directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From akaras...@apache.org
Subject svn commit: r157788 - in directory/apacheds/trunk: core/src/main/java/org/apache/ldap/server/ core/src/main/java/org/apache/ldap/server/auth/ core/src/main/java/org/apache/ldap/server/jndi/ main/
Date Wed, 16 Mar 2005 19:04:07 GMT
Author: akarasulu
Date: Wed Mar 16 11:04:02 2005
New Revision: 157788

URL: http://svn.apache.org/viewcvs?view=rev&rev=157788
Log:
changes ...

 o committed Endi's patches as is but will do some modifications and moving 
   around of things after commit - use this as point of reference.  

Here's the JIRA issue where the patch was contributed:

   http://issues.apache.org/jira/browse/DIREVE-145
 
Endi,

   You can track changes I make after this and discuss it with me on list.


Added:
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/Authenticator.java
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorConfig.java
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorContext.java
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java
Modified:
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/ContextPartitionConfig.java
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/EnvKeys.java
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/PartitionConfigBuilder.java
    directory/apacheds/trunk/main/project.xml

Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/Authenticator.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/Authenticator.java?view=auto&rev=157788
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/Authenticator.java
(added)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/Authenticator.java
Wed Mar 16 11:04:02 2005
@@ -0,0 +1,92 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server;
+
+import org.apache.ldap.server.jndi.ServerContext;
+import org.apache.ldap.server.auth.LdapPrincipal;
+
+import javax.naming.NamingException;
+
+
+/**
+ * Base class for all Authenticators.
+ *
+ * @author <a href="mailto:endisd@vergenet.com">Endi S. Dewata</a>
+ */
+public class Authenticator {
+
+    /** authenticator config */
+    public AuthenticatorConfig authenticatorConfig;
+    /** authenticator context */
+    public AuthenticatorContext authenticatorContext;
+    /** authenticator type */
+    public String type;
+
+    /**
+     * Create a new Authenticator.
+     *
+     * @param type authenticator's type
+     */
+    public Authenticator( String type )
+    {
+        this.type = type;
+    }
+
+    public AuthenticatorContext getAuthenticatorContext()
+    {
+        return authenticatorContext;
+    }
+
+    public String getType()
+    {
+        return type;
+    }
+
+    /**
+     * Called by the authenticator container to indicate that the authenticator is being
placed into service.
+     *
+     * @param authenticatorConfig
+     * @throws NamingException
+     */
+    public void init( AuthenticatorConfig authenticatorConfig ) throws NamingException
+    {
+        this.authenticatorConfig = authenticatorConfig;
+        this.authenticatorContext = authenticatorConfig.getAuthenticatorContext();
+        init();
+    }
+
+    /**
+     * A convenience method which can be overridden so that there's no need to call super.init(
authenticatorConfig ).
+     */
+    public void init() throws NamingException
+    {
+
+    }
+
+    /**
+     * Perform the authentication operation and return the authorization id if successfull.
+     *
+     * @param ctx
+     * @return the authorization id
+     * @throws NamingException
+     */
+    public LdapPrincipal authenticate( ServerContext ctx ) throws NamingException
+    {
+        return null;
+    }
+
+}
\ No newline at end of file

Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorConfig.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorConfig.java?view=auto&rev=157788
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorConfig.java
(added)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorConfig.java
Wed Mar 16 11:04:02 2005
@@ -0,0 +1,83 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server;
+
+import java.util.Enumeration;
+import java.util.Properties;
+
+/**
+ * A configuration bean for Authenticators.
+ *
+ * @author <a href="mailto:endisd@vergenet.com">Endi S. Dewata</a>
+ */
+public class AuthenticatorConfig {
+
+    private String authenticatorName;
+    private String authenticatorClass;
+    private AuthenticatorContext authenticatorContext;
+    private Properties properties = new Properties();
+
+    public String getAuthenticatorName()
+    {
+        return authenticatorName;
+    }
+
+    public void setAuthenticatorName( String authenticatorName )
+    {
+        this.authenticatorName = authenticatorName;
+    }
+
+    public String getAuthenticatorClass()
+    {
+        return authenticatorClass;
+    }
+
+    public void setAuthenticatorClass( String authenticatorClass )
+    {
+        this.authenticatorClass = authenticatorClass;
+    }
+
+    public Properties getProperties()
+    {
+        return properties;
+    }
+
+    public void setProperties( Properties properties )
+    {
+        this.properties = properties;
+    }
+
+    public String getInitParameter( String name )
+    {
+        return properties.getProperty( name );
+    }
+
+    public Enumeration getInitParameterNames()
+    {
+        return properties.keys();
+    }
+
+    public AuthenticatorContext getAuthenticatorContext()
+    {
+        return authenticatorContext;
+    }
+
+    public void setAuthenticatorContext( AuthenticatorContext authenticatorContext )
+    {
+        this.authenticatorContext = authenticatorContext;
+    }
+}

Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorContext.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorContext.java?view=auto&rev=157788
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorContext.java
(added)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorContext.java
Wed Mar 16 11:04:02 2005
@@ -0,0 +1,58 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server;
+
+/**
+ * Base class for all Authenticators.
+ *
+ * @author <a href="mailto:direct   ory-dev@incubator.apache.org">Apache Directory
Project</a>
+ * @version $Rev: 124525 $
+ */
+public class AuthenticatorContext {
+
+    /** the root nexus to all database partitions */
+    private RootNexus rootNexus;
+    /** whether or not to allow anonymous users */
+    private boolean allowAnonymous = false;
+
+    /**
+     * Create a new AuthenticatorContext.
+     */
+    public AuthenticatorContext()
+    {
+    }
+
+    public RootNexus getRootNexus()
+    {
+        return rootNexus;
+    }
+    public void setRootNexus( RootNexus rootNexus )
+    {
+        this.rootNexus = rootNexus;
+    }
+
+    public boolean getAllowAnonymous()
+    {
+        return allowAnonymous;
+    }
+
+    public void setAllowAnonymous( boolean allowAnonymous )
+    {
+        this.allowAnonymous = allowAnonymous;
+    }
+
+}
\ No newline at end of file

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/ContextPartitionConfig.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/ContextPartitionConfig.java?view=diff&r1=157787&r2=157788
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/ContextPartitionConfig.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/ContextPartitionConfig.java
Wed Mar 16 11:04:02 2005
@@ -88,7 +88,7 @@
         return partitionClass;
     }
 
-    public void setPartitionClass(String partitionClass)
+    public void setPartitionClass( String partitionClass )
     {
         this.partitionClass = partitionClass;
     }
@@ -98,7 +98,7 @@
         return properties;
     }
 
-    public void setProperties(String properties)
+    public void setProperties( String properties )
     {
         this.properties = properties;
     }

Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java?view=auto&rev=157788
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java
(added)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java
Wed Mar 16 11:04:02 2005
@@ -0,0 +1,46 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.auth;
+
+import org.apache.ldap.server.Authenticator;
+import org.apache.ldap.server.jndi.ServerContext;
+import org.apache.ldap.common.exception.LdapNoPermissionException;
+
+import javax.naming.NamingException;
+
+/**
+ * @author <a href="mailto:endisd@vergenet.com">Endi S. Dewata</a>
+ */
+public class AnonymousAuthenticator extends Authenticator {
+
+    public AnonymousAuthenticator( )
+    {
+        super( "none" );
+    }
+
+    public LdapPrincipal authenticate( ServerContext ctx ) throws NamingException
+    {
+        if ( getAuthenticatorContext().getAllowAnonymous() )
+        {
+            return LdapPrincipal.ANONYMOUS ;
+        }
+        else
+        {
+            throw new LdapNoPermissionException( "Anonymous bind NOT permitted!" );
+        }
+    }
+}

Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java?view=auto&rev=157788
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java
(added)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java
Wed Mar 16 11:04:02 2005
@@ -0,0 +1,101 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.auth;
+
+import org.apache.ldap.server.Authenticator;
+import org.apache.ldap.server.RootNexus;
+import org.apache.ldap.server.jndi.ServerContext;
+import org.apache.ldap.common.exception.LdapNameNotFoundException;
+import org.apache.ldap.common.exception.LdapAuthenticationException;
+import org.apache.ldap.common.util.ArrayUtils;
+import org.apache.ldap.common.name.LdapName;
+
+import javax.naming.Context;
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.Attribute;
+
+/**
+ * @author <a href="mailto:endisd@vergenet.com">Endi S. Dewata</a>
+ */
+public class SimpleAuthenticator extends Authenticator {
+
+    public SimpleAuthenticator( )
+    {
+        super( "simple" );
+    }
+
+    public LdapPrincipal authenticate( ServerContext ctx ) throws NamingException
+    {
+        Object creds = ctx.getEnvironment().get( Context.SECURITY_CREDENTIALS );
+
+        if ( creds == null )
+        {
+            creds = ArrayUtils.EMPTY_BYTE_ARRAY;
+        }
+        else if ( creds instanceof String )
+        {
+            creds = ( ( String ) creds ).getBytes();
+        }
+
+        // let's get the principal now
+        String principal;
+        if ( ! ctx.getEnvironment().containsKey( Context.SECURITY_PRINCIPAL ) )
+        {
+            throw new LdapAuthenticationException();
+        }
+        else
+        {
+            principal = ( String ) ctx.getEnvironment().get( Context.SECURITY_PRINCIPAL );
+            if ( principal == null )
+            {
+                throw new LdapAuthenticationException();
+            }
+        }
+
+        LdapName principalDn = new LdapName( principal );
+        RootNexus rootNexus = getAuthenticatorContext().getRootNexus();
+        Attributes userEntry = rootNexus.lookup( principalDn );
+
+        if ( userEntry == null )
+        {
+            throw new LdapNameNotFoundException();
+        }
+
+        Object userPassword;
+        Attribute userPasswordAttr = userEntry.get( "userPassword" );
+        if ( userPasswordAttr == null )
+        {
+            userPassword = ArrayUtils.EMPTY_BYTE_ARRAY;
+        }
+        else
+        {
+            userPassword = userPasswordAttr.get();
+            if ( userPassword instanceof String )
+            {
+                userPassword = ( ( String ) userPassword ).getBytes();
+            }
+        }
+
+        if ( ! ArrayUtils.isEquals( creds, userPassword ) )
+        {
+            throw new LdapAuthenticationException();
+        }
+
+        return new LdapPrincipal( principalDn );
+    }
+}

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java?view=diff&r1=157787&r2=157788
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java
Wed Mar 16 11:04:02 2005
@@ -19,19 +19,19 @@
 
 import javax.naming.Context;
 import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
 
 import org.apache.ldap.common.exception.LdapAuthenticationException;
 import org.apache.ldap.common.exception.LdapAuthenticationNotSupportedException;
-import org.apache.ldap.common.exception.LdapNameNotFoundException;
-import org.apache.ldap.common.exception.LdapNoPermissionException;
 import org.apache.ldap.common.message.ResultCodeEnum;
-import org.apache.ldap.common.name.LdapName;
-import org.apache.ldap.common.util.ArrayUtils;
-import org.apache.ldap.server.RootNexus;
+import org.apache.ldap.common.util.StringTools;
 import org.apache.ldap.server.auth.LdapPrincipal;
+import org.apache.ldap.server.Authenticator;
 
+import java.util.Map;
+import java.util.LinkedHashMap;
+import java.util.Collection;
+import java.util.ArrayList;
+import java.util.Iterator;
 
 /**
  * A service used to for authenticating users.
@@ -48,23 +48,65 @@
     /** short for Context.SECURITY_CREDENTIALS */
     private static final String CREDS = Context.SECURITY_CREDENTIALS;
 
-    /** the root nexus to all database partitions */
-    private final RootNexus nexus;
-    /** whether or not to allow anonymous users */
-    private boolean allowAnonymous = false;
+    /** authenticators **/
+    public Map authenticators = new LinkedHashMap();
 
