directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From akaras...@apache.org
Subject svn commit: r289918 - in /directory/apacheds/trunk: core/src/main/java/org/apache/ldap/server/authz/ core/src/main/java/org/apache/ldap/server/configuration/ main/
Date Sun, 18 Sep 2005 13:59:10 GMT
Author: akarasulu
Date: Sun Sep 18 06:59:04 2005
New Revision: 289918

URL: http://svn.apache.org/viewcvs?rev=289918&view=rev
Log:
changes ...

 o moved the original hardcoded Authz interceptor to OldAuth...
 o created new Authz interceptor for ACI based access control
 o modified startup default configuration and server.xml config to include 
   both interceptors until the new one is completed and can replace the
   hardcoded rules of the old one with ACIs so tests do not fail

Added:
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authz/OldAuthorizationService.java
  (with props)
Modified:
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authz/AuthorizationService.java
    directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/configuration/StartupConfiguration.java
    directory/apacheds/trunk/main/server.xml

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authz/AuthorizationService.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authz/AuthorizationService.java?rev=289918&r1=289917&r2=289918&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authz/AuthorizationService.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authz/AuthorizationService.java
Sun Sep 18 06:59:04 2005
@@ -17,431 +17,15 @@
 package org.apache.ldap.server.authz;
 
 
-import java.util.Map;
-
-import javax.naming.Name;
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.NoPermissionException;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.ModificationItem;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
-import javax.naming.ldap.LdapContext;
-
-import org.apache.ldap.common.exception.LdapNoPermissionException;
-import org.apache.ldap.common.filter.ExprNode;
-import org.apache.ldap.common.name.DnParser;
-import org.apache.ldap.server.configuration.InterceptorConfiguration;
-import org.apache.ldap.server.enumeration.SearchResultFilteringEnumeration;
-import org.apache.ldap.server.enumeration.SearchResultFilter;
 import org.apache.ldap.server.interceptor.BaseInterceptor;
-import org.apache.ldap.server.interceptor.Interceptor;
-import org.apache.ldap.server.interceptor.NextInterceptor;
-import org.apache.ldap.server.invocation.InvocationStack;
-import org.apache.ldap.server.jndi.ContextFactoryConfiguration;
-import org.apache.ldap.server.jndi.ServerContext;
-import org.apache.ldap.server.partition.ContextPartitionNexus;
-import org.apache.ldap.server.schema.AttributeTypeRegistry;
-import org.apache.ldap.server.schema.ConcreteNameComponentNormalizer;
 
 
 /**
- * An {@link Interceptor} that controls access to {@link ContextPartitionNexus}.
- * If a user tries to perform any operations that requires
- * permission he or she doesn't have, {@link NoPermissionException} will be
- * thrown and therefore the current invocation chain will terminate.
+ * An ACI based authorization service.
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
+ * @version $Rev$
  */
 public class AuthorizationService extends BaseInterceptor
 {
-    /**
-     * the administrator's distinguished {@link Name}
-     */
-    private static final Name ADMIN_DN = ContextPartitionNexus.getAdminName();
-
-    /**
-     * the base distinguished {@link Name} for all users
-     */
-    private static final Name USER_BASE_DN = ContextPartitionNexus.getUsersBaseName();
-
-    /**
-     * the base distinguished {@link Name} for all groups
-     */
-    private static final Name GROUP_BASE_DN = ContextPartitionNexus.getGroupsBaseName();
-
-    /**
-     * the name parser used by this service
-     */
-    private DnParser dnParser;
-
-
-    /**
-     * Creates a new instance.
-     */
-    public AuthorizationService()
-    {
-    }
-
-
-    public void init( ContextFactoryConfiguration factoryCfg, InterceptorConfiguration cfg
) throws NamingException
-    {
-        AttributeTypeRegistry atr = factoryCfg.getGlobalRegistries().getAttributeTypeRegistry();
-        dnParser = new DnParser( new ConcreteNameComponentNormalizer( atr ) );
-    }
-
-
-    // Note:
-    //    Lookup, search and list operations need to be handled using a filter
-    // and so we need access to the filter service.
