directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tbenn...@apache.org
Subject svn commit: r486187 [37/49] - in /directory/trunks/triplesec: ./ admin-api/ admin-api/src/ admin-api/src/main/ admin-api/src/main/java/ admin-api/src/main/java/org/ admin-api/src/main/java/org/safehaus/ admin-api/src/main/java/org/safehaus/triplesec/ a...
Date Tue, 12 Dec 2006 15:24:14 GMT
Added: directory/trunks/triplesec/tools/src/main/java/org/safehaus/triplesec/tools/Tools.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/tools/src/main/java/org/safehaus/triplesec/tools/Tools.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/tools/src/main/java/org/safehaus/triplesec/tools/Tools.java (added)
+++ directory/trunks/triplesec/tools/src/main/java/org/safehaus/triplesec/tools/Tools.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,146 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.tools;
+
+
+import java.io.IOException;
+import java.net.URL;
+import java.util.Properties;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.directory.server.configuration.ServerStartupConfiguration;
+import org.apache.directory.server.tools.BaseCommand;
+import org.apache.directory.server.tools.ToolCommand;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.support.FileSystemXmlApplicationContext;
+
+
+/**
+ * The main() application which executes command targets.
+ */
+public class Tools
+{
+    public static void main( String[] args ) throws Exception
+    {
+        BaseCommand tools = getInstance();
+        
+        if ( !BaseCommand.hasBannerOption( args ) )
+        {
+            tools.printBanner();
+        }
+
+        if ( args.length == 0 )
+        {
+            System.err.println( "Type " + tools.getProductCommand() + " help for usage." );
+            System.exit( 1 );
+        }
+
+        // help is a special command 
+        String command = args[0].toLowerCase();
+        if ( "help".equals( command ) )
+        {
+            CommandLine cmdline = tools.getCommandLine( command, args );
+            if ( cmdline.getArgs().length > 1 )
+            {
+                tools.helpOnCommand( cmdline.getArgs()[1] );
+                System.exit( 0 );
+            }
+            else
+            {
+                tools.printUsage();
+                System.exit( 0 );
+            }
+        }
+        else if ( command.equals( "-version" ) )
+        {
+            System.out.println( tools.getProductCommand() + " version " + tools.getProductVersion() );
+            System.exit( 0 );
+        }
+
+        ToolCommand cmd = ( ToolCommand ) tools.getCommands().get( command );
+        if ( cmd == null )
+        {
+            System.err.println( "Unknown command: " + args[0] );
+            System.err.println( "Type " + tools.getProductCommand() + " help for usage." );
+            System.exit( 1 );
+        }
+
+        CommandLine cmdline = tools.getCommandLine( command, args );
+        if ( cmdline.hasOption( 'd' ) )
+        {
+            cmd.setDebugEnabled( true );
+            BaseCommand.dumpArgs( "raw command line arguments: ", args );
+            BaseCommand.dumpArgs( "parsed arguments: ", cmdline.getArgs() );
+        }
+
+        cmd.setQuietEnabled( cmdline.hasOption( 'q' ) );
+        cmd.setDebugEnabled( cmdline.hasOption( 'd' ) );
+        cmd.setVerboseEnabled( cmdline.hasOption( 'v' ) );
+        cmd.setVersion( tools.getProductVersion() );
+        if ( cmdline.getOptionValue( 'i' ) != null )
+        {
+            cmd.setLayout( cmdline.getOptionValue( 'i' ) );
+            if ( !cmd.isQuietEnabled() )
+            {
+                System.out.println( "loading settings from: " + cmd.getLayout().getConfigurationFile() );
+            }
+            ApplicationContext factory = null;
+            URL configUrl = cmd.getLayout().getConfigurationFile().toURL();
+            factory = new FileSystemXmlApplicationContext( configUrl.toString() );
+            cmd.setConfiguration( ( ServerStartupConfiguration ) factory.getBean( "configuration" ) );
+        }
+        else if ( cmdline.hasOption( 'c' ) )
+        {
+            System.err.println( "forced configuration load (-c) requires the -i option" );
+            System.exit( 1 );
+        }
+
+        cmd.execute( cmdline );
+    }
+
+
+    public static BaseCommand getInstance() throws InstantiationException, IllegalAccessException, ClassNotFoundException
+    {
+        Properties props = new Properties();
+        try
+        {
+            props.load( Tools.class.getResourceAsStream( "product.properties" ) );
+        }
+        catch ( IOException e )
+        {
+            e.printStackTrace();
+        }
+
+        String productVersion = props.getProperty( "product.version", "UNKNOWN" );
+        String productUrl = props.getProperty( "product.url", "http://triplesec.safehaus.org" );
+        String productDisplayName = props.getProperty( "product.display.name", "Triplesec Strong Identity Server" );
+        String productCommand = props.getProperty( "product.command", "triplesec-tools" );
+        String productBanner = props.getProperty( "product.banner", "Triplesec Strong Identity Server" );
+        String productClass = props.getProperty( "product.class", "org.apache.directory.server.tools.BaseCommand" );
+        
+        BaseCommand baseCommand = ( BaseCommand ) Class.forName( productClass ).newInstance();
+        baseCommand.setProductBanner( productBanner );
+        baseCommand.setProductDisplayName( productDisplayName );
+        baseCommand.setProductUrl( productUrl );
+        baseCommand.setProductVersion( productVersion );
+        baseCommand.setProductCommand( productCommand );
+        return baseCommand;
+    }
+}

