You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/05/24 02:27:07 UTC
svn commit: r541123 [23/25] - in
/directory/apacheds/branches/apacheds-sasl-branch: ./ benchmarks/
bootstrap-extract/ bootstrap-extract/src/ bootstrap-extract/src/main/
bootstrap-extract/src/main/java/ bootstrap-extract/src/main/java/org/
bootstrap-ext...
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java Wed May 23 17:26:40 2007
@@ -44,6 +44,7 @@
{
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
@@ -59,12 +60,6 @@
}
- public String getContextKey()
- {
- return ( this.contextKey );
- }
-
-
protected ApplicationRequest getAuthHeader( KdcRequest request ) throws KerberosException, IOException
{
byte[] undecodedAuthHeader = null;
@@ -87,5 +82,11 @@
ApplicationRequest authHeader = decoder.decode( undecodedAuthHeader );
return authHeader;
+ }
+
+
+ protected String getContextKey()
+ {
+ return ( this.contextKey );
}
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java Wed May 23 17:26:40 2007
@@ -20,41 +20,33 @@
package org.apache.directory.server.kerberos.kdc.ticketgrant;
-import java.security.SecureRandom;
-
-import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
-import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
-import org.apache.directory.server.kerberos.shared.service.DesStringToKey;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.RandomKeyFactory;
import org.apache.mina.common.IoSession;
+import org.apache.mina.handler.chain.IoHandlerCommand;
/**
+ * Get a session key for this session.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class GetSessionKey extends DesStringToKey
+public class GetSessionKey implements IoHandlerCommand
{
- private static final SecureRandom random = new SecureRandom();
+ private String contextKey = "context";
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
- tgsContext.setSessionKey( getNewSessionKey() );
+ tgsContext.setSessionKey( RandomKeyFactory.getRandomKey( tgsContext.getEncryptionType() ) );
next.execute( session, message );
}
- private EncryptionKey getNewSessionKey()
+ protected String getContextKey()
{
- byte[] confounder = new byte[8];
-
- // SecureRandom.nextBytes is already synchronized
- random.nextBytes( confounder );
-
- byte[] subSessionKey = getKey( new String( confounder ) );
-
- return new EncryptionKey( EncryptionType.DES_CBC_MD5, subSessionKey );
+ return ( this.contextKey );
}
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java Wed May 23 17:26:40 2007
@@ -25,6 +25,7 @@
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
import org.apache.directory.server.kerberos.shared.messages.value.HostAddress;
@@ -49,6 +50,7 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
if ( log.isDebugEnabled() )
@@ -92,8 +94,6 @@
sb.append( "\n\t" + "realm " + requestPrincipal.getRealmName() );
sb.append( "\n\t" + "principal " + requestPrincipal.getPrincipal() );
sb.append( "\n\t" + "SAM type " + requestPrincipal.getSamType() );
- sb.append( "\n\t" + "Key type " + requestPrincipal.getEncryptionKey().getKeyType() );
- sb.append( "\n\t" + "Key version " + requestPrincipal.getEncryptionKey().getKeyVersion() );
KerberosPrincipal ticketServerPrincipal = tgsContext.getTgt().getServerPrincipal();
PrincipalStoreEntry ticketPrincipal = tgsContext.getTicketPrincipalEntry();
@@ -103,8 +103,11 @@
sb.append( "\n\t" + "realm " + ticketPrincipal.getRealmName() );
sb.append( "\n\t" + "principal " + ticketPrincipal.getPrincipal() );
sb.append( "\n\t" + "SAM type " + ticketPrincipal.getSamType() );
- sb.append( "\n\t" + "Key type " + ticketPrincipal.getEncryptionKey().getKeyType() );
- sb.append( "\n\t" + "Key version " + ticketPrincipal.getEncryptionKey().getKeyVersion() );
+
+ EncryptionType encryptionType = tgsContext.getTgt().getEncPart().getEncryptionType();
+ int keyVersion = ticketPrincipal.getKeyMap().get( encryptionType ).getKeyVersion();
+ sb.append( "\n\t" + "Ticket key type " + encryptionType );
+ sb.append( "\n\t" + "Service key version " + keyVersion );
log.debug( sb.toString() );
}
@@ -119,7 +122,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java Wed May 23 17:26:40 2007
@@ -20,11 +20,12 @@
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.messages.TicketGrantReply;
import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
@@ -37,24 +38,25 @@
{
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
TicketGrantReply reply = ( TicketGrantReply ) tgsContext.getReply();
Ticket tgt = tgsContext.getTgt();
- LockBox lockBox = tgsContext.getLockBox();
+ CipherTextHandler cipherTextHandler = tgsContext.getCipherTextHandler();
Authenticator authenticator = tgsContext.getAuthenticator();
EncryptedData encryptedData;
if ( authenticator.getSubSessionKey() != null )
{
- encryptedData = lockBox.seal( authenticator.getSubSessionKey(), reply );
+ encryptedData = cipherTextHandler.seal( authenticator.getSubSessionKey(), reply, KeyUsage.NUMBER9 );
}
else
{
- encryptedData = lockBox.seal( tgt.getSessionKey(), reply );
+ encryptedData = cipherTextHandler.seal( tgt.getSessionKey(), reply, KeyUsage.NUMBER8 );
}
reply.setEncPart( encryptedData );
@@ -63,7 +65,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java Wed May 23 17:26:40 2007
@@ -22,6 +22,7 @@
import org.apache.directory.server.kerberos.kdc.MonitorReply;
import org.apache.directory.server.kerberos.kdc.MonitorRequest;
+import org.apache.directory.server.kerberos.kdc.SelectEncryptionType;
import org.apache.mina.handler.chain.IoHandlerChain;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -39,6 +40,9 @@
private static final Logger log = LoggerFactory.getLogger( TicketGrantingServiceChain.class );
+ /**
+ * Creates a new instance of TicketGrantingServiceChain.
