Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 37546 invoked from network); 29 Dec 2005 16:47:32 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 29 Dec 2005 16:47:32 -0000 Received: (qmail 42949 invoked by uid 500); 29 Dec 2005 16:47:32 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 42905 invoked by uid 500); 29 Dec 2005 16:47:31 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 42894 invoked by uid 99); 29 Dec 2005 16:47:31 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 29 Dec 2005 08:47:31 -0800 X-ASF-Spam-Status: No, hits=-9.4 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [209.237.227.194] (HELO minotaur.apache.org) (209.237.227.194) by apache.org (qpsmtpd/0.29) with SMTP; Thu, 29 Dec 2005 08:47:29 -0800 Received: (qmail 37454 invoked by uid 65534); 29 Dec 2005 16:47:09 -0000 Message-ID: <20051229164709.37453.qmail@minotaur.apache.org> Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r359843 - in /directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store: ./ operations/ Date: Thu, 29 Dec 2005 16:47:06 -0000 To: commits@directory.apache.org From: erodriguez@apache.org X-Mailer: svnmailer-1.0.5 X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Author: erodriguez Date: Thu Dec 29 08:46:57 2005 New Revision: 359843 URL: http://svn.apache.org/viewcvs?rev=359843&view=rev Log: Replaced SearchStrategy interface with PrincipalStore. Added: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java (with props) directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java (with props) directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java (with props) directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java (with props) directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java (with props) Removed: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SearchStrategy.java Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/JndiPrincipalStoreImpl.java directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/MultiBaseSearch.java directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStore.java directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntry.java directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntryModifier.java directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SingleBaseSearch.java directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/ChangePassword.java directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetPrincipal.java Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/JndiPrincipalStoreImpl.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/JndiPrincipalStoreImpl.java?rev=359843&r1=359842&r2=359843&view=diff ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/JndiPrincipalStoreImpl.java (original) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/JndiPrincipalStoreImpl.java Thu Dec 29 08:46:57 2005 @@ -39,27 +39,42 @@ /** a handle on the provider factory */ private InitialContextFactory factory; /** a handle on the search strategy */ - private SearchStrategy strategy; + private PrincipalStore store; public JndiPrincipalStoreImpl( ServiceConfiguration config, InitialContextFactory factory ) { this.config = config; this.factory = factory; - strategy = getSearchStrategy(); + store = getStore(); + } + + public String addPrincipal( PrincipalStoreEntry entry ) throws Exception + { + return store.addPrincipal( entry ); + } + + public String deletePrincipal( KerberosPrincipal principal ) throws Exception + { + return store.deletePrincipal( principal ); + } + + public PrincipalStoreEntry[] getAllPrincipals( String realm ) throws Exception + { + return store.getAllPrincipals( realm ); } public PrincipalStoreEntry getPrincipal( KerberosPrincipal principal ) throws Exception { - return strategy.getPrincipal( principal ); + return store.getPrincipal( principal ); } public String changePassword( KerberosPrincipal principal, KerberosKey newKey ) throws Exception { - return strategy.changePassword( principal, newKey ); + return store.changePassword( principal, newKey ); } - private SearchStrategy getSearchStrategy() + private PrincipalStore getStore() { if ( config.getCatalogBaseDn() != null ) { Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/MultiBaseSearch.