-
-    public void delete( NextInterceptor nextInterceptor, Name name ) throws NamingException
-    {
-        Name principalDn = getPrincipal().getJndiName();
-
-        if ( name.toString().equals( "" ) )
-        {
-            String msg = "The rootDSE cannot be deleted!";
-            throw new LdapNoPermissionException( msg );
-        }
-
-        if ( name == ADMIN_DN || name.equals( ADMIN_DN ) )
-        {
-            String msg = "User " + principalDn;
-            msg += " does not have permission to delete the admin account.";
-            msg += " No one not even the admin can delete this account!";
-            throw new LdapNoPermissionException( msg );
-        }
-
-        if ( name.size() > 2 && name.startsWith( USER_BASE_DN )
-                && !principalDn.equals( ADMIN_DN ) )
-        {
-            String msg = "User " + principalDn;
-            msg += " does not have permission to delete the user account: ";
-            msg += name + ". Only the admin can delete user accounts.";
-            throw new LdapNoPermissionException( msg );
-        }
-
-        if ( name.size() > 2 && name.startsWith( GROUP_BASE_DN )
-                && !principalDn.equals( ADMIN_DN ) )
-        {
-            String msg = "User " + principalDn;
-            msg += " does not have permission to delete the group entry: ";
-            msg += name + ". Only the admin can delete groups.";
-            throw new LdapNoPermissionException( msg );
-        }
-
-        nextInterceptor.delete( name );
-    }
-
-
-    /**
-     * Note that we do nothing here. First because this is not an externally
-     * exposed function via the JNDI interfaces.  It is used internally by
-     * the provider for optimization purposes so there is no reason for us to
-     * start to constrain it.
-     */
-    public boolean hasEntry( NextInterceptor nextInterceptor, Name name ) throws NamingException
-    {
-        return super.hasEntry( nextInterceptor, name );
-    }
-
-
-    // ------------------------------------------------------------------------
-    // Entry Modification Operations
-    // ------------------------------------------------------------------------
-
-
-    /**
-     * This policy needs to be really tight too because some attributes may take
-     * part in giving the user permissions to protected resources.  We do not want
-     * users to self access these resources.  As far as we're concerned no one but
-     * the admin needs access.
-     */
-    public void modify( NextInterceptor nextInterceptor, Name name, int modOp, Attributes
attrs ) throws NamingException
-    {
-        protectModifyAlterations( name );
-        nextInterceptor.modify( name, modOp, attrs );
-    }
-
-
-    /**
-     * This policy needs to be really tight too because some attributes may take part
-     * in giving the user permissions to protected resources.  We do not want users to
-     * self access these resources.  As far as we're concerned no one but the admin
-     * needs access.
-     */
-    public void modify( NextInterceptor nextInterceptor, Name name, ModificationItem[] items
) throws NamingException
-    {
-        protectModifyAlterations( name );
-        nextInterceptor.modify( name, items );
-    }
-
-
-    private void protectModifyAlterations( Name dn ) throws LdapNoPermissionException
-    {
-        Name principalDn = getPrincipal().getJndiName();
-
-        if ( dn.toString().equals( "" ) )
-        {
-            String msg = "The rootDSE cannot be modified!";
-            throw new LdapNoPermissionException( msg );
-        }
-
-        if ( !principalDn.equals( ADMIN_DN ) )
-        {
-            if ( dn == ADMIN_DN || dn.equals( ADMIN_DN ) )
-            {
-                String msg = "User " + principalDn;
-                msg += " does not have permission to modify the admin account.";
-                throw new LdapNoPermissionException( msg );
-            }
-
-            if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN ) )
-            {
-                String msg = "User " + principalDn;
-                msg += " does not have permission to modify the account of the";
-                msg += " user " + dn + ".\nEven the owner of an account cannot";
-                msg += " modify it.\nUser accounts can only be modified by the";
-                msg += " administrator.";
-                throw new LdapNoPermissionException( msg );
-            }
-
-            if ( dn.size() > 2 && dn.startsWith( GROUP_BASE_DN ) )
-            {
-                String msg = "User " + principalDn;
-                msg += " does not have permission to modify the group entry ";
-                msg += dn + ".\nGroups can only be modified by the admin.";
-                throw new LdapNoPermissionException( msg );
-            }
-        }
-    }
-
-
-    // ------------------------------------------------------------------------