+ */
public TicketGrantingServiceChain()
{
if ( log.isDebugEnabled() )
@@ -47,6 +51,7 @@
}
addLast( "configureTicketGrantingChain", new ConfigureTicketGrantingChain() );
+ addLast( "selectEncryptionType", new SelectEncryptionType() );
addLast( "getAuthHeader", new GetAuthHeader() );
addLast( "verifyTgt", new VerifyTgt() );
addLast( "getTicketPrincipalEntry", new GetTicketPrincipalEntry() );
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java Wed May 23 17:26:40 2007
@@ -20,14 +20,19 @@
package org.apache.directory.server.kerberos.kdc.ticketgrant;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumHandler;
import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.RsaMd5Checksum;
-import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
-import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.messages.value.Checksum;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
@@ -36,44 +41,52 @@
*/
public class VerifyBodyChecksum implements IoHandlerCommand
{
+ /** the log for this class */
+ private static final Logger log = LoggerFactory.getLogger( VerifyBodyChecksum.class );
+
+ private ChecksumHandler checksumHandler = new ChecksumHandler();
private String contextKey = "context";
- public void execute( NextCommand next, IoSession session, Object message ) throws Exception
+ /** a map of the default encryption types to the encryption engine class names */
+ private static final Map<EncryptionType, ChecksumType> DEFAULT_CHECKSUMS;
+
+ static
{
- TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
- byte[] bodyBytes = tgsContext.getRequest().getBodyBytes();
- Checksum checksum = tgsContext.getAuthenticator().getChecksum();
+ Map<EncryptionType, ChecksumType> map = new HashMap<EncryptionType, ChecksumType>();
- verifyChecksum( checksum, bodyBytes );
+ map.put( EncryptionType.DES_CBC_MD5, ChecksumType.RSA_MD5 );
+ map.put( EncryptionType.DES3_CBC_SHA1_KD, ChecksumType.HMAC_SHA1_DES3_KD );
+ map.put( EncryptionType.RC4_HMAC, ChecksumType.HMAC_MD5 );
+ map.put( EncryptionType.AES128_CTS_HMAC_SHA1_96, ChecksumType.HMAC_SHA1_96_AES128 );
+ map.put( EncryptionType.AES256_CTS_HMAC_SHA1_96, ChecksumType.HMAC_SHA1_96_AES256 );
- next.execute( session, message );
+ DEFAULT_CHECKSUMS = Collections.unmodifiableMap( map );
}
- public String getContextKey()
+ public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
- return ( this.contextKey );
- }
+ TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
+ byte[] bodyBytes = tgsContext.getRequest().getBodyBytes();
+ Checksum authenticatorChecksum = tgsContext.getAuthenticator().getChecksum();
+ EncryptionType encryptionType = tgsContext.getEncryptionType();
+ ChecksumType allowedChecksumType = DEFAULT_CHECKSUMS.get( encryptionType );
- private void verifyChecksum( Checksum checksum, byte[] bytes ) throws KerberosException
- {
- if ( checksum == null )
+ if ( !allowedChecksumType.equals( authenticatorChecksum.getChecksumType() ) )
{
- throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
+ log.warn( "Allowed checksum type '" + allowedChecksumType + "' did not match authenticator checksum type '"
+ + authenticatorChecksum.getChecksumType() + "'." );
}
- if ( !checksum.getChecksumType().equals( ChecksumType.RSA_MD5 ) )
- {
- throw new KerberosException( ErrorType.KDC_ERR_SUMTYPE_NOSUPP );
- }
+ checksumHandler.verifyChecksum( authenticatorChecksum, bodyBytes, null, KeyUsage.NUMBER8 );
- ChecksumEngine digester = new RsaMd5Checksum();
- Checksum newChecksum = new Checksum( digester.checksumType(), digester.calculateChecksum( bytes ) );
+ next.execute( session, message );
+ }
- if ( !newChecksum.equals( checksum ) )
- {
- throw new KerberosException( ErrorType.KRB_AP_ERR_MODIFIED );
- }
+
+ private String getContextKey()
+ {
+ return ( this.contextKey );
}
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java Wed May 23 17:26:40 2007
@@ -22,12 +22,14 @@
import java.net.InetAddress;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.replay.ReplayCache;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.directory.server.kerberos.shared.service.VerifyAuthHeader;
import org.apache.mina.common.IoSession;
@@ -44,15 +46,18 @@
ApplicationRequest authHeader = tgsContext.getAuthHeader();
Ticket tgt = tgsContext.getTgt();
- EncryptionKey serverKey = tgsContext.getTicketPrincipalEntry().getEncryptionKey();
+
+ EncryptionType encryptionType = tgt.getEncPart().getEncryptionType();
+ EncryptionKey serverKey = tgsContext.getTicketPrincipalEntry().getKeyMap().get( encryptionType );
+
long clockSkew = tgsContext.getConfig().getAllowableClockSkew();
ReplayCache replayCache = tgsContext.getReplayCache();
boolean emptyAddressesAllowed = tgsContext.getConfig().isEmptyAddressesAllowed();
InetAddress clientAddress = tgsContext.getClientAddress();
- LockBox lockBox = tgsContext.getLockBox();
+ CipherTextHandler cipherTextHandler = tgsContext.getCipherTextHandler();
Authenticator authenticator = verifyAuthHeader( authHeader, tgt, serverKey, clockSkew, replayCache,
- emptyAddressesAllowed, clientAddress, lockBox );
+ emptyAddressesAllowed, clientAddress, cipherTextHandler, KeyUsage.NUMBER7 );
tgsContext.setAuthenticator( authenticator );
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java Wed May 23 17:26:40 2007
@@ -34,6 +34,11 @@
private static final KerberosProtocolCodecFactory INSTANCE = new KerberosProtocolCodecFactory();
+ /**
+ * Returns the singleton {@link KerberosProtocolCodecFactory}.