 
     /**
      * Creates an authentication service interceptor.
+     */
+    public AuthenticationService()
+    {
+    }
+
+    /**
+     * Registers an Authenticator with this AuthenticatorService.  Called by each
+     * Authenticator implementation after it has started to register for
+     * authentication operation calls.
      *
-     * @param nexus the root nexus to access all database partitions
+     * @param authenticator Authenticator component to register with this
+     * AuthenticatorService.
      */
-    public AuthenticationService( RootNexus nexus, boolean allowAnonymous )
+    public void register( Authenticator authenticator )
     {
-        this.nexus = nexus;
-        this.allowAnonymous = allowAnonymous;
+        Collection authenticatorList = getAuthenticators( authenticator.getType() );
+        if ( authenticatorList == null )
+        {
+            authenticatorList = new ArrayList();
+            authenticators.put( authenticator.getType(), authenticatorList );
+        }
+        authenticatorList.add( authenticator );
     }
 
+    /**
+     * Unregisters an Authenticator with this AuthenticatorService.  Called for each
+     * registered Authenticator right before it is to be stopped.  This prevents
+     * protocol server requests from reaching the Backend and effectively puts
+     * the ContextPartition's naming context offline.
+     *
+     * @param authenticator Authenticator component to unregister with this
+     * AuthenticatorService.
+     */
+    public void unregister( Authenticator authenticator )
+    {
+        Collection authenticatorList = getAuthenticators( authenticator.getType() );
+        if ( authenticatorList == null )
+        {
+            return;
+        }
+        authenticatorList.remove( authenticator );
+    }
+
+    /**
+     * Gets the authenticators with a specific type.
+     *
+     * @param type the authentication type
+     * @return the authenticators with the specified type
+     */
+    public Collection getAuthenticators( String type )
+    {
+        return (Collection)authenticators.get( type );
+    }
 
     public void invoke( Invocation invocation ) throws NamingException
     {
@@ -87,117 +129,66 @@
             return;
         }
 
-        // check the kind of authentication being performed
-        if ( ctx.getEnvironment().containsKey( AUTH_TYPE ) )
-        {
-            // authentication type can be anything
+        String authList = ( String ) ctx.getEnvironment().get( AUTH_TYPE );
 
-            String auth = ( String ) ctx.getEnvironment().get( AUTH_TYPE );
-            if ( auth.equalsIgnoreCase( "none" ) )
-            {
-                doAuthNone( ctx );
-            }
-            else if ( auth.equalsIgnoreCase( "simple" ) )
+        if ( authList == null )
+        {
+            if ( ctx.getEnvironment().containsKey( CREDS ) )
             {
-                doAuthSimple( ctx );
+                // authentication type is simple here
+                authList = "simple";
             }
             else
             {
-                doAuthSasl( ctx );
+                // authentication type is anonymous
+                authList = "none";
             }
-        }
-        else if ( ctx.getEnvironment().containsKey( CREDS ) )
-        {
-            // authentication type is simple here
-            doAuthSimple( ctx );
-        }
-        else
-        {
-            // authentication type is anonymous
-            doAuthNone( ctx );
-        }
 
-        // remove creds so there is no security risk
-        ctx.removeFromEnvironment( CREDS );
-    }
-
-
-    private void doAuthSasl( ServerContext ctx ) throws NamingException
-    {
-        ctx.getEnvironment(); // shut's up idea's yellow light
-        ResultCodeEnum rc = ResultCodeEnum.AUTHMETHODNOTSUPPORTED; 
-        throw new LdapAuthenticationNotSupportedException( rc );
-    }
-
-
-    private void doAuthNone( ServerContext ctx ) throws NamingException
-    {
-        if ( allowAnonymous )
-        {
-            ctx.setPrincipal( LdapPrincipal.ANONYMOUS );
-        }
-        else
-        {
-            throw new LdapNoPermissionException( "Anonymous bind NOT permitted!" );
         }
-    }
 
+        authList = StringTools.deepTrim( authList );
+        String[] auth = authList.split( " " );
 
-    private void doAuthSimple( ServerContext ctx ) throws NamingException
-    {
-        Object creds = ctx.getEnvironment().get( CREDS );
+        Collection authenticators = null;
 
-        if ( creds == null )
-        {
-            creds = ArrayUtils.EMPTY_BYTE_ARRAY;
-        }
-        else if ( creds instanceof String )
+        // pick the first matching authenticator type
+        for ( int i=0; i<auth.length; i++)
         {
-            creds = ( ( String ) creds ).getBytes();
+            authenticators = getAuthenticators( auth[i] );
+            if ( authenticators != null ) break;
         }
 