-    // DN altering operations are a no no for any user entry.  Basically here
-    // are the rules of conduct to follow:
-    //
-    //  o No user should have the ability to move or rename their entry
-    //  o Only the administrator can move or rename non-admin user entries
-    //  o The administrator entry cannot be moved or renamed by anyone
-    // ------------------------------------------------------------------------
-
-
-    public void modifyRn( NextInterceptor nextInterceptor, Name name, String newRn, boolean
deleteOldRn ) throws NamingException
-    {
-        protectDnAlterations( name );
-        nextInterceptor.modifyRn( name, newRn, deleteOldRn );
-    }
-
-
-    public void move( NextInterceptor nextInterceptor, Name oriChildName, Name newParentName
) throws NamingException
-    {
-        protectDnAlterations( oriChildName );
-        nextInterceptor.move( oriChildName, newParentName );
-    }
-
-
-    public void move( NextInterceptor nextInterceptor,
-            Name oriChildName, Name newParentName, String newRn,
-            boolean deleteOldRn ) throws NamingException
-    {
-        protectDnAlterations( oriChildName );
-        nextInterceptor.move( oriChildName, newParentName, newRn, deleteOldRn );
-    }
-
-
-    private void protectDnAlterations( Name dn ) throws LdapNoPermissionException
-    {
-        Name principalDn = getPrincipal().getJndiName();
-
-        if ( dn.toString().equals( "" ) )
-        {
-            String msg = "The rootDSE cannot be moved or renamed!";
-            throw new LdapNoPermissionException( msg );
-        }
-
-        if ( dn == ADMIN_DN || dn.equals( ADMIN_DN ) )
-        {
-            String msg = "User '" + principalDn;
-            msg += "' does not have permission to move or rename the admin";
-            msg += " account.  No one not even the admin can move or";
-            msg += " rename " + dn + "!";
-            throw new LdapNoPermissionException( msg );
-        }
-
-        if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN ) && !principalDn.equals(
ADMIN_DN ) )
-        {
-            String msg = "User '" + principalDn;
-            msg += "' does not have permission to move or rename the user";
-            msg += " account: " + dn + ". Only the admin can move or";
-            msg += " rename user accounts.";
-            throw new LdapNoPermissionException( msg );
-        }
-
-        if ( dn.size() > 2 && dn.startsWith( GROUP_BASE_DN ) && !principalDn.equals(
ADMIN_DN ) )
-        {
-            String msg = "User " + principalDn;
-            msg += " does not have permission to move or rename the group entry ";
-            msg += dn + ".\nGroups can only be moved or renamed by the admin.";
-            throw new LdapNoPermissionException( msg );
-        }
-    }
-
-
-    public Attributes lookup( NextInterceptor nextInterceptor, Name name ) throws NamingException
-    {
-        Attributes attributes = nextInterceptor.lookup( name );
-        if ( attributes == null )
-        {
-            return null;
-        }
-
-        protectLookUp( name );
-        return attributes;
-    }
-
-
-    public Attributes lookup( NextInterceptor nextInterceptor, Name name, String[] attrIds
) throws NamingException
-    {
-        Attributes attributes = nextInterceptor.lookup( name, attrIds );
-        if ( attributes == null )
-        {
-            return null;
-        }
-
-        protectLookUp( name );
-        return attributes;
-    }
-
-
-    private void protectLookUp( Name dn ) throws NamingException
-    {
-        LdapContext ctx =
-            ( LdapContext ) InvocationStack.getInstance().peek().getCaller();
-        Name principalDn = ( ( ServerContext ) ctx ).getPrincipal().getJndiName();
-
-        if ( !principalDn.equals( ADMIN_DN ) )
-        {
-            if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN ) )
-            {
-                // allow for self reads
-                if ( dn.toString().equals( principalDn.toString() ) )
-                {
-                    return;
-                }
-
-                String msg = "Access to user account '" + dn + "' not permitted";
-                msg += " for user '" + principalDn + "'.  Only the admin can";
-                msg += " access user account information";
-                throw new LdapNoPermissionException( msg );
-            }
-
-            if ( dn.size() > 2 && dn.startsWith( GROUP_BASE_DN ) )
-            {
-                // allow for self reads
-                if ( dn.toString().equals( principalDn.toString() ) )
-                {
-                    return;
-                }
-
-                String msg = "Access to group '" + dn + "' not permitted";
-                msg += " for user '" + principalDn + "'.  Only the admin can";
-                msg += " access group information";
