Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java Mon Jul 31 09:27:52 2006 @@ -31,8 +31,8 @@ import org.apache.directory.server.core.invocation.InvocationStack; import org.apache.directory.server.core.jndi.ServerContext; import org.apache.directory.server.core.jndi.ServerLdapContext; -import org.apache.directory.server.core.partition.DirectoryPartitionNexus; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexus; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.server.core.schema.AttributeTypeRegistry; import org.apache.directory.server.core.schema.ConcreteNameComponentNormalizer; import org.apache.directory.server.core.schema.OidRegistry; @@ -175,7 +175,7 @@ objectClassType = attrRegistry.lookup( objectClassOid ); acSubentryType = attrRegistry.lookup( acSubentryOid ); - aciParser = new ACIItemParser( new ConcreteNameComponentNormalizer( attrRegistry, oidRegistry ) ); + aciParser = new ACIItemParser( new ConcreteNameComponentNormalizer( attrRegistry, oidRegistry ), attrRegistry.getNormalizerMapping() ); engine = new ACDFEngine( factoryCfg.getGlobalRegistries().getOidRegistry(), attrRegistry ); chain = factoryCfg.getInterceptorChain(); enabled = factoryCfg.getStartupConfiguration().isAccessControlEnabled(); @@ -184,7 +184,7 @@ String subschemaSubentry = ( String ) factoryCfg.getPartitionNexus().getRootDSE().get( "subschemaSubentry" ) .get(); LdapDN subschemaSubentryDnName = new LdapDN( subschemaSubentry ); - subschemaSubentryDnName.normalize(); + subschemaSubentryDnName.normalize( attrRegistry.getNormalizerMapping() ); subschemaSubentryDn = subschemaSubentryDnName.toNormName(); } @@ -192,7 +192,7 @@ private LdapDN parseNormalized( String name ) throws NamingException { LdapDN dn = new LdapDN( name ); - dn.normalize(); + dn.normalize( attrRegistry.getNormalizerMapping() ); return dn; } @@ -210,7 +210,7 @@ * @param entry the target entry that access to is being controled * @throws NamingException if there are problems accessing attribute values */ - private void addPerscriptiveAciTuples( DirectoryPartitionNexusProxy proxy, Collection tuples, LdapDN dn, + private void addPerscriptiveAciTuples( PartitionNexusProxy proxy, Collection tuples, LdapDN dn, Attributes entry ) throws NamingException { Attribute oc = ServerUtils.getAttribute( objectClassType, entry ); @@ -228,7 +228,7 @@ { LdapDN parentDn = ( LdapDN ) dn.clone(); parentDn.remove( dn.size() - 1 ); - entry = proxy.lookup( parentDn, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + entry = proxy.lookup( parentDn, PartitionNexusProxy.LOOKUP_BYPASS ); } Attribute subentries = ServerUtils.getAttribute( acSubentryType, entry ); @@ -290,7 +290,7 @@ * @param entry the target entry that access to is being regulated * @throws NamingException if there are problems accessing attribute values */ - private void addSubentryAciTuples( DirectoryPartitionNexusProxy proxy, Collection tuples, LdapDN dn, Attributes entry ) + private void addSubentryAciTuples( PartitionNexusProxy proxy, Collection tuples, LdapDN dn, Attributes entry ) throws NamingException { // only perform this for subentries @@ -304,7 +304,7 @@ LdapDN parentDn = ( LdapDN ) dn.clone(); parentDn.remove( dn.size() - 1 ); Attributes administrativeEntry = proxy.lookup( parentDn, new String[] - { SUBENTRYACI_ATTR }, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + { SUBENTRYACI_ATTR }, PartitionNexusProxy.LOOKUP_BYPASS ); Attribute subentryAci = administrativeEntry.get( SUBENTRYACI_ATTR ); if ( subentryAci == null ) @@ -359,7 +359,7 @@ // Access the principal requesting the operation, and bypass checks if it is the admin Invocation invocation = InvocationStack.getInstance().peek(); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); - LdapDN userName = parseNormalized( principal.getName() ); + LdapDN userName = principal.getJndiName(); // bypass authz code if we are disabled if ( !enabled ) @@ -369,7 +369,7 @@ } // bypass authz code but manage caches if operation is performed by the admin - if ( userName.toNormName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) + if ( userName.toNormName().equalsIgnoreCase( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) { next.add( normName, entry ); tupleCache.subentryAdded( normName.toNormName(), normName, entry ); @@ -396,7 +396,7 @@ addSubentryAciTuples( invocation.getProxy(), tuples, normName, subentryAttrs ); // check if entry scope permission is granted - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); + PartitionNexusProxy proxy = invocation.getProxy(); engine.checkPermission( proxy, userGroups, userName, principal.getAuthenticationLevel(), normName, null, null, ADD_PERMS, tuples, subentryAttrs ); @@ -426,10 +426,10 @@ { // Access the principal requesting the operation, and bypass checks if it is the admin Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes entry = proxy.lookup( name, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS ); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); - LdapDN userName = parseNormalized( principal.getName() ); + LdapDN userName = principal.getJndiName(); // bypass authz code if we are disabled if ( !enabled ) @@ -439,7 +439,7 @@ } // bypass authz code but manage caches if operation is performed by the admin - if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) + if ( userName.toString().equalsIgnoreCase( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) { next.delete( name ); tupleCache.subentryDeleted( name, entry ); @@ -466,10 +466,10 @@ { // Access the principal requesting the operation, and bypass checks if it is the admin Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes entry = proxy.lookup( name, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS ); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); - LdapDN userName = parseNormalized( principal.getName() ); + LdapDN userName = principal.getJndiName(); // bypass authz code if we are disabled if ( !enabled ) @@ -479,7 +479,7 @@ } // bypass authz code but manage caches if operation is performed by the admin - if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) + if ( userName.toString().equalsIgnoreCase( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) { next.modify( name, modOp, mods ); tupleCache.subentryModified( name, modOp, mods, entry ); @@ -531,10 +531,10 @@ { // Access the principal requesting the operation, and bypass checks if it is the admin Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes entry = proxy.lookup( name, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS ); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); - LdapDN userName = parseNormalized( principal.getName() ); + LdapDN userName = principal.getJndiName(); // bypass authz code if we are disabled if ( !enabled ) @@ -544,7 +544,7 @@ } // bypass authz code but manage caches if operation is performed by the admin - if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) + if ( userName.toString().equalsIgnoreCase( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) { next.modify( name, mods ); tupleCache.subentryModified( name, mods, entry ); @@ -594,12 +594,12 @@ public boolean hasEntry( NextInterceptor next, LdapDN