+ *
+ * @return The singleton {@link KerberosProtocolCodecFactory}.
+ */
public static KerberosProtocolCodecFactory getInstance()
{
return INSTANCE;
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java Wed May 23 17:26:40 2007
@@ -64,7 +64,13 @@
private String contextKey = "context";
- public KerberosProtocolHandler(KdcConfiguration config, PrincipalStore store)
+ /**
+ * Creates a new instance of KerberosProtocolHandler.
+ *
+ * @param config
+ * @param store
+ */
+ public KerberosProtocolHandler( KdcConfiguration config, PrincipalStore store )
{
this.config = config;
this.store = store;
@@ -164,20 +170,32 @@
case 11:
case 13:
- log.error( "Kerberos error: " + ErrorType.KRB_AP_ERR_BADDIRECTION.getMessage() );
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BADDIRECTION );
default:
- log.error( "Kerberos error: " + ErrorType.KRB_AP_ERR_MSG_TYPE.getMessage() );
+ throw new KerberosException( ErrorType.KRB_AP_ERR_MSG_TYPE );
}
}
- catch ( Exception e )
+ catch ( KerberosException ke )
{
- log.error( e.getMessage() );
-
- KerberosException ke = ( KerberosException ) e;
+ if ( log.isDebugEnabled() )
+ {
+ log.debug( ke.getMessage(), ke );
+ }
+ else
+ {
+ log.warn( ke.getMessage() );
+ }
session.write( getErrorMessage( config.getServicePrincipal(), ke ) );
}
+ catch ( Exception e )
+ {
+ log.error( "Unexpected exception: " + e.getMessage(), e );
+
+ session.write( getErrorMessage( config.getServicePrincipal(), new KerberosException(
+ ErrorType.KDC_ERR_SVC_UNAVAILABLE ) ) );
+ }
}
@@ -190,7 +208,7 @@
}
- public ErrorMessage getErrorMessage( KerberosPrincipal principal, KerberosException exception )
+ protected ErrorMessage getErrorMessage( KerberosPrincipal principal, KerberosException exception )
{
ErrorMessageModifier modifier = new ErrorMessageModifier();
@@ -207,7 +225,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java Wed May 23 17:26:40 2007
@@ -22,11 +22,13 @@
import java.util.HashMap;
import java.util.Hashtable;
+import java.util.Map;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.security.auth.kerberos.KerberosKey;
+import org.apache.directory.server.kerberos.shared.messages.value.SamType;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
@@ -42,10 +44,11 @@
/** the property key base used for SAM algorithm verifiers */
public static final String PROPKEY_BASE = "kerberos.sam.type.";
+ /** the SAM subsystem instance */
public static SamSubsystem instance;
/** a map of verifiers so we do not need to create a new one every time */
- private final HashMap verifiers = new HashMap();
+ private final Map<SamType, SamVerifier> verifiers = new HashMap<SamType, SamVerifier>();
/** the key integrity checker used by the subsystem for all sam types */
private KeyIntegrityChecker keyChecker;
@@ -115,7 +118,7 @@
String key = PROPKEY_BASE + entry.getSamType().getOrdinal();
- Hashtable env = new Hashtable();
+ Hashtable<Object, Object> env = new Hashtable<Object, Object>();
try
{
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java Wed May 23 17:26:40 2007
@@ -48,11 +48,17 @@
*/
public interface SamVerifier
{
- /** Starts one of many pluggable SAM type subsystem*/
+ /**
+ * Starts one of many pluggable SAM type subsystem.
+ *
+ * @throws SamException
+ */
void startup() throws SamException;
- /** Shuts down one of many pluggable SAM type subsystem*/
+ /**
+ * Shuts down one of many pluggable SAM type subsystem.
+ */
void shutdown();
@@ -62,9 +68,9 @@
* and supplies it to the verifier to check generated keys to conduct the
* verification workflow.
*
- * @param keyChecker the integrity checker that validates whether or not a
+ * @param keyChecker The integrity checker that validates whether or not a
* key can decrypt-decode preauth data (an encryped-encoded generalized
- * timestamp)
+ * timestamp).
*/
void setIntegrityChecker( KeyIntegrityChecker keyChecker );
@@ -72,8 +78,10 @@
/**
* Verifies the single use password supplied.
*
- * @param principal the kerberos principal to use
- * @param sad single-use authentication data (encrypted generalized timestamp)
+ * @param principal The kerberos principal to use.