-                throw new LdapNoPermissionException( msg );
-            }
-
-            if ( dn.equals( ADMIN_DN ) )
-            {
-                // allow for self reads
-                if ( dn.toString().equals( principalDn.toString() ) )
-                {
-                    return;
-                }
-
-                String msg = "Access to admin account not permitted for user '";
-                msg += principalDn + "'.  Only the admin can";
-                msg += " access admin account information";
-                throw new LdapNoPermissionException( msg );
-            }
-        }
-    }
-
-
-    public NamingEnumeration search( NextInterceptor nextInterceptor,
-            Name base, Map env, ExprNode filter,
-            SearchControls searchCtls ) throws NamingException
-    {
-        NamingEnumeration e = nextInterceptor.search( base, env, filter, searchCtls );
-        //if ( searchCtls.getReturningAttributes() != null )
-        //{
-        //    return null;
-        //}
-        
-        LdapContext ctx =
-            ( LdapContext ) InvocationStack.getInstance().peek().getCaller();
-        return new SearchResultFilteringEnumeration( e, searchCtls, ctx,
-                new SearchResultFilter()
-                {
-                    public boolean accept( LdapContext ctx, SearchResult result,
-                                           SearchControls controls )
-                            throws NamingException
-                    {
-                        return AuthorizationService.this.isSearchable( ctx, result );
-                    }
-                } );
-    }
-
-
-    public NamingEnumeration list( NextInterceptor nextInterceptor, Name base ) throws NamingException
-    {
-        NamingEnumeration e = nextInterceptor.list( base );
-        LdapContext ctx =
-            ( LdapContext ) InvocationStack.getInstance().peek().getCaller();
-        
-        return new SearchResultFilteringEnumeration( e, null, ctx,
-            new SearchResultFilter()
-            {
-                public boolean accept( LdapContext ctx, SearchResult result,
-                                       SearchControls controls )
-                        throws NamingException
-                {
-                    return AuthorizationService.this.isSearchable( ctx, result );
-                }
-            } );
-    }
-
-
-    private boolean isSearchable( LdapContext ctx, SearchResult result )
-            throws NamingException
-    {
-        Name dn;
-
-        synchronized ( dnParser )
-        {
-            dn = dnParser.parse( result.getName() );
-        }
-
-        Name principalDn = ( ( ServerContext ) ctx ).getPrincipal().getJndiName();
-        if ( !principalDn.equals( ADMIN_DN ) )
-        {
-            if ( dn.size() > 2 )
-            {
-                if ( dn.startsWith( USER_BASE_DN ) || dn.startsWith( GROUP_BASE_DN ) )
-                {
-                    return false;
-                }
-            }
-
-            if ( dn.equals( ADMIN_DN ) )
-            {
-                return false;
-            }
-
-        }
-
-        return true;
-    }
 }

Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authz/OldAuthorizationService.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authz/OldAuthorizationService.java?rev=289918&view=auto
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authz/OldAuthorizationService.java
(added)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authz/OldAuthorizationService.java
Sun Sep 18 06:59:04 2005
@@ -0,0 +1,447 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.ldap.server.authz;
+
+
+import java.util.Map;
+
+import javax.naming.Name;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.NoPermissionException;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.ModificationItem;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.naming.ldap.LdapContext;
+
+import org.apache.ldap.common.exception.LdapNoPermissionException;
+import org.apache.ldap.common.filter.ExprNode;
+import org.apache.ldap.common.name.DnParser;
+import org.apache.ldap.server.configuration.InterceptorConfiguration;
+import org.apache.ldap.server.enumeration.SearchResultFilteringEnumeration;
+import org.apache.ldap.server.enumeration.SearchResultFilter;
+import org.apache.ldap.server.interceptor.BaseInterceptor;
+import org.apache.ldap.server.interceptor.Interceptor;
+import org.apache.ldap.server.interceptor.NextInterceptor;
+import org.apache.ldap.server.invocation.InvocationStack;
+import org.apache.ldap.server.jndi.ContextFactoryConfiguration;
+import org.apache.ldap.server.jndi.ServerContext;
+import org.apache.ldap.server.partition.ContextPartitionNexus;
+import org.apache.ldap.server.schema.AttributeTypeRegistry;
+import org.apache.ldap.server.schema.ConcreteNameComponentNormalizer;
+
+
+/**
+ * An {@link Interceptor} that controls access to {@link ContextPartitionNexus}.