Added: directory/trunks/triplesec/tools/src/main/manifest/MANIFEST.MF
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/tools/src/main/manifest/MANIFEST.MF?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/tools/src/main/manifest/MANIFEST.MF (added)
+++ directory/trunks/triplesec/tools/src/main/manifest/MANIFEST.MF Tue Dec 12 07:23:31 2006
@@ -0,0 +1,40 @@
+Manifest-Version: 1.0
+Main-Class: org.safehaus.triplesec.tools.Tools
+Class-Path: logger.jar daemon.jar bootstrapper.jar 
+ ../lib/antlr-2.7.2.jar 
+ ../lib/apacheds-core-1.0-RC3.jar 
+ ../lib/apacheds-core-shared-1.0-RC3.jar 
+ ../lib/apacheds-kerberos-shared-1.0-RC3.jar 
+ ../lib/apacheds-protocol-changepw-1.0-RC3.jar 
+ ../lib/apacheds-protocol-shared-1.0-RC3.jar 
+ ../lib/apacheds-protocol-kerberos-1.0-RC3.jar 
+ ../lib/apacheds-protocol-ldap-1.0-RC3.jar 
+ ../lib/apacheds-protocol-ntp-1.0-RC3.jar 
+ ../lib/apacheds-server-jndi-1.0-RC3.jar 
+ ../lib/apacheds-server-main-1.0-RC3.jar 
+ ../lib/tools/apacheds-server-tools-1.0-RC3.jar 
+ ../lib/tools/commons-cli-1.0.jar 
+ ../lib/commons-collections-3.1.jar 
+ ../lib/commons-lang-2.0.jar 
+ ../lib/commons-logging-1.0.4.jar 
+ ../lib/jdbm-1.0.jar 
+ ../lib/lcrypto-jdk14-131.jar 
+ ../lib/mina-core-0.9.4.jar 
+ ../lib/mina-filter-codec-asn1-0.9.4.jar 
+ ../lib/mina-filter-ssl-0.9.4.jar 
+ ../lib/shared-asn1-0.9.5.1.jar 
+ ../lib/shared-ldap-0.9.5.1.jar 
+ ../lib/spring-beans-1.2.6.jar 
+ ../lib/spring-context-1.2.6.jar 
+ ../lib/spring-core-1.2.6.jar 
+ ../lib/triplesec-crypto-0.7.1.jar 
+ ../lib/triplesec-configuration-0.7.1.jar 
+ ../lib/triplesec-main-0.7.1.jar 
+ ../lib/triplesec-otp-0.7.1.jar 
+ ../lib/triplesec-profile-0.7.1.jar 
+ ../lib/triplesec-store-0.7.1.jar 
+ ../lib/triplesec-testdata-0.7.1.jar 
+ ../lib/triplesec-verifier-0.7.1.jar 
+Specification-Title: triplesec-tools
+Specification-Version: 1.0
+

Added: directory/trunks/triplesec/tools/src/main/resources/org/safehaus/triplesec/tools/product.properties
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/tools/src/main/resources/org/safehaus/triplesec/tools/product.properties?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/tools/src/main/resources/org/safehaus/triplesec/tools/product.properties (added)
+++ directory/trunks/triplesec/tools/src/main/resources/org/safehaus/triplesec/tools/product.properties Tue Dec 12 07:23:31 2006
@@ -0,0 +1,4 @@
+product.version=${pom.version}
+product.command=triplesec-tools
+product.display.name=Triplesec Server
+product.url=http://triplesec.safehaus.org
\ No newline at end of file

Added: directory/trunks/triplesec/utils-hauskeys/HausKeys.jar
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/utils-hauskeys/HausKeys.jar?view=auto&rev=486187
==============================================================================
Binary file - no diff available.

Propchange: directory/trunks/triplesec/utils-hauskeys/HausKeys.jar
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: directory/trunks/triplesec/utils-hauskeys/pom.xml
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/utils-hauskeys/pom.xml?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/utils-hauskeys/pom.xml (added)
+++ directory/trunks/triplesec/utils-hauskeys/pom.xml Tue Dec 12 07:23:31 2006
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+  
+    http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License. 
+-->
+<project>
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>org.safehaus.triplesec</groupId>
+    <artifactId>build</artifactId>
+    <version>1.0-SNAPSHOT</version>
+  </parent>
+  <artifactId>triplesec-utils-hauskeys</artifactId>
+  <name>Triplesec Utilities for Hauskeys Midlet</name>
+  <description>
+    Utility classes and resources for generating hauskeys midlets.
+  </description>
+  <packaging>jar</packaging>  
+
+  <dependencies>
+    <dependency>
+      <groupId>${pom.groupId}</groupId>
+      <artifactId>triplesec-otp</artifactId>
+      <version>${pom.version}</version>
+      <scope>test</scope>
+    </dependency>
+
+    <dependency>
+      <groupId>${pom.groupId}</groupId>
+      <artifactId>triplesec-testdata</artifactId>
+      <version>${pom.version}</version>
+      <scope>test</scope>
+    </dependency>
+
+    <dependency>
+      <groupId>ant</groupId>
+      <artifactId>ant</artifactId>
+      <version>1.6.5</version>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <configuration>
+          <systemProperties>
+            <property>
+              <name>tmpDirectory</name>
+              <value>${basedir}/target/temp</value>
+            </property>
+            <property>
+              <name>hauskeysSrcFile</name>
+              <value>${basedir}/HausKeys.jar</value>
+            </property>
+            <property>
+              <name>dstDirectory</name>
+              <value>${basedir}/target/midlets</value>
+            </property>
+          </systemProperties>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+</project>