+ * @param sad Single-use authentication data (encrypted generalized timestamp).
+ * @return The {@link KerberosKey}.
+ * @throws SamException
*/
KerberosKey verify( KerberosPrincipal principal, byte[] sad ) throws SamException;
@@ -81,11 +89,15 @@
/**
* Gets the registered SAM algorithm type implemented by this SamVerifier.
*
- * @return the type value for the SAM algorithm used to verify the SUP.
+ * @return The type value for the SAM algorithm used to verify the SUP.
*/
SamType getSamType();
- /** sets the user context where users are stored for the primary realm */
+ /**
+ * Sets the user context where users are stored for the primary realm.
+ *
+ * @param userContext
+ */
void setUserContext( DirContext userContext );
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java Wed May 23 17:26:40 2007
@@ -24,14 +24,15 @@
import javax.security.auth.kerberos.KerberosKey;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.io.decoder.EncryptedDataDecoder;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedTimeStamp;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
/**
@@ -41,7 +42,7 @@
public class TimestampChecker implements KeyIntegrityChecker
{
private static final long FIVE_MINUTES = 300000;
- private static final LockBox lockBox = new LockBox();
+ private static final CipherTextHandler cipherTextHandler = new CipherTextHandler();
public boolean checkKeyIntegrity( byte[] encryptedData, KerberosKey kerberosKey )
@@ -57,8 +58,8 @@
// Decrypt the EncryptedData structure to get the PA-ENC-TS-ENC
// Decode the decrypted timestamp into our timestamp object.
- EncryptedTimeStamp timestamp = ( EncryptedTimeStamp ) lockBox.unseal( EncryptedTimeStamp.class, key,
- sadValue );
+ EncryptedTimeStamp timestamp = ( EncryptedTimeStamp ) cipherTextHandler.unseal( EncryptedTimeStamp.class, key,
+ sadValue, KeyUsage.NUMBER1 );
// Since we got here we must have a valid timestamp structure that we can
// validate to be within a five minute skew.
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java Wed May 23 17:26:40 2007
@@ -22,11 +22,11 @@
import java.util.Arrays;
+import junit.framework.TestCase;
+
import org.apache.directory.server.kerberos.shared.messages.value.KdcOptions;
import org.apache.directory.server.kerberos.shared.messages.value.TicketFlags;
-import junit.framework.TestCase;
-
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
@@ -38,6 +38,9 @@
{ ( byte ) 0x50, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x10 };
+ /**
+ * Tests converting the ticket flags to a descriptive String.
+ */
public void testToString()
{
TicketFlags flags = new TicketFlags();
@@ -49,6 +52,9 @@
}
+ /**
+ * Tests that setting flags is idempotent.
+ */
public void testDuplicateSetting()
{
TicketFlags flags = new TicketFlags();
@@ -61,6 +67,9 @@
}
+ /**
+ * Tests the basic construction of the {@link KdcOptions}.
+ */
public void testConstruction()
{
KdcOptions options = new KdcOptions( fpriOptions );
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/pom.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/pom.xml?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/pom.xml (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/pom.xml Wed May 23 17:26:40 2007
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-protocol-ldap</artifactId>
<description>
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java Wed May 23 17:26:40 2007
@@ -78,6 +78,7 @@
import org.apache.mina.common.IoFilterChain;
import org.apache.mina.common.IoHandler;
import org.apache.mina.common.IoSession;
+import org.apache.mina.filter.LoggingFilter;
import org.apache.mina.filter.SSLFilter;
import org.apache.mina.filter.codec.ProtocolCodecFactory;
import org.apache.mina.filter.codec.ProtocolCodecFilter;
@@ -97,6 +98,10 @@
*/
public class LdapProtocolProvider
{
+ //TM private static long cumul = 0L;
+ //TM private static long count = 0;
+ //TM private static Object lock = new Object();
+
/** the constant service name of this ldap protocol provider **/
public static final String SERVICE_NAME = "ldap";
/** a map of the default request object class name to the handler class name */
@@ -331,7 +336,26 @@
public ProtocolDecoder getDecoder()
{
- return new Asn1CodecDecoder( new MessageDecoder( env ) );
+ //TM long t0 = System.nanoTime();
+
+ ProtocolDecoder decoder = new Asn1CodecDecoder( new MessageDecoder( env ) );
+
+ //TM long t1 = System.nanoTime();
+ //TM System.out.println( "New Asn1Decoder cost : " + (t1-t0) );
+
+ //TM synchronized (lock)
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "New Asn1Decoder cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
+
+ return decoder;
}
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ModifyDnHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ModifyDnHandler.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ModifyDnHandler.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ModifyDnHandler.java Wed May 23 17:26:40 2007
@@ -26,6 +26,7 @@
import javax.naming.ldap.LdapContext;
import org.apache.directory.server.ldap.SessionRegistry;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.exception.LdapException;
import org.apache.directory.shared.ldap.message.Control;
import org.apache.directory.shared.ldap.message.LdapResult;
@@ -55,6 +56,22 @@
/** Speedup for logs */
private static final boolean IS_DEBUG = log.isDebugEnabled();
+ /**
+ * Deal with a ModifyDN request received from a client.
+ *
+ * A ModifyDN operation has more than one semantic, depending on its parameters.
+ *
+ * In any case, the first argument is the DN entry to be changed. We then
+ * have the new relative DN for this entry.