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/MultiBaseSearch.java?rev=359843&r1=359842&r2=359843&view=diff ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/MultiBaseSearch.java (original) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/MultiBaseSearch.java Thu Dec 29 08:46:57 2005 @@ -27,7 +27,10 @@ import javax.security.auth.kerberos.KerberosKey; import javax.security.auth.kerberos.KerberosPrincipal; +import org.apache.kerberos.store.operations.AddPrincipal; import org.apache.kerberos.store.operations.ChangePassword; +import org.apache.kerberos.store.operations.DeletePrincipal; +import org.apache.kerberos.store.operations.GetAllPrincipals; import org.apache.kerberos.store.operations.GetPrincipal; import org.apache.ldap.server.configuration.ConfigurationException; import org.apache.protocol.common.ServiceConfiguration; @@ -43,7 +46,7 @@ * @author Apache Directory Project * @version $Rev$, $Date$ */ -class MultiBaseSearch implements SearchStrategy +class MultiBaseSearch implements PrincipalStore { private InitialContextFactory factory; private Hashtable env; @@ -67,6 +70,54 @@ { String message = "Failed to get catalog context " + (String) env.get( Context.PROVIDER_URL ); throw new ConfigurationException( message, e ); + } + } + + public String addPrincipal( PrincipalStoreEntry entry ) throws Exception + { + env.put( Context.PROVIDER_URL, catalog.getBaseDn( entry.getRealmName() ) ); + + try + { + DirContext ctx = (DirContext) factory.getInitialContext( env ); + return (String) execute( ctx, new AddPrincipal( entry ) ); + } + catch ( NamingException ne ) + { + String message = "Failed to get initial context " + (String) env.get( Context.PROVIDER_URL ); + throw new ConfigurationException( message, ne ); + } + } + + public String deletePrincipal( KerberosPrincipal principal ) throws Exception + { + env.put( Context.PROVIDER_URL, catalog.getBaseDn( principal.getRealm() ) ); + + try + { + DirContext ctx = (DirContext) factory.getInitialContext( env ); + return (String) execute( ctx, new DeletePrincipal( principal ) ); + } + catch ( NamingException ne ) + { + String message = "Failed to get initial context " + (String) env.get( Context.PROVIDER_URL ); + throw new ConfigurationException( message, ne ); + } + } + + public PrincipalStoreEntry[] getAllPrincipals( String realm ) throws Exception + { + env.put( Context.PROVIDER_URL, catalog.getBaseDn( realm ) ); + + try + { + DirContext ctx = (DirContext) factory.getInitialContext( env ); + return (PrincipalStoreEntry[]) execute( ctx, new GetAllPrincipals() ); + } + catch ( NamingException ne ) + { + String message = "Failed to get initial context " + (String) env.get( Context.PROVIDER_URL ); + throw new ConfigurationException( message, ne ); } } Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStore.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStore.java?rev=359843&r1=359842&r2=359843&view=diff ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStore.java (original) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStore.java Thu Dec 29 08:46:57 2005 @@ -20,15 +20,20 @@ import javax.security.auth.kerberos.KerberosPrincipal; /** - * The store interface used by Kerberos protocols to lookup principals and - * to change their passwords. + * The store interface used by Kerberos services. * * @author Apache Directory Project - * @version $Rev$, $Date$ + * @version $Rev:330489 $, $Date$ */ public interface PrincipalStore { - public PrincipalStoreEntry getPrincipal( KerberosPrincipal principal ) throws Exception; + public String addPrincipal( PrincipalStoreEntry entry ) throws Exception; public String changePassword( KerberosPrincipal principal, KerberosKey newKey ) throws Exception; + + public String deletePrincipal( KerberosPrincipal principal ) throws Exception; + + public PrincipalStoreEntry[] getAllPrincipals( String realm ) throws Exception; + + public PrincipalStoreEntry getPrincipal( KerberosPrincipal principal ) throws Exception; } Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntry.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntry.java?rev=359843&r1=359842&r2=359843&view=diff ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntry.java (original) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntry.java Thu Dec 29 08:46:57 2005 @@ -25,43 +25,52 @@ public class PrincipalStoreEntry { - // 'Principal' - private String commonName; - private KerberosPrincipal principal; - - // 'KDCEntry' - private KerberosTime validStart; - private KerberosTime validEnd; - private KerberosTime passwordEnd; - private int maxLife; - private int maxRenew; - private int kdcFlags; - private SamType samType = null; - private EncryptionKey key; - - private String realmName; - - PrincipalStoreEntry( String commonName, KerberosPrincipal principal, int keyVersionNumber, - KerberosTime validStart, KerberosTime validEnd, KerberosTime passwordEnd, int maxLife, - int maxRenew, int kdcFlags, int keyType, byte[] key, String