Added: directory/trunks/triplesec/utils-hauskeys/src/main/java/org/safehaus/triplesec/utils/hauskeys/HauskeysMidletBuilder.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/utils-hauskeys/src/main/java/org/safehaus/triplesec/utils/hauskeys/HauskeysMidletBuilder.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/utils-hauskeys/src/main/java/org/safehaus/triplesec/utils/hauskeys/HauskeysMidletBuilder.java (added)
+++ directory/trunks/triplesec/utils-hauskeys/src/main/java/org/safehaus/triplesec/utils/hauskeys/HauskeysMidletBuilder.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,211 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.utils.hauskeys;
+
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.FileReader;
+import java.io.FileWriter;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.io.PrintWriter;
+import java.util.Random;
+
+import org.apache.tools.ant.Project;
+import org.apache.tools.ant.taskdefs.Delete;
+import org.apache.tools.ant.taskdefs.Expand;
+import org.apache.tools.ant.taskdefs.Jar;
+import org.apache.tools.ant.taskdefs.Manifest;
+import org.apache.tools.ant.taskdefs.ManifestException;
+import org.apache.tools.ant.taskdefs.Move;
+
+
+/**
+ * Bean which gathers properties and builds a hauskeys midlet using a template jar.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class HauskeysMidletBuilder 
+{
+    private String midletName;
+    private String hotpInfo;
+    private File tmpDirectory = new File( System.getProperty( "java.io.tmpdir" ) );
+    private File hauskeysSrcFile;
+    private File hauskeysDstFile;
+    
+	
+    public void build() throws IOException, ManifestException
+    {
+        File mydir = new File( tmpDirectory, "hauskeys" );
+        if ( ! mydir.exists() )
+        {
+        	mydir.mkdirs();
+        }
+        
+        // compute a random string for destination directory
+        StringBuffer buf = new StringBuffer();
+        Random rand = new Random();
+        while ( buf.length() <= 8 )
+        {
+            int ch = rand.nextInt() % 123;
+            if ( ( ch > 64 && ch < 91 ) || ( ch > 96 && ch < 123 ) || ( ch > 47 && ch < 58 ) )
+            {
+                buf.append( ( char ) ch );
+            }
+        }
+        String destDirName = buf.append( "." ).append( System.currentTimeMillis() ).toString();
+
+        // create the temp directory destination and unjar
+        File destDir = new File( mydir, destDirName );
+        Project project = new Project();
+        Expand expand = new Expand();
+        expand.setProject( project );
+        expand.setDest( destDir );
+        expand.setSrc( hauskeysSrcFile );
+        expand.execute();
+        
+        // remove the old HOTP-INFO file to create new one later
+        File hotpInfoFile = getHotpInfoFile( destDir );
+        Delete delete = new Delete();
+        delete.setProject( project );
+        delete.setFile( hotpInfoFile );
+        delete.execute();
+        
+        // write new file with new content
+        OutputStream out = new FileOutputStream( hotpInfoFile );
+        out.write( hotpInfo.getBytes( "UTF-8" ) );
+        out.flush();
+        out.close();
+        
+        // read manifest file in for modifications
+        File manifestFile = new File( new File( destDir, "META-INF" ), "MANIFEST.MF" );
+        Manifest manifest = new Manifest( new FileReader( manifestFile ) );
+        delete = new Delete();
+        delete.setProject( project );
+        delete.setFile( manifestFile );
+        delete.execute();
+        
+        // modify manifest for midlet name and dump it back out
+        manifest.getMainSection().getAttribute( "MIDlet-Name" ).setValue( midletName );
+        PrintWriter pw = new PrintWriter( new FileWriter( manifestFile ) );
+        manifest.write( pw );
+        pw.flush();
+        pw.close();
+     
+        // jar up contents of the temp directory
+        Jar jar = new Jar();
+        jar.setProject( project );
+        jar.setBasedir( destDir );
+        jar.setManifest( manifestFile );
+        File jarFile = new File( mydir, destDirName + ".jar" );
+        jar.setDestFile( jarFile );
+        jar.execute();
+    
+        // move the generate jar file to the destFile
+        Move mv = new Move();
+        mv.setProject( project );
+        mv.setFile( jarFile );
+        mv.setFailOnError( true );
+        mv.setTofile( hauskeysDstFile );
+        mv.execute();
+        
+        // delete the temporary jarFile and tempDir
+        delete = new Delete();
+        delete.setProject( project );
+  	    delete.setFile( jarFile );
+	    delete.execute();
+	    delete = new Delete();
+	    delete.setProject( project );
+	    delete.setDir( destDir );
+	    delete.execute();
+    }
+    
+    
+    private static File getHotpInfoFile( File jarBase )
+    {
+    	File f = new File( jarBase, "org" );
+    	f = new File( f, "safehaus" );
+    	f = new File( f, "midlets" );
+    	f = new File( f, "HOTP-INFO" );
+    	return f;
+    }
+
+    
+    public void setHotpInfo( String hotpInfo )
+    {
+        this.hotpInfo = hotpInfo;
+    }
+    
+    
+    public String getHotpInfo()
+    {
+        return hotpInfo;
+    }
+    
+
+    public void setMidletName( String midletName )
+    {
+        this.midletName = midletName;
+    }
+
+
+    public String getMidletName()
+    {
+        return midletName;
+    }
+
+
+    public void setTmpDirectory( File tmpDirectory )
+    {
+        this.tmpDirectory = tmpDirectory;
+    }
+
+
+    public File getTmpDirectory()
+    {
+        return tmpDirectory;
+    }
+
+
+    public void setHauskeysSrcFile( File hauskeysSrcFile )
+    {
+        this.hauskeysSrcFile = hauskeysSrcFile;
+    }
+
+
+    public File getHauskeysSrcFile()
+    {
+        return hauskeysSrcFile;
+    }
+
+
+    public void setHauskeysDstFile( File hauskeysDstFile )
+    {
+        this.hauskeysDstFile = hauskeysDstFile;
+    }
+
+
+    public File getHauskeysDstFile()
+    {
+        return hauskeysDstFile;
+    }
+}

