directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r157903 - in directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos: kdc/AuthenticationService.java kdc/ErrorService.java kdc/KerberosService.java kdc/TicketGrantingService.java protocol/KerberosProtocolHandler.java sam/TimestampChecker.java
Date Thu, 17 Mar 2005 05:38:45 GMT
Author: erodriguez
Date: Wed Mar 16 21:38:42 2005
New Revision: 157903

URL: http://svn.apache.org/viewcvs?view=rev&rev=157903
Log:
Import updates related to exception handling change and move to kerberos-common.

Modified:
    directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
    directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/ErrorService.java
    directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java
    directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java
    directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java
    directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/sam/TimestampChecker.java

Modified: directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
URL: http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java?view=diff&r1=157902&r2=157903
==============================================================================
--- directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
(original)
+++ directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
Wed Mar 16 21:38:42 2005
@@ -26,6 +26,8 @@
 import org.apache.kerberos.crypto.encryption.EncryptionEngine;
 import org.apache.kerberos.crypto.encryption.EncryptionEngineFactory;
 import org.apache.kerberos.crypto.encryption.EncryptionType;
+import org.apache.kerberos.exceptions.ErrorType;
+import org.apache.kerberos.exceptions.KerberosException;
 import org.apache.kerberos.io.decoder.EncryptedDataDecoder;
 import org.apache.kerberos.io.decoder.EncryptedTimestampDecoder;
 import org.apache.kerberos.io.encoder.EncAsRepPartEncoder;
@@ -92,7 +94,7 @@
 		
         if ( entry == null )
         {
-            throw KerberosException.KDC_ERR_C_PRINCIPAL_UNKNOWN;
+            throw new KerberosException( ErrorType.KDC_ERR_C_PRINCIPAL_UNKNOWN );
         }
         
         EncryptionKey clientKey = null;
@@ -107,7 +109,7 @@
 			    
 		        if ( preAuthData == null )
 		        {
-		            throw new KdcErrorPreauthRequired( preparePreAuthenticationError() );
+		            throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError()
);
 		        }
 		        
 		        EncryptedTimeStamp timestamp = null;
@@ -129,27 +131,27 @@
 			    		}
 			    		catch (KerberosException ke)
 			    		{
-			    			throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+			    			throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
 			    		}
 			    		catch (IOException ioe)
 			    		{
-			    		    throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+			    		    throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
 			    		}
 			    		catch (ClassCastException cce)
 			    		{
-			    		    throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+			    		    throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
 			    		}
 			        }
 			    }
 			    
 		        if ( timestamp == null )
 		        {
-		            throw new KdcErrorPreauthRequired( preparePreAuthenticationError() );
+		            throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError()
);
 		        }
 			    
 	    		if ( !timestamp.getTimeStamp().isInClockSkew( config.getClockSkew() ) )
 	    		{
-	    		    throw KerberosException.KDC_ERR_PREAUTH_FAILED;
+	    		    throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_FAILED );
 	    		}
 	    		
 	    		/*
@@ -167,7 +169,7 @@
 		    
 	        if ( preAuthData == null || preAuthData.length == 0 )
 	        {
-	            throw new KdcErrorPreauthRequired( preparePreAuthenticationError() );
+	            throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError()
);
 	        }
 	        
 		    try
@@ -243,7 +245,7 @@
 
         if ( serverKey == null )
         {
-            throw KerberosException.KDC_ERR_S_PRINCIPAL_UNKNOWN;
+            throw new KerberosException( ErrorType.KDC_ERR_S_PRINCIPAL_UNKNOWN );
         }
         
 		KerberosPrincipal ticketPrincipal = request.getServerPrincipal();
@@ -271,7 +273,7 @@
 				request.getKdcOptions().get(KdcOptions.FORWARDED) ||
 				request.getKdcOptions().get(KdcOptions.ENC_TKT_IN_SKEY))
 		{
-			throw KerberosException.KDC_ERR_BADOPTION;
+			throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
 		}
 		
 		newTicketBody.setSessionKey(new RandomKey().getNewSessionKey());
@@ -285,7 +287,7 @@
 		{
 			// TODO - possibly allow req.from range
 			if (!config.isPostdateAllowed())
-				throw KerberosException.KDC_ERR_POLICY;
+				throw new KerberosException( ErrorType.KDC_ERR_POLICY );
 			newTicketBody.setFlag(TicketFlags.INVALID);
 			newTicketBody.setStartTime(request.getFrom());
 		}

Modified: directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/ErrorService.java
URL: http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/ErrorService.java?view=diff&r1=157902&r2=157903
==============================================================================
--- directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/ErrorService.java
(original)
+++ directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/ErrorService.java
Wed Mar 16 21:38:42 2005
@@ -17,6 +17,7 @@
 
 package org.apache.kerberos.kdc;
 