realmName, SamType samType ) + // principal + private String commonName; + private KerberosPrincipal principal; + private String realmName; + + // uidObject + private String userId; + + // KDCEntry + private KerberosTime validStart; + private KerberosTime validEnd; + private KerberosTime passwordEnd; + private int maxLife; + private int maxRenew; + private int kdcFlags; + private SamType samType; + private EncryptionKey key; + + PrincipalStoreEntry( String commonName, String userId, KerberosPrincipal principal, int keyVersionNumber, + KerberosTime validStart, KerberosTime validEnd, KerberosTime passwordEnd, int maxLife, int maxRenew, + int kdcFlags, int keyType, byte[] key, String realmName, SamType samType ) { - this.commonName = commonName; - this.principal = principal; - this.validStart = validStart; - this.validEnd = validEnd; - this.passwordEnd = passwordEnd; - this.maxLife = maxLife; - this.maxRenew = maxRenew; - this.kdcFlags = kdcFlags; - this.realmName = realmName; - this.samType = samType; - - this.key = new EncryptionKey(EncryptionType.getTypeByOrdinal(keyType), key, keyVersionNumber); - } - - public String getCommonName() + this.commonName = commonName; + this.userId = userId; + this.principal = principal; + this.validStart = validStart; + this.validEnd = validEnd; + this.passwordEnd = passwordEnd; + this.maxLife = maxLife; + this.maxRenew = maxRenew; + this.kdcFlags = kdcFlags; + this.realmName = realmName; + + this.samType = samType; + + this.key = new EncryptionKey( EncryptionType.getTypeByOrdinal( keyType ), key, keyVersionNumber ); + } + + public String getCommonName() { return commonName; + } + + public String getUserId() + { + return userId; } public EncryptionKey getEncryptionKey() Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntryModifier.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntryModifier.java?rev=359843&r1=359842&r2=359843&view=diff ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntryModifier.java (original) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/PrincipalStoreEntryModifier.java Thu Dec 29 08:46:57 2005 @@ -23,35 +23,42 @@ public class PrincipalStoreEntryModifier { - // 'Principal' - private String commonName; - private KerberosPrincipal principal; + // principal + private String commonName; + private KerberosPrincipal principal; + private String realmName; - // 'KDCEntry' - private int keyVersionNumber; // must - // may - private KerberosTime validStart; - private KerberosTime validEnd; - private KerberosTime passwordEnd; - private int maxLife; - private int maxRenew; - private int kdcFlags; - private int encryptionType; - private SamType samType; - private byte[] key; + // uidObject + private String userId; - private String realmName; + // KDCEntry + // must + private int keyVersionNumber; + // may + private KerberosTime validStart; + private KerberosTime validEnd; + private KerberosTime passwordEnd; + private int maxLife; + private int maxRenew; + private int kdcFlags; + private int encryptionType; + private SamType samType; + private byte[] key; - public PrincipalStoreEntry getEntry() + public PrincipalStoreEntry getEntry() { - return new PrincipalStoreEntry( commonName, principal, keyVersionNumber, validStart, - validEnd, passwordEnd, maxLife, maxRenew, kdcFlags, encryptionType, key, realmName, - samType ); + return new PrincipalStoreEntry( commonName, userId, principal, keyVersionNumber, validStart, validEnd, + passwordEnd, maxLife, maxRenew, kdcFlags, encryptionType, key, realmName, samType ); } public void setCommonName( String commonName ) { this.commonName = commonName; + } + + public void setUserId( String userId ) + { + this.userId = userId; } public void setEncryptionType( int encryptionType ) Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SingleBaseSearch.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SingleBaseSearch.java?rev=359843&r1=359842&r2=359843&view=diff ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SingleBaseSearch.java (original) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/SingleBaseSearch.java Thu Dec 29 08:46:57 2005 @@ -26,7 +26,10 @@ import javax.security.auth.kerberos.KerberosKey; import javax.security.auth.kerberos.KerberosPrincipal; +import org.apache.kerberos.store.operations.AddPrincipal; import org.apache.kerberos.store.operations.ChangePassword; +import org.apache.kerberos.store.operations.DeletePrincipal; +import org.apache.kerberos.store.operations.GetAllPrincipals; import org.apache.kerberos.store.operations.GetPrincipal; import org.apache.ldap.server.configuration.ConfigurationException; import