Return-Path: Delivered-To: apmail-incubator-directory-cvs-archive@www.apache.org Received: (qmail 49702 invoked from network); 31 Oct 2004 06:44:04 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 31 Oct 2004 06:44:04 -0000 Received: (qmail 27140 invoked by uid 500); 31 Oct 2004 06:44:03 -0000 Delivered-To: apmail-incubator-directory-cvs-archive@incubator.apache.org Received: (qmail 27099 invoked by uid 500); 31 Oct 2004 06:44:03 -0000 Mailing-List: contact directory-cvs-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: directory-dev@incubator.apache.org Delivered-To: mailing list directory-cvs@incubator.apache.org Received: (qmail 27086 invoked by uid 99); 31 Oct 2004 06:44:02 -0000 X-ASF-Spam-Status: No, hits=-10.0 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [209.237.227.194] (HELO minotaur.apache.org) (209.237.227.194) by apache.org (qpsmtpd/0.28) with SMTP; Sat, 30 Oct 2004 23:44:02 -0700 Received: (qmail 49652 invoked by uid 65534); 31 Oct 2004 06:44:01 -0000 Date: 31 Oct 2004 06:44:01 -0000 Message-ID: <20041031064401.49646.qmail@minotaur.apache.org> From: akarasulu@apache.org To: directory-cvs@incubator.apache.org Subject: svn commit: rev 56124 - in incubator/directory/eve/trunk/backend/core/src: java/org/apache/eve/jndi java/org/apache/eve/jndi/ibs test/org/apache/eve/jndi X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N Author: akarasulu Date: Sat Oct 30 23:44:00 2004 New Revision: 56124 Modified: incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/BaseInterceptor.java incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/EveContextFactory.java incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/ibs/EveExceptionService.java incubator/directory/eve/trunk/backend/core/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java Log: Changes ... o added exception handling code to put causes and root causes in EveInterceptorExceptions as the primary exception to throw on error o cleaned up EveCxtFactory o added more test cases for simple authentication Modified: incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/BaseInterceptor.java ============================================================================== --- incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/BaseInterceptor.java (original) +++ incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/BaseInterceptor.java Sat Oct 30 23:44:00 2004 @@ -89,7 +89,7 @@ * * @see Interceptor#invoke(Invocation) */ - public final void invoke( Invocation invocation ) throws NamingException + public void invoke( Invocation invocation ) throws NamingException { InvocationMethodEnum enum = invocation.getInvocationMethodEnum(); Modified: incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/EveContextFactory.java ============================================================================== --- incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/EveContextFactory.java (original) +++ incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/EveContextFactory.java Sat Oct 30 23:44:00 2004 @@ -169,19 +169,20 @@ msg += " is set using " + PRINCIPAL + " as well"; throw new ConfigurationException( msg ); } - else if ( ! initialEnv.containsKey( Context.SECURITY_PRINCIPAL ) && - initialEnv.containsKey( Context.SECURITY_AUTHENTICATION ) && - initialEnv.get( Context.SECURITY_AUTHENTICATION ).equals( "none" ) ) + else if ( ! initialEnv.containsKey( PRINCIPAL ) && + initialEnv.containsKey( TYPE ) && + initialEnv.get( TYPE ).equals( "none" ) ) { throw new ConfigurationException( "using authentication type none " + "for anonymous binds while trying to bootstrap Eve " + "- this is not allowed ONLY the admin can bootstrap" ); } - else if ( initialEnv.containsKey( Context.SECURITY_PRINCIPAL ) && - ! initialEnv.get( Context.SECURITY_PRINCIPAL ).equals( SystemPartition.ADMIN_PRINCIPAL ) ) + else if ( initialEnv.containsKey( PRINCIPAL ) && + ! initialEnv.get( PRINCIPAL ).equals( + SystemPartition.ADMIN_PRINCIPAL ) ) { throw new ConfigurationException( "user " - + initialEnv.get( Context.SECURITY_PRINCIPAL ) + + initialEnv.get( PRINCIPAL ) + " is not allowed to bootstrap the system. ONLY the " + "admin can bootstrap" ); } Modified: incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/ibs/EveExceptionService.java ============================================================================== --- incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/ibs/EveExceptionService.java (original) +++ incubator/directory/eve/trunk/backend/core/src/java/org/apache/eve/jndi/ibs/EveExceptionService.java Sat Oct 30 23:44:00 2004 @@ -26,6 +26,8 @@ import org.apache.eve.jndi.exception.EveNameAlreadyBoundException; import org.apache.eve.RootNexus; +import org.apache.eve.exception.EveInterceptorException; +import org.apache.eve.exception.EveException; /** @@ -55,6 +57,34 @@ public EveExceptionService( RootNexus nexus ) { this.nexus = nexus; + } + + + public void invoke( Invocation invocation ) throws NamingException + { + if ( invocation.getState() == InvocationStateEnum.FAILUREHANDLING ) + { + if ( invocation.getBeforeFailure() != null ) + { + Throwable t = invocation.getBeforeFailure(); + if ( t instanceof EveInterceptorException ) + { + EveInterceptorException eie = ( EveInterceptorException ) t; + + if ( eie.getRootCause() != null && ( eie instanceof EveException ) ) + { + invocation.setBeforeFailure( eie.getRootCause() ); + } + + else if ( eie.getCause() != null && ( eie instanceof EveException ) ) + { + invocation.setBeforeFailure( eie.getCause() ); + } + } + } + } + + super.invoke( invocation ); } Modified: incubator/directory/eve/trunk/backend/core/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java ============================================================================== --- incubator/directory/eve/trunk/backend/core/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java (original) +++ incubator/directory/eve/trunk/backend/core/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java Sat Oct 30 23:44:00 2004 @@ -22,10 +22,7 @@ import java.util.Hashtable; import javax.naming.directory.DirContext; import javax.naming.directory.Attributes; -import javax.naming.NamingException; -import javax.naming.Context; -import javax.naming.InitialContext; -import javax.naming.ConfigurationException; +import javax.naming.*; import javax.naming.ldap.LdapContext; import org.apache.ldap.common.util.ArrayUtils; @@ -61,8 +58,8 @@ *
  • bypasses normal setup for test3BuildDbNoNothing
    • *
  • bypasses normal setup for test5BuildDbNoPassWithPrincAuthNone
    • *
  • bypasses normal setup for test4BuildDbNoPassNoPrincAuthNone
    • - *
  • bypasses normal setup for
    • - *
  • + *
  • bypasses normal setup for test6BuildDbNoPassNotAdminPrinc
    • + *
  • bypasses normal setup for test7BuildDbNoPassNoPrincAuthNoneAnonOff
    • * * * @throws Exception @@ -81,6 +78,8 @@ if ( getName().equals( "test3BuildDbNoNothing" ) || getName().equals( "test5BuildDbNoPassWithPrincAuthNone" ) || + getName().equals( "test6BuildDbNoPassNotAdminPrinc" ) || + getName().equals( "test7BuildDbNoPassNoPrincAuthNoneAnonOff" ) || getName().equals( "test4BuildDbNoPassNoPrincAuthNone" ) ) { return; @@ -138,7 +137,8 @@ /** * Checks that we can give basically the minimal set of properties without * any security information to build and bootstrap a new system. The admin - * user is presumed and no password is used. + * user is presumed and no password is set. The admin password defaults to + * the empty byte array. * * @throws Exception if there are problems */ @@ -168,8 +168,7 @@ /** * Tests to make sure we throw an error when Context.SECURITY_AUTHENTICATION * is set to "none" when trying to bootstrap the system. Only the admin - * user is allowed to bootstrap. Subsequent calls can 'bind' (authenticate - * in our case since there is no network connection) anonymously though. + * user is allowed to bootstrap. * * @throws Exception if anything goes wrong */ @@ -211,6 +210,15 @@ } + /** + * Tests to make sure we throw an error when Context.SECURITY_AUTHENTICATION + * is set to "none" when trying to bootstrap the system even when the + * principal is set to the admin user. Only the admin user is allowed to + * bootstrap. This is a configuration issue or a nonsense set of property + * values. + * + * @throws Exception if anything goes wrong + */ public void test5BuildDbNoPassWithPrincAuthNone() throws Exception { // clean out the