directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From akaras...@apache.org
Subject svn commit: rev 56286 - in incubator/directory/eve/trunk/jndi-provider/src: java/org/apache/eve/jndi/ibs test/org/apache/eve/jndi
Date Mon, 01 Nov 2004 22:13:26 GMT
Author: akarasulu
Date: Mon Nov  1 14:13:24 2004
New Revision: 56286

Modified:
   incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/ibs/AuthorizationService.java
   incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/ibs/EveExceptionService.java
   incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java
Log:
Changes ...

 o adding authorization rules caused an authentication test using the
   anonymous user to fail when it tried accessed admin user information
   we corrected this by catching the right exception
 o also found that we were throwing InterceptorException when after
   pipeline failures were resulting.  We are now catching these and 
   throwing the appropriate Eve based naming exception
 o cleaned up exception messages to quote the principal DN in case
   it is the empty string anonymous user to improve readibility
 


Modified: incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/ibs/AuthorizationService.java
==============================================================================
--- incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/ibs/AuthorizationService.java
(original)
+++ incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/ibs/AuthorizationService.java
Mon Nov  1 14:13:24 2004
@@ -224,8 +224,8 @@
 
             if ( dn == ADMIN_DN || dn.equals( ADMIN_DN ) )
             {
-                String msg = "User " + principalDn;
-                msg += " does not have permission to move or rename the admin";
+                String msg = "User '" + principalDn;
+                msg += "' does not have permission to move or rename the admin";
                 msg += " account.  No one not even the admin can move or";
                 msg += " rename " + dn + "!";
                 throw new EveNoPermissionException( msg );
@@ -233,8 +233,8 @@
 
             if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN ) && ! principalDn.equals(
ADMIN_DN ) )
             {
-                String msg = "User " + principalDn;
-                msg += " does not have permission to move or rename the user";
+                String msg = "User '" + principalDn;
+                msg += "' does not have permission to move or rename the user";
                 msg += " account: " + dn + ". Only the admin can move or";
                 msg += " rename user accounts.";
                 throw new EveNoPermissionException( msg );
@@ -287,15 +287,15 @@
             Name principalDn = ( ( EveContext ) ctx ).getPrincipal().getDn();
             if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN ) && ! principalDn.equals(
ADMIN_DN ) )
             {
-                String msg = "Access to user account " + dn + " not permitted";
-                msg += " for user " + principalDn + ".  Only the admin can";
+                String msg = "Access to user account '" + dn + "' not permitted";
+                msg += " for user '" + principalDn + "'.  Only the admin can";
                 msg += " access user account information";
                 throw new EveNoPermissionException( msg );
             }
             else if ( dn.equals( ADMIN_DN ) && ! principalDn.equals( ADMIN_DN ) )
             {
-                String msg = "Access to admin account " + dn + " not permitted";
-                msg += " for user " + principalDn + ".  Only the admin can";
+                String msg = "Access to admin account not permitted for user '";
+                msg += principalDn + "'.  Only the admin can";
                 msg += " access admin account information";
                 throw new EveNoPermissionException( msg );
             }

Modified: incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/ibs/EveExceptionService.java
==============================================================================
--- incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/ibs/EveExceptionService.java
(original)
+++ incubator/directory/eve/trunk/jndi-provider/src/java/org/apache/eve/jndi/ibs/EveExceptionService.java
Mon Nov  1 14:13:24 2004
@@ -64,9 +64,12 @@
     {
         if ( invocation.getState() == InvocationStateEnum.FAILUREHANDLING )
         {
+            Throwable t = null;
+
             if ( invocation.getBeforeFailure() != null )
             {
-                Throwable t = invocation.getBeforeFailure();
+                t = invocation.getBeforeFailure();
+
                 if ( t instanceof EveInterceptorException )
                 {
                     EveInterceptorException eie = ( EveInterceptorException ) t;
@@ -79,6 +82,25 @@
                     else if ( eie.getCause() != null && ( eie instanceof EveException
) )
                     {
                         invocation.setBeforeFailure( eie.getCause() );
+                    }
+                }
+            }
+            else if ( invocation.getAfterFailure() != null )
+            {
+                t = invocation.getAfterFailure();
+
+                if ( t instanceof EveInterceptorException )
+                {
+                    EveInterceptorException eie = ( EveInterceptorException ) t;
+
+                    if ( eie.getRootCause() != null && ( eie instanceof EveException
) )
+                    {
+                        invocation.setAfterFailure( eie.getRootCause() );
+                    }
+
+                    else if ( eie.getCause() != null && ( eie instanceof EveException
) )
+                    {
+                        invocation.setAfterFailure( eie.getCause() );
                     }
                 }
             }

Modified: incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java
==============================================================================
--- incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java
(original)
+++ incubator/directory/eve/trunk/jndi-provider/src/test/org/apache/eve/jndi/SimpleAuthenticationTest.java
Mon Nov  1 14:13:24 2004
@@ -26,6 +26,8 @@
 import javax.naming.ldap.LdapContext;
 
 import org.apache.ldap.common.util.ArrayUtils;
+import org.apache.eve.exception.EveNoPermissionException;
+import org.apache.eve.exception.EveConfigurationException;
 
 
 /**
@@ -185,7 +187,10 @@
             setSysRoot( env );
             fail( "should not get here due to exception" );
         }
-        catch( ConfigurationException e )
+        catch( EveConfigurationException e )
+        {
+        }
+        catch( EveNoPermissionException e )
         {
         }
 
@@ -200,13 +205,19 @@
         env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.eve.jndi.EveContextFactory"
);
 
         InitialContext initial = new InitialContext( env );
-        ctx = ( EveLdapContext ) initial.lookup( "uid=admin" );
-        assertNotNull( ctx );
-        Attributes attributes = ctx.getAttributes( "" );
-        assertNotNull( attributes );
 
-        performAdminAccountChecks( attributes );
-        assertTrue( attributes.get( "userPassword" ).contains( ArrayUtils.EMPTY_BYTE_ARRAY
) );
+        try
+        {
+            ctx = ( EveLdapContext ) initial.lookup( "uid=admin" );
+            fail( "should not get here due to exception cuz anonymous user is "
+                    + "not allowed read access to the admin account entry" );
+        }
+        catch( EveConfigurationException e )
+        {
+        }
+        catch( EveNoPermissionException e )
+        {
+        }
     }
 
 

Mime
View raw message