+ * If a user tries to perform any operations that requires
+ * permission he or she doesn't have, {@link NoPermissionException} will be
+ * thrown and therefore the current invocation chain will terminate.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 201550 $, $Date: 2005-06-23 23:08:31 -0400 (Thu, 23 Jun 2005) $
+ */
+public class OldAuthorizationService extends BaseInterceptor
+{
+    /**
+     * the administrator's distinguished {@link Name}
+     */
+    private static final Name ADMIN_DN = ContextPartitionNexus.getAdminName();
+
+    /**
+     * the base distinguished {@link Name} for all users
+     */
+    private static final Name USER_BASE_DN = ContextPartitionNexus.getUsersBaseName();
+
+    /**
+     * the base distinguished {@link Name} for all groups
+     */
+    private static final Name GROUP_BASE_DN = ContextPartitionNexus.getGroupsBaseName();
+
+    /**
+     * the name parser used by this service
+     */
+    private DnParser dnParser;
+
+
+    /**
+     * Creates a new instance.
+     */
+    public OldAuthorizationService()
+    {
+    }
+
+
+    public void init( ContextFactoryConfiguration factoryCfg, InterceptorConfiguration cfg
) throws NamingException
+    {
+        AttributeTypeRegistry atr = factoryCfg.getGlobalRegistries().getAttributeTypeRegistry();
+        dnParser = new DnParser( new ConcreteNameComponentNormalizer( atr ) );
+    }
+
+
+    // Note:
+    //    Lookup, search and list operations need to be handled using a filter
+    // and so we need access to the filter service.
+
+    public void delete( NextInterceptor nextInterceptor, Name name ) throws NamingException
+    {
+        Name principalDn = getPrincipal().getJndiName();
+
+        if ( name.toString().equals( "" ) )
+        {
+            String msg = "The rootDSE cannot be deleted!";
+            throw new LdapNoPermissionException( msg );
+        }
+
+        if ( name == ADMIN_DN || name.equals( ADMIN_DN ) )
+        {
+            String msg = "User " + principalDn;
+            msg += " does not have permission to delete the admin account.";
+            msg += " No one not even the admin can delete this account!";
+            throw new LdapNoPermissionException( msg );
+        }
+
+        if ( name.size() > 2 && name.startsWith( USER_BASE_DN )
+                && !principalDn.equals( ADMIN_DN ) )
+        {
+            String msg = "User " + principalDn;
+            msg += " does not have permission to delete the user account: ";
+            msg += name + ". Only the admin can delete user accounts.";
+            throw new LdapNoPermissionException( msg );
+        }
+
+        if ( name.size() > 2 && name.startsWith( GROUP_BASE_DN )
+                && !principalDn.equals( ADMIN_DN ) )
+        {
+            String msg = "User " + principalDn;
+            msg += " does not have permission to delete the group entry: ";
+            msg += name + ". Only the admin can delete groups.";
+            throw new LdapNoPermissionException( msg );
+        }
+
+        nextInterceptor.delete( name );
+    }
+
+
+    /**
+     * Note that we do nothing here. First because this is not an externally
+     * exposed function via the JNDI interfaces.  It is used internally by
+     * the provider for optimization purposes so there is no reason for us to
+     * start to constrain it.
+     */
+    public boolean hasEntry( NextInterceptor nextInterceptor, Name name ) throws NamingException
+    {
+        return super.hasEntry( nextInterceptor, name );
+    }
+
+
+    // ------------------------------------------------------------------------
+    // Entry Modification Operations
+    // ------------------------------------------------------------------------
+
+
+    /**
+     * This policy needs to be really tight too because some attributes may take
+     * part in giving the user permissions to protected resources.  We do not want
+     * users to self access these resources.  As far as we're concerned no one but
+     * the admin needs access.
+     */
+    public void modify( NextInterceptor nextInterceptor, Name name, int modOp, Attributes
attrs ) throws NamingException
+    {
+        protectModifyAlterations( name );
+        nextInterceptor.modify( name, modOp, attrs );
+    }
+
+
+    /**
+     * This policy needs to be really tight too because some attributes may take part
+     * in giving the user permissions to protected resources.  We do not want users to
+     * self access these resources.  As far as we're concerned no one but the admin
+     * needs access.