database @@ -228,33 +236,87 @@ catch( ConfigurationException e ) { } + } + -// // clean out the database -// doDelete( new File( "target" + File.separator + "eve" ) ); -// Hashtable env = new Hashtable(); -// env.put( Context.SECURITY_AUTHENTICATION, "none" ); -// env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" ); -// EveLdapContext ctx = ( EveLdapContext ) setSysRoot( env ); -// X500Principal principal = ctx.getPrincipal(); -// assertTrue( principal.getName().equalsIgnoreCase( SystemPartition.ADMIN_PRINCIPAL ) ); -// Attributes attributes = ctx.getAttributes( "uid=admin" ); -// assertNotNull( attributes ); -// -// // Eve has started now so we access another context w/o the wkdir -// env = new Hashtable(); -// env.put( Context.PROVIDER_URL, "ou=system" ); -// env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.eve.jndi.EveContextFactory" ); -// InitialContext initial = new InitialContext( env ); -// ctx = ( EveLdapContext ) initial.lookup( "uid=admin" ); -// assertNotNull( ctx ); -// attributes = ctx.getAttributes( "" ); -// assertNotNull( attributes ); -// -// assertTrue( attributes.get( "objectClass" ).contains( "top" ) ); -// assertTrue( attributes.get( "objectClass" ).contains( "person" ) ); -// assertTrue( attributes.get( "objectClass" ).contains( "organizationalPerson" ) ); -// assertTrue( attributes.get( "objectClass" ).contains( "inetOrgPerson" ) ); -// assertTrue( attributes.get( "userPassword" ).contains( ArrayUtils.EMPTY_BYTE_ARRAY ) ); -// assertTrue( attributes.get( "displayName" ).contains( "Directory Superuser" ) ); + /** + * Tests to make sure we throw an error when Context.SECURITY_AUTHENTICATION + * is set to "simple" when trying to bootstrap the system but the admin is + * not the principal. Only the admin user is allowed to bootstrap. + * Subsequent calls can 'bind' (authenticate in our case since there is no + * network connection) anonymously though. + * + * @throws Exception if anything goes wrong + */ + public void test6BuildDbNoPassNotAdminPrinc() throws Exception + { + // clean out the database + tearDown(); + doDelete( new File( "target" + File.separator + "eve" ) ); + Hashtable env = new Hashtable(); + env.put( Context.SECURITY_AUTHENTICATION, "simple" ); + env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" ); + + try + { + setSysRoot( env ); + fail( "should not get here due to exception" ); + } + catch( ConfigurationException e ) + { + } + } + + + /** + * Tests to make sure we throw an error when Context.SECURITY_AUTHENTICATION + * is set to "none" when trying to get a context from an already + * bootstrapped system when anonymous users are not turned on. + * + * @throws Exception if anything goes wrong + */ + public void test7BuildDbNoPassNoPrincAuthNoneAnonOff() throws Exception + { + // clean out the database + tearDown(); + doDelete( new File( "target" + File.separator + "eve" ) ); + + // ok this should start up the system now as admin + EveLdapContext ctx = ( EveLdapContext ) setSysRoot( new Hashtable() ); + assertNotNull( ctx ); + + // now go in as anonymous user and we should be rejected + Hashtable env = new Hashtable(); + env.put( Context.PROVIDER_URL, "ou=system" ); + env.put( Context.SECURITY_AUTHENTICATION, "none" ); + env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.eve.jndi.EveContextFactory" ); + + try + { + new InitialContext( env ); + fail( "should never get here due to an exception" ); + } + catch ( NoPermissionException e ) + { + } + } + + + /** + * Tests to make sure we throw an error when Context.SECURITY_AUTHENTICATION + * is set to "none" when trying to get a context from an already + * bootstrapped system when anonymous users are not turned on. + * + * @throws Exception if anything goes wrong + */ + public void test8PassPrincAuthTypeSimple() throws Exception + { + // now go in as anonymous user and we should be rejected + Hashtable env = new Hashtable(); + env.put( Context.PROVIDER_URL, "ou=system" ); + env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" ); + env.put( Context.SECURITY_CREDENTIALS, "testing" ); + env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.eve.jndi.EveContextFactory" ); + assertNotNull( new InitialContext( env ) ); } }