org.apache.protocol.common.ServiceConfiguration; @@ -39,7 +42,7 @@ * @author Apache Directory Project * @version $Rev$, $Date$ */ -class SingleBaseSearch implements SearchStrategy +class SingleBaseSearch implements PrincipalStore { private DirContext ctx; @@ -58,6 +61,21 @@ String message = "Failed to get initial context " + (String) env.get( Context.PROVIDER_URL ); throw new ConfigurationException( message, ne ); } + } + + public String addPrincipal( PrincipalStoreEntry entry ) throws Exception + { + return (String) execute( new AddPrincipal( entry ) ); + } + + public String deletePrincipal( KerberosPrincipal principal ) throws Exception + { + return (String) execute( new DeletePrincipal( principal ) ); + } + + public PrincipalStoreEntry[] getAllPrincipals( String realm ) throws Exception + { + return (PrincipalStoreEntry[]) execute( new GetAllPrincipals() ); } public PrincipalStoreEntry getPrincipal( KerberosPrincipal principal ) throws Exception Added: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java?rev=359843&view=auto ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java (added) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java Thu Dec 29 08:46:57 2005 @@ -0,0 +1,98 @@ +/* + * Copyright 2005 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.kerberos.store.operations; + +import javax.naming.Name; +import javax.naming.NamingException; +import javax.naming.directory.Attributes; +import javax.naming.directory.DirContext; +import javax.naming.ldap.LdapName; +import javax.naming.spi.DirStateFactory; +import javax.naming.spi.DirStateFactory.Result; + +import org.apache.kerberos.store.PrincipalStoreEntry; +import org.apache.protocol.common.store.ContextOperation; + +/** + * Command for adding a principal to a JNDI context. + * + * @author Apache Directory Project + * @version $Rev$, $Date$ + */ +public class AddPrincipal implements ContextOperation +{ + private static final long serialVersionUID = -1032737167622217786L; + + /** The Kerberos principal who is to be added. */ + protected PrincipalStoreEntry entry; + + /** + * Creates the action to be used against the embedded ApacheDS DIT. + */ + public AddPrincipal( PrincipalStoreEntry entry ) + { + this.entry = entry; + } + + public Object execute( DirContext ctx, Name searchBaseDn ) + { + if ( entry == null ) + { + return null; + } + + try + { + DirStateFactory factory = new PrincipalStateFactory(); + Result result = factory.getStateToBind( entry, null, null, null, null ); + + Attributes attrs = result.getAttributes(); + + LdapName name = new LdapName( "uid=" + entry.getUserId() + ",ou=Users" ); + + ctx.rebind( name, null, attrs ); + + return name.toString(); + } + catch ( NamingException ne ) + { + ne.printStackTrace(); + } + + return null; + } +} + +/* + dn: uid=akarasulu, ou=Users, dc=example,dc=com + cn: Alex Karasulu + sn: Karasulu + givenname: Alex + objectclass: top + objectclass: person + objectclass: organizationalPerson + objectclass: inetOrgPerson + objectclass: krb5Principal + objectclass: krb5KDCEntry + ou: Directory + ou: Users + uid: akarasulu + krb5PrincipalName: akarasulu@EXAMPLE.COM + krb5KeyVersionNumber: 0 + */ + Propchange: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/AddPrincipal.java ------------------------------------------------------------------------------ svn:eol-style = native Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/ChangePassword.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/ChangePassword.java?rev=359843&r1=359842&r2=359843&view=diff ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/ChangePassword.java (original) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/ChangePassword.java Thu Dec 29 08:46:57 2005 @@ -39,10 +39,12 @@ * Command for changing a principal's password in a JNDI context. * * @author Apache Directory Project - * @version $Rev$ + * @version $Rev$, $Date$ */ public class ChangePassword implements ContextOperation { + private static final long serialVersionUID = -7147685183641418353L; + /** The Kerberos principal who's password is to be changed. */ protected KerberosPrincipal principal; /** The new key for the update. */ Added: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java?rev=359843&view=auto ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java (added) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java Thu Dec 29 08:46:57 2005 @@ -0,0 +1,136 @@ +/* + * Copyright 2005 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.kerberos.store.operations; + +import java.util.Properties; + +import javax.naming.CompoundName; +import javax.naming.Name; +import javax.naming.NamingEnumeration; +import