+     */
+    public void modify( NextInterceptor nextInterceptor, Name name, ModificationItem[] items
) throws NamingException
+    {
+        protectModifyAlterations( name );
+        nextInterceptor.modify( name, items );
+    }
+
+
+    private void protectModifyAlterations( Name dn ) throws LdapNoPermissionException
+    {
+        Name principalDn = getPrincipal().getJndiName();
+
+        if ( dn.toString().equals( "" ) )
+        {
+            String msg = "The rootDSE cannot be modified!";
+            throw new LdapNoPermissionException( msg );
+        }
+
+        if ( !principalDn.equals( ADMIN_DN ) )
+        {
+            if ( dn == ADMIN_DN || dn.equals( ADMIN_DN ) )
+            {
+                String msg = "User " + principalDn;
+                msg += " does not have permission to modify the admin account.";
+                throw new LdapNoPermissionException( msg );
+            }
+
+            if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN ) )
+            {
+                String msg = "User " + principalDn;
+                msg += " does not have permission to modify the account of the";
+                msg += " user " + dn + ".\nEven the owner of an account cannot";
+                msg += " modify it.\nUser accounts can only be modified by the";
+                msg += " administrator.";
+                throw new LdapNoPermissionException( msg );
+            }
+
+            if ( dn.size() > 2 && dn.startsWith( GROUP_BASE_DN ) )
+            {
+                String msg = "User " + principalDn;
+                msg += " does not have permission to modify the group entry ";
+                msg += dn + ".\nGroups can only be modified by the admin.";
+                throw new LdapNoPermissionException( msg );
+            }
+        }
+    }
+
+
+    // ------------------------------------------------------------------------
+    // DN altering operations are a no no for any user entry.  Basically here
+    // are the rules of conduct to follow:
+    //
+    //  o No user should have the ability to move or rename their entry
+    //  o Only the administrator can move or rename non-admin user entries
+    //  o The administrator entry cannot be moved or renamed by anyone
+    // ------------------------------------------------------------------------
+
+
+    public void modifyRn( NextInterceptor nextInterceptor, Name name, String newRn, boolean
deleteOldRn ) throws NamingException
+    {
+        protectDnAlterations( name );
+        nextInterceptor.modifyRn( name, newRn, deleteOldRn );
+    }
+
+
+    public void move( NextInterceptor nextInterceptor, Name oriChildName, Name newParentName
) throws NamingException
+    {
+        protectDnAlterations( oriChildName );
+        nextInterceptor.move( oriChildName, newParentName );
+    }
+
+
+    public void move( NextInterceptor nextInterceptor,
+            Name oriChildName, Name newParentName, String newRn,
+            boolean deleteOldRn ) throws NamingException
+    {
+        protectDnAlterations( oriChildName );
+        nextInterceptor.move( oriChildName, newParentName, newRn, deleteOldRn );
+    }
+
+
+    private void protectDnAlterations( Name dn ) throws LdapNoPermissionException
+    {
+        Name principalDn = getPrincipal().getJndiName();
+
+        if ( dn.toString().equals( "" ) )
+        {
+            String msg = "The rootDSE cannot be moved or renamed!";
+            throw new LdapNoPermissionException( msg );
+        }
+
+        if ( dn == ADMIN_DN || dn.equals( ADMIN_DN ) )
+        {
+            String msg = "User '" + principalDn;
+            msg += "' does not have permission to move or rename the admin";
+            msg += " account.  No one not even the admin can move or";
+            msg += " rename " + dn + "!";
+            throw new LdapNoPermissionException( msg );
+        }
+
+        if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN ) && !principalDn.equals(
ADMIN_DN ) )
+        {
+            String msg = "User '" + principalDn;
+            msg += "' does not have permission to move or rename the user";
+            msg += " account: " + dn + ". Only the admin can move or";
+            msg += " rename user accounts.";
+            throw new LdapNoPermissionException( msg );
+        }
+
+        if ( dn.size() > 2 && dn.startsWith( GROUP_BASE_DN ) && !principalDn.equals(
ADMIN_DN ) )
+        {
+            String msg = "User " + principalDn;
+            msg += " does not have permission to move or rename the group entry ";
+            msg += dn + ".\nGroups can only be moved or renamed by the admin.";
+            throw new LdapNoPermissionException( msg );
+        }
+    }
+
+