Added: directory/trunks/triplesec/utils-hauskeys/src/main/java/org/safehaus/triplesec/utils/hauskeys/JadFileUtils.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/utils-hauskeys/src/main/java/org/safehaus/triplesec/utils/hauskeys/JadFileUtils.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/utils-hauskeys/src/main/java/org/safehaus/triplesec/utils/hauskeys/JadFileUtils.java (added)
+++ directory/trunks/triplesec/utils-hauskeys/src/main/java/org/safehaus/triplesec/utils/hauskeys/JadFileUtils.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,100 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.utils.hauskeys;
+
+
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileReader;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+
+
+/**
+ * Utility class for generating a JAD file.
+ * 
+ * <h3>Usage</h3>
+ * <p>
+ *   Use this utility class to generate or modify existing jad files like so:
+ * </p>
+ * 
+ * <pre>
+ *    Map jadAttrs = JadFileUtils.getJadAttributes( jadFile );
+ *    jadAttrs.put( "Midlet-Name", "YourHauskeys" );
+ *    jadAttrs.put( "Midlet-Jar-URL", "HausKeys.jar" );
+ *    jadAttrs.put( "Midlet-Jar-Size", String.valueOf( jarFile.length() ) );
+ *    String jadContent = JadFileUtils.getJadContentFor( jadAttrs );
+ *    FileWriter fw = new FileWriter( newJadFile );
+ *    fw.write( jadContent );
+ *    fw.flush();
+ *    fw.close();
+ * </pre>
+ * 
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class JadFileUtils 
+{
+    public static final String JAD_CONTENT_TYPE = "text/vnd.sun.j2me.app-descriptor";
+    
+
+	public static String getJadContentFor( Map attributes )
+	{
+		StringBuffer buf = new StringBuffer();
+		Iterator list = attributes.keySet().iterator();
+		boolean isFirstPass = true;
+		while ( list.hasNext() )
+		{
+			String key = ( String ) list.next();
+			String value = String.valueOf( attributes.get( key ) );
+			if ( isFirstPass )
+			{
+				isFirstPass = false;
+				buf.append( key );
+				buf.append( ": " );
+				buf.append( value );
+			}
+			else
+			{
+				buf.append( "\n" );
+				buf.append( key );
+				buf.append( ": " );
+				buf.append( value );
+			}
+ 		}
+		return buf.toString();
+	}
+	
+	
+	public static Map getJadAttributes( File jadFile ) throws IOException
+	{
+		Map attributes = new HashMap();
+		BufferedReader in = new BufferedReader( new FileReader( jadFile ) );
+		String line = null;
+		while ( ( line = in.readLine() ) != null )
+		{
+			String[] tuple = line.split( ":" );
+			attributes.put( tuple[0].trim(), tuple[1].trim() );
+		}
+		return attributes;
+	}
+}

Added: directory/trunks/triplesec/utils-hauskeys/src/test/java/org/safehaus/triplesec/utils/hauskeys/HauskeysMidletBuilderTest.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/utils-hauskeys/src/test/java/org/safehaus/triplesec/utils/hauskeys/HauskeysMidletBuilderTest.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/utils-hauskeys/src/test/java/org/safehaus/triplesec/utils/hauskeys/HauskeysMidletBuilderTest.java (added)
+++ directory/trunks/triplesec/utils-hauskeys/src/test/java/org/safehaus/triplesec/utils/hauskeys/HauskeysMidletBuilderTest.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,89 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.utils.hauskeys;
+
+
+import java.io.File;
+
+import org.safehaus.otp.HotpAttributes;
+import org.safehaus.otp.HotpAttributesCipher;
+import org.safehaus.profile.ProfileTestData;
+import org.safehaus.profile.ServerProfile;
+
+import junit.framework.TestCase;
+
+
+/**
+ * Tests the midlet builder.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class HauskeysMidletBuilderTest extends TestCase
+{
+    File tmpDirectory = null;
+    File hauskeysSrcFile = null;
+    File dstDirectory = null;
+    
+
+    public HauskeysMidletBuilderTest()
+    {
+        tmpDirectory = new File( System.getProperty( "tmpDirectory" ) );
+        hauskeysSrcFile = new File( System.getProperty( "hauskeysSrcFile" ) );
+        dstDirectory = new File( System.getProperty( "dstDirectory" ) );
+    }
+    
+    
+    public void testBuild() throws Exception
+    {
+        HauskeysMidletBuilder builder = new HauskeysMidletBuilder();
+        builder.setHauskeysDstFile( new File( dstDirectory, "testBuild.jar" ) );
+        builder.setHauskeysSrcFile( hauskeysSrcFile );
+        builder.setTmpDirectory( tmpDirectory );
+        builder.setHotpInfo( "ssssssssssssssssssssssssss" );
+        builder.setMidletName( "testBuild" );
+        builder.build();
+        assertTrue( new File( dstDirectory, "testBuild.jar" ).exists() );
+    }
+    
+    
+    public void testBuildDemoMidlets() throws Exception
+    {
+        for ( int ii = 0; ii < ProfileTestData.PROFILES.length; ii++ )
+        {
+            ServerProfile profile = ProfileTestData.PROFILES[ii];
+            HotpAttributes attrs = new HotpAttributes( 6, profile.getFactor(), profile.getSecret() );
+            String hotpInfo = HotpAttributesCipher.encrypt( profile.getTokenPin(), attrs );
+            HotpAttributes decrypted = HotpAttributesCipher.decrypt( "1234", hotpInfo );
+            
+            assertEquals( attrs.getFactor(), decrypted.getFactor() );
+            assertEquals( attrs.getSize(), decrypted.getSize() );
+
+            HauskeysMidletBuilder builder = new HauskeysMidletBuilder();
+            builder.setHauskeysDstFile( new File( dstDirectory, profile.getLabel() + ".jar" ) );
+            builder.setHauskeysSrcFile( hauskeysSrcFile );
+            builder.setTmpDirectory( tmpDirectory );
+            builder.setHotpInfo( hotpInfo );
+            builder.setMidletName( profile.getLabel() );
+            builder.build();
+            assertTrue( new File( dstDirectory, profile.getLabel() + ".jar" ).exists() );
+        }
+    }
+}

Added: directory/trunks/triplesec/verifier/generate-hotp-HOWTO.txt
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/generate-hotp-HOWTO.txt?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/generate-hotp-HOWTO.txt (added)
+++ directory/trunks/triplesec/verifier/generate-hotp-HOWTO.txt Tue Dec 12 07:23:31 2006
@@ -0,0 +1,6 @@
+There is a test account and maven goal you can use to generate HOTP values.  
+Just issue a 'maven generate' to create the next HOTP value for principal
+akarasulu@EXAMPLE.COM.
+
+	-Alex
+

