You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ka...@apache.org on 2013/06/19 15:42:17 UTC
svn commit: r1494621 - in /directory:
apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/
apacheds/trunk/server-config/src/main/java/org/apache/directory/server/config/beans/
apacheds/trunk/server-config/src/main/r...
Author: kayyagari
Date: Wed Jun 19 13:42:17 2013
New Revision: 1494621
URL: http://svn.apache.org/r1494621
Log:
o allow custom password validator implementations (DIRSERVER-1858)
o added a new attribute in config schema to inject the FQCN of the custom password validator
Added:
directory/shared/trunk/ldap/schema/data/src/main/resources/schema/ou=schema/cn=adsconfig/ou=attributetypes/m-oid=1.3.6.1.4.1.18060.0.4.1.2.925.ldif
Modified:
directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordPolicyConfiguration.java
directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordValidator.java
directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/server/config/beans/PasswordPolicyBean.java
directory/apacheds/trunk/server-config/src/main/resources/config.ldif
directory/apacheds/trunk/service-builder/src/main/java/org/apache/directory/server/config/builder/ServiceBuilder.java
directory/shared/trunk/ldap/schema/data/src/main/resources/schema/ou=schema/cn=adsconfig/ou=objectclasses/m-oid=1.3.6.1.4.1.18060.0.4.1.3.900.ldif
directory/shared/trunk/ldap/schema/data/src/test/java/org/apache/directory/api/ldap/schemaloader/SchemaManagerEnableDisableLoadTest.java
Modified: directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordPolicyConfiguration.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordPolicyConfiguration.java?rev=1494621&r1=1494620&r2=1494621&view=diff
==============================================================================
--- directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordPolicyConfiguration.java (original)
+++ directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordPolicyConfiguration.java Wed Jun 19 13:42:17 2013
@@ -153,7 +153,6 @@ public class PasswordPolicyConfiguration
private int pwdMaxIdle = 0;
/** validator used for checking the quality of password */
- //TODO to be injected from config
private PasswordValidator pwdValidator = DefaultPasswordValidator.INSTANCE;
Modified: directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordValidator.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordValidator.java?rev=1494621&r1=1494620&r2=1494621&view=diff
==============================================================================
--- directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordValidator.java (original)
+++ directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/api/authn/ppolicy/PasswordValidator.java Wed Jun 19 13:42:17 2013
@@ -35,8 +35,8 @@ public interface PasswordValidator
* so the implementor should concentrate on the content checking.</p>
*
* @param password the password value
- * @param entryRdnVal the value of entry's RDN(typically this is the username) e.x 'admin' if the entry's DN is {uid/cn/etc..}=admin,ou=system
+ * @param userId user's ID (it is the value of entry's RDN e.x 'admin' if the entry's DN is {uid/cn/etc..}=admin,ou=system)
* @throws PasswordPolicyException if the password doesn't meet the quality contraints
*/
- void validate( String password, String entryRdnVal ) throws PasswordPolicyException;
+ void validate( String password, String userId ) throws PasswordPolicyException;
}
Modified: directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/server/config/beans/PasswordPolicyBean.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/server/config/beans/PasswordPolicyBean.java?rev=1494621&r1=1494620&r2=1494621&view=diff
