Return-Path: Delivered-To: apmail-incubator-directory-cvs-archive@www.apache.org Received: (qmail 18840 invoked from network); 1 Feb 2005 03:42:31 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur-2.apache.org with SMTP; 1 Feb 2005 03:42:31 -0000 Received: (qmail 39887 invoked by uid 500); 1 Feb 2005 03:42:30 -0000 Delivered-To: apmail-incubator-directory-cvs-archive@incubator.apache.org Received: (qmail 39843 invoked by uid 500); 1 Feb 2005 03:42:30 -0000 Mailing-List: contact directory-cvs-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: directory-dev@incubator.apache.org Delivered-To: mailing list directory-cvs@incubator.apache.org Received: (qmail 39826 invoked by uid 99); 1 Feb 2005 03:42:30 -0000 X-ASF-Spam-Status: No, hits=-9.8 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from minotaur.apache.org (HELO minotaur.apache.org) (209.237.227.194) by apache.org (qpsmtpd/0.28) with SMTP; Mon, 31 Jan 2005 19:42:29 -0800 Received: (qmail 18819 invoked by uid 65534); 1 Feb 2005 03:42:28 -0000 Message-ID: <20050201034228.18818.qmail@minotaur.apache.org> Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Mailer: svnmailer-1.0.0-dev Date: Tue, 01 Feb 2005 03:42:28 -0000 Subject: svn commit: r149364 - in incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos: kdc/store/PrincipalStoreEntry.java sam/SamException.java sam/SamSubsystem.java sam/SamType.java sam/SamVerifier.java To: directory-cvs@incubator.apache.org From: akarasulu@apache.org X-Virus-Checked: Checked X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N Author: akarasulu Date: Mon Jan 31 19:42:26 2005 New Revision: 149364 URL: http://svn.apache.org/viewcvs?view=3Drev&rev=3D149364 Log: changes ... o added SamType type safe enum for SAM provider types o modified SamVerifier to report type using enum o added SamSubsystem (will change later) to load the SamVerifier associated with the Kerberos principal store entry's SamType todos ... o still need to modify the principal store to lookup and set the user's sam type - we can use a null SamType to denote a regular user that does=20 not use a SAM Added: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamSubsystem.java incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamType.java Modified: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kd= c/store/PrincipalStoreEntry.java incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamException.java incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamVerifier.java Modified: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerbe= ros/kdc/store/PrincipalStoreEntry.java URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/= src/java/org/apache/kerberos/kdc/store/PrincipalStoreEntry.java?view=3Ddiff= &r1=3D149363&r2=3D149364 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kd= c/store/PrincipalStoreEntry.java (original) +++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/kd= c/store/PrincipalStoreEntry.java Mon Jan 31 19:42:26 2005 @@ -18,6 +18,7 @@ =20 import org.apache.kerberos.crypto.encryption.*; import org.apache.kerberos.messages.value.*; +import org.apache.kerberos.sam.SamType; =20 import javax.security.auth.kerberos.*; =20 @@ -34,6 +35,7 @@ private int _maxLife; private int _maxRenew; private int _kdcFlags; + private SamType samType =3D SamType.PA_SAM_TYPE_APACHE; private EncryptionKey _key; =09 private String _realmName; @@ -86,5 +88,10 @@ public KerberosTime getValidStart() { return _validStart; } + + public SamType getSamType() + { + return samType; + } } =20 Modified: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerbe= ros/sam/SamException.java URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/= src/java/org/apache/kerberos/sam/SamException.java?view=3Ddiff&r1=3D149363&= r2=3D149364 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamException.java (original) +++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamException.java Mon Jan 31 19:42:26 2005 @@ -26,26 +26,76 @@ */ public class SamException extends Exception { - public SamException() + /** the SAM type that caused this exception */ + private final SamType type; + + + /** + * Creates a SamException for a specific SamType. + * + * @param type the type value for the SAM algorithm associated with th= is exception + */ + public SamException( SamType type ) { super(); + + this.type =3D type; } =20 =20 - public SamException( String message ) + /** + * Creates a SamException for a specific SamType, with message. + * + * @param type the type value for the SAM algorithm associated with th= is exception + * @param message a message regarding the nature of the fault + */ + public SamException( SamType type, String message ) { super( message ); + + this.type =3D type; } =20 =20 - public SamException( Throwable cause ) + /** + * Creates a SamException for a specific SamType, with the cause resul= ted in + * this exception. + * + * @param type the type value for the SAM algorithm associated with th= is exception + * @param cause the throwable that resulted in this exception being th= rown + */ + public SamException( SamType type, Throwable cause ) { super( cause ); + + this.type =3D type; } =20 =20 - public SamException( String message, Throwable cause ) + /** + * Creates a SamException for a specific SamType, with a message and t= he + * cause that resulted in this exception. + * + * + * @param type the type value for the SAM algorithm associated with th= is exception + * @param message a message regarding the nature of the fault + * @param cause the throwable that resulted in this exception being th= rown + */ + public SamException( SamType type, String message, Throwable cause ) { super( message, cause ); + + this.type =3D type; + } + + + /** + * Gets the registered SAM algorithm type associated with this SamExce= ption. + * + * @return the type value for the SAM algorithm associated with this e= xception + */ + public SamType getSamType() + { + return this.type; } } Added: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos= /sam/SamSubsystem.java URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/= src/java/org/apache/kerberos/sam/SamSubsystem.java?view=3Dauto&rev=3D149364 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamSubsystem.java (added) +++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamSubsystem.java Mon Jan 31 19:42:26 2005 @@ -0,0 +1,92 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or impli= ed. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.kerberos.sam; + + +import org.apache.kerberos.kdc.store.PrincipalStoreEntry; + + +/** + * The Subsystem that enables the Kerberos server to use plugable Single-u= se + * Authentication mechanisms. + * + * @author Apache Di= rectory Project + * @version $Rev$ + */ +public final class SamSubsystem +{ + /** the property key base used for SAM algorithm verifiers */ + public static final String PROPKEY_BASE =3D "kerberos.sam.type."; + + + /** + * Uses the principal entry information to load the approapriate SamVe= rifier + * and verify the Single-use password. + * + * @param entry the store entry for the Kerberos principal + * @param sup the single use password value + * @return true if verification passed, false otherwise + * @throws SamException thrown when there is a failure within the veri= fier + * or a verifier cannot be found. + */ + public static boolean verify( PrincipalStoreEntry entry, String sup ) = throws SamException + { + String key =3D PROPKEY_BASE + entry.getSamType().getOrdinal(); + + if ( System.getProperties().containsKey( key ) ) + { + throw new SamException( entry.getSamType(), "Could not find pr= operty '" + key + "'" ); + } + + String fqcn =3D System.getProperty( key ); + + try + { + Class c =3D Class.forName( fqcn ); + + SamVerifier verifier =3D ( SamVerifier ) c.newInstance(); + + String user =3D entry.getPrincipal().getName(); + + return verifier.verify( user, entry.getRealmName(), sup ); + } + catch ( ClassNotFoundException e ) + { + String msg =3D "Could not find verifier class '" + fqcn; + + msg +=3D "' for SamType( " + entry.getSamType() + " ) " ; + + throw new SamException( entry.getSamType(), msg, e ); + } + catch ( IllegalAccessException e ) + { + String msg =3D "No public default constructor on class '" + fq= cn; + + msg +=3D "' for SamType( " + entry.getSamType() + " ) " ; + + throw new SamException( entry.getSamType(), msg, e ); + } + catch ( InstantiationException e ) + { + String msg =3D "Failed on default constructor invocation for c= lass '" + fqcn; + + msg +=3D "' for SamType( " + entry.getSamType() + " ) " ; + + throw new SamException( entry.getSamType(), msg, e ); + } + } +} Added: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos= /sam/SamType.java URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/= src/java/org/apache/kerberos/sam/SamType.java?view=3Dauto&rev=3D149364 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamType.java (added) +++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamType.java Mon Jan 31 19:42:26 2005 @@ -0,0 +1,140 @@ +/* + * Copyright 2005 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or impli= ed. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.kerberos.sam; + + +import java.util.List; +import java.util.Arrays; +import java.util.Collections; + + +/** + * Type safe enumeration of Single-use Authentication Mechanism types + * + * @author Apache Di= rectory Project + * @version $Rev$ + */ +public final class SamType implements Comparable +{ + /* + * Enumeration elements are constructed once upon class loading. + * Order of appearance here determines the order of compareTo. + */ + + /** safe SAM type enum for Enigma Logic */ + public static final SamType PA_SAM_TYPE_ENIGMA =3D new SamType( 1, "Enigm= a Logic" ); + + /** safe SAM type enum for Digital Pathways */ + public static final SamType PA_SAM_TYPE_DIGI_PATH =3D new SamType( 2, "Di= gital Pathways" ); + + /** safe SAM type enum for S/key where KDC has key 0 */ + public static final SamType PA_SAM_TYPE_SKEY_K0 =3D new SamType( 3, "S/ke= y where KDC has key 0" ); + + /** safe SAM type enum for Traditional S/Key */ + public static final SamType PA_SAM_TYPE_SKEY =3D new SamType( 4, "Traditi= onal S/Key" ); + + /** safe SAM type enum for Security Dynamics */ + public static final SamType PA_SAM_TYPE_SECURID =3D new SamType( 5, "Secu= rity Dynamics" ); + + /** safe SAM type enum for CRYPTOCard */ + public static final SamType PA_SAM_TYPE_CRYPTOCARD =3D new SamType( 6, "C= RYPTOCard" ); + + /** safe SAM type enum for Apache Software Foundation */ + public static final SamType PA_SAM_TYPE_APACHE =3D new SamType( 7, "Apach= e Software Foundation" ); + + /** Array for building a List of VALUES. */ + private static final SamType[] values =3D { + PA_SAM_TYPE_ENIGMA, PA_SAM_TYPE_DIGI_PATH, PA_SAM_TYPE_SKEY_K0, + PA_SAM_TYPE_SKEY, PA_SAM_TYPE_SECURID, PA_SAM_TYPE_CRYPTOCARD, + PA_SAM_TYPE_APACHE + }; + + /** a list of all the sam type constants */ + public static final List VALUES =3D Collections.unmodifiableList( Arra= ys.asList( values ) ); + + /** the name of the sam type */ + private final String name; + + /** the value/code for the sam type */ + private final int ordinal; + + + /** + * Private constructor prevents construction outside of this class. + */ + private SamType( int ordinal, String name ) + { + this.ordinal =3D ordinal; + this.name =3D name; + } + + + /** + * Returns the name of the SamType. + * + * @return the name of the SAM type + */ + public String toString() + { + return name; + } + + + /** + * Compares this type to another object hopefully one that is of the s= ame + * type. + * + * @param that the object to compare this SamType to + * @return ordinal - ( ( SamType ) that ).ordinal; + */ + public int compareTo( Object that ) + { + return ordinal - ( ( SamType ) that ).ordinal; + } + + + /** + * Gets the ordinal by its ordinal value. + * + * @param ordinal the ordinal value of the ordinal + * @return the type corresponding to the ordinal value + */ + public static SamType getTypeByOrdinal( int ordinal ) + { + for ( int ii =3D 0; ii < values.length; ii++ ) + { + if ( values[ ii ].ordinal =3D=3D ordinal ) + { + return values[ ii ]; + } + } + + return PA_SAM_TYPE_APACHE; + } + + + /** + * Gets the ordinal value associated with this SAM type. + * + * @return the ordinal value associated with this SAM type + */ + public int getOrdinal() + { + return ordinal; + } +} + Modified: incubator/directory/kerberos/trunk/core/src/java/org/apache/kerbe= ros/sam/SamVerifier.java URL: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/core/= src/java/org/apache/kerberos/sam/SamVerifier.java?view=3Ddiff&r1=3D149363&r= 2=3D149364 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D --- incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamVerifier.java (original) +++ incubator/directory/kerberos/trunk/core/src/java/org/apache/kerberos/sa= m/SamVerifier.java Mon Jan 31 19:42:26 2005 @@ -40,5 +40,5 @@ * * @return the type value for the SAM algorithm used to verify the SUP. */ - int getSamType(); + SamType getSamType(); }