPolicyConfiguration pPolicyConfig = authenticationInterceptor.getPwdPolicy( userEntry );
// check for locked out account
@@ -203,7 +205,7 @@ public abstract class AbstractAuthentica
if( System.currentTimeMillis() < pwdStartTime.getTime() )
{
- throw new PasswordPolicyException( "account is locked, will be activated after " + pwdStartTime, ACCOUNT_LOCKED.getValue() );
+ throw new PasswordPolicyException( "account is locked, will be activated after " + pwdStartTime, ACCOUNT_LOCKED.getValue() );
}
}