Added: directory/trunks/triplesec/verifier/pom.xml
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/pom.xml?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/pom.xml (added)
+++ directory/trunks/triplesec/verifier/pom.xml Tue Dec 12 07:23:31 2006
@@ -0,0 +1,135 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+  
+    http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License. 
+-->
+<project>
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>org.safehaus.triplesec</groupId>
+    <artifactId>build</artifactId>
+    <version>1.0-SNAPSHOT</version>
+  </parent>
+  <artifactId>triplesec-verifier</artifactId>
+  <name>Triplesec SAM Verifier</name>
+  <description>
+    The Verifier for the SAM Subsystem
+  </description>
+  <packaging>jar</packaging>  
+  <dependencies>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>triplesec-store</artifactId>
+      <version>${project.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>triplesec-otp</artifactId>
+      <version>${project.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.directory.server</groupId>
+      <artifactId>apacheds-kerberos-shared</artifactId>
+      <version>1.0-SNAPSHOT</version>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.directory.server</groupId>
+      <artifactId>apacheds-protocol-kerberos</artifactId>
+      <version>1.0-SNAPSHOT</version>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.directory.server</groupId>
+      <artifactId>apacheds-core-unit</artifactId>
+      <version>1.0-SNAPSHOT</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.slf4j</groupId>
+      <artifactId>nlog4j</artifactId>
+      <version>1.2.25</version>
+      <scope>provided</scope>
+    </dependency>
+  </dependencies>
+
+  <profiles>
+    <profile>
+      <id>no-integration-tests</id>
+      <activation>
+        <activeByDefault>true</activeByDefault>
+      </activation>
+      <build>
+        <plugins>
+           <plugin>
+              <artifactId>maven-surefire-plugin</artifactId>
+              <configuration>
+                <excludes>
+                  <exclude>**/*ITest.java</exclude>
+                  <exclude>**/*IntegrationTest.java</exclude>
+                </excludes>
+              </configuration>
+            </plugin>
+            <plugin>
+              <artifactId>maven-antrun-plugin</artifactId>
+              <executions>
+                <execution>
+                  <phase>validate</phase>
+                  <configuration>
+                    <tasks>
+                      <echo>
+=================================================================
+                          W A R N I N G
+                          -------------
+
+Integration tests have been disabled.  To enable integration
+tests run maven with the -Dintegration switch.
+=================================================================
+                      </echo>
+                    </tasks>
+                  </configuration>
+                  <goals>
+                    <goal>run</goal>
+                  </goals>
+                </execution>
+              </executions>
+            </plugin>
+         </plugins>
+       </build>
+    </profile>
+    <profile>
+      <id>integration</id>
+      <activation>
+        <property><name>integration</name></property>
+      </activation>
+      <build>
+        <plugins>
+          <plugin>
+            <artifactId>maven-surefire-plugin</artifactId>
+            <configuration>
+              <systemProperties>
+                <property>
+                  <name>workingDirectory</name>
+                  <value>${basedir}/target/server-work</value>
+                </property>
+              </systemProperties>
+            </configuration>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
+  </profiles>
+
+</project>

Added: directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountDisabledException.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountDisabledException.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountDisabledException.java (added)
+++ directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountDisabledException.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,50 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import org.safehaus.otp.HotpErrorConstants;
+
+
+/**
+ * Exception thrown when an account has been disabled.
+ *
+ * @version $Rev$
+ */
+public class AccountDisabledException extends HotpException
+{
+    private static final long serialVersionUID = -6514661763410788170L;
+    public AccountDisabledException()
+    {
+        super( HotpErrorConstants.DISABLED_VAL, HotpErrorConstants.DISABLED_MSG );
+    }
+
+
+    public AccountDisabledException( Throwable throwable )
+    {
+        super( HotpErrorConstants.DISABLED_VAL, HotpErrorConstants.DISABLED_MSG, throwable );
+    }
+
+
+    public AccountDisabledException( String s, Throwable throwable )
+    {
+        super( HotpErrorConstants.DISABLED_VAL, s, throwable );
+    }
+}

Added: directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountInactiveException.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountInactiveException.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountInactiveException.java (added)
+++ directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountInactiveException.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,52 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import org.safehaus.otp.HotpErrorConstants;
+
+
+/**
+ * Exception thrown when a HOTP account has been deactivated or has not been activated yet.
+ *
+ * @version $Rev$
+ */
+public class AccountInactiveException extends HotpException
+{
+    private static final long serialVersionUID = -5526582031617488434L;
+
+
+    public AccountInactiveException()
+    {
+        super( HotpErrorConstants.INACTIVE_VAL, HotpErrorConstants.INACTIVE_MSG );
+    }
+
+
+    public AccountInactiveException( Throwable throwable )
+    {
+        super( HotpErrorConstants.INACTIVE_VAL, HotpErrorConstants.INACTIVE_MSG, throwable );
+    }
+
+
+    public AccountInactiveException( String s, Throwable throwable )
+    {
+        super( HotpErrorConstants.INACTIVE_VAL, s, throwable );
+    }
+}

Added: directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountLockedOutException.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountLockedOutException.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountLockedOutException.java (added)
+++ directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/AccountLockedOutException.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,52 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import org.safehaus.otp.HotpErrorConstants;
+
+
+/**
+ * Exception thrown when a HOTP account is locked.
+ *
+ * @version $Rev$
+ */
+public class AccountLockedOutException extends HotpException
+{
+    private static final long serialVersionUID = -5526582031617488434L;
+
+
+    public AccountLockedOutException()
+    {
+        super( HotpErrorConstants.LOCKEDOUT_VAL, HotpErrorConstants.LOCKEDOUT_MSG );
+    }
+
+
+    public AccountLockedOutException( Throwable throwable )
+    {
+        super( HotpErrorConstants.LOCKEDOUT_VAL, HotpErrorConstants.LOCKEDOUT_MSG, throwable );
+    }
+
+
+    public AccountLockedOutException( String s, Throwable throwable )
+    {
+        super( HotpErrorConstants.LOCKEDOUT_VAL, s, throwable );
+    }
+}