+ *
+ * Two other arguments can be provided :
+ * - deleteOldRdn : if the old RDN attributes should be removed from the
+ * new entry or not (for instance, if the old RDN was cn=acme, and the new
+ * one is sn=acme, then we may have to remove the cn: acme from the attributes
+ * list)
+ * - newSuperior : this is a move operation. The entry is removed from its
+ * current location, and created in the new one.
+ */
public void messageReceived( IoSession session, Object request ) throws Exception
{
ModifyDnRequest req = ( ModifyDnRequest ) request;
@@ -88,32 +105,18 @@
ctx.addToEnvironment( Context.REFERRAL, "throw" );
}
- ctx.setRequestControls( ( Control[] ) req.getControls().values().toArray( EMPTY_CONTROLS ) );
+ ctx.setRequestControls( req.getControls().values().toArray( EMPTY_CONTROLS ) );
String deleteRDN = String.valueOf( req.getDeleteOldRdn() );
- ctx.addToEnvironment( "java.naming.ldap.deleteRDN", deleteRDN );
+ ctx.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DELETE_RDN, deleteRDN );
- if ( req.isMove() )
+ LdapDN newSuperior = req.getNewSuperior();
+
+ if ( ( newSuperior != null ) && ( !newSuperior.isEmpty() ) )
{
LdapDN oldDn = req.getName();
LdapDN newDn = null;
- LdapDN newSuperior = req.getNewSuperior();
-
- if ( newSuperior.isEmpty() )
- {
- if ( oldDn.isEmpty() )
- {
- newDn = oldDn;
- }
- else
- {
- newDn = (LdapDN)oldDn.getPrefix( oldDn.size() - 1 );
- }
- }
- else
- {
- newDn = newSuperior;
- }
+ newDn = newSuperior;
if ( req.getNewRdn() != null )
{
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchHandler.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchHandler.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchHandler.java Wed May 23 17:26:40 2007
@@ -37,6 +37,8 @@
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.ldap.LdapConfiguration;
import org.apache.directory.server.ldap.SessionRegistry;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapException;
import org.apache.directory.shared.ldap.exception.OperationAbandonedException;
import org.apache.directory.shared.ldap.filter.PresenceNode;
@@ -67,8 +69,12 @@
*/
public class SearchHandler implements MessageHandler
{
+ //TM private static long cumul = 0L;
+ //TM private static long count = 0;
+ //TM private static Object lock = new Object();
+
private static final Logger log = LoggerFactory.getLogger( SearchHandler.class );
- private static final String DEREFALIASES_KEY = "java.naming.ldap.derefAliases";
+ private static final String DEREFALIASES_KEY = JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES;
/** Speedup for logs */
private static final boolean IS_DEBUG = log.isDebugEnabled();
@@ -131,7 +137,7 @@
boolean isRootDSEFilter = false;
if ( req.getFilter() instanceof PresenceNode )
{
- isRootDSEFilter = ( ( PresenceNode ) req.getFilter() ).getAttribute().equalsIgnoreCase( "objectClass" );
+ isRootDSEFilter = ( ( PresenceNode ) req.getFilter() ).getAttribute().equalsIgnoreCase( SchemaConstants.OBJECT_CLASS_AT );
}
return isBaseIsRoot && isBaseScope && isRootDSEFilter;
}
@@ -231,6 +237,19 @@
String msg = "Bind failure: Anonymous binds have been disabled!";
result.setErrorMessage( msg );
session.write( req.getResultResponse() );
+ //TM long t1 = System.nanoTime();
+ //TM
+ //TM synchronized (lock)
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
return;
}
@@ -292,6 +311,20 @@
if ( rcode != ResultCodeEnum.SUCCESS )
{
session.write( resp );
+ //TM long t1 = System.nanoTime();
+ //TM
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
+
return;
}
// if search was fine then we returned all entries so now
@@ -314,6 +347,18 @@
StringBuffer buf = new StringBuffer();
req.getFilter().printToBuffer( buf );
ctx.addNamingListener( req.getBase(), buf.toString(), controls, handler );
+ //TM long t1 = System.nanoTime();
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
return;
}
@@ -338,6 +383,18 @@
{
session.write( it.next() );
}
+ //TM long t1 = System.nanoTime();
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
return;
}
@@ -350,6 +407,19 @@
{
session.write( it.next() );
}
+ //TM long t1 = System.nanoTime();
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
+
return;
}
}
@@ -369,6 +439,19 @@
while ( e.skipReferral() );
session.write( req.getResultResponse() );
SessionRegistry.getSingleton().removeOutstandingRequest( session, req.getMessageId() );
+ //TM long t1 = System.nanoTime();
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
+
return;
}
catch ( NamingException e )
@@ -387,6 +470,19 @@
*/
if ( e instanceof OperationAbandonedException )
{
+ //TM long t1 = System.nanoTime();
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
+
return;
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchResponseIterator.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchResponseIterator.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchResponseIterator.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchResponseIterator.java Wed May 23 17:26:40 2007
@@ -44,6 +44,7 @@
import org.apache.directory.shared.ldap.message.SearchResponseEntryImpl;
import org.apache.directory.shared.ldap.message.SearchResponseReference;
import org.apache.directory.shared.ldap.message.SearchResponseReferenceImpl;
+import org.apache.directory.shared.ldap.message.ServerSearchResult;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.util.ExceptionUtils;
import org.apache.mina.common.IoSession;
@@ -94,28 +95,22 @@
{
if ( underlying.hasMore() )
{
- SearchResult result = ( SearchResult ) underlying.next();