name ) throws NamingException { Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes entry = proxy.lookup( name, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS ); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); - LdapDN userName = parseNormalized( principal.getName() ); + LdapDN userName = principal.getJndiName(); - if ( userName.toNormName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled + if ( userName.toNormName().equalsIgnoreCase( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled || name.toString().trim().equals( "" ) ) // no checks on the rootdse { return next.hasEntry( name ); @@ -642,8 +642,8 @@ return; } - DirectoryPartitionNexusProxy proxy = InvocationStack.getInstance().peek().getProxy(); - LdapDN userName = parseNormalized( principal.getName() ); + PartitionNexusProxy proxy = InvocationStack.getInstance().peek().getProxy(); + LdapDN userName = principal.getJndiName(); Set userGroups = groupCache.getGroups( userName.toNormName() ); Collection tuples = new HashSet(); addPerscriptiveAciTuples( proxy, tuples, dn, entry ); @@ -671,13 +671,13 @@ public Attributes lookup( NextInterceptor next, LdapDN dn, String[] attrIds ) throws NamingException { Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes entry = proxy.lookup( dn, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes entry = proxy.lookup( dn, PartitionNexusProxy.LOOKUP_BYPASS ); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); LdapDN principalDn = new LdapDN( principal.getName() ); - principalDn.normalize(); + principalDn.normalize( attrRegistry.getNormalizerMapping() ); - if ( principalDn.toNormName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled ) + if ( principalDn.toNormName().equalsIgnoreCase( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled ) { return next.lookup( dn, attrIds ); } @@ -690,12 +690,13 @@ public Attributes lookup( NextInterceptor next, LdapDN name ) throws NamingException { Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes entry = proxy.lookup( name, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS ); LdapPrincipal user = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); - LdapDN principalDn = parseNormalized( user.getName() ); + LdapDN principalDn = (LdapDN)user.getJndiName(); + principalDn.normalize( attrRegistry.getNormalizerMapping() ); - if ( principalDn.toNormName().equals( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled ) + if ( principalDn.toString().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled ) { return next.lookup( name ); } @@ -709,10 +710,10 @@ { // Access the principal requesting the operation, and bypass checks if it is the admin Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes entry = proxy.lookup( name, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS ); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); - LdapDN userName = parseNormalized( principal.getName() ); + LdapDN userName = principal.getJndiName(); LdapDN newName = ( LdapDN ) name.clone(); newName.remove( name.size() - 1 ); newName.add( parseNormalized( newRn ).get( 0 ) ); @@ -725,7 +726,7 @@ } // bypass authz code but manage caches if operation is performed by the admin - if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) + if ( userName.toString().equalsIgnoreCase( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) { next.modifyRn( name, newRn, deleteOldRn ); tupleCache.subentryRenamed( name, newName ); @@ -782,10 +783,10 @@ { // Access the principal requesting the operation, and bypass checks if it is the admin Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes entry = proxy.lookup( oriChildName, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes entry = proxy.lookup( oriChildName, PartitionNexusProxy.LOOKUP_BYPASS ); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); - LdapDN userName = parseNormalized( principal.getName() ); + LdapDN userName = principal.getJndiName(); LdapDN newName = ( LdapDN ) newParentName.clone(); newName.add( newRn ); @@ -797,7 +798,7 @@ } // bypass authz code but manage caches if operation is performed by the admin - if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) + if ( userName.toString().equalsIgnoreCase( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) { next.move( oriChildName, newParentName, newRn, deleteOldRn ); tupleCache.subentryRenamed( oriChildName, newName ); @@ -858,12 +859,12 @@ { // Access the principal requesting the operation, and bypass checks if it is the admin Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes entry = proxy.lookup( oriChildName, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes entry = proxy.lookup( oriChildName, PartitionNexusProxy.LOOKUP_BYPASS ); LdapDN newName = ( LdapDN ) newParentName.clone(); newName.add( oriChildName.get( oriChildName.size() - 1 ) ); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); - LdapDN userName = parseNormalized( principal.getName() ); + LdapDN userName = principal.getJndiName(); // bypass authz code if we are disabled if ( !enabled ) @@ -873,7 +874,7 @@ } // bypass authz code but manage caches if operation is performed by the admin - if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) + if ( userName.toString().equalsIgnoreCase( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) { next.move( oriChildName, newParentName ); tupleCache.subentryRenamed( oriChildName, newName ); @@ -911,7 +912,7 @@ ServerLdapContext ctx = ( ServerLdapContext ) invocation.getCaller(); LdapPrincipal user = ctx.getPrincipal(); NamingEnumeration e = next.list( base ); - if ( user.getName().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled ) + if ( user.getName().equalsIgnoreCase( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled ) { return e; } @@ -926,14 +927,12 @@ Invocation invocation = InvocationStack.getInstance().peek(); ServerLdapContext ctx = ( ServerLdapContext ) invocation.getCaller(); LdapPrincipal user = ctx.getPrincipal(); - LdapDN principalDn = new LdapDN( user.getName() ); - principalDn.normalize(); - + LdapDN principalDn = user.getJndiName(); NamingEnumeration e = next.search( base, env, filter, searchCtls ); boolean isSubschemaSubentryLookup = subschemaSubentryDn.equals( base.toNormName() ); boolean isRootDSELookup = base.size() == 0 && searchCtls.getSearchScope() == SearchControls.OBJECT_SCOPE; - if ( principalDn.toNormName().equals( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled || + if ( principalDn.toNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled || isRootDSELookup || isSubschemaSubentryLookup ) { return e; @@ -947,12 +946,12 @@ { // Access the principal requesting the operation, and bypass checks if it is the admin Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes entry = proxy.lookup( name, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS ); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); - LdapDN userName = parseNormalized( principal.getName() ); + LdapDN userName = principal.getJndiName(); - if ( userName.toNormName().equals( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled ) + if ( userName.toNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled ) { return next.compare( name, oid, value ); } @@ -976,10 +975,10 @@ { // Access the principal requesting the operation, and bypass checks if it is the admin Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); + PartitionNexusProxy proxy = invocation.getProxy(); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); - LdapDN userName = parseNormalized( principal.getName() ); - if ( userName.toString().equalsIgnoreCase( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled ) + LdapDN userName = principal.getJndiName(); + if ( userName.toString().equalsIgnoreCase( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) || !enabled ) { return next.getMatchedName( dn ); } @@ -993,7 +992,7 @@ // that but if permission is granted then short the process and return the dn while ( matched.size() > 0 ) { - entry = proxy.lookup( matched, DirectoryPartitionNexusProxy.GETMATCHEDDN_BYPASS ); + entry = proxy.lookup( matched, PartitionNexusProxy.GETMATCHEDDN_BYPASS ); Set userGroups = groupCache.getGroups( userName.toString() ); Collection tuples = new HashSet(); addPerscriptiveAciTuples( proxy, tuples, matched, entry ); @@ -1026,9 +1025,9 @@ * tests. If we hasPermission() returns false we immediately short the * process and return false. */ - Attributes entry = invocation.getProxy().lookup( normName, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + Attributes entry = invocation.getProxy().lookup( normName, PartitionNexusProxy.LOOKUP_BYPASS ); ServerLdapContext ctx = ( ServerLdapContext ) invocation.getCaller(); - LdapDN userDn = parseNormalized( ctx.getPrincipal().getName() ); + LdapDN userDn = ctx.getPrincipal().getJndiName(); Set userGroups = groupCache.getGroups( userDn.toNormName() ); Collection tuples = new HashSet(); addPerscriptiveAciTuples( invocation.getProxy(), tuples, normName, entry ); Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java Mon Jul 31 09:27:52 2006 @@ -39,14 +39,14 @@ import org.apache.directory.server.core.invocation.Invocation; import org.apache.directory.server.core.invocation.InvocationStack; import org.apache.directory.server.core.jndi.ServerContext; -import org.apache.directory.server.core.partition.DirectoryPartitionNexus; +import org.apache.directory.server.core.partition.PartitionNexus; import org.apache.directory.shared.ldap.exception.LdapNoPermissionException; import org.apache.directory.shared.ldap.filter.ExprNode; import org.apache.directory.shared.ldap.name.LdapDN; /** - * An {@link Interceptor} that controls access to {@link DirectoryPartitionNexus}. + * An {@link Interceptor} that controls access to {@link PartitionNexus}. * If a user tries to perform any operations that requires * permission he or she doesn't have, {@link NoPermissionException} will be * thrown and therefore the current invocation chain will terminate. @@ -76,8 +76,10 @@ /** * the name parser used by this service */ - //private DnParser dnParser; private boolean enabled = true; + + private Map oidsMap; + /** @@ -90,18 +92,18 @@ public void init( DirectoryServiceConfiguration factoryCfg, InterceptorConfiguration cfg ) throws NamingException { - //AttributeTypeRegistry atr = factoryCfg.getGlobalRegistries().getAttributeTypeRegistry(); + oidsMap = factoryCfg.getGlobalRegistries().getAttributeTypeRegistry().getNormalizerMapping(); //dnParser = new DnParser( new ConcreteNameComponentNormalizer( atr ) ); // disable this static module if basic access control mechanisms are enabled enabled = !factoryCfg.getStartupConfiguration().isAccessControlEnabled(); - ADMIN_DN = DirectoryPartitionNexus.getAdminName(); + ADMIN_DN = PartitionNexus.getAdminName(); - USER_BASE_DN = DirectoryPartitionNexus.getUsersBaseName(); - USER_BASE_DN_NORMALIZED = LdapDN.normalize( USER_BASE_DN ); + USER_BASE_DN = PartitionNexus.getUsersBaseName(); + USER_BASE_DN_NORMALIZED = LdapDN.normalize( USER_BASE_DN, oidsMap ); - GROUP_BASE_DN = DirectoryPartitionNexus.getGroupsBaseName(); - GROUP_BASE_DN_NORMALIZED = LdapDN.normalize( GROUP_BASE_DN ); + GROUP_BASE_DN = PartitionNexus.getGroupsBaseName(); + GROUP_BASE_DN_NORMALIZED = LdapDN.normalize( GROUP_BASE_DN, oidsMap ); } @@ -205,8 +207,7 @@ private void protectModifyAlterations( LdapDN dn ) throws NamingException { - LdapDN principalDn = new LdapDN( getPrincipal().getJndiName() ); - principalDn.normalize(); + LdapDN principalDn = getPrincipal().getJndiName(); if ( dn.size() == 0 ) { @@ -214,9 +215,9 @@ throw new LdapNoPermissionException( msg ); } - if ( !principalDn.toNormName().equals( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) + if ( !principalDn.toNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) { - if ( dn.toNormName().equals( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) + if ( dn.toNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) { String msg = "User " + principalDn; msg += " does not have permission to modify the account of the"; @@ -238,7 +239,7 @@ { String msg = "User " + principalDn; msg += " does not have permission to modify the group entry "; - msg += dn + ".\nGroups can only be modified by the admin."; + msg += dn.getUpName() + ".\nGroups can only be modified by the admin."; throw new LdapNoPermissionException( msg ); } } @@ -288,7 +289,7 @@ private void protectDnAlterations( Name dn ) throws LdapNoPermissionException { - Name principalDn = getPrincipal().getJndiName(); + LdapDN principalDn = getPrincipal().getJndiName(); if ( dn.toString().equals( "" ) ) { @@ -298,7 +299,7 @@ if ( dn == ADMIN_DN || dn.equals( ADMIN_DN ) ) { - String msg = "User '" + principalDn; + String msg = "User '" + principalDn.getUpName(); msg += "' does not have permission to move or rename the admin"; msg += " account. No one not even the admin can move or"; msg += " rename " + dn + "!"; @@ -350,18 +351,16 @@ } - private void protectLookUp( Name normalizedDn ) throws NamingException + private void protectLookUp( LdapDN normalizedDn ) throws NamingException { LdapContext ctx = ( LdapContext ) InvocationStack.getInstance().peek().getCaller(); - LdapDN principalDn = new LdapDN( ( ( ServerContext ) ctx ).getPrincipal().getJndiName() ); - principalDn.normalize(); - + LdapDN principalDn = ( ( ServerContext ) ctx ).getPrincipal().getJndiName(); if ( !principalDn.equals( ADMIN_DN ) ) { if ( normalizedDn.size() > 2 && normalizedDn.startsWith( USER_BASE_DN ) ) { // allow for self reads - if ( normalizedDn.toString().equals( principalDn.toString() ) ) + if ( normalizedDn.getNormName().equals( principalDn.getNormName() ) ) { return; } @@ -375,7 +374,7 @@ if ( normalizedDn.size() > 2 && normalizedDn.startsWith( GROUP_BASE_DN ) ) { // allow for self reads - if ( normalizedDn.toString().equals( principalDn.toString() ) ) + if ( normalizedDn.getNormName().equals( principalDn.getNormName() ) ) { return; } @@ -389,7 +388,7 @@ if ( normalizedDn.equals( ADMIN_DN ) ) { // allow for self reads - if ( normalizedDn.toString().equals( principalDn.toString() ) ) + if ( normalizedDn.getNormName().equals( principalDn.getNormName() ) ) { return; } @@ -450,14 +449,12 @@ private boolean isSearchable( Invocation invocation, SearchResult result ) throws NamingException { - LdapDN principalDn = ( LdapDN ) ( ( ServerContext ) invocation.getCaller() ).getPrincipal().getJndiName(); - principalDn.normalize(); - + LdapDN principalDn = ( ( ServerContext ) invocation.getCaller() ).getPrincipal().getJndiName(); LdapDN dn; dn = new LdapDN( result.getName() ); - dn.normalize(); + dn.normalize( oidsMap ); - boolean isAdmin = principalDn.toNormName().equals( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + boolean isAdmin = principalDn.toNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); // Admin user gets full access to all entries if ( isAdmin ) @@ -486,7 +483,7 @@ } // Non-admin users cannot read the admin entry - if ( dn.toNormName().equals( DirectoryPartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) + if ( dn.toNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) { return false; } Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java Mon Jul 31 09:27:52 2006 @@ -18,7 +18,7 @@ import org.apache.directory.server.core.DirectoryServiceConfiguration; -import org.apache.directory.server.core.partition.DirectoryPartitionNexus; +import org.apache.directory.server.core.partition.PartitionNexus; import org.apache.directory.shared.ldap.filter.BranchNode; import org.apache.directory.shared.ldap.filter.SimpleNode; import org.apache.directory.shared.ldap.name.LdapDN; @@ -53,14 +53,21 @@ /** the logger for this class */ private static final Logger log = LoggerFactory.getLogger( GroupCache.class ); + /** Speedup for logs */ + private static final boolean IS_DEBUG = log.isDebugEnabled(); + /** String key for the DN of a group to a Set (HashSet) for the Strings of member DNs */ private final Map groups = new HashMap(); /** a handle on the partition nexus */ - private final DirectoryPartitionNexus nexus; + private final PartitionNexus nexus; /** the env to use for searching */ private final Hashtable env; - + /** + * The OIDs normalizer map + */ + private Map normalizerMap; + /** * Creates a static group cache. * @@ -68,6 +75,7 @@ */ public GroupCache(DirectoryServiceConfiguration factoryCfg) throws NamingException { + normalizerMap = factoryCfg.getGlobalRegistries().getAttributeTypeRegistry().getNormalizerMapping(); this.nexus = factoryCfg.getPartitionNexus(); this.env = ( Hashtable ) factoryCfg.getEnvironment().clone(); initialize(); @@ -77,7 +85,7 @@ private LdapDN parseNormalized( String name ) throws NamingException { LdapDN dn = new LdapDN( name ); - dn.normalize(); + dn.normalize( normalizerMap ); return dn; } @@ -121,7 +129,7 @@ results.close(); } - if ( log.isDebugEnabled() ) + if ( IS_DEBUG ) { log.debug( "group cache contents on startup:\n" + groups ); } @@ -245,7 +253,8 @@ Set memberSet = new HashSet( members.size() ); addMembers( memberSet, members ); groups.put( normName.toString(), memberSet ); - if ( log.isDebugEnabled() ) + + if ( IS_DEBUG ) { log.debug( "group cache contents after adding " + normName.toString() + ":\n" + groups ); } @@ -269,7 +278,8 @@ } groups.remove( name.toString() ); - if ( log.isDebugEnabled() ) + + if ( IS_DEBUG ) { log.debug( "group cache contents after deleting " + name.toString() + ":\n" + groups ); } @@ -353,7 +363,8 @@ break; } } - if ( log.isDebugEnabled() ) + + if ( IS_DEBUG ) { log.debug( "group cache contents after modifying " + name.toString() + ":\n" + groups ); } @@ -384,7 +395,8 @@ { modify( memberSet, modOp, members ); } - if ( log.isDebugEnabled() ) + + if ( IS_DEBUG ) { log.debug( "group cache contents after modifying " + name.toString() + ":\n" + groups ); } @@ -454,7 +466,8 @@ if ( members != null ) { groups.put( newName.toString(), members ); - if ( log.isDebugEnabled() ) + + if ( IS_DEBUG ) { log.debug( "group cache contents after renaming " + oldName.toString() + ":\n" + groups ); } Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java Mon Jul 31 09:27:52 2006 @@ -30,7 +30,7 @@ import javax.naming.directory.SearchResult; import org.apache.directory.server.core.DirectoryServiceConfiguration; -import org.apache.directory.server.core.partition.DirectoryPartitionNexus; +import org.apache.directory.server.core.partition.PartitionNexus; import org.apache.directory.server.core.schema.AttributeTypeRegistry; import org.apache.directory.server.core.schema.ConcreteNameComponentNormalizer; import org.apache.directory.server.core.schema.OidRegistry; @@ -71,10 +71,14 @@ /** a map of strings to ACITuple collections */ private final Map tuples = new HashMap(); /** a handle on the partition nexus */ - private final DirectoryPartitionNexus nexus; + private final PartitionNexus nexus; /** a normalizing ACIItem parser */ private final ACIItemParser aciParser; + /** + * The OIDs normalizer map + */ + private Map normalizerMap; /** * Creates a ACITuple cache. @@ -83,11 +87,12 @@ */ public TupleCache(DirectoryServiceConfiguration factoryCfg) throws NamingException { + normalizerMap = factoryCfg.getGlobalRegistries().getAttributeTypeRegistry().getNormalizerMapping(); this.nexus = factoryCfg.getPartitionNexus(); AttributeTypeRegistry attributeRegistry = factoryCfg.getGlobalRegistries().getAttributeTypeRegistry(); OidRegistry oidRegistry = factoryCfg.getGlobalRegistries().getOidRegistry(); NameComponentNormalizer ncn = new ConcreteNameComponentNormalizer( attributeRegistry, oidRegistry ); - aciParser = new ACIItemParser( ncn ); + aciParser = new ACIItemParser( ncn, normalizerMap ); env = ( Hashtable ) factoryCfg.getEnvironment().clone(); initialize(); } @@ -96,7 +101,7 @@ private LdapDN parseNormalized( String name ) throws NamingException { LdapDN dn = new LdapDN( name ); - dn.normalize(); + dn.normalize( normalizerMap ); return dn; } @@ -209,7 +214,7 @@ if ( isAciModified ) { subentryDeleted( normName, entry ); - subentryAdded( normName.toUpName(), normName, entry ); + subentryAdded( normName.getUpName(), normName, entry ); } } @@ -224,7 +229,7 @@ if ( mods.get( ACI_ATTR ) != null ) { subentryDeleted( normName, entry ); - subentryAdded( normName.toUpName(), normName, entry ); + subentryAdded( normName.getUpName(), normName, entry ); } } Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java Mon Jul 31 09:27:52 2006 @@ -26,7 +26,7 @@ import org.apache.directory.server.core.event.Evaluator; import org.apache.directory.server.core.event.ExpressionEvaluator; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.server.core.schema.AttributeTypeRegistry; import org.apache.directory.server.core.schema.OidRegistry; import org.apache.directory.server.core.subtree.RefinementEvaluator; @@ -107,7 +107,7 @@ * @param aciTuples {@link org.apache.directory.shared.ldap.aci.ACITuple}s translated from {@link org.apache.directory.shared.ldap.aci.ACIItem}s in the subtree entries * @throws NamingException if failed to evaluate ACI items */ - public void checkPermission( DirectoryPartitionNexusProxy proxy, Collection userGroupNames, LdapDN username, + public void checkPermission( PartitionNexusProxy proxy, Collection userGroupNames, LdapDN username, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Collection microOperations, Collection aciTuples, Attributes entry ) throws NamingException { @@ -150,7 +150,7 @@ * @param microOperations the {@link org.apache.directory.shared.ldap.aci.MicroOperation}s to