Added: directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/DefaultHotpSamVerifier.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/DefaultHotpSamVerifier.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/DefaultHotpSamVerifier.java (added)
+++ directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/DefaultHotpSamVerifier.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,404 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import javax.naming.NamingException;
+import javax.naming.directory.DirContext;
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.directory.server.kerberos.shared.messages.value.SamType;
+import org.apache.directory.server.kerberos.sam.KeyIntegrityChecker;
+import org.apache.directory.server.kerberos.sam.SamException;
+
+import org.safehaus.otp.Hotp;
+import org.safehaus.otp.ResynchParameters;
+import org.safehaus.profile.ServerProfile;
+import org.safehaus.profile.BaseServerProfileModifier;
+import org.safehaus.triplesec.store.ServerProfileStore;
+import org.safehaus.triplesec.store.DefaultServerProfileStore;
+
+
+/**
+ * A HOTP based SAM verifier.
+ *
+ * @author <a href="mailto:akarasulu@safehaus.org">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class DefaultHotpSamVerifier implements HotpSamVerifier
+{
+    /**
+     * For now we hardcode the HOTP_SIZE to 6 but we can use the realm info
+     * or profile specific info to determine size to use dynamically at runtime.
+     */
+    public static final int HOTP_SIZE = 6;
+
+    /** Message for failure to access properties */
+    public static final String FAILED_PROP_ACCESS_MSG = "Failed to open safehaus store properties";
+
+    /** Message for store initialization failures */
+    private static final String FAILED_INITIALIZING_STORE = "Failed initializing store";
+
+    /** temporary property key which controls the use of alternate monitor */
+    private static final String MONITOR_PROP = "org.safehaus.verifier.monitor";
+
+    /** the safehaus (hotp) profile store */
+    ServerProfileStore store = null;
+
+    /** checks keys based on hotp values for integrity */
+    KeyIntegrityChecker keyChecker = null;
+
+    /** the verification process monitor */
+    private HotpMonitor monitor = findHotpMonitor();
+
+    /** The context under which users are stored for the realm*/
+    private DirContext userContext;
+
+
+    // -----------------------------------------------------------------------
+    // SamVerifier Method Implementations
+    // -----------------------------------------------------------------------
+
+
+    public void setUserContext( DirContext userContext )
+    {
+        this.userContext = userContext;
+    }
+
+
+    /**
+     * Starts up the verifier by initializing the profile store using
+     * the provided environment properties.
+     *
+     * @throws SamException if there are problems initializing the store
+     */
+    public void startup() throws SamException
+    {
+        // Check if userContext is set
+
+        if ( this.userContext == null )
+        {
+            throw new SamException( getSamType(), "User context has not been initialized!" );
+        }
+
+        // Initialize the profile store using context
+
+        try
+        {
+            store = new DefaultServerProfileStore( userContext );
+            store.init();
+        }
+        catch ( NamingException e )
+        {
+            throw new SamException( getSamType(), FAILED_INITIALIZING_STORE, e );
+        }
+
+        // Make sure KeyIntegrityChecker has been set
+
+        if ( keyChecker == null )
+        {
+            throw new SamException( getSamType(), "KeyIntegrityChecker not set!" );
+        }
+    }
+
+
+    public void shutdown()
+    {
+        this.userContext = null;
+        this.store = null;
+        this.monitor = null;
+        this.keyChecker = null;
+    }
+
+
+    public void setIntegrityChecker( KeyIntegrityChecker keyChecker )
+    {
+        this.keyChecker = keyChecker;
+    }
+
+
+    public KerberosKey verify( KerberosPrincipal principal, byte[] sad ) throws SamException
+    {
+        monitor.verifying( principal );
+
+        try
+        {
+            ServerProfile p = store.getProfile( principal );
+            if ( p == null )
+            {
+                throw new SamException( getSamType(), "Principal " + principal + " not found in store!" );
+            }
+
+            ResynchParameters params = getResychParameters( p );
+
+            // ------------------------------------------------------------
+            // blow chunks for accounts that are inactive or disabled
+            // ------------------------------------------------------------
+
+            if ( ! p.isActive() )
+            {
+                throw new AccountInactiveException();
+            }
+            
+            if ( p.isDisabled() )
+            {
+                throw new AccountDisabledException();
+            }
+
+            // ------------------------------------------------------------
+            // blow chunks for accounts that are locked out
+            // ------------------------------------------------------------
+
+            if ( p.getFailuresInEpoch() >= params.getLockoutCount() )
+            {
+                monitor.accountLocked( p, params );
+
+                throw new AccountLockedOutException();
+            }
+
+            // ------------------------------------------------------------
+            // let generate and verify if client value is valid
+            // ------------------------------------------------------------
+
+            byte[] secret = p.getSecret();
+            String serverValue = Hotp.generate( secret, p.getFactor(), HOTP_SIZE );
+            KerberosKey serverKey = new KerberosKey( principal, serverValue.toCharArray(), "DES" );
+
+            if ( keyChecker.checkKeyIntegrity( sad, serverKey )  )
+            {
+                monitor.integrityCheckPassed( p );
+
+                BaseServerProfileModifier modifier = new BaseServerProfileModifier( p );
+
+                modifier.setFactor( p.getFactor() + 1 );
+
+                // ------------------------------------------------------------
+                // let's check to see if the client is under resynch process
+                // ------------------------------------------------------------
+
+                if ( p.getResynchCount() > 0 )
+                {
+                    // --------------------------------------------------------
+                    // if client must continue process we generate exception
+                    // --------------------------------------------------------
+
+                    if ( p.getResynchCount() < params.getNumResyncValidations() - 1 )
+                    {
+                        modifier.setResynchCount( p.getResynchCount() + 1 );
+                        store.update( principal, modifier.getServerProfile() );
+                        monitor.resynchInProgress( p, params );
+                        throw new ResynchInProgressException();
+                    }
+
+                    // --------------------------------------------------------
+                    // the client has successfully completed resynch process
+                    // --------------------------------------------------------
+
+                    monitor.resynchCompleted( p, params );
+                    modifier.setResynchCount( -1 );
+                }
+
+                store.update( principal, modifier.getServerProfile() );
+
+                return serverKey;
+            }
+
+            monitor.integrityCheckFailed( p );
+
+            // ----------------------------------------------------------------
+            // client gave incorrect value so we check if resynch is possible
+            // ----------------------------------------------------------------
+            // o if we find a match in window,
+            //   + advance factor to one past the val that made curr client val
+            //   + increment the resynch count so we can terminate resynch proc
+            //   + update the profile with new values in store
+            //   + blow stack to show we've started resync process
+            // ----------------------------------------------------------------
+
+            monitor.checkingLookahead( p, params );
+            KerberosKey[] window = getWindow( principal, p, params.getLookaheadSize() );
+            BaseServerProfileModifier modifier = new BaseServerProfileModifier( p );
+
+            for ( int ii = 0; ii < window.length; ii++ )
+            {
+                if ( keyChecker.checkKeyIntegrity( sad, window[ii] ) )
+                {
+                    modifier.setFactor( p.getFactor() + ii + 2 );
+                    modifier.setResynchCount( 1 );
+                    store.update( principal, modifier.getServerProfile() );
+                    monitor.initiatingResynch( p, params );
+                    throw new ResynchStartingException();
+                }
+            }
+
+            // ----------------------------------------------------------------
+            // client gave incorrect value and resynch is not at all possible
+            // ----------------------------------------------------------------
+            // o moving factor does NOT increment but the failure count does
+            // o we update profile and throw an exception to indicate failure
+            // ----------------------------------------------------------------
+
+            modifier.setFailuresInEpoch( p.getFailuresInEpoch() + 1 );
+            monitor.verificationFailed( p, params );
+            store.update( principal, modifier.getServerProfile() );
+            throw new PreauthFailedException();
+        }
+        catch ( NamingException e )
+        {
+            String msg = "Failed to access profile for " + principal.getName();
+
+            throw new SamException( getSamType(), msg, e );
+        }
+    }
+
+
+    public final SamType getSamType()
+    {
+        return SamType.PA_SAM_TYPE_APACHE;
+    }
+
+
+    public HotpMonitor getHotpMonitor()
+    {
+        return this.monitor;
+    }
+
+
+    public void setHotpMonitor( HotpMonitor monitor )
+    {
+        if ( monitor == null )
+        {
+            this.monitor = findHotpMonitor();
+        }
+        else
+        {
+            this.monitor = monitor;
+        }
+    }
+
+
+    /**
+     * Used by test cases.
+     *
+     * @return returns the store for testing purposes only
+     */
+    ServerProfileStore getStore()
+    {
+        return this.store;
+    }
+
+
+    /**
+     * Generates a window of Hotp values as KerberosKeys used to determine if a
+     * moving factor resynchronization is required.  The values start with the
+     * next factor value in the profile.
+     *
+     * @param principal the kerberos principal associated with the profile
+     * @param p the server side safehaus (hotp) profile
+     * @param size the size of the resynchronization window
+     * @return the hotp values as KerberosKeys for the window
+     */
+    private KerberosKey[] getWindow( KerberosPrincipal principal, ServerProfile p, int size )
+    {
+        KerberosKey[] window = new KerberosKey[size];
+
+        byte[] secret = p.getSecret();
+
+        for ( int ii = 0; ii < size; ii++ )
+        {
+            String hotp = Hotp.generate( secret, p.getFactor() + ii + 1, HOTP_SIZE );
+
+            window[ii] = new KerberosKey( principal, hotp.toCharArray(), "DES" );
+        }
+
+        return window;
+    }
+
+
+    /**
+     * Gets an alternative monitor if one exists, otherwise an adapter is used.
+     */
+    public static HotpMonitor findHotpMonitor()
+    {
+        String fqcn = null;
+
+        fqcn = System.getProperty( MONITOR_PROP );
+
+        if ( fqcn == null )
+        {
+            return new HotpMonitorAdapter();
+        }
+
+        try
+        {
+            Class c = Class.forName( fqcn );
+
+            if ( c != null )
+            {
+                HotpMonitor alt = ( HotpMonitor ) c.newInstance();
+
+                if ( alt != null )
+                {
+                    return alt;
+                }
+            }
+        }
+        catch ( ClassNotFoundException e )
+        {
+            e.printStackTrace();
+        }
+        catch ( IllegalAccessException e )
+        {
+            e.printStackTrace();
+        }
+        catch ( InstantiationException e )
+        {
+            e.printStackTrace();
+        }
+
+        return new HotpMonitorAdapter();
+    }
+
+
+    /**
+     * Gets the resynch parameters for a specific profile or its domain if
+     * available.  If a profile does not contain resynch parameters it's domain
+     * will be consulted.  If the domain does not contain the properties then
+     * the defaults will be used.
+     *
+     * @param p the user's server side profile
+     * @return the resynch parameters to use
+     */
+    private ResynchParameters getResychParameters( ServerProfile p )
+    {
+        ResynchParameters params = null;
+
+        if ( p == null )
+        {
+            params = ResynchParameters.DEFAULTS;
+        }
+
+        // replace code here to search for parameters
+        params = ResynchParameters.DEFAULTS;
+
+        return params;
+    }
+}