+ ServerSearchResult result = ( ServerSearchResult ) underlying.next();
/*
* Now we have to build the prefetched object from the 'result'
* local variable for the following call to next()
*/
Attribute ref = result.getAttributes().get( "ref" );
- if ( !ctx.isReferral( result.getName() )
+
+ if ( !ctx.isReferral( result.getDn() )
|| req.getControls().containsKey( ManageDsaITControl.CONTROL_OID ) )
{
SearchResponseEntry respEntry;
respEntry = new SearchResponseEntryImpl( req.getMessageId() );
respEntry.setAttributes( result.getAttributes() );
- try
- {
- respEntry.setObjectName( new LdapDN( result.getName() ) );
- }
- catch ( InvalidNameException ine )
- {
- log.error( "Invalid object name : " + result.getName(), ine);
- throw new RuntimeException( ine );
- }
+
+ respEntry.setObjectName( result.getDn() );
prefetched = respEntry;
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java Wed May 23 17:26:40 2007
@@ -39,6 +39,7 @@
import javax.security.sasl.Sasl;
import org.apache.directory.server.core.configuration.ConfigurationException;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
import org.apache.directory.server.ldap.LdapConfiguration;
@@ -196,7 +197,7 @@
throw new ConfigurationException( message );
}
- EncryptionKey key = entry.getEncryptionKey();
+ EncryptionKey key = entry.getKeyMap().get( EncryptionType.DES_CBC_MD5 );
byte[] keyBytes = key.getKeyValue();
int type = key.getKeyType().getOrdinal();
int kvno = key.getKeyVersion();
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetPrincipal.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetPrincipal.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetPrincipal.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetPrincipal.java Wed May 23 17:26:40 2007
@@ -20,17 +20,22 @@
package org.apache.directory.server.ldap.support.bind;
+import java.io.IOException;
import java.text.ParseException;
+import java.util.Map;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InvalidAttributeValueException;
import javax.naming.directory.SearchResult;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.SamType;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
@@ -194,17 +199,20 @@
modifier.setSamType( SamType.getTypeByOrdinal( Integer.parseInt( samType ) ) );
}
- Object key = attrs.get( KerberosAttribute.KEY ).get();
- byte[] keyBytes = null;
-
- if ( key instanceof String )
+ if ( attrs.get( KerberosAttribute.KEY ) != null )
{
- String msg = "JNDI should not return a string for the kerberos key: JNDI property java.naming.ldap.attributes.binary must include the krb5key attribute.";
- throw new NamingException( msg );
+ Attribute krb5key = attrs.get( KerberosAttribute.KEY );
+ try
+ {
+ Map<EncryptionType, EncryptionKey> keyMap = modifier.reconstituteKeyMap( krb5key );
+ modifier.setKeyMap( keyMap );
+ }
+ catch ( IOException ioe )
+ {
+ throw new InvalidAttributeValueException( "Account Kerberos key attribute '" + KerberosAttribute.KEY
+ + "' contained an invalid value for krb5key." );
+ }
}
-
- keyBytes = ( byte[] ) key;
- modifier.setKey( keyBytes );
modifier.setPrincipal( new KerberosPrincipal( principal ) );
modifier.setEncryptionType( Integer.parseInt( encryptionType ) );
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/extended/LaunchDiagnosticUiHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/extended/LaunchDiagnosticUiHandler.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/extended/LaunchDiagnosticUiHandler.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/extended/LaunchDiagnosticUiHandler.java Wed May 23 17:26:40 2007
@@ -33,6 +33,7 @@
import javax.swing.JFrame;
import org.apache.directory.server.core.DirectoryService;
+import org.apache.directory.server.core.interceptor.context.EmptyOperationContext;
import org.apache.directory.server.core.jndi.ServerLdapContext;
import org.apache.directory.server.core.partition.Partition;
import org.apache.directory.server.core.partition.PartitionNexus;
@@ -92,8 +93,9 @@
requestor.write( new LaunchDiagnosticUiResponse( req.getMessageId() ) );
PartitionNexus nexus = service.getConfiguration().getPartitionNexus();
- Iterator list = nexus.listSuffixes();
+ Iterator list = nexus.listSuffixes( new EmptyOperationContext() );
int launchedWindowCount = 0;
+
while ( list.hasNext() )
{
LdapDN dn = new LdapDN( ( String ) list.next() );
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-ntp/pom.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-ntp/pom.xml?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-ntp/pom.xml (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-ntp/pom.xml Wed May 23 17:26:40 2007
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-protocol-ntp</artifactId>
<name>ApacheDS Protocol Ntp</name>
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/pom.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/pom.xml?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/pom.xml (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/pom.xml Wed May 23 17:26:40 2007
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-protocol-shared</artifactId>
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/AbstractBackingStoreTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/AbstractBackingStoreTest.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/AbstractBackingStoreTest.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/AbstractBackingStoreTest.java Wed May 23 17:26:40 2007
@@ -59,7 +59,9 @@
import org.apache.directory.server.schema.bootstrap.CosineSchema;
import org.apache.directory.server.schema.bootstrap.InetorgpersonSchema;