perform * @param aciTuples {@link org.apache.directory.shared.ldap.aci.ACITuple}s translated from {@link org.apache.directory.shared.ldap.aci.ACIItem}s in the subtree entries */ - public boolean hasPermission( DirectoryPartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, + public boolean hasPermission( PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Collection microOperations, Collection aciTuples, Attributes entry ) throws NamingException { Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/ACITupleFilter.java Mon Jul 31 09:27:52 2006 @@ -25,7 +25,7 @@ import javax.naming.NamingException; import javax.naming.directory.Attributes; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.shared.ldap.aci.AuthenticationLevel; import org.apache.directory.shared.ldap.aci.MicroOperation; import org.apache.directory.shared.ldap.name.LdapDN; @@ -61,7 +61,7 @@ * @return the collection of filtered tuples * @throws NamingException if failed to filter the specifiec tuples */ - Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, + Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/HighestPrecedenceFilter.java Mon Jul 31 09:27:52 2006 @@ -25,7 +25,7 @@ import javax.naming.NamingException; import javax.naming.directory.Attributes; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.shared.ldap.aci.ACITuple; import org.apache.directory.shared.ldap.aci.AuthenticationLevel; import org.apache.directory.shared.ldap.name.LdapDN; @@ -40,7 +40,7 @@ */ public class HighestPrecedenceFilter implements ACITupleFilter { - public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, + public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java Mon Jul 31 09:27:52 2006 @@ -26,7 +26,7 @@ import javax.naming.directory.Attributes; import javax.naming.directory.SearchControls; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.shared.ldap.aci.ACITuple; import org.apache.directory.shared.ldap.aci.AuthenticationLevel; import org.apache.directory.shared.ldap.aci.ProtectedItem; @@ -56,7 +56,7 @@ } - public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, + public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException @@ -125,7 +125,7 @@ } - private int getImmSubCount( DirectoryPartitionNexusProxy proxy, LdapDN entryName ) throws NamingException + private int getImmSubCount( PartitionNexusProxy proxy, LdapDN entryName ) throws NamingException { int cnt = 0; NamingEnumeration e = null; Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MaxValueCountFilter.java Mon Jul 31 09:27:52 2006 @@ -26,7 +26,7 @@ import javax.naming.directory.Attribute; import javax.naming.directory.Attributes; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.shared.ldap.aci.ACITuple; import org.apache.directory.shared.ldap.aci.AuthenticationLevel; import org.apache.directory.shared.ldap.aci.ProtectedItem; @@ -43,7 +43,7 @@ */ public class MaxValueCountFilter implements ACITupleFilter { - public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, + public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MicroOperationFilter.java Mon Jul 31 09:27:52 2006 @@ -25,7 +25,7 @@ import javax.naming.NamingException; import javax.naming.directory.Attributes; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.shared.ldap.aci.ACITuple; import org.apache.directory.shared.ldap.aci.AuthenticationLevel; import org.apache.directory.shared.ldap.aci.MicroOperation; @@ -42,7 +42,7 @@ */ public class MicroOperationFilter implements ACITupleFilter { - public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, + public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificProtectedItemFilter.java Mon Jul 31 09:27:52 2006 @@ -26,7 +26,7 @@ import javax.naming.NamingException; import javax.naming.directory.Attributes; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.shared.ldap.aci.ACITuple; import org.apache.directory.shared.ldap.aci.AuthenticationLevel; import org.apache.directory.shared.ldap.aci.ProtectedItem; @@ -50,7 +50,7 @@ */ public class MostSpecificProtectedItemFilter implements ACITupleFilter { - public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, + public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilter.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilter.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilter.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/MostSpecificUserClassFilter.java Mon Jul 31 09:27:52 2006 @@ -26,7 +26,7 @@ import javax.naming.NamingException; import javax.naming.directory.Attributes; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.shared.ldap.aci.ACITuple; import org.apache.directory.shared.ldap.aci.AuthenticationLevel; import org.apache.directory.shared.ldap.aci.UserClass; @@ -48,7 +48,7 @@ */ public class MostSpecificUserClassFilter implements ACITupleFilter { - public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, + public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java Mon Jul 31 09:27:52 2006 @@ -28,7 +28,7 @@ import org.apache.directory.server.core.ServerUtils; import org.apache.directory.server.core.event.Evaluator; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.server.core.schema.AttributeTypeRegistry; import org.apache.directory.server.core.schema.OidRegistry; import org.apache.directory.server.core.subtree.RefinementEvaluator; @@ -67,7 +67,7 @@ } - public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, + public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) @@ -249,7 +249,7 @@ { AttributeType attrType = attrRegistry.lookup( oid ); Attribute attr = ServerUtils.getAttribute( attrType, entry ); - if ( attr != null && ( ( attr.contains( userName.toNormName() ) || attr.contains( userName.toUpName() ) ) ) ) + if ( attr != null && ( ( attr.contains( userName.toNormName() ) || attr.contains( userName.getUpName() ) ) ) ) { return true; } Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedUserClassFilter.java Mon Jul 31 09:27:52 2006 @@ -25,7 +25,7 @@ import javax.naming.NamingException; import javax.naming.directory.Attributes; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.server.core.subtree.SubtreeEvaluator; import org.apache.directory.shared.ldap.aci.ACITuple; import org.apache.directory.shared.ldap.aci.AuthenticationLevel; @@ -54,7 +54,7 @@ } - public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, + public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java Mon Jul 31 09:27:52 2006 @@ -26,7 +26,7 @@ import javax.naming.directory.Attribute; import javax.naming.directory.Attributes; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.shared.ldap.aci.ACITuple; import org.apache.directory.shared.ldap.aci.AuthenticationLevel; import org.apache.directory.shared.ldap.aci.ProtectedItem; @@ -43,7 +43,7 @@ */ public class RestrictedByFilter implements ACITupleFilter { - public Collection filter( Collection tuples, OperationScope scope, DirectoryPartitionNexusProxy proxy, + public Collection filter( Collection tuples, OperationScope scope, PartitionNexusProxy proxy, Collection userGroupNames, LdapDN userName, Attributes userEntry, AuthenticationLevel authenticationLevel, LdapDN entryName, String attrId, Object attrValue, Attributes entry, Collection microOperations ) throws NamingException Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java Mon Jul 31 09:27:52 2006 @@ -25,7 +25,7 @@ import org.apache.directory.server.core.interceptor.NextInterceptor; import org.apache.directory.server.core.invocation.Invocation; import org.apache.directory.server.core.invocation.InvocationStack; -import org.apache.directory.server.core.partition.DirectoryPartitionNexus; +import org.apache.directory.server.core.partition.PartitionNexus; import org.apache.directory.server.core.schema.AttributeTypeRegistry; import org.apache.directory.server.core.subtree.SubentryService; import org.apache.directory.shared.ldap.filter.ExprNode; @@ -71,7 +71,7 @@ }; private AttributeTypeRegistry registry = null; - private DirectoryPartitionNexus nexus = null; + private PartitionNexus nexus = null; public void init( DirectoryServiceConfiguration factoryCfg, InterceptorConfiguration cfg ) throws NamingException Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/configuration/MutableStartupConfiguration.