You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ak...@apache.org on 2005/03/28 18:49:39 UTC
svn commit: r159254 - in
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server:
authn/AuthenticationService.java authn/LdapPrincipal.java
authn/SimpleAuthenticator.java interceptor/InterceptorChain.java
jndi/AuthenticationService.java jndi/AuthenticatorConfigBuilder.java
jndi/ServerContext.java
Author: akarasulu
Date: Mon Mar 28 08:49:38 2005
New Revision: 159254
URL: http://svn.apache.org/viewcvs?view=rev&rev=159254
Log:
changes ...
o a lil formating and pkg cleanup (should have done this after changes here)
o moved AuthenticationService to authn package where it belongs
o had to open up ServerContext.setPrincipal() to be able to set principal from
authn package so we needed to change a few things to preserve security
o now that any code can setPrincipal we had to take some precautions - we
made LdapPrincipal constructor package friendly but this does not stop all
o malicious code can still change LdapPrincipals even if they cannot create
them so we had to make sure only the AuthnService can effectively call
setPrincipal so we made it accept and argument that wraps the LdapPrincipal
and can only be created by the AuthnService but not accessible anywhere
o added the TrustedPrincipalWrapper for the reasons above
Added:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/AuthenticationService.java
- copied, changed from r159249, directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java
Removed:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/LdapPrincipal.java
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/SimpleAuthenticator.java
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/interceptor/InterceptorChain.java
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/ServerContext.java
Copied: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/AuthenticationService.java (from r159249, directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java)
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/AuthenticationService.java?view=diff&rev=159254&p1=directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java&r1=159249&p2=directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/AuthenticationService.java&r2=159254
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/AuthenticationService.java Mon Mar 28 08:49:38 2005
@@ -14,7 +14,7 @@
* limitations under the License.
*
*/
-package org.apache.ldap.server.jndi;
+package org.apache.ldap.server.authn;
import java.lang.reflect.Constructor;
@@ -32,16 +32,15 @@
import org.apache.ldap.common.exception.LdapAuthenticationNotSupportedException;
import org.apache.ldap.common.message.ResultCodeEnum;
import org.apache.ldap.common.util.StringTools;
-import org.apache.ldap.server.authn.SimpleAuthenticator;
import org.apache.ldap.server.invocation.Invocation;
import org.apache.ldap.server.interceptor.Interceptor;
import org.apache.ldap.server.interceptor.InterceptorContext;
import org.apache.ldap.server.interceptor.NextInterceptor;
-import org.apache.ldap.server.interceptor.Interceptor;
-import org.apache.ldap.server.interceptor.NextInterceptor;
-import org.apache.ldap.server.authn.AbstractAuthenticator;
-import org.apache.ldap.server.authn.GenericAuthenticatorConfig;
-import org.apache.ldap.server.authn.*;
+import org.apache.ldap.server.jndi.EnvKeys;
+import org.apache.ldap.server.jndi.AuthenticatorConfigBuilder;
+import org.apache.ldap.server.jndi.ServerContext;
+import org.apache.ldap.server.jndi.ServerLdapContext;
+
/**
* An {@link Interceptor} that authenticates users.