+import org.apache.kerberos.exceptions.KerberosException;
 import org.apache.kerberos.messages.ErrorMessage;
 import org.apache.kerberos.messages.ErrorMessageModifier;
 import org.apache.kerberos.messages.value.KerberosTime;
@@ -39,7 +40,7 @@
 		
 		KerberosTime now = new KerberosTime();
 		
-		modifier.setErrorCode( exception.getOrdinal() );
+		modifier.setErrorCode( exception.getErrorCode() );
 		modifier.setExplanatoryText( exception.getMessage() );
 		modifier.setServerPrincipal( config.getKdcPrincipal() );
 		modifier.setServerTime( now );

Modified: directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java
URL: http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java?view=diff&r1=157902&r2=157903
==============================================================================
--- directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java
(original)
+++ directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java
Wed Mar 16 21:38:42 2005
@@ -31,6 +31,8 @@
 import org.apache.kerberos.crypto.encryption.EncryptionEngine;
 import org.apache.kerberos.crypto.encryption.EncryptionEngineFactory;
 import org.apache.kerberos.crypto.encryption.EncryptionType;
+import org.apache.kerberos.exceptions.ErrorType;
+import org.apache.kerberos.exceptions.KerberosException;
 import org.apache.kerberos.io.decoder.AuthenticatorDecoder;
 import org.apache.kerberos.io.decoder.EncTicketPartDecoder;
 import org.apache.kerberos.kdc.replay.InMemoryReplayCache;
@@ -100,7 +102,7 @@
 			}
 		}
 		
-		throw KerberosException.KDC_ERR_ETYPE_NOSUPP;
+		throw new KerberosException( ErrorType.KDC_ERR_ETYPE_NOSUPP );
 	}
 
     protected void verifyTicket( Ticket ticket, KerberosPrincipal serverPrincipal )
@@ -109,7 +111,7 @@
 		if ( !ticket.getRealm().equals( config.getPrimaryRealm() )
 				&& !ticket.getServerPrincipal().equals( serverPrincipal ) )
 		{
-			throw KerberosException.KRB_AP_ERR_NOT_US;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_NOT_US );
 		}
 	}
 
@@ -119,17 +121,17 @@
 	{
 		if ( authHeader.getProtocolVersionNumber() != 5 )
 		{
-			throw KerberosException.KRB_AP_ERR_BADVERSION;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_BADVERSION );
 		}
 		
 		if ( authHeader.getMessageType() != MessageType.KRB_AP_REQ )
 		{
-			throw KerberosException.KRB_AP_ERR_MSG_TYPE;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_MSG_TYPE );
 		}
 		
 		if ( authHeader.getTicket().getTicketVersionNumber() != 5 )
 		{
-			throw KerberosException.KRB_AP_ERR_BADVERSION;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_BADVERSION );
 		}
 
         KerberosPrincipal serverPrincipal = ticket.getServerPrincipal();
@@ -150,10 +152,10 @@
 			// TODO - check server key version number, skvno; requires store
 			if ( false )
 			{
-				throw KerberosException.KRB_AP_ERR_BADKEYVER;
+				throw new KerberosException( ErrorType.KRB_AP_ERR_BADKEYVER );
 			}
 
-			throw KerberosException.KRB_AP_ERR_NOKEY;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_NOKEY );
 		}
 
 		try
@@ -168,7 +170,7 @@
 		}
 		catch (KerberosException ke)
 		{
-			throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
 		}
 
 		Authenticator authenticator;
@@ -183,12 +185,12 @@
 		}
 		catch (KerberosException ke)
 		{
-			throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
 		}
 
 		if ( !authenticator.getClientPrincipal().getName().equals( ticket.getClientPrincipal().getName()
) )
 		{
-			throw KerberosException.KRB_AP_ERR_BADMATCH;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_BADMATCH );
 		}
 
 		// TODO - need to get at IP Address for sender
@@ -205,27 +207,27 @@
 
 		if( replayCache.isReplay( authenticator.getClientTime(), authenticator.getClientPrincipal()
) )
 		{
-			throw KerberosException.KRB_AP_ERR_REPEAT;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_REPEAT );
 		}
 
 		replayCache.save( authenticator.getClientTime(), authenticator.getClientPrincipal() );
 
 		if ( !authenticator.getClientTime().isInClockSkew( config.getClockSkew() ) )
 		{
-			throw KerberosException.KRB_AP_ERR_SKEW;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_SKEW );
 		}
 
 		if ( ticket.getStartTime() != null && !ticket.getStartTime().isInClockSkew( config.getClockSkew()
) ||
 				ticket.getFlag( TicketFlags.INVALID ) )
 		{
 			// it hasn't yet become valid
-            throw KerberosException.KRB_AP_ERR_TKT_NYV;
+            throw new KerberosException( ErrorType.KRB_AP_ERR_TKT_NYV );
 		}
 