+    public Attributes lookup( NextInterceptor nextInterceptor, Name name ) throws NamingException
+    {
+        Attributes attributes = nextInterceptor.lookup( name );
+        if ( attributes == null )
+        {
+            return null;
+        }
+
+        protectLookUp( name );
+        return attributes;
+    }
+
+
+    public Attributes lookup( NextInterceptor nextInterceptor, Name name, String[] attrIds
) throws NamingException
+    {
+        Attributes attributes = nextInterceptor.lookup( name, attrIds );
+        if ( attributes == null )
+        {
+            return null;
+        }
+
+        protectLookUp( name );
+        return attributes;
+    }
+
+
+    private void protectLookUp( Name dn ) throws NamingException
+    {
+        LdapContext ctx =
+            ( LdapContext ) InvocationStack.getInstance().peek().getCaller();
+        Name principalDn = ( ( ServerContext ) ctx ).getPrincipal().getJndiName();
+
+        if ( !principalDn.equals( ADMIN_DN ) )
+        {
+            if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN ) )
+            {
+                // allow for self reads
+                if ( dn.toString().equals( principalDn.toString() ) )
+                {
+                    return;
+                }
+
+                String msg = "Access to user account '" + dn + "' not permitted";
+                msg += " for user '" + principalDn + "'.  Only the admin can";
+                msg += " access user account information";
+                throw new LdapNoPermissionException( msg );
+            }
+
+            if ( dn.size() > 2 && dn.startsWith( GROUP_BASE_DN ) )
+            {
+                // allow for self reads
+                if ( dn.toString().equals( principalDn.toString() ) )
+                {
+                    return;
+                }
+
+                String msg = "Access to group '" + dn + "' not permitted";
+                msg += " for user '" + principalDn + "'.  Only the admin can";
+                msg += " access group information";
+                throw new LdapNoPermissionException( msg );
+            }
+
+            if ( dn.equals( ADMIN_DN ) )
+            {
+                // allow for self reads
+                if ( dn.toString().equals( principalDn.toString() ) )
+                {
+                    return;
+                }
+
+                String msg = "Access to admin account not permitted for user '";
+                msg += principalDn + "'.  Only the admin can";
+                msg += " access admin account information";
+                throw new LdapNoPermissionException( msg );
+            }
+        }
+    }
+
+
+    public NamingEnumeration search( NextInterceptor nextInterceptor,
+            Name base, Map env, ExprNode filter,
+            SearchControls searchCtls ) throws NamingException
+    {
+        NamingEnumeration e = nextInterceptor.search( base, env, filter, searchCtls );
+        //if ( searchCtls.getReturningAttributes() != null )
+        //{
+        //    return null;
+        //}
+        
+        LdapContext ctx =
+            ( LdapContext ) InvocationStack.getInstance().peek().getCaller();
+        return new SearchResultFilteringEnumeration( e, searchCtls, ctx,
+                new SearchResultFilter()
+                {
+                    public boolean accept( LdapContext ctx, SearchResult result,
+                                           SearchControls controls )
+                            throws NamingException
+                    {
+                        return OldAuthorizationService.this.isSearchable( ctx, result );
+                    }
+                } );
+    }
+
+
+    public NamingEnumeration list( NextInterceptor nextInterceptor, Name base ) throws NamingException
+    {
+        NamingEnumeration e = nextInterceptor.list( base );
+        LdapContext ctx =
+            ( LdapContext ) InvocationStack.getInstance().peek().getCaller();
+        
+        return new SearchResultFilteringEnumeration( e, null, ctx,
+            new SearchResultFilter()
+            {
+                public boolean accept( LdapContext ctx, SearchResult result,
+                                       SearchControls controls )
+                        throws NamingException
+                {
+                    return OldAuthorizationService.this.isSearchable( ctx, result );
+                }
+            } );
+    }
+
+
+    private boolean isSearchable( LdapContext ctx, SearchResult result )
+            throws NamingException
+    {
+        Name dn;
+
+        synchronized ( dnParser )
+        {
+            dn = dnParser.parse( result.getName() );
+        }
+
+        Name principalDn = ( ( ServerContext ) ctx ).getPrincipal().getJndiName();
+        if ( !principalDn.equals( ADMIN_DN ) )