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/configuration/MutableStartupConfiguration.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/configuration/MutableStartupConfiguration.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/configuration/MutableStartupConfiguration.java Mon Jul 31 09:27:52 2006 @@ -44,7 +44,7 @@ { } - + /** * Creates a new instance that operates on the {@link DirectoryService} with * the specified ID. @@ -54,6 +54,30 @@ super( instanceId ); } + + public void setSystemPartitionConfiguration( PartitionConfiguration systemPartitionConfiguration ) + { + super.setSystemPartitionConfiguration( systemPartitionConfiguration ); + } + + + public void setMaxThreads( int maxThreads ) + { + super.setMaxThreads( maxThreads ); + } + + + public void setMaxTimeLimit( int maxTimeLimit ) + { + super.setMaxTimeLimit( maxTimeLimit ); + } + + + public void setMaxSizeLimit( int maxSizeLimit ) + { + super.setMaxSizeLimit( maxSizeLimit ); + } + public void setInstanceId( String instanceId ) { Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java Mon Jul 31 09:27:52 2006 @@ -56,14 +56,21 @@ { private static final long serialVersionUID = 4826762196566871677L; + public static final int MAX_THREADS_DEFAULT = 4; + public static final int MAX_SIZE_LIMIT_DEFAULT = 100; + public static final int MAX_TIME_LIMIT_DEFAULT = 10000; + private File workingDirectory = new File( "server-work" ); private boolean exitVmOnShutdown = true; // allow by default private boolean shutdownHookEnabled = true; // allow by default private boolean allowAnonymousAccess = true; // allow by default private boolean accessControlEnabled = false; // turn off by default + private int maxThreads = MAX_THREADS_DEFAULT; // set to default value + private int maxSizeLimit = MAX_SIZE_LIMIT_DEFAULT; // set to default value + private int maxTimeLimit = MAX_TIME_LIMIT_DEFAULT; // set to default value (milliseconds) private Set authenticatorConfigurations; // Set private List interceptorConfigurations; // Set - + private PartitionConfiguration systemPartitionConfiguration; private Set bootstrapSchemas; // Set private Set contextPartitionConfigurations = new HashSet(); // Set private List testEntries = new ArrayList(); // List @@ -255,7 +262,7 @@ /** - * Returns {@link DirectoryPartitionConfiguration}s to configure context partitions. + * Returns {@link PartitionConfiguration}s to configure context partitions. */ public Set getContextPartitionConfigurations() { @@ -264,18 +271,18 @@ /** - * Sets {@link DirectoryPartitionConfiguration}s to configure context partitions. + * Sets {@link PartitionConfiguration}s to configure context partitions. */ protected void setContextPartitionConfigurations( Set contextParitionConfigurations ) { Set newSet = ConfigurationUtil.getTypeSafeSet( contextParitionConfigurations, - DirectoryPartitionConfiguration.class ); + PartitionConfiguration.class ); Set names = new HashSet(); Iterator i = newSet.iterator(); while ( i.hasNext() ) { - DirectoryPartitionConfiguration cfg = ( DirectoryPartitionConfiguration ) i.next(); + PartitionConfiguration cfg = ( PartitionConfiguration ) i.next(); cfg.validate(); String name = cfg.getName(); @@ -443,5 +450,57 @@ public boolean isExitVmOnShutdown() { return exitVmOnShutdown; + } + + + protected void setMaxThreads( int maxThreads ) + { + this.maxThreads = maxThreads; + if ( maxThreads < 1 ) + { + throw new IllegalArgumentException( "Number of max threads should be greater than 0" ); + } + } + + + public int getMaxThreads() + { + return maxThreads; + } + + + protected void setMaxSizeLimit( int maxSizeLimit ) + { + this.maxSizeLimit = maxSizeLimit; + } + + + public int getMaxSizeLimit() + { + return maxSizeLimit; + } + + + protected void setMaxTimeLimit( int maxTimeLimit ) + { + this.maxTimeLimit = maxTimeLimit; + } + + + public int getMaxTimeLimit() + { + return maxTimeLimit; + } + + + protected void setSystemPartitionConfiguration( PartitionConfiguration systemPartitionConfiguration ) + { + this.systemPartitionConfiguration = systemPartitionConfiguration; + } + + + public PartitionConfiguration getSystemPartitionConfiguration() + { + return systemPartitionConfiguration; } } Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/enumeration/ReferralHandlingEnumeration.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/enumeration/ReferralHandlingEnumeration.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/enumeration/ReferralHandlingEnumeration.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/enumeration/ReferralHandlingEnumeration.java Mon Jul 31 09:27:52 2006 @@ -19,6 +19,7 @@ import java.util.ArrayList; import java.util.List; +import java.util.Map; import java.util.NoSuchElementException; import javax.naming.NamingEnumeration; @@ -27,7 +28,7 @@ import javax.naming.directory.SearchControls; import javax.naming.directory.SearchResult; -import org.apache.directory.server.core.partition.DirectoryPartitionNexus; +import org.apache.directory.server.core.partition.PartitionNexus; import org.apache.directory.server.core.referral.ReferralLut; import org.apache.directory.server.core.schema.AttributeTypeRegistry; import org.apache.directory.shared.ldap.codec.util.LdapURL; @@ -52,16 +53,21 @@ private final List referrals = new ArrayList(); private final NamingEnumeration underlying; private final ReferralLut lut; - private final DirectoryPartitionNexus nexus; + private final PartitionNexus nexus; private final boolean doThrow; private final int scope; private SearchResult prefetched; private int refIndex = -1; + /** + * The OIDs normalizer map + */ + private Map normalizerMap; public ReferralHandlingEnumeration( NamingEnumeration underlying, ReferralLut lut, AttributeTypeRegistry registry, - DirectoryPartitionNexus nexus, int scope, boolean doThrow ) throws NamingException + PartitionNexus nexus, int scope, boolean doThrow ) throws NamingException { + normalizerMap = registry.getNormalizerMapping(); this.underlying = underlying; this.doThrow = doThrow; this.lut = lut; @@ -77,7 +83,7 @@ { SearchResult result = ( SearchResult ) underlying.next(); LdapDN dn = new LdapDN( result.getName() ); - dn.normalize(); + dn.normalize( normalizerMap ); if ( lut.isReferral( dn ) ) { @@ -165,7 +171,7 @@ if ( refs == null ) { LdapDN prefetchedDn = new LdapDN( prefetched.getName() ); - prefetchedDn.normalize(); + prefetchedDn.normalize( normalizerMap ); refs = nexus.lookup( prefetchedDn ).get( REF_ATTR ); } Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/enumeration/SearchResultFilteringEnumeration.