==============================================================================
--- directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/server/config/beans/PasswordPolicyBean.java (original)
+++ directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/server/config/beans/PasswordPolicyBean.java Wed Jun 19 13:42:17 2013
@@ -177,6 +177,9 @@ public class PasswordPolicyBean extends
@ConfigurationElement(attributeType = "ads-pwdMaxIdle", isOptional = true, defaultValue = "0")
private int pwdMaxIdle = 0;
+ /** the FQCN of the password validator */
+ @ConfigurationElement(attributeType = "ads-pwdValidator")
+ private String pwdValidator = null;
public String getPwdAttribute()
{
@@ -437,6 +440,26 @@ public class PasswordPolicyBean extends
/**
+ * @return gives the FQCN of the password validator
+ */
+ public String getPwdValidator()
+ {
+ return pwdValidator;
+ }
+
+
+ /**
+ * Sets the password validator
+ *
+ * @param pwdValidator the FQCN of the password validator
+ */
+ public void setPwdValidator(String pwdValidator)
+ {
+ this.pwdValidator = pwdValidator;
+ }
+
+
+ /**
* {@inheritDoc}
*/
public String toString( String tabs )
Modified: directory/apacheds/trunk/server-config/src/main/resources/config.ldif
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/server-config/src/main/resources/config.ldif?rev=1494621&r1=1494620&r2=1494621&view=diff
==============================================================================
--- directory/apacheds/trunk/server-config/src/main/resources/config.ldif (original)
+++ directory/apacheds/trunk/server-config/src/main/resources/config.ldif Wed Jun 19 13:42:17 2013
@@ -121,6 +121,7 @@ ads-pwdGraceExpire: 0
ads-pwdMinDelay: 0
ads-pwdMaxDelay: 0
ads-pwdMaxIdle: 0
+ads-pwdValidator: org.apache.directory.server.core.api.authn.ppolicy.DefaultPasswordValidator
ads-enabled: TRUE
dn: ads-interceptorId=referralInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
Modified: directory/apacheds/trunk/service-builder/src/main/java/org/apache/directory/server/config/builder/ServiceBuilder.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/service-builder/src/main/java/org/apache/directory/server/config/builder/ServiceBuilder.java?rev=1494621&r1=1494620&r2=1494621&view=diff
==============================================================================
--- directory/apacheds/trunk/service-builder/src/main/java/org/apache/directory/server/config/builder/ServiceBuilder.java (original)
+++ directory/apacheds/trunk/service-builder/src/main/java/org/apache/directory/server/config/builder/ServiceBuilder.java Wed Jun 19 13:42:17 2013
@@ -74,7 +74,9 @@ import org.apache.directory.server.core.
import org.apache.directory.server.core.api.DirectoryService;
import org.apache.directory.server.core.api.InstanceLayout;
import org.apache.directory.server.core.api.authn.ppolicy.CheckQualityEnum;
+import org.apache.directory.server.core.api.authn.ppolicy.DefaultPasswordValidator;
import org.apache.directory.server.core.api.authn.ppolicy.PasswordPolicyConfiguration;
+import org.apache.directory.server.core.api.authn.ppolicy.PasswordValidator;
import org.apache.directory.server.core.api.changelog.ChangeLog;
import org.apache.directory.server.core.api.interceptor.Interceptor;
import org.apache.directory.server.core.api.journal.Journal;
@@ -258,7 +260,31 @@ public class ServiceBuilder
passwordPolicy.setPwdMinLength( passwordPolicyBean.getPwdMinLength() );
passwordPolicy.setPwdMustChange( passwordPolicyBean.isPwdMustChange() );
passwordPolicy.setPwdSafeModify( passwordPolicyBean.isPwdSafeModify() );
-
+
+ PasswordValidator validator = null;
+
+ try
+ {
+ String className = passwordPolicyBean.getPwdValidator();
+
+ if ( className != null )