 		// TODO - doesn't take into account skew
 		if ( !ticket.getEndTime().greaterThan( new KerberosTime() ) )
 		{
-            throw KerberosException.KRB_AP_ERR_TKT_EXPIRED;
+            throw new KerberosException( ErrorType.KRB_AP_ERR_TKT_EXPIRED );
 		}
 
 		authHeader.setOption( ApOptions.MUTUAL_REQUIRED );

Modified: directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java
URL: http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java?view=diff&r1=157902&r2=157903
==============================================================================
--- directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java
(original)
+++ directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java
Wed Mar 16 21:38:42 2005
@@ -30,6 +30,8 @@
 import org.apache.kerberos.crypto.encryption.EncryptionEngine;
 import org.apache.kerberos.crypto.encryption.EncryptionEngineFactory;
 import org.apache.kerberos.crypto.encryption.EncryptionType;
+import org.apache.kerberos.exceptions.ErrorType;
+import org.apache.kerberos.exceptions.KerberosException;
 import org.apache.kerberos.io.decoder.ApplicationRequestDecoder;
 import org.apache.kerberos.io.decoder.AuthorizationDataDecoder;
 import org.apache.kerberos.io.encoder.EncTgsRepPartEncoder;
@@ -103,7 +105,7 @@
 	{
 		if ( request.getPreAuthData()[0].getDataType() != PreAuthenticationDataType.PA_TGS_REQ
)
 		{
-			throw KerberosException.KDC_ERR_PADATA_TYPE_NOSUPP;
+			throw new KerberosException( ErrorType.KDC_ERR_PADATA_TYPE_NOSUPP );
 		}
 		
 		byte[] undecodedAuthHeader = request.getPreAuthData()[0].getDataValue();
@@ -119,7 +121,7 @@
 	{
 		if ( authChecksum == null )
 		{
-			throw KerberosException.KRB_AP_ERR_INAPP_CKSUM;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
 		}
 		
 		/*
@@ -152,7 +154,7 @@
 		
 		if ( !equal )
 		{
-			throw KerberosException.KRB_AP_ERR_MODIFIED;
+			throw new KerberosException( ErrorType.KRB_AP_ERR_MODIFIED );
 		}
 	}
 
@@ -177,7 +179,7 @@
 			        endif
 			endif
 			*/
-			throw KerberosException.KDC_ERR_S_PRINCIPAL_UNKNOWN;
+			throw new KerberosException( ErrorType.KDC_ERR_S_PRINCIPAL_UNKNOWN );
 		}
 		return serverKey;
 	}
@@ -222,7 +224,7 @@
 		{
 			if ( !tgt.getFlag( TicketFlags.FORWARDABLE ) )
 			{
-				throw KerberosException.KDC_ERR_BADOPTION;
+				throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
 			}
 			
 			newTicketBody.setFlag( TicketFlags.FORWARDABLE );
@@ -232,7 +234,7 @@
 		{
 			if ( !tgt.getFlag( TicketFlags.FORWARDABLE ) )
 			{
-				throw KerberosException.KDC_ERR_BADOPTION;
+				throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
 			}
 			newTicketBody.setFlag( TicketFlags.FORWARDED );
 			newTicketBody.setClientAddresses( request.getAddresses() );
@@ -248,7 +250,7 @@
 		{
 			if ( !tgt.getFlag( TicketFlags.PROXIABLE ) )
 			{
-				throw KerberosException.KDC_ERR_BADOPTION;
+				throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
 			}
 			
 			newTicketBody.setFlag( TicketFlags.PROXIABLE );
@@ -258,7 +260,7 @@
 		{
 			if ( !tgt.getFlag( TicketFlags.PROXIABLE ) )
 			{
-				throw KerberosException.KDC_ERR_BADOPTION;
+				throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
 			}
 			
 			newTicketBody.setFlag( TicketFlags.PROXY );
@@ -270,7 +272,7 @@
 		{
 			if ( !tgt.getFlag( TicketFlags.MAY_POSTDATE ) )
 			{
-				throw KerberosException.KDC_ERR_BADOPTION;
+				throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
 			}
 			
 			newTicketBody.setFlag( TicketFlags.MAY_POSTDATE );
@@ -280,7 +282,7 @@
 		{
 			if ( !tgt.getFlag( TicketFlags.MAY_POSTDATE ) )
 			{
-				throw KerberosException.KDC_ERR_BADOPTION;
+				throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
 			}
 			