@@ -79,28 +78,40 @@
boolean allowAnonymous = !ctx.getEnvironment().containsKey( EnvKeys.DISABLE_ANONYMOUS );
// create authenticator context
+
GenericAuthenticatorContext authenticatorContext = new GenericAuthenticatorContext();
+
authenticatorContext.setPartitionNexus( ctx.getRootNexus() );
+
authenticatorContext.setAllowAnonymous( allowAnonymous );
try // initialize default authenticators
{
// create anonymous authenticator
+
GenericAuthenticatorConfig authenticatorConfig = new GenericAuthenticatorConfig();
+
authenticatorConfig.setAuthenticatorName( "none" );
+
authenticatorConfig.setAuthenticatorContext( authenticatorContext );
org.apache.ldap.server.authn.Authenticator authenticator = new AnonymousAuthenticator();
+
authenticator.init( authenticatorConfig );
+
this.register( authenticator );
// create simple authenticator
authenticatorConfig = new GenericAuthenticatorConfig();
+
authenticatorConfig.setAuthenticatorName( "simple" );
+
authenticatorConfig.setAuthenticatorContext( authenticatorContext );
authenticator = new SimpleAuthenticator();
+
authenticator.init( authenticatorConfig );
+
this.register( authenticator );
}
catch ( Exception e )
@@ -109,8 +120,8 @@
}
GenericAuthenticatorConfig[] configs = null;
- configs = AuthenticatorConfigBuilder
- .getAuthenticatorConfigs( new Hashtable( ctx.getEnvironment() ) );
+
+ configs = AuthenticatorConfigBuilder.getAuthenticatorConfigs( new Hashtable( ctx.getEnvironment() ) );
for ( int ii = 0; ii < configs.length; ii++ )
{
@@ -119,10 +130,13 @@
configs[ii].setAuthenticatorContext( authenticatorContext );
String authenticatorClass = configs[ii].getAuthenticatorClass();
+
Class clazz = Class.forName( authenticatorClass );
+
Constructor constructor = clazz.getConstructor( new Class[] { } );
AbstractAuthenticator authenticator = ( AbstractAuthenticator ) constructor.newInstance( new Object[] { } );
+
authenticator.init( configs[ii] );
this.register( authenticator );
@@ -151,11 +165,14 @@
public void register( org.apache.ldap.server.authn.Authenticator authenticator )
{
Collection authenticatorList = getAuthenticators( authenticator.getAuthenticatorType() );
+
if ( authenticatorList == null )
{
authenticatorList = new ArrayList();
+
authenticators.put( authenticator.getAuthenticatorType(), authenticatorList );
}
+
authenticatorList.add( authenticator );
}
@@ -171,10 +188,12 @@
public void unregister( org.apache.ldap.server.authn.Authenticator authenticator )
{
Collection authenticatorList = getAuthenticators( authenticator.getAuthenticatorType() );
+
if ( authenticatorList == null )
{
return;
}
+
authenticatorList.remove( authenticator );
}
@@ -186,7 +205,7 @@
*/
public Collection getAuthenticators( String type )
{
- return (Collection)authenticators.get( type );
+ return ( Collection ) authenticators.get( type );
}
public void process( NextInterceptor nextProcessor, Invocation call ) throws NamingException
@@ -194,6 +213,7 @@
// check if we are already authenticated and if so we return making
// sure first that the credentials are not exposed within context
ServerContext ctx = ( ServerLdapContext ) call.getContextStack().peek();
+
if ( ctx.getPrincipal() != null )
{
if ( ctx.getEnvironment().containsKey( CREDS ) )
@@ -202,6 +222,7 @@
}
nextProcessor.process(call);
+
return;
}
@@ -212,32 +233,42 @@
if ( ctx.getEnvironment().containsKey( CREDS ) )
{
// authentication type is simple here
+
authList = "simple";
}
else
{
// authentication type is anonymous
+
authList = "none";
}
}
authList = StringTools.deepTrim( authList );
+
String[] auth = authList.split( " " );
Collection authenticators = null;
// pick the first matching authenticator type
+
for ( int i=0; i<auth.length; i++)
{
authenticators = getAuthenticators( auth[i] );
- if ( authenticators != null ) break;
+
+ if ( authenticators != null )
+ {
+ break;
+ }
}
if ( authenticators == null )
{
ctx.getEnvironment(); // shut's up idea's yellow light
+
ResultCodeEnum rc = ResultCodeEnum.AUTHMETHODNOTSUPPORTED;
+
throw new LdapAuthenticationNotSupportedException( rc );
}
@@ -246,18 +277,22 @@
{
try
{
- org.apache.ldap.server.authn.Authenticator authenticator =
- ( org.apache.ldap.server.authn.Authenticator ) i.next();
+ Authenticator authenticator = ( Authenticator ) i.next();
// perform the authentication
+
LdapPrincipal authorizationId = authenticator.authenticate( ctx );
// authentication was successful
- ctx.setPrincipal( authorizationId );
+
+ ctx.setPrincipal( new TrustedPrincipalWrapper( authorizationId ) );
// remove creds so there is no security risk
+
ctx.removeFromEnvironment( CREDS );
+
nextProcessor.process(call);
+
return;
}
catch ( LdapAuthenticationException e )
@@ -267,5 +302,45 @@
}
throw new LdapAuthenticationException();
+ }
+
+
+ /**
+ * Created this wrapper to pass to ctx.setPrincipal() which is public for added
+ * security. This adds more security because an instance of this class is not
+ * easily accessible whereas LdapPrincipals can be accessed easily from a context
+ * althought they cannot be instantiated outside of the authn package. Malicious
+ * code may not be able to set the principal to what they would like but they
+ * could switch existing principals using the now public ServerContext.setPrincipal()
+ * method. To avoid this we make sure that this metho takes a TrustedPrincipalWrapper
+ * as opposed to the LdapPrincipal. Only this service can create and call setPrincipal
+ * with a TrustedPrincipalWrapper.