javax.naming.NamingException; +import javax.naming.directory.Attributes; +import javax.naming.directory.BasicAttribute; +import javax.naming.directory.BasicAttributes; +import javax.naming.directory.DirContext; +import javax.naming.directory.SearchResult; +import javax.security.auth.kerberos.KerberosPrincipal; + +import org.apache.kerberos.store.KerberosAttribute; +import org.apache.protocol.common.store.ContextOperation; + +/** + * Command for deleting a principal from a JNDI context. + * + * @author Apache Directory Project + * @version $Rev$, $Date$ + */ +public class DeletePrincipal implements ContextOperation +{ + private static final long serialVersionUID = -6970986279811261983L; + + /** The Kerberos principal who is to be deleted. */ + protected KerberosPrincipal principal; + + /** + * Creates the action to be used against the embedded ApacheDS DIT. + */ + public DeletePrincipal( KerberosPrincipal principal ) + { + this.principal = principal; + } + + public Object execute( DirContext ctx, Name searchBaseDn ) + { + if ( principal == null ) + { + return null; + } + + String dn = null; + + try + { + dn = search( ctx, searchBaseDn, principal.getName() ); + Name rdn = getRelativeName( ctx, dn ); + ctx.destroySubcontext( rdn ); + } + catch ( NamingException e ) + { + e.printStackTrace(); + return null; + } + + return dn; + } + + private String search( DirContext ctx, Name searchBaseDn, String principal ) throws NamingException + { + String[] attrIDs = { KerberosAttribute.PRINCIPAL, KerberosAttribute.VERSION, KerberosAttribute.TYPE, + KerberosAttribute.KEY }; + + Attributes matchAttrs = new BasicAttributes( false ); // case-sensitive + matchAttrs.put( new BasicAttribute( KerberosAttribute.PRINCIPAL, principal ) ); + + // Search for objects that have those matching attributes + NamingEnumeration answer = ctx.search( searchBaseDn, matchAttrs, attrIDs ); + + if ( answer.hasMore() ) + { + SearchResult sr = (SearchResult) answer.next(); + if ( sr != null ) + { + return sr.getName(); + } + } + + return null; + } + + private Name getRelativeName( DirContext ctx, String baseDn ) throws NamingException + { + Properties props = new Properties(); + props.setProperty( "jndi.syntax.direction", "right_to_left" ); + props.setProperty( "jndi.syntax.separator", "," ); + props.setProperty( "jndi.syntax.ignorecase", "true" ); + props.setProperty( "jndi.syntax.trimblanks", "true" ); + + Name searchBaseDn; + + try + { + Name ctxRoot = new CompoundName( ctx.getNameInNamespace(), props ); + searchBaseDn = new CompoundName( baseDn, props ); + + if ( !searchBaseDn.startsWith( ctxRoot ) ) + { + throw new NamingException( "Invalid search base " + baseDn ); + } + + for ( int ii = 0; ii < ctxRoot.size(); ii++ ) + { + searchBaseDn.remove( 0 ); + } + } + catch ( NamingException e ) + { + throw new NamingException( "Failed to initialize search base " + baseDn ); + } + + return searchBaseDn; + } +} Propchange: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/DeletePrincipal.java ------------------------------------------------------------------------------ svn:eol-style = native Added: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java?rev=359843&view=auto ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java (added) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java Thu Dec 29 08:46:57 2005 @@ -0,0 +1,119 @@ +/* + * Copyright 2005 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.kerberos.store.operations; + +import java.util.ArrayList; +import java.util.List; + +import javax.naming.Name; +import javax.naming.NamingEnumeration; +import javax.naming.NamingException; +import javax.naming.directory.Attributes; +import javax.naming.directory.DirContext; +import javax.naming.directory.SearchControls; +import javax.naming.directory.SearchResult; +import javax.security.auth.kerberos.KerberosPrincipal; + +import org.apache.kerberos.messages.value.SamType; +import org.apache.kerberos.store.KerberosAttribute; +import org.apache.kerberos.store.PrincipalStoreEntry; +import org.apache.kerberos.store.PrincipalStoreEntryModifier; +import org.apache.protocol.common.store.ContextOperation; + +/** + * Command for getting all principals in a JNDI context. + * + * @author Apache Directory Project + * @version $Rev$, $Date$ + */ +public class GetAllPrincipals implements ContextOperation +{ + private static final long serialVersionUID = -1214321426487445132L; + + public Object execute( DirContext ctx, Name searchBaseDn ) + { + SearchControls controls = new SearchControls(); + + String filter = "(objectClass=krb5Principal)"; + + List answers = new