+        {
+            if ( dn.size() > 2 )
+            {
+                if ( dn.startsWith( USER_BASE_DN ) || dn.startsWith( GROUP_BASE_DN ) )
+                {
+                    return false;
+                }
+            }
+
+            if ( dn.equals( ADMIN_DN ) )
+            {
+                return false;
+            }
+
+        }
+
+        return true;
+    }
+}

Propchange: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/authz/OldAuthorizationService.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/configuration/StartupConfiguration.java
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/configuration/StartupConfiguration.java?rev=289918&r1=289917&r2=289918&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/configuration/StartupConfiguration.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/configuration/StartupConfiguration.java
Sun Sep 18 06:59:04 2005
@@ -30,6 +30,7 @@
 import org.apache.ldap.server.authn.AnonymousAuthenticator;
 import org.apache.ldap.server.authn.AuthenticationService;
 import org.apache.ldap.server.authn.SimpleAuthenticator;
+import org.apache.ldap.server.authz.OldAuthorizationService;
 import org.apache.ldap.server.authz.AuthorizationService;
 import org.apache.ldap.server.exception.ExceptionService;
 import org.apache.ldap.server.jndi.ContextFactoryService;
@@ -143,7 +144,12 @@
         interceptorCfg.setName( "authorizationService" );
         interceptorCfg.setInterceptor( new AuthorizationService() );
         list.add( interceptorCfg );
-        
+
+        interceptorCfg = new MutableInterceptorConfiguration();
+        interceptorCfg.setName( "oldAuthorizationService" );
+        interceptorCfg.setInterceptor( new OldAuthorizationService() );
+        list.add( interceptorCfg );
+
         interceptorCfg = new MutableInterceptorConfiguration();
         interceptorCfg.setName( "exceptionService" );
         interceptorCfg.setInterceptor( new ExceptionService() );

Modified: directory/apacheds/trunk/main/server.xml
URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/main/server.xml?rev=289918&r1=289917&r2=289918&view=diff
==============================================================================
--- directory/apacheds/trunk/main/server.xml (original)
+++ directory/apacheds/trunk/main/server.xml Sun Sep 18 06:59:04 2005
@@ -6,14 +6,14 @@
 <beans>
   <bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
     <property name="properties">
-    	<props>
-    		<prop key="asn.1.berlib.provider">org.apache.ldap.common.berlib.asn1.SnickersProvider</prop>
-    		<!--prop key="asn.1.berlib.provider">org.apache.asn1new.ldap.TwixProvider</prop-->
-    		<prop key="java.naming.security.authentication">simple</prop>
-    		<prop key="java.naming.security.principal">uid=admin,ou=system</prop>
-    		<prop key="java.naming.security.credentials">secret</prop>
-    		<prop key="java.naming.ldap.attributes.binary">photo personalSignature audio
jpegPhoto javaSerializedData userPassword userCertificate cACertificate authorityRevocationList
certificateRevocationList crossCertificatePair x500UniqueIdentifier krb5Key</prop>
-    	</props>
+      <props>
+    	  <prop key="asn.1.berlib.provider">org.apache.ldap.common.berlib.asn1.SnickersProvider</prop>
+    	  <!--prop key="asn.1.berlib.provider">org.apache.asn1new.ldap.TwixProvider</prop-->
+    	  <prop key="java.naming.security.authentication">simple</prop>
+    	  <prop key="java.naming.security.principal">uid=admin,ou=system</prop>
+          <prop key="java.naming.security.credentials">secret</prop>
+          <prop key="java.naming.ldap.attributes.binary">photo personalSignature audio
jpegPhoto javaSerializedData userPassword userCertificate cACertificate authorityRevocationList
certificateRevocationList crossCertificatePair x500UniqueIdentifier krb5Key</prop>
+      </props>
     </property>
   </bean>
   
@@ -58,9 +58,15 @@
           </property>
         </bean>
         <bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
+          <property name="name"><value>oldAuthenticationService</value></property>
+          <property name="interceptor">
+            <bean class="org.apache.ldap.server.authn.OldAuthenticationService" />
+          </property>
+        </bean>
+        <bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
           <property name="name"><value>authorizationService</value></property>
           <property name="interceptor">
-            <bean class="org.apache.ldap.server.authz.AuthorizationService" />
+            <bean class="org.apache.ldap.server.authz.OldAuthorizationService" />
           </property>
         </bean>
         <bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">



Mime
View raw message