Added: directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpException.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpException.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpException.java (added)
+++ directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpException.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,162 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import org.apache.directory.server.kerberos.shared.messages.value.SamType;
+import org.apache.directory.server.kerberos.sam.SamException;
+
+import org.safehaus.otp.HotpErrorConstants;
+
+
+/**
+ * A Hotp specific SamException.
+ *
+ * @author <a href="mailto:aok123@bellsouth.net">Alex Karasulu</a>
+ * @version $Rev$
+ */
+public class HotpException extends SamException
+{
+    private static final long serialVersionUID = -798453831733119227L;
+    /** the type of this exception */
+    private final int ordinal;
+ 
+
+    /**
+     * Creates a HotpException using an ordinal.
+     *
+     * @param ordinal the ordinal for this exception type
+     */
+    public HotpException( int ordinal )
+    {
+        super( SamType.PA_SAM_TYPE_APACHE, ( String ) HotpErrorConstants.getErrorMessage( ordinal ) );
+        this.ordinal = ordinal;
+    }
+
+
+    /**
+     * Creates a HotpException using an ordinal with underlying exception.
+     *
+     * @param ordinal the ordinal for this exception type
+     * @param throwable the underlying exception
+     */
+    public HotpException( int ordinal, Throwable throwable )
+    {
+        super( SamType.PA_SAM_TYPE_APACHE, ( String ) HotpErrorConstants.getErrorMessage( ordinal ), throwable );
+
+        this.ordinal = ordinal;
+    }
+
+
+    /**
+     * Creates a HotpException using an ordinal with string.  If the String argument
+     * does have a prefix on is inserted based on the ordinal.
+     *
+     * @param ordinal the ordinal for this exception type
+     * @param s an error message string
+     */
+    public HotpException( int ordinal, String s )
+    {
+        super( SamType.PA_SAM_TYPE_APACHE,  ! s.startsWith( HotpErrorConstants.PREFIX ) ? HotpErrorConstants.PREFIX + ordinal + "]: " + s : s );
+
+        this.ordinal = ordinal;
+    }
+
+
+    /**
+     * Creates a HotpException using an ordinal with underlying exception and error mesage.
+     *
+     * @param ordinal the ordinal for this exception type
+     * @param s an error message string
+     * @param throwable the underlying exception
+     */
+    public HotpException( int ordinal, String s, Throwable throwable )
+    {
+        super( SamType.PA_SAM_TYPE_APACHE,  ! s.startsWith( HotpErrorConstants.PREFIX ) ? HotpErrorConstants.PREFIX + ordinal + "]: " + s : s, throwable );
+
+        this.ordinal = ordinal;
+    }
+
+
+    /**
+     * Creates a HotpException from error mesage which must have a prefix.
+     *
+     * @param s an error message string
+     */
+    public HotpException( String s )
+    {
+        super( SamType.PA_SAM_TYPE_APACHE, s );
+
+        if ( ! s.startsWith( HotpErrorConstants.PREFIX ) )
+        {
+            throw new IllegalArgumentException( "Message does not contain the prefix: " + HotpErrorConstants.PREFIX );
+        }
+
+        ordinal = HotpErrorConstants.getOrdinal( s );
+    }
+
+
+    /**
+     * Creates a HotpException from another exception however it's message must have a prefix.
+     *
+     * @param throwable the underlying exception
+     */
+    public HotpException( Throwable throwable )
+    {
+        super( SamType.PA_SAM_TYPE_APACHE, throwable );
+
+        if ( ! throwable.getMessage().startsWith( HotpErrorConstants.PREFIX ) )
+        {
+            throw new IllegalArgumentException( "Throwable's message does not contain the prefix: " + HotpErrorConstants.PREFIX  );
+        }
+
+        ordinal = HotpErrorConstants.getOrdinal( throwable.getMessage() );
+    }
+
+
+    /**
+     * Creates a HotpException from error mesage which must have a prefix.
+     *
+     * @param s an error message string
+     * @param throwable the underlying exception
+     */
+    public HotpException( String s, Throwable throwable )
+    {
+        super( SamType.PA_SAM_TYPE_APACHE, s, throwable );
+
+        if ( ! s.startsWith( HotpErrorConstants.PREFIX ) )
+        {
+            throw new IllegalArgumentException( "Message does not contain the prefix: " + HotpErrorConstants.PREFIX  );
+        }
+
+        ordinal = HotpErrorConstants.getOrdinal( s );
+    }
+
+
+    /**
+     * Get's the ordinal for this exception type.
+     *
+     * @return the ordinal for this exception type
+     */
+    public int getOrdinal()
+    {
+        return this.ordinal;
+    }
+}

