directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r157907 - in directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store: ChangePasswordActionImpl.java SearchBaseFactory.java SearchBaseNormalizer.java
Date Thu, 17 Mar 2005 06:03:41 GMT
Author: erodriguez
Date: Wed Mar 16 22:03:39 2005
New Revision: 157907

URL: http://svn.apache.org/viewcvs?view=rev&rev=157907
Log:
More store consolidation.

Added:
    directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/ChangePasswordActionImpl.java
    directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseFactory.java
    directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseNormalizer.java

Added: directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/ChangePasswordActionImpl.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/ChangePasswordActionImpl.java?view=auto&rev=157907
==============================================================================
--- directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/ChangePasswordActionImpl.java
(added)
+++ directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/ChangePasswordActionImpl.java
Wed Mar 16 22:03:39 2005
@@ -0,0 +1,107 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.store;
+
+import javax.naming.Name;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.ModificationItem;
+import javax.naming.directory.SearchResult;
+import javax.naming.ldap.LdapContext;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+/**
+ * Encapsulates the action of changing a principal's password in an embedded ApacheDS DIT.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$
+ */
+public class ChangePasswordActionImpl implements PasswordStore
+{
+    /** a handle on the top initial context: get new context from this */
+    protected LdapContext ctx;
+    /** the search base relative to provider URL to use for reading entries */
+    protected Name searchBaseDn;
+    
+    /**
+     * Creates the action to be used against the embedded ApacheDS DIT.
+     */
+    public ChangePasswordActionImpl( LdapContext ctx, Name searchBaseDn )
+    {
+        this.ctx = ctx;
+        this.searchBaseDn = searchBaseDn;
+    }
+    
+    public String changePassword( KerberosPrincipal principal, byte[] key )
+	{
+        if ( principal == null )
+        {
+            return null;
+        }
+	    
+	    ModificationItem[] mods = new ModificationItem[ 1 ];
+	    Attribute newKeyAttribute = new BasicAttribute( "krb5key", key );
+		mods[0] = new ModificationItem( DirContext.REPLACE_ATTRIBUTE, newKeyAttribute );
+		
+		String dn = null;
+		
+		try
+		{
+		    System.out.println( "Searching for " + principal );
+		    dn = search( principal.getName() );
+		    System.out.println( "Modifying dn " + dn );
+		    Name base = SearchBaseNormalizer.getName( dn, ctx );
+		    ctx.modifyAttributes( base, mods );
+		}
+		catch (NamingException e)
+		{
+			e.printStackTrace();
+		}
+		
+		return dn;
+	}
+    
+	private String search( String principal ) throws NamingException
+	{
+		String[] attrIDs = { KerberosAttribute.PRINCIPAL, KerberosAttribute.VERSION,
+		        KerberosAttribute.TYPE, KerberosAttribute.KEY };
+
+		Attributes matchAttrs = new BasicAttributes(false); // case-sensitive
+		matchAttrs.put( new BasicAttribute( KerberosAttribute.PRINCIPAL, principal ) );
+		
+		// Search for objects that have those matching attributes
+		NamingEnumeration answer = ctx.search( "ou=Users", matchAttrs, attrIDs );
+		
+		if ( answer.hasMore() )
+		{
+			SearchResult sr = (SearchResult) answer.next();
+			if (sr != null)
+			{
+				return sr.getName();
+			}
+		}
+		
+		return null;
+	}
+}
+

Added: directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseFactory.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseFactory.java?view=auto&rev=157907
==============================================================================
--- directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseFactory.java
(added)
+++ directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseFactory.java
Wed Mar 16 22:03:39 2005
@@ -0,0 +1,80 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.store;
+
+import java.util.Hashtable;
+
+import javax.naming.Context;
+import javax.naming.Name;
+import javax.naming.NamingException;
+import javax.naming.ldap.LdapContext;
+
+import org.apache.ldap.common.name.LdapName;
+import org.apache.ldap.common.util.NestableRuntimeException;
+
+
+public class SearchBaseFactory
+{
+    /**
+     * The key of the property specifying where Kerberos users are stored.  If this
+     * property is not set the store defaults to performing a subtree search
+     * from the DN in the {@link Context#PROVIDER_URL}. If it is present a more
+     * efficient search is conducted on the more specific DN.
+     */
+    public static final String KDC_ENTRY_BASEDN_KEY = "kdc.entry.basedn";
+    
+    
+    public static Name getName( Hashtable env, LdapContext ctx )
+    {
+        Name searchBaseDn = null;
+        
+        // get the search base if it has been set ------------------------------
+        if ( env.containsKey( KDC_ENTRY_BASEDN_KEY ) )
+        {
+            try
+            {
+                LdapName ctxRoot = new LdapName( ctx.getNameInNamespace() );
+
+                searchBaseDn = new LdapName( ( String ) env.get( KDC_ENTRY_BASEDN_KEY ) );
+                
+                if ( searchBaseDn.startsWith( ctxRoot ) )
+                {
+                    for ( int ii = 0; ii < ctxRoot.size(); ii++ )
+                    {
+                        searchBaseDn.remove( 0 );
+                    }
+                }
+                else
+                {
+                    String msg = "Failed to create initial context for ApacheDS provider";
+                    
+                    throw new IllegalArgumentException( msg );
+                }
+            }
+            catch ( NamingException e )
+            {
+                String msg = "Failed to find search base for ApacheDS store";
+                
+                throw new NestableRuntimeException( msg, e );
+            }
+        }
+        
+        return searchBaseDn;
+    }
+}
+

Added: directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseNormalizer.java
URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseNormalizer.java?view=auto&rev=157907
==============================================================================
--- directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseNormalizer.java
(added)
+++ directory/shared/kerberos/trunk/common/src/java/org/apache/kerberos/store/SearchBaseNormalizer.java
Wed Mar 16 22:03:39 2005
@@ -0,0 +1,64 @@
+/*
+ *   Copyright 2005 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.store;
+
+import javax.naming.Name;
+import javax.naming.NamingException;
+import javax.naming.ldap.LdapContext;
+
+import org.apache.ldap.common.name.LdapName;
+import org.apache.ldap.common.util.NestableRuntimeException;
+
+
+public class SearchBaseNormalizer
+{
+    public static Name getName( String baseDn, LdapContext ctx )
+    {
+        Name searchBaseDn = null;
+        
+        try
+        {
+            LdapName ctxRoot = new LdapName( ctx.getNameInNamespace() );
+
+            searchBaseDn = new LdapName( baseDn );
+            
+            if ( searchBaseDn.startsWith( ctxRoot ) )
+            {
+                for ( int ii = 0; ii < ctxRoot.size(); ii++ )
+                {
+                    searchBaseDn.remove( 0 );
+                }
+            }
+            else
+            {
+                String msg = "Failed to create initial context for ApacheDS provider";
+                
+                throw new IllegalArgumentException( msg );
+            }
+        }
+        catch ( NamingException e )
+        {
+            String msg = "Failed to find search base for ApacheDS store";
+            
+            throw new NestableRuntimeException( msg, e );
+        }
+        
+        return searchBaseDn;
+    }
+}
+



Mime
View raw message