import org.apache.directory.server.schema.bootstrap.Krb5kdcSchema;
+import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.schema.bootstrap.SystemSchema;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.ldif.Entry;
import org.apache.directory.shared.ldap.ldif.LdifReader;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -147,7 +149,7 @@
{
config = new MutableStartupConfiguration();
- Set schemas = new HashSet();
+ Set<Schema> schemas = new HashSet<Schema>();
schemas.add( new CoreSchema() );
schemas.add( new CosineSchema() );
schemas.add( new ApacheSchema() );
@@ -163,7 +165,7 @@
//config.setBootstrapSchemas( schemas );
- Set partitions = new HashSet();
+ Set<PartitionConfiguration> partitions = new HashSet<PartitionConfiguration>();
partitions.add( getExamplePartition() );
partitions.add( getApachePartition() );
@@ -178,10 +180,10 @@
MutablePartitionConfiguration partConfig = new MutablePartitionConfiguration();
partConfig.setName( "example" );
- HashSet indices = new HashSet();
+ Set<Object> indices = new HashSet<Object>();
indices.add( "dc" );
indices.add( "ou" );
- indices.add( "objectClass" );
+ indices.add( SchemaConstants.OBJECT_CLASS_AT );
indices.add( "krb5PrincipalName" );
indices.add( "uid" );
partConfig.setIndexedAttributes( indices );
@@ -189,8 +191,8 @@
partConfig.setSuffix( "dc=example, dc=com" );
AttributesImpl attrs = new AttributesImpl();
- AttributeImpl objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
+ AttributeImpl objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
objectClass.add( "domain" );
attrs.put( objectClass );
attrs.put( "dc", "example" );
@@ -205,10 +207,10 @@
MutablePartitionConfiguration partConfig = new MutablePartitionConfiguration();
partConfig.setName( "apache" );
- HashSet indices = new HashSet();
+ Set<Object> indices = new HashSet<Object>();
indices.add( "dc" );
indices.add( "ou" );
- indices.add( "objectClass" );
+ indices.add( SchemaConstants.OBJECT_CLASS_AT );
indices.add( "krb5PrincipalName" );
indices.add( "uid" );
partConfig.setIndexedAttributes( indices );
@@ -216,8 +218,8 @@
partConfig.setSuffix( "dc=apache, dc=org" );
AttributesImpl attrs = new AttributesImpl();
- AttributeImpl objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
+ AttributeImpl objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
objectClass.add( "domain" );
attrs.put( objectClass );
attrs.put( "dc", "apache" );
@@ -316,9 +318,9 @@
String dn = entry.getDn();
Attributes attributes = entry.getAttributes();
- if ( attributes.get( "objectClass" ).contains( "krb5KDCEntry" ) )
+ if ( attributes.get( SchemaConstants.OBJECT_CLASS_AT ).contains( "krb5KDCEntry" ) )
{
- String pw = ( String ) attributes.get( "userpassword" ).get();
+ String pw = ( String ) attributes.get( SchemaConstants.USER_PASSWORD_AT ).get();
String krbPrincipal = ( String ) attributes.get( KerberosAttribute.PRINCIPAL ).get();
KerberosPrincipal principal = new KerberosPrincipal( krbPrincipal );
Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/Krb5KdcEntryFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/Krb5KdcEntryFilter.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/Krb5KdcEntryFilter.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/Krb5KdcEntryFilter.java Wed May 23 17:26:40 2007
@@ -28,6 +28,7 @@
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -43,9 +44,8 @@
{
private static final Logger log = LoggerFactory.getLogger( Krb5KdcEntryFilter.class );
private static final String KEY_TYPE = "DES";
- private static final String OBJECTCLASS_ATTR = "objectClass";
private static final String KRB5KDCENTRY_OC = "krb5KDCEntry";
- private static final String PASSWORD_ATTR = "userPassword";
+ private static final String PASSWORD_ATTR = SchemaConstants.USER_PASSWORD_AT;
/**
@@ -55,7 +55,7 @@
*/
public boolean filter( File file, String dn, Attributes entry, DirContext ctx ) throws NamingException
{
- if ( entry.get( OBJECTCLASS_ATTR ).contains( KRB5KDCENTRY_OC ) )
+ if ( entry.get( SchemaConstants.OBJECT_CLASS_AT ).contains( KRB5KDCENTRY_OC ) )
{
String krbPrincipal = null;
try
Modified: directory/apacheds/branches/apacheds-sasl-branch/sar-plugin/pom.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/sar-plugin/pom.xml?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/sar-plugin/pom.xml (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/sar-plugin/pom.xml Wed May 23 17:26:40 2007
@@ -2,7 +2,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>apacheds-sar-plugin</artifactId>
Modified: directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/pom.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/pom.xml?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/pom.xml (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/pom.xml Wed May 23 17:26:40 2007
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-schema-bootstrap</artifactId>
<name>ApacheDS Bootstrap Schemas</name>
Modified: directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/AbstractBootstrapProducer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/AbstractBootstrapProducer.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/AbstractBootstrapProducer.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/AbstractBootstrapProducer.java Wed May 23 17:26:40 2007
@@ -109,7 +109,7 @@
final SyntaxCheckerRegistry registry;
- protected BootstrapSyntax(String oid, SyntaxCheckerRegistry registry)
+ public BootstrapSyntax(String oid, SyntaxCheckerRegistry registry)
{
super( oid );
this.registry = registry;