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/enumeration/SearchResultFilteringEnumeration.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/enumeration/SearchResultFilteringEnumeration.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/enumeration/SearchResultFilteringEnumeration.java Mon Jul 31 09:27:52 2006 @@ -87,8 +87,8 @@ * creating this enumeration * @param invocation the invocation representing the seach that created this enumeration */ - public SearchResultFilteringEnumeration(NamingEnumeration decorated, SearchControls searchControls, - Invocation invocation, SearchResultFilter filter) throws NamingException + public SearchResultFilteringEnumeration( NamingEnumeration decorated, SearchControls searchControls, + Invocation invocation, SearchResultFilter filter ) throws NamingException { this.searchControls = searchControls; this.invocation = invocation; @@ -116,8 +116,8 @@ * creating this enumeration * @param invocation the invocation representing the seach that created this enumeration */ - public SearchResultFilteringEnumeration(NamingEnumeration decorated, SearchControls searchControls, - Invocation invocation, List filters) throws NamingException + public SearchResultFilteringEnumeration( NamingEnumeration decorated, SearchControls searchControls, + Invocation invocation, List filters ) throws NamingException { this.searchControls = searchControls; this.invocation = invocation; Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/event/EventService.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/event/EventService.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/event/EventService.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/event/EventService.java Mon Jul 31 09:27:52 2006 @@ -24,8 +24,8 @@ import org.apache.directory.server.core.invocation.Invocation; import org.apache.directory.server.core.invocation.InvocationStack; import org.apache.directory.server.core.normalization.NormalizingVisitor; -import org.apache.directory.server.core.partition.DirectoryPartitionNexus; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.PartitionNexus; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.server.core.schema.AttributeTypeRegistry; import org.apache.directory.server.core.schema.ConcreteNameComponentNormalizer; import org.apache.directory.server.core.schema.OidRegistry; @@ -62,7 +62,7 @@ public class EventService extends BaseInterceptor { private static Logger log = LoggerFactory.getLogger( EventService.class ); - private DirectoryPartitionNexus nexus; + private PartitionNexus nexus; private Map sources = new HashMap(); private Evaluator evaluator = null; private AttributeTypeRegistry attributeRegistry; @@ -95,7 +95,7 @@ NamingListener namingListener ) throws NamingException { LdapDN normalizedBaseDn = new LdapDN( name ); - normalizedBaseDn.normalize(); + normalizedBaseDn.normalize( attributeRegistry.getNormalizerMapping() ); // ------------------------------------------------------------------- // must normalize the filter here: need to handle special cases @@ -231,7 +231,7 @@ if ( listener instanceof NamespaceChangeListener ) { NamespaceChangeListener nclistener = ( NamespaceChangeListener ) listener; - Binding binding = new Binding( normName.toUpName(), entry, false ); + Binding binding = new Binding( normName.getUpName(), entry, false ); nclistener.objectAdded( new NamingEvent( rec.getEventContext(), NamingEvent.OBJECT_ADDED, binding, null, entry ) ); } @@ -258,7 +258,7 @@ if ( listener instanceof NamespaceChangeListener ) { NamespaceChangeListener nclistener = ( NamespaceChangeListener ) listener; - Binding binding = new Binding( name.toUpName(), entry, false ); + Binding binding = new Binding( name.getUpName(), entry, false ); nclistener.objectRemoved( new NamingEvent( rec.getEventContext(), NamingEvent.OBJECT_REMOVED, null, binding, entry ) ); } @@ -284,8 +284,8 @@ if ( listener instanceof ObjectChangeListener ) { ObjectChangeListener oclistener = ( ObjectChangeListener ) listener; - Binding before = new Binding( name.toUpName(), oriEntry, false ); - Binding after = new Binding( name.toUpName(), entry, false ); + Binding before = new Binding( name.getUpName(), oriEntry, false ); + Binding after = new Binding( name.getUpName(), entry, false ); oclistener.objectChanged( new NamingEvent( rec.getEventContext(), NamingEvent.OBJECT_CHANGED, after, before, mods ) ); } @@ -296,8 +296,8 @@ public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes mods ) throws NamingException { Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes oriEntry = proxy.lookup( name, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes oriEntry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS ); super.modify( next, name, modOp, mods ); // package modifications in ModItem format for event delivery @@ -314,8 +314,8 @@ public void modify( NextInterceptor next, LdapDN name, ModificationItem[] mods ) throws NamingException { Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); - Attributes oriEntry = proxy.lookup( name, DirectoryPartitionNexusProxy.LOOKUP_BYPASS ); + PartitionNexusProxy proxy = invocation.getProxy(); + Attributes oriEntry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS ); super.modify( next, name, mods ); notifyOnModify( name, mods, oriEntry ); } @@ -339,8 +339,8 @@ if ( listener instanceof NamespaceChangeListener ) { NamespaceChangeListener nclistener = ( NamespaceChangeListener ) listener; - Binding oldBinding = new Binding( oldName.toUpName(), entry, false ); - Binding newBinding = new Binding( newName.toUpName(), entry, false ); + Binding oldBinding = new Binding( oldName.getUpName(), entry, false ); + Binding newBinding = new Binding( newName.getUpName(), entry, false ); nclistener.objectRenamed( new NamingEvent( rec.getEventContext(), NamingEvent.OBJECT_RENAMED, newBinding, oldBinding, entry ) ); } @@ -354,7 +354,7 @@ LdapDN newName = ( LdapDN ) name.clone(); newName.remove( newName.size() - 1 ); newName.add( newRn ); - newName.normalize(); + newName.normalize( attributeRegistry.getNormalizerMapping() ); notifyOnNameChange( name, newName ); } Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java Mon Jul 31 09:27:52 2006 @@ -29,9 +29,9 @@ import org.apache.directory.server.core.interceptor.NextInterceptor; import org.apache.directory.server.core.invocation.Invocation; import org.apache.directory.server.core.invocation.InvocationStack; -import org.apache.directory.server.core.partition.DirectoryPartition; -import org.apache.directory.server.core.partition.DirectoryPartitionNexus; -import org.apache.directory.server.core.partition.DirectoryPartitionNexusProxy; +import org.apache.directory.server.core.partition.Partition; +import org.apache.directory.server.core.partition.PartitionNexus; +import org.apache.directory.server.core.partition.PartitionNexusProxy; import org.apache.directory.shared.ldap.exception.