-        // let's get the principal now
-        String principal;
-        if ( ! ctx.getEnvironment().containsKey( PRINCIPAL ) )
+        if ( authenticators == null )
         {
-            throw new LdapAuthenticationException();
+            ctx.getEnvironment(); // shut's up idea's yellow light
+            ResultCodeEnum rc = ResultCodeEnum.AUTHMETHODNOTSUPPORTED;
+            throw new LdapAuthenticationNotSupportedException( rc );
         }
-        else
+
+        // try each authenticators
+        for ( Iterator i = authenticators.iterator(); i.hasNext(); )
         {
-            principal = ( String ) ctx.getEnvironment().get( PRINCIPAL );
-            if ( principal == null )
+            try
             {
-                throw new LdapAuthenticationException();
-            }
-        }
+                Authenticator authenticator = ( Authenticator ) i.next();
 
-        LdapName principalDn = new LdapName( principal );
-        Attributes userEntry = nexus.lookup( principalDn );
-        if ( userEntry == null )
-        {
-            throw new LdapNameNotFoundException();
-        }
+                // perform the authentication
+                LdapPrincipal authorizationId = authenticator.authenticate( ctx );
 
-        Object userPassword;
-        Attribute userPasswordAttr = userEntry.get( "userPassword" );
-        if ( userPasswordAttr == null )
-        {
-            userPassword = ArrayUtils.EMPTY_BYTE_ARRAY;
-        }
-        else
-        {
-            userPassword = userPasswordAttr.get();
-            if ( userPassword instanceof String )
+                // authentication was successful
+                ctx.setPrincipal( authorizationId );
+
+                // remove creds so there is no security risk
+                ctx.removeFromEnvironment( CREDS );
+
+                return;
+            }
+            catch ( LdapAuthenticationException e )
             {
-                userPassword = ( ( String ) userPassword ).getBytes();
+                // authentication failed, try the next authenticator
             }
         }
 
-        if ( ! ArrayUtils.isEquals( creds, userPassword ) )
-        {
-            throw new LdapAuthenticationException();
-        }
-
-        ctx.setPrincipal( new LdapPrincipal( principalDn ) );
+        throw new LdapAuthenticationException();
     }
 }

Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java?view=auto&rev=157788
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java
(added)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java
Wed Mar 16 11:04:02 2005
@@ -0,0 +1,131 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.jndi;
+
+
+import java.util.Hashtable;
+import java.util.Properties;
+import java.io.FileInputStream;
+
+import org.apache.ldap.common.util.StringTools;
+import org.apache.ldap.server.AuthenticatorConfig;
+
+import javax.naming.NamingException;
+
+
+/**
+ * An authenticator configuration builder which produces AuthenticatorConfig
+ * objects from various configuration formats, namely Hashtables.
+ *
+ * @author <a href="mailto:endisd@vergenet.com">Endi S. Dewata</a>
+ */
+public class AuthenticatorConfigBuilder
+{
+    /** keep this so we do not have create empty ones over and over again */
+    private final static AuthenticatorConfig[] EMPTY = new AuthenticatorConfig[0];
+
+
+    /**
+     * Extracts properties from a Hashtable and builds a configuration bean for
+     * an Authenticator.
+     *
+     * @param authenticatorName the name of the authenticator to extract configs for
+     * @param env the Hastable containing usually JNDI environment settings
+     * @return the extracted configuration object
+     * @throws javax.naming.NamingException
+     */
+    public static AuthenticatorConfig getAuthenticatorConfig( String authenticatorName, Hashtable
env )
+            throws NamingException
+    {
+        final StringBuffer buf = new StringBuffer();
+        final AuthenticatorConfig config = new AuthenticatorConfig();
+
+        // --------------------------------------------------------------------
+        // set id for authenticator
+        // --------------------------------------------------------------------
+
+        config.setAuthenticatorName( authenticatorName );
+
+        // --------------------------------------------------------------------
+        // set authenticator class
+        // --------------------------------------------------------------------
+
+        buf.setLength( 0 );
+        buf.append( EnvKeys.AUTHENTICATOR_CLASS ).append( authenticatorName );
+        String authenticatorClass = ( String ) env.get(  buf.toString() );
+
+        if ( authenticatorClass != null )
+        {
+            config.setAuthenticatorClass( authenticatorClass );
+        }
+
+        // --------------------------------------------------------------------
+        // set authenticator properties
+        // --------------------------------------------------------------------
+
+        buf.setLength( 0 );
+        buf.append( EnvKeys.AUTHENTICATOR_PROPERTIES ).append( authenticatorName );
+        String propertiesFile = ( String ) env.get(  buf.toString() );
+
+        if ( propertiesFile != null )
+        {
+            try
+            {
+                Properties properties = config.getProperties();
+                properties.load( new FileInputStream( propertiesFile ) );
+                config.setProperties( properties );
+            }
+            catch ( Exception e )
+            {
+                throw new NamingException( e.getMessage() );
+            }
+        }
+
+        return config;
+    }
+
+
+    /**
+     * Extracts properties from a Hashtable and builds a set of configurations
+     * bean for Authenticators.
+     *
+     * @param env the Hastable containing usually JNDI environment settings
+     * @return all the extracted configuration objects configured
+     * @throws javax.naming.NamingException
+     */
+    public static AuthenticatorConfig[] getAuthenticatorConfigs( Hashtable env )
+            throws NamingException
+    {
+        String idList = ( String ) env.get( EnvKeys.AUTHENTICATORS );
+
+        // return empty array when we got nothin to work with!
+        if ( idList == null || idList.trim().length() == 0 )
+        {
+            return EMPTY;
+        }
+
+        idList = StringTools.deepTrim( idList );
+        final String[] ids = idList.split( " " );
+        final AuthenticatorConfig[] configs = new AuthenticatorConfig[ids.length];
+        for ( int ii = 0; ii < configs.length; ii++ )
+        {
+            configs[ii] = getAuthenticatorConfig( ids[ii], env );
+        }
+
+        return configs;
+    }
+}