ArrayList(); + + try + { + Attributes attrs = null; + + NamingEnumeration answer = ctx.search( searchBaseDn, filter, controls ); + + while ( answer.hasMore() ) + { + SearchResult result = (SearchResult) answer.next(); + attrs = result.getAttributes(); + PrincipalStoreEntry entry = getEntry( attrs ); + System.out.println( "Result name is " + result.getName() ); + answers.add( entry ); + } + + answer.close(); + + PrincipalStoreEntry[] entries = new PrincipalStoreEntry[ answers.size() ]; + + return (PrincipalStoreEntry[]) answers.toArray( entries ); + } + catch ( NamingException e ) + { + e.printStackTrace(); + + return null; + } + } + + /** + * Marshals an a PrincipalStoreEntry from an Attributes object. + * + * @param attrs the attributes of the Kerberos principal + * @return the entry for the principal + * @throws NamingException if there are any access problems + */ + private PrincipalStoreEntry getEntry( Attributes attrs ) throws NamingException + { + PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier(); + + String principal = (String) attrs.get( KerberosAttribute.PRINCIPAL ).get(); + String encryptionType = (String) attrs.get( KerberosAttribute.TYPE ).get(); + String keyVersionNumber = (String) attrs.get( KerberosAttribute.VERSION ).get(); + + String commonName = (String) attrs.get( "cn" ).get(); + + if ( attrs.get( "apacheSamType" ) != null ) + { + String samType = (String) attrs.get( "apacheSamType" ).get(); + + modifier.setSamType( SamType.getTypeByOrdinal( Integer.parseInt( samType ) ) ); + } + + byte[] keyBytes = (byte[]) attrs.get( KerberosAttribute.KEY ).get(); + + modifier.setCommonName( commonName ); + modifier.setPrincipal( new KerberosPrincipal( principal ) ); + modifier.setEncryptionType( Integer.parseInt( encryptionType ) ); + modifier.setKeyVersionNumber( Integer.parseInt( keyVersionNumber ) ); + modifier.setKey( keyBytes ); + + return modifier.getEntry(); + } +} Propchange: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetAllPrincipals.java ------------------------------------------------------------------------------ svn:eol-style = native Modified: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetPrincipal.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetPrincipal.java?rev=359843&r1=359842&r2=359843&view=diff ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetPrincipal.java (original) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/GetPrincipal.java Thu Dec 29 08:46:57 2005 @@ -36,10 +36,12 @@ * Encapsulates the action of looking up a principal in an embedded ApacheDS DIT. * * @author Apache Directory Project - * @version $Rev$ + * @version $Rev$, $Date$ */ public class GetPrincipal implements ContextOperation { + private static final long serialVersionUID = 4598007518413451945L; + /** The name of the principal to get. */ private final KerberosPrincipal principal; Added: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java?rev=359843&view=auto ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java (added) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java Thu Dec 29 08:46:57 2005 @@ -0,0 +1,66 @@ +/* + * Copyright 2005 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.kerberos.store.operations; + +import java.util.Hashtable; + +import javax.naming.Context; +import javax.naming.Name; +import javax.naming.directory.Attributes; +import javax.naming.spi.DirObjectFactory; +import javax.security.auth.kerberos.KerberosPrincipal; + +import org.apache.kerberos.store.KerberosAttribute; +import org.apache.kerberos.store.PrincipalStoreEntryModifier; + +/** + * An ObjectFactory that resusitates objects from directory attributes. + * + * @author Apache Directory Project + * @version $Rev$, $Date$ + */ +public class PrincipalObjectFactory implements DirObjectFactory +{ + public Object getObjectInstance( Object obj, Name name, Context nameCtx, Hashtable environment, Attributes attrs ) throws Exception + { + if ( attrs == null || attrs.get( "objectClass" ) == null || ! attrs.get( "objectClass" ).contains( "krb5KDCEntry" ) ) + { + return null; + } + + PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier(); + + modifier.setUserId( ( String ) attrs.get( "uid" ).get() ); + modifier.setCommonName( ( String ) attrs.get( "cn" ).get() ); + + KerberosPrincipal principal = new KerberosPrincipal( ( String ) attrs.get( KerberosAttribute.PRINCIPAL ).get() ); + modifier.setPrincipal( principal ); + + modifier.setKey( ( byte[] ) attrs.get( KerberosAttribute.KEY ).get() ); + modifier.setEncryptionType( Integer.parseInt( ( String ) attrs.get( KerberosAttribute.TYPE ).get() ) ); + modifier.setKeyVersionNumber( Integer.parseInt( ( String ) attrs.get( KerberosAttribute.VERSION ).get() ) ); + + return modifier.getEntry(); + } + + public Object getObjectInstance( Object obj, Name name, Context nameCtx, Hashtable environment ) throws Exception + { + throw new UnsupportedOperationException( "Attributes are required to add an entry." ); + } +} + Propchange: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalObjectFactory.java ------------------------------------------------------------------------------ svn:eol-style = native Added: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java URL: http://svn.apache.org/viewcvs/directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java?rev=359843&view=auto ============================================================================== --- directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java (added) +++ directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java Thu Dec 29 08:46:57 2005 @@ -0,0 +1,151 @@ +/* + * Copyright 2005 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.kerberos.store.operations; + +import java.util.Hashtable; + +import javax.naming.Context; +import javax.naming.Name; +import javax.naming.NamingException; +import javax.naming.directory.Attribute; +import javax.naming.directory.Attributes; +import javax.naming.directory.BasicAttribute; +import javax.naming.directory.BasicAttributes; +import javax.naming.directory.SchemaViolationException; +import javax.naming.spi.DirStateFactory; + +import org.apache.kerberos.store.KerberosAttribute; +import org.apache.kerberos.store.PrincipalStoreEntry; + +/** + * A StateFactory for a server profile. + * + * @author Apache Directory Project + * @version $Rev$, $Date$ + */ +public class PrincipalStateFactory implements DirStateFactory +{ + public Result getStateToBind( Object obj, Name name, Context nameCtx, Hashtable environment, Attributes inAttrs ) + throws NamingException + { + // Only interested in PrincipalStoreEntry objects + if ( obj instanceof PrincipalStoreEntry ) + { + Attributes outAttrs; + if (inAttrs == null) + { + outAttrs = new BasicAttributes(true); + } + else + { + outAttrs = (Attributes) inAttrs.clone(); + } + + // process the objectClass attribute + Attribute oc = outAttrs.get( "objectClass" ); + + if ( oc == null ) + { + oc = new BasicAttribute( "objectClass" ); + outAttrs.put( oc ); + } + + if ( ! oc.contains( "top" ) ) + { + oc.add( "top" ); + } + + PrincipalStoreEntry p = (PrincipalStoreEntry) obj; + + if ( ! oc.contains( "uidObject" ) ) + { + oc.add( "uidObject" ); + if ( p.getUserId() != null ) + { + outAttrs.put( "uid", p.getUserId() ); + } + else + { + throw new SchemaViolationException( "Person must have uid." ); + } + } + + if ( ! oc.contains( "extensibleObject" ) ) + { + oc.add( "extensibleObject" ); + outAttrs.put( "apacheSamType", "7" ); + } + + if ( ! oc.contains( "person" ) ) + { + oc.add( "person" ); + + // TODO - look into adding sn, gn, and cn to ServerProfiles + outAttrs.put( "sn", p.getUserId() ); + outAttrs.put( "cn", p.getCommonName() ); + } + + if ( ! oc.contains( "organizationalPerson" ) ) + { + oc.add( "organizationalPerson" ); + } + + if ( ! oc.contains( "inetOrgPerson" ) ) + { + oc.add( "inetOrgPerson" ); + } + + if ( ! oc.contains( "krb5Principal" ) ) + { + oc.add( "krb5Principal" ); + } + + if ( ! oc.contains( "krb5KDCEntry" ) ) + { + oc.add( "krb5KDCEntry" ); + + String principal = p.getPrincipal().getName(); + byte[] keyBytes = p.getEncryptionKey().getKeyValue(); + int keyType = p.getEncryptionKey().getKeyType().getOrdinal(); + int keyVersion = p.getEncryptionKey().getKeyVersion(); + + outAttrs.put( KerberosAttribute.PRINCIPAL, principal ); + outAttrs.put( KerberosAttribute.KEY, keyBytes ); + outAttrs.put( KerberosAttribute.TYPE, Integer.toString( keyType ) ); + outAttrs.put( KerberosAttribute.VERSION, Integer.toString( keyVersion ) ); + } + + Result r = new Result( obj, outAttrs ); + + System.out.println( "Result from obj " + obj ); + System.out.println( "Result attrs " + outAttrs ); + + return r; + } + + System.out.println( "ERROR: entry was not correct type " + obj ); + return null; + } + + public Object getStateToBind( Object obj, Name name, Context nameCtx, Hashtable environment ) + throws NamingException + { + throw new UnsupportedOperationException( "Structural objectClass needed with additional attributes!" ); + } +} + Propchange: directory/shared/kerberos/trunk/common/src/main/java/org/apache/kerberos/store/operations/PrincipalStateFactory.java ------------------------------------------------------------------------------ svn:eol-style = native