*; import org.apache.directory.shared.ldap.filter.ExprNode; import org.apache.directory.shared.ldap.message.ResultCodeEnum; @@ -40,7 +40,7 @@ /** * An {@link org.apache.directory.server.core.interceptor.Interceptor} that detects any operations that breaks integrity - * of {@link DirectoryPartition} and terminates the current invocation chain by + * of {@link Partition} and terminates the current invocation chain by * throwing a {@link NamingException}. Those operations include when an entry * already exists at a DN and is added once again to the same DN. * @@ -49,8 +49,12 @@ */ public class ExceptionService extends BaseInterceptor { - private DirectoryPartitionNexus nexus; + private PartitionNexus nexus; + /** + * The OIDs normalizer map + */ + private Map normalizerMap; /** * Creates an interceptor that is also the exception handling service. @@ -60,9 +64,10 @@ } - public void init( DirectoryServiceConfiguration factoryCfg, InterceptorConfiguration cfg ) + public void init( DirectoryServiceConfiguration factoryCfg, InterceptorConfiguration cfg ) throws NamingException { nexus = factoryCfg.getPartitionNexus(); + normalizerMap = factoryCfg.getGlobalRegistries().getAttributeTypeRegistry().getNormalizerMapping(); } @@ -82,7 +87,7 @@ if ( nextInterceptor.hasEntry( normName ) ) { NamingException ne = new LdapNameAlreadyBoundException( normName.toString() + " already exists!" ); - ne.setResolvedName( new LdapDN( normName.toUpName() ) ); + ne.setResolvedName( new LdapDN( normName.getUpName() ) ); throw ne; } @@ -98,19 +103,19 @@ } catch ( Exception e ) { - LdapNameNotFoundException e2 = new LdapNameNotFoundException( "Parent " + parentDn.toUpName() + LdapNameNotFoundException e2 = new LdapNameNotFoundException( "Parent " + parentDn.getUpName() + " not found" ); - e2.setResolvedName( new LdapDN( nexus.getMatchedName( parentDn ).toUpName() ) ); + e2.setResolvedName( new LdapDN( nexus.getMatchedName( parentDn ).getUpName() ) ); throw e2; } Attribute objectClass = attrs.get( "objectClass" ); if ( objectClass.contains( "alias" ) ) { - String msg = "Attempt to add entry to alias '" + normName.toUpName() + "' not allowed."; + String msg = "Attempt to add entry to alias '" + normName.getUpName() + "' not allowed."; ResultCodeEnum rc = ResultCodeEnum.ALIASPROBLEM; NamingException e = new LdapNamingException( msg, rc ); - e.setResolvedName( new LdapDN( parentDn.toUpName() ) ); + e.setResolvedName( new LdapDN( parentDn.getUpName() ) ); throw e; } @@ -140,7 +145,7 @@ if ( hasChildren ) { LdapContextNotEmptyException e = new LdapContextNotEmptyException(); - e.setResolvedName( new LdapDN( name.toUpName() ) ); + e.setResolvedName( new LdapDN( name.getUpName() ) ); throw e; } @@ -246,7 +251,7 @@ { if ( entryAttr.contains( modAttr.get( jj ) ) ) { - throw new LdapAttributeInUseException( "Trying to add existing value '" + modAttr.get( ii ) + throw new LdapAttributeInUseException( "Trying to add existing value '" + modAttr.get( jj ) + "' to attribute " + modAttr.getID() ); } } @@ -271,12 +276,12 @@ LdapDN newDn = ( LdapDN ) dn.clone(); newDn.remove( dn.size() - 1 ); newDn.add( newRn ); - newDn.normalize(); + newDn.normalize( normalizerMap ); if ( nextInterceptor.hasEntry( newDn ) ) { LdapNameAlreadyBoundException e; - e = new LdapNameAlreadyBoundException( "target entry " + newDn.toUpName() + " already exists!" ); - e.setResolvedName( new LdapDN( newDn.toUpName() ) ); + e = new LdapNameAlreadyBoundException( "target entry " + newDn.getUpName() + " already exists!" ); + e.setResolvedName( new LdapDN( newDn.getUpName() ) ); throw e; } @@ -305,13 +310,13 @@ if ( nextInterceptor.hasEntry( target ) ) { // we must calculate the resolved name using the user provided Rdn value - String upRdn = new LdapDN( oriChildName.toUpName() ).get( oriChildName.size() - 1 ); + String upRdn = new LdapDN( oriChildName.getUpName() ).get( oriChildName.size() - 1 ); LdapDN upTarget = ( LdapDN ) newParentName.clone(); upTarget.add( upRdn ); LdapNameAlreadyBoundException e; - e = new LdapNameAlreadyBoundException( "target entry " + upTarget.toUpName() + " already exists!" ); - e.setResolvedName( new LdapDN( upTarget.toUpName() ) ); + e = new LdapNameAlreadyBoundException( "target entry " + upTarget.getUpName() + " already exists!" ); + e.setResolvedName( new LdapDN( upTarget.getUpName() ) ); throw e; } @@ -337,7 +342,7 @@ // check to see if target entry exists LdapDN target = ( LdapDN ) newParentName.clone(); target.add( newRn ); - target.normalize(); + target.normalize( normalizerMap ); if ( nextInterceptor.hasEntry( target ) ) { // we must calculate the resolved name using the user provided Rdn value @@ -345,8 +350,8 @@ upTarget.add( newRn ); LdapNameAlreadyBoundException e; - e = new LdapNameAlreadyBoundException( "target entry " + upTarget.toUpName() + " already exists!" ); - e.setResolvedName( new LdapDN( upTarget.toUpName() ) ); + e = new LdapNameAlreadyBoundException( "target entry " + upTarget.getUpName() + " already exists!" ); + e.setResolvedName( new LdapDN( upTarget.getUpName() ) ); throw e; } @@ -390,7 +395,7 @@ private void assertHasEntry( NextInterceptor nextInterceptor, String msg, LdapDN dn ) throws NamingException { Invocation invocation = InvocationStack.getInstance().peek(); - DirectoryPartitionNexusProxy proxy = invocation.getProxy(); + PartitionNexusProxy proxy = invocation.getProxy(); if ( !nextInterceptor.hasEntry( dn ) ) { LdapNameNotFoundException e; @@ -404,7 +409,7 @@ e = new LdapNameNotFoundException( dn.toString() ); } - e.setResolvedName( new LdapDN( proxy.getMatchedName( dn ).toUpName() ) ); + e.setResolvedName( new LdapDN( proxy.getMatchedName( dn ).getUpName() ) ); throw e; } } Modified: directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java URL: http://svn.apache.org/viewvc/directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java?rev=427156&r1=427155&r2=427156&view=diff ============================================================================== --- directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java (original) +++ directory/branches/apacheds/1.0/core/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java Mon Jul 31 09:27:52 2006 @@ -31,7 +31,7 @@ import org.apache.directory.server.core.DirectoryServiceConfiguration; import org.apache.directory.server.core.authn.LdapPrincipal; -import org.apache.directory.server.core.configuration.DirectoryPartitionConfiguration; +import org.apache.directory.server.core.configuration.PartitionConfiguration; import org.apache.directory.server.core.configuration.InterceptorConfiguration; import org.apache.directory.server.core.invocation.InvocationStack; import org.apache.directory.server.core.jndi.ServerContext; @@ -200,7 +200,7 @@ } - public void addContextPartition( NextInterceptor next, DirectoryPartitionConfiguration cfg ) throws NamingException + public void addContextPartition( NextInterceptor next, PartitionConfiguration cfg ) throws NamingException { next.addContextPartition( cfg ); }