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java?view=diff&r1=157787&r2=157788
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java
Wed Mar 16 11:04:02 2005
@@ -39,11 +39,9 @@
 import org.apache.ldap.common.schema.Normalizer;
 import org.apache.ldap.common.util.DateUtils;
 import org.apache.ldap.common.util.StringTools;
-import org.apache.ldap.server.ApplicationPartition;
-import org.apache.ldap.server.ContextPartition;
-import org.apache.ldap.server.ContextPartitionConfig;
-import org.apache.ldap.server.RootNexus;
-import org.apache.ldap.server.SystemPartition;
+import org.apache.ldap.server.*;
+import org.apache.ldap.server.auth.AnonymousAuthenticator;
+import org.apache.ldap.server.auth.SimpleAuthenticator;
 import org.apache.ldap.server.db.Database;
 import org.apache.ldap.server.db.DefaultSearchEngine;
 import org.apache.ldap.server.db.ExpressionEnumerator;
@@ -503,9 +501,64 @@
 
         boolean allowAnonymous = !initialEnv.containsKey( EnvKeys.DISABLE_ANONYMOUS );
 
-        Interceptor interceptor = new AuthenticationService( nexus, allowAnonymous );
+        AuthenticationService authenticationService = new AuthenticationService();
 
-        provider.addInterceptor( interceptor, state );
+        // create authenticator context
+        AuthenticatorContext authenticatorContext = new AuthenticatorContext();
+        authenticatorContext.setRootNexus( nexus );
+        authenticatorContext.setAllowAnonymous( allowAnonymous );
+
+        try // initialize default authenticators
+        {
+            // create anonymous authenticator
+            AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig();
+            authenticatorConfig.setAuthenticatorName( "none" );
+            authenticatorConfig.setAuthenticatorContext( authenticatorContext );
+
+            Authenticator authenticator = new AnonymousAuthenticator();
+            authenticator.init( authenticatorConfig );
+            authenticationService.register( authenticator );
+
+            // create simple authenticator
+            authenticatorConfig = new AuthenticatorConfig();
+            authenticatorConfig.setAuthenticatorName( "simple" );
+            authenticatorConfig.setAuthenticatorContext( authenticatorContext );
+
+            authenticator = new SimpleAuthenticator();
+            authenticator.init( authenticatorConfig );
+            authenticationService.register( authenticator );
+        }
+        catch ( Exception e )
+        {
+            throw new NamingException( e.getMessage() );
+        }
+
+        AuthenticatorConfig[] configs = null;
+        configs = AuthenticatorConfigBuilder
+                .getAuthenticatorConfigs( initialEnv );
+
+        for ( int ii = 0; ii < configs.length; ii++ )
+        {
+            try
+            {
+                configs[ii].setAuthenticatorContext( authenticatorContext );
+
+                String authenticatorClass = configs[ii].getAuthenticatorClass();
+                Class clazz = Class.forName( authenticatorClass );
+                Constructor constructor = clazz.getConstructor( new Class[] { } );
+
+                Authenticator authenticator = ( Authenticator ) constructor.newInstance(
new Object[] { } );
+                authenticator.init( configs[ii] );
+
+                authenticationService.register( authenticator );
+            }
+            catch ( Exception e )
+            {
+                e.printStackTrace();
+            }
+        }
+
+        provider.addInterceptor( authenticationService, state );
 
         /*