Added: directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpMonitor.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpMonitor.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpMonitor.java (added)
+++ directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpMonitor.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,62 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.safehaus.profile.ServerProfile;
+import org.safehaus.otp.ResynchParameters;
+
+
+/**
+ * An interface for monitoring the HotpSamVerifier using callbacks.
+ *
+ * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
+ * @version $Rev$
+ */
+public interface HotpMonitor
+{
+    void verificationFailed( ServerProfile p, ResynchParameters params );
+
+
+    void initiatingResynch( ServerProfile p, ResynchParameters params );
+
+
+    void checkingLookahead( ServerProfile p, ResynchParameters params );
+
+
+    void integrityCheckFailed( ServerProfile p );
+
+
+    void resynchCompleted( ServerProfile p, ResynchParameters params );
+
+
+    void resynchInProgress( ServerProfile p, ResynchParameters params );
+
+
+    void integrityCheckPassed( ServerProfile p );
+
+
+    void accountLocked( ServerProfile p, ResynchParameters params );
+
+
+    void verifying( KerberosPrincipal principal );
+}

Added: directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpMonitorAdapter.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpMonitorAdapter.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpMonitorAdapter.java (added)
+++ directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpMonitorAdapter.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,81 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.safehaus.profile.ServerProfile;
+import org.safehaus.otp.ResynchParameters;
+import org.safehaus.triplesec.verifier.hotp.HotpMonitor;
+
+
+/**
+ * A 'do nothing' adapter for HotpMonitor interface.  At a minimum exceptions
+ * are printed to standard err to avoid silencing critical alerts.
+ *
+ * @version $Rev$
+ */
+public class HotpMonitorAdapter implements HotpMonitor
+{
+    public void verificationFailed( ServerProfile p, ResynchParameters params )
+    {
+    }
+
+
+    public void initiatingResynch( ServerProfile p, ResynchParameters params )
+    {
+    }
+
+
+    public void checkingLookahead( ServerProfile p, ResynchParameters params )
+    {
+    }
+
+
+    public void integrityCheckFailed( ServerProfile p )
+    {
+    }
+
+
+    public void resynchCompleted( ServerProfile p, ResynchParameters params )
+    {
+    }
+
+
+    public void resynchInProgress( ServerProfile p, ResynchParameters params )
+    {
+    