+ {
+ Class<?> cls = Class.forName( className );
+ validator = ( PasswordValidator ) cls.newInstance();
+ }
+ }
+ catch( Exception e )
+ {
+ LOG.warn( "Failed to load and instantiate the custom password validator for password policy config {}, using the default validator", passwordPolicyBean.getDn(), e );
+ }
+
+ if ( validator == null )
+ {
+ validator = new DefaultPasswordValidator();
+ }
+
+ passwordPolicy.setPwdValidator(validator);
+
return passwordPolicy;
}
Added: directory/shared/trunk/ldap/schema/data/src/main/resources/schema/ou=schema/cn=adsconfig/ou=attributetypes/m-oid=1.3.6.1.4.1.18060.0.4.1.2.925.ldif
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap/schema/data/src/main/resources/schema/ou%3Dschema/cn%3Dadsconfig/ou%3Dattributetypes/m-oid%3D1.3.6.1.4.1.18060.0.4.1.2.925.ldif?rev=1494621&view=auto
==============================================================================
--- directory/shared/trunk/ldap/schema/data/src/main/resources/schema/ou=schema/cn=adsconfig/ou=attributetypes/m-oid=1.3.6.1.4.1.18060.0.4.1.2.925.ldif (added)
+++ directory/shared/trunk/ldap/schema/data/src/main/resources/schema/ou=schema/cn=adsconfig/ou=attributetypes/m-oid=1.3.6.1.4.1.18060.0.4.1.2.925.ldif Wed Jun 19 13:42:17 2013
@@ -0,0 +1,14 @@
+version: 1
+dn: m-oid=1.3.6.1.4.1.18060.0.4.1.2.925, ou=attributetypes, cn=adsconfig, ou=schema
+objectclass: metaAttributeType
+objectclass: metaTop
+objectclass: top
+m-oid: 1.3.6.1.4.1.18060.0.4.1.2.925
+m-name: ads-pwdValidator
+m-description: FQCN of password validator
+m-equality: caseExactMatch
+m-ordering: caseExactOrderingMatch
+m-substr: caseExactSubstringsMatch
+m-syntax: 1.3.6.1.4.1.1466.115.121.1.44
+m-length: 0
+m-singleValue: TRUE
Modified: directory/shared/trunk/ldap/schema/data/src/main/resources/schema/ou=schema/cn=adsconfig/ou=objectclasses/m-oid=1.3.6.1.4.1.18060.0.4.1.3.900.ldif
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap/schema/data/src/main/resources/schema/ou%3Dschema/cn%3Dadsconfig/ou%3Dobjectclasses/m-oid%3D1.3.6.1.4.1.18060.0.4.1.3.900.ldif?rev=1494621&r1=1494620&r2=1494621&view=diff
==============================================================================
--- directory/shared/trunk/ldap/schema/data/src/main/resources/schema/ou=schema/cn=adsconfig/ou=objectclasses/m-oid=1.3.6.1.4.1.18060.0.4.1.3.900.ldif (original)
+++ directory/shared/trunk/ldap/schema/data/src/main/resources/schema/ou=schema/cn=adsconfig/ou=objectclasses/m-oid=1.3.6.1.4.1.18060.0.4.1.3.900.ldif Wed Jun 19 13:42:17 2013
@@ -28,4 +28,5 @@ m-may: ads-pwdSafeModify
m-may: ads-pwdMinDelay
m-may: ads-pwdMaxDelay
m-may: ads-pwdMaxIdle
+m-may: ads-pwdValidator
creatorsname: uid=admin,ou=system
Modified: directory/shared/trunk/ldap/schema/data/src/test/java/org/apache/directory/api/ldap/schemaloader/SchemaManagerEnableDisableLoadTest.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap/schema/data/src/test/java/org/apache/directory/api/ldap/schemaloader/SchemaManagerEnableDisableLoadTest.java?rev=1494621&r1=1494620&r2=1494621&view=diff
==============================================================================
--- directory/shared/trunk/ldap/schema/data/src/test/java/org/apache/directory/api/ldap/schemaloader/SchemaManagerEnableDisableLoadTest.java (original)
+++ directory/shared/trunk/ldap/schema/data/src/test/java/org/apache/directory/api/ldap/schemaloader/SchemaManagerEnableDisableLoadTest.java Wed Jun 19 13:42:17 2013
@@ -156,14 +156,14 @@ public class SchemaManagerEnableDisableL
assertEquals( 0, disabled.size() );
assertTrue( schemaManager.getErrors().isEmpty() );
- assertEquals( 422, schemaManager.getAttributeTypeRegistry().size() );
+ assertEquals( 423, schemaManager.getAttributeTypeRegistry().size() );