          * Create and add the Eve Exception service interceptor to both the
@@ -515,7 +568,7 @@
 
         FilterService filterService = new FilterServiceImpl();
 
-        interceptor = ( Interceptor ) filterService;
+        Interceptor interceptor = ( Interceptor ) filterService;
 
         provider.addInterceptor( interceptor, state );
 

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/EnvKeys.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/EnvKeys.java?view=diff&r1=157787&r2=157788
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/EnvKeys.java (original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/EnvKeys.java Wed
Mar 16 11:04:02 2005
@@ -45,6 +45,12 @@
     public static final String SCHEMAS = "server.schemas";
     /** bootstrap prop: if key is present it enables anonymous users */
     public static final String DISABLE_ANONYMOUS = "server.disable.anonymous";
+    /** a comma separated list of authenticator names */
+    public static final String AUTHENTICATORS = "server.authenticators";
+    /** the envprop key base to the authenticator implementation class */
+    public static final String AUTHENTICATOR_CLASS = "server.authenticator.class.";
+    /** the envprop key base to the properties of an authenticator */
+    public static final String AUTHENTICATOR_PROPERTIES = "server.authenticator.properties.";
 
 
     // ------------------------------------------------------------------------
@@ -71,7 +77,7 @@
     /** the envprop key base to the implementation of a partition */
     public static final String PARTITION_CLASS = "server.db.partition.class.";
     /** the envprop key base to the properties of a partition */
-    public static final String PROPERTIES = "server.db.partition.properties.";
+    public static final String PARTITION_PROPERTIES = "server.db.partition.properties.";
     /** the envprop key base to the space separated list of indices for a partition */
     public static final String INDICES = "server.db.partition.indices.";
     /** the envprop key base to the Attributes for the context nexus entry */

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/PartitionConfigBuilder.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/PartitionConfigBuilder.java?view=diff&r1=157787&r2=157788
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/PartitionConfigBuilder.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/PartitionConfigBuilder.java
Wed Mar 16 11:04:02 2005
@@ -93,7 +93,7 @@
         // --------------------------------------------------------------------
 
         buf.setLength( 0 );
-        buf.append( EnvKeys.PROPERTIES ).append( id );
+        buf.append( EnvKeys.PARTITION_PROPERTIES ).append( id );
         String properties = ( String ) env.get(  buf.toString() );
 
         if ( properties != null )

Modified: directory/apacheds/trunk/main/project.xml
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/main/project.xml?view=diff&r1=157787&r2=157788
==============================================================================
--- directory/apacheds/trunk/main/project.xml (original)
+++ directory/apacheds/trunk/main/project.xml Wed Mar 16 11:04:02 2005
@@ -88,8 +88,8 @@
       <version>0.9-SNAPSHOT</version>
     </dependency>
     <dependency>
-      <groupId>directory</groupId>
-      <artifactId>apacheds-protocol</artifactId>
+      <groupId>directory-protocols</groupId>
+      <artifactId>ldap-protocol</artifactId>
       <version>0.9-SNAPSHOT</version>
     </dependency>
     <dependency>



Mime
View raw message