@@ -161,7 +161,7 @@
String syntaxOid;
- protected BootstrapMatchingRule(String oid, Registries registries)
+ public BootstrapMatchingRule(String oid, Registries registries)
{
super( oid );
this.syntaxRegistry = registries.getSyntaxRegistry();
@@ -238,7 +238,7 @@
private String syntaxId;
- protected BootstrapAttributeType(String oid, Registries registries)
+ public BootstrapAttributeType(String oid, Registries registries)
{
super( oid );
@@ -434,7 +434,7 @@
* @param oid the OID of the new objectClass
* @param registries the bootstrap registries to use for resolving dependent objects
*/
- protected BootstrapObjectClass(String oid, Registries registries)
+ public BootstrapObjectClass(String oid, Registries registries)
{
super( oid );
Modified: directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApacheComparatorProducer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApacheComparatorProducer.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApacheComparatorProducer.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApacheComparatorProducer.java Wed May 23 17:26:40 2007
@@ -29,7 +29,8 @@
import org.apache.directory.server.schema.bootstrap.ProducerTypeEnum;
import org.apache.directory.server.schema.registries.Registries;
import org.apache.directory.shared.ldap.schema.ComparableComparator;
-import org.apache.directory.shared.ldap.util.BigIntegerComparator;
+//import org.apache.directory.shared.ldap.util.BigIntegerComparator;
+import org.apache.directory.shared.ldap.util.LongComparator;
/**
@@ -63,7 +64,7 @@
cb.schemaObjectProduced( this, "1.3.6.1.4.1.18060.0.4.1.1.1", comparator );
// For bigIntegerMatch -> 1.3.6.1.4.1.18060.0.4.1.1.2
- comparator = new BigIntegerComparator();
+ comparator = new LongComparator();
cb.schemaObjectProduced( this, "1.3.6.1.4.1.18060.0.4.1.1.2", comparator );
// For jdbmStringMatch -> 1.3.6.1.4.1.18060.0.4.1.1.3
Modified: directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaMatchingRuleProducer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaMatchingRuleProducer.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaMatchingRuleProducer.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaMatchingRuleProducer.java Wed May 23 17:26:40 2007
@@ -117,7 +117,7 @@
public String getDescription()
{
- return "Don't know Emmanuel needs to define what this is for.";
+ return "Rule identifier of this DIT structure rule";
}
public String getName()
Modified: directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaSyntaxCheckerProducer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaSyntaxCheckerProducer.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaSyntaxCheckerProducer.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaSyntaxCheckerProducer.java Wed May 23 17:26:40 2007
@@ -23,6 +23,7 @@
import javax.naming.NamingException;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.schema.syntax.NumberSyntaxChecker;
import org.apache.directory.shared.ldap.schema.syntax.NumericOidSyntaxChecker;
import org.apache.directory.shared.ldap.schema.syntax.ObjectClassTypeSyntaxChecker;
import org.apache.directory.shared.ldap.schema.syntax.SyntaxChecker;
@@ -61,6 +62,9 @@
cb.schemaObjectProduced( this, checker.getSyntaxOid(), checker );
checker = new ObjectClassTypeSyntaxChecker();
+ cb.schemaObjectProduced( this, checker.getSyntaxOid(), checker );
+
+ checker = new NumberSyntaxChecker();
cb.schemaObjectProduced( this, checker.getSyntaxOid(), checker );
}
}
Modified: directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/BootstrapSchemaLoader.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/BootstrapSchemaLoader.java?view=diff&rev=541123&r1=541122&r2=541123
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/BootstrapSchemaLoader.java (original)
+++ directory/apacheds/branches/apacheds-sasl-branch/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/BootstrapSchemaLoader.java Wed May 23 17:26:40 2007
@@ -74,6 +74,8 @@
{
private static final Logger log = LoggerFactory.getLogger( BootstrapSchemaLoader.class );
+ private ClassLoader cl = getClass().getClassLoader();
+
/** stores schemas of producers for callback access */
private ThreadLocal<BootstrapSchema> schemas;
/** stores registries associated with producers for callback access */
@@ -98,7 +100,13 @@
registries = new ThreadLocal<Registries>();
}
-
+
+ public BootstrapSchemaLoader( ClassLoader cl )
+ {
+ this();
+ this.cl = cl;
+ }
+
public final void loadWithDependencies( Schema schema, Registries registries ) throws NamingException
{
if ( ! ( schema instanceof BootstrapSchema ) )
@@ -202,7 +210,7 @@
*/
private void register( ProducerTypeEnum type, String id, Object schemaObject ) throws NamingException
{
- BootstrapSchema schema = ( BootstrapSchema ) this.schemas.get();
+ BootstrapSchema schema = this.schemas.get();
DefaultRegistries registries = ( DefaultRegistries ) this.registries.get();
List<String> values = new ArrayList<String>(1);
values.add( schema.getSchemaName() );
@@ -322,7 +330,7 @@
try
{
- clazz = Class.forName( targetClassName );
+ clazz = Class.forName( targetClassName, true, cl );
}
catch ( ClassNotFoundException e )
{
@@ -336,7 +344,7 @@
try
{
- clazz = Class.forName( defaultClassName );
+ clazz = Class.forName( defaultClassName, true, cl );
}
catch ( ClassNotFoundException e )
{
@@ -407,7 +415,7 @@
Schema schema = null;
try
{
- schema = ( Schema ) Class.forName( schemaName ).newInstance();
+ schema = ( Schema ) Class.forName( schemaName, true, cl ).newInstance();
}
catch ( InstantiationException e )
{