assertEquals( 48, schemaManager.getComparatorRegistry().size() );
assertEquals( 48, schemaManager.getMatchingRuleRegistry().size() );
assertEquals( 48, schemaManager.getNormalizerRegistry().size() );
assertEquals( 120, schemaManager.getObjectClassRegistry().size() );
assertEquals( 68, schemaManager.getSyntaxCheckerRegistry().size() );
assertEquals( 73, schemaManager.getLdapSyntaxRegistry().size() );
- assertEquals( 663, schemaManager.getGlobalOidRegistry().size() );
+ assertEquals( 664, schemaManager.getGlobalOidRegistry().size() );
assertEquals( 12, schemaManager.getRegistries().getLoadedSchemas().size() );
assertNull( schemaManager.getRegistries().getLoadedSchema( "nis" ) );
}
@@ -203,14 +203,14 @@ public class SchemaManagerEnableDisableL
assertNotNull( schemaManager.lookupAttributeTypeRegistry( "automountMapName" ) );
assertTrue( schemaManager.getErrors().isEmpty() );
- assertEquals( 454, schemaManager.getAttributeTypeRegistry().size() );
+ assertEquals( 455, schemaManager.getAttributeTypeRegistry().size() );
assertEquals( 49, schemaManager.getComparatorRegistry().size() );
assertEquals( 49, schemaManager.getMatchingRuleRegistry().size() );
assertEquals( 49, schemaManager.getNormalizerRegistry().size() );
assertEquals( 136, schemaManager.getObjectClassRegistry().size() );
assertEquals( 70, schemaManager.getSyntaxCheckerRegistry().size() );
assertEquals( 75, schemaManager.getLdapSyntaxRegistry().size() );
- assertEquals( 714, schemaManager.getGlobalOidRegistry().size() );
+ assertEquals( 715, schemaManager.getGlobalOidRegistry().size() );
assertEquals( 14, schemaManager.getRegistries().getLoadedSchemas().size() );
assertNotNull( schemaManager.getRegistries().getLoadedSchema( "nis" ) );
@@ -244,14 +244,14 @@ public class SchemaManagerEnableDisableL
}
assertTrue( schemaManager.getErrors().isEmpty() );
- assertEquals( 422, schemaManager.getAttributeTypeRegistry().size() );
+ assertEquals( 423, schemaManager.getAttributeTypeRegistry().size() );
assertEquals( 48, schemaManager.getComparatorRegistry().size() );
assertEquals( 48, schemaManager.getMatchingRuleRegistry().size() );
assertEquals( 48, schemaManager.getNormalizerRegistry().size() );
assertEquals( 120, schemaManager.getObjectClassRegistry().size() );
assertEquals( 68, schemaManager.getSyntaxCheckerRegistry().size() );
assertEquals( 73, schemaManager.getLdapSyntaxRegistry().size() );
- assertEquals( 663, schemaManager.getGlobalOidRegistry().size() );
+ assertEquals( 664, schemaManager.getGlobalOidRegistry().size() );
assertEquals( 12, schemaManager.getRegistries().getLoadedSchemas().size() );
assertNull( schemaManager.getRegistries().getLoadedSchema( "nis" ) );
@@ -296,14 +296,14 @@ public class SchemaManagerEnableDisableL
assertNotNull( schemaManager.lookupAttributeTypeRegistry( "gecos" ) );
assertTrue( schemaManager.getErrors().isEmpty() );
- assertEquals( 496, schemaManager.getAttributeTypeRegistry().size() );
+ assertEquals( 497, schemaManager.getAttributeTypeRegistry().size() );
assertEquals( 49, schemaManager.getComparatorRegistry().size() );
assertEquals( 49, schemaManager.getMatchingRuleRegistry().size() );
assertEquals( 49, schemaManager.getNormalizerRegistry().size() );
assertEquals( 144, schemaManager.getObjectClassRegistry().size() );
assertEquals( 70, schemaManager.getSyntaxCheckerRegistry().size() );
assertEquals( 75, schemaManager.getLdapSyntaxRegistry().size() );
- assertEquals( 764, schemaManager.getGlobalOidRegistry().size() );
+ assertEquals( 765, schemaManager.getGlobalOidRegistry().size() );
assertEquals( 14, schemaManager.getRegistries().getLoadedSchemas().size() );
assertNotNull( schemaManager.getRegistries().getLoadedSchema( "samba" ) );