+ */
+ public final class TrustedPrincipalWrapper
+ {
+ /** the wrapped ldap principal */
+ private final LdapPrincipal principal;
+
+
+ /**
+ * Creates a TrustedPrincipalWrapper around an LdapPrincipal.
+ *
+ * @param principal the LdapPrincipal to wrap
+ */
+ private TrustedPrincipalWrapper( LdapPrincipal principal )
+ {
+ this.principal = principal;
+ }
+
+
+ /**
+ * Gets the LdapPrincipal this TrustedPrincipalWrapper wraps.
+ *
+ * @return the wrapped LdapPrincipal
+ */
+ public LdapPrincipal getPrincipal()
+ {
+ return principal;
+ }
}
}
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/LdapPrincipal.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/LdapPrincipal.java?view=diff&r1=159253&r2=159254
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/LdapPrincipal.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/LdapPrincipal.java Mon Mar 28 08:49:38 2005
@@ -37,16 +37,18 @@
/** the normalized distinguished name of the principal */
private final Name name;
+
/** the no name anonymous user whose DN is the empty String */
public static final LdapPrincipal ANONYMOUS = new LdapPrincipal();
/**
- * Creates a new LDAP/X500 principal.
+ * Creates a new LDAP/X500 principal. Keep this package friendly so only code
+ * in the package can create a trusted principal.
*
* @param name the normalized distinguished name of the principal
*/
- public LdapPrincipal( Name name )
+ LdapPrincipal( Name name )
{
this.name = name;
}
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/SimpleAuthenticator.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/SimpleAuthenticator.java?view=diff&r1=159253&r2=159254
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/SimpleAuthenticator.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authn/SimpleAuthenticator.java Mon Mar 28 08:49:38 2005
@@ -27,8 +27,6 @@
import org.apache.ldap.common.name.LdapName;
import org.apache.ldap.common.util.ArrayUtils;
import org.apache.ldap.server.PartitionNexus;
-import org.apache.ldap.server.authn.AbstractAuthenticator;
-import org.apache.ldap.server.authn.LdapPrincipal;
import org.apache.ldap.server.jndi.ServerContext;
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/interceptor/InterceptorChain.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/interceptor/InterceptorChain.java?view=diff&r1=159253&r2=159254
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/interceptor/InterceptorChain.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/interceptor/InterceptorChain.java Mon Mar 28 08:49:38 2005
@@ -27,7 +27,7 @@
import javax.naming.NamingException;
-import org.apache.ldap.server.jndi.AuthenticationService;
+import org.apache.ldap.server.authn.AuthenticationService;
import org.apache.ldap.server.invocation.Invocation;
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java?view=diff&r1=159253&r2=159254
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java Mon Mar 28 08:49:38 2005
@@ -25,7 +25,6 @@
import org.apache.ldap.common.util.StringTools;
import org.apache.ldap.server.authn.GenericAuthenticatorConfig;
-import org.apache.ldap.server.authn.GenericAuthenticatorConfig;
/**
Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/ServerContext.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/ServerContext.java?view=diff&r1=159253&r2=159254
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/ServerContext.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/ServerContext.java Mon Mar 28 08:49:38 2005
@@ -36,6 +36,7 @@
import org.apache.ldap.server.PartitionNexus;
import org.apache.ldap.server.authn.LdapPrincipal;
import org.apache.ldap.server.authn.LdapPrincipal;
+import org.apache.ldap.server.authn.AuthenticationService;
/**
@@ -162,11 +163,14 @@
/**
* Sets the principal of the authenticated user which also happens to own.
- * This method can be invoked only once to keep this property safe.
+ * This method can be invoked only once to keep this property safe. This
+ * method has been changed to be public but it can only be set by the
+ * AuthenticationService to prevent malicious code from changing the
+ * effective principal.
*/
- void setPrincipal( LdapPrincipal principal )
+ public void setPrincipal( AuthenticationService.TrustedPrincipalWrapper wrapper )
{
- this.principal = principal;
+ this.principal = wrapper.getPrincipal();
}