 			newTicketBody.setFlag( TicketFlags.POSTDATED );
@@ -288,7 +290,7 @@
 			
 			if ( !config.isPostdateAllowed() )
 			{
-				throw KerberosException.KDC_ERR_POLICY;
+				throw new KerberosException( ErrorType.KDC_ERR_POLICY );
 			}
 			
 			newTicketBody.setStartTime( request.getFrom() );
@@ -298,12 +300,12 @@
 		{
 			if ( !tgt.getFlag( TicketFlags.INVALID ) )
 			{
-				throw KerberosException.KDC_ERR_POLICY;
+				throw new KerberosException( ErrorType.KDC_ERR_POLICY );
 			}
 			
 			if ( tgt.getStartTime().greaterThan( new KerberosTime() ) )
 			{
-				throw KerberosException.KRB_AP_ERR_TKT_NYV;
+				throw new KerberosException( ErrorType.KRB_AP_ERR_TKT_NYV );
 			}
 			
 			/*
@@ -319,7 +321,7 @@
 		if ( request.getOption( KdcOptions.RESERVED ) ||
 				request.getOption( KdcOptions.RENEWABLE_OK ) )
 		{
-				throw KerberosException.KDC_ERR_BADOPTION;
+				throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
 		}
 	}
 	
@@ -336,12 +338,12 @@
         {
 			if ( !tgt.getFlag( TicketFlags.RENEWABLE ) )
 			{
-				throw KerberosException.KDC_ERR_BADOPTION;
+				throw new KerberosException( ErrorType.KDC_ERR_BADOPTION );
 			}
 			
 			if ( tgt.getRenewTill().greaterThan( now ) )
 			{
-				throw KerberosException.KRB_AP_ERR_TKT_EXPIRED;
+				throw new KerberosException( ErrorType.KRB_AP_ERR_TKT_EXPIRED );
 			}
 
             echoTicket( newTicketBody, tgt );
@@ -445,11 +447,11 @@
 			}
 			catch (KerberosException e)
 			{
-				throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+				throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
 			}
 			catch (IOException ioe)
 			{
-				throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+				throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
 			}
 
 			AuthorizationData ticketData = tgt.getAuthorizationData();

Modified: directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java
URL: http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java?view=diff&r1=157902&r2=157903
==============================================================================
--- directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java
(original)
+++ directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java
Wed Mar 16 21:38:42 2005
@@ -19,10 +19,11 @@
 
 import java.io.IOException;
 
+import org.apache.kerberos.exceptions.ErrorType;
+import org.apache.kerberos.exceptions.KerberosException;
 import org.apache.kerberos.kdc.AuthenticationService;
 import org.apache.kerberos.kdc.ErrorService;
 import org.apache.kerberos.kdc.KdcConfiguration;
-import org.apache.kerberos.kdc.KerberosException;
 import org.apache.kerberos.kdc.TicketGrantingService;
 import org.apache.kerberos.messages.AuthenticationReply;
 import org.apache.kerberos.messages.ErrorMessage;
@@ -94,10 +95,10 @@
 		    		
 		    	case 11:
 		    	case 13:
-		    		throw KerberosException.KRB_AP_ERR_BADDIRECTION;
+		    		throw new KerberosException( ErrorType.KRB_AP_ERR_BADDIRECTION );
 		    		
 				default:
-					throw KerberosException.KRB_AP_ERR_MSG_TYPE;
+					throw new KerberosException( ErrorType.KRB_AP_ERR_MSG_TYPE );
 			}
 		}
 		catch ( KerberosException ke )

Modified: directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/sam/TimestampChecker.java
URL: http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/sam/TimestampChecker.java?view=diff&r1=157902&r2=157903
==============================================================================
--- directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/sam/TimestampChecker.java
(original)
+++ directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/sam/TimestampChecker.java
Wed Mar 16 21:38:42 2005
@@ -24,9 +24,9 @@
 import org.apache.kerberos.crypto.encryption.EncryptionEngine;
 import org.apache.kerberos.crypto.encryption.EncryptionEngineFactory;
 import org.apache.kerberos.crypto.encryption.EncryptionType;
+import org.apache.kerberos.exceptions.KerberosException;
 import org.apache.kerberos.io.decoder.EncryptedDataDecoder;
 import org.apache.kerberos.io.decoder.EncryptedTimestampDecoder;
-import org.apache.kerberos.kdc.KerberosException;
 import org.apache.kerberos.messages.value.EncryptedData;
 import org.apache.kerberos.messages.value.EncryptedTimeStamp;
 import org.apache.kerberos.messages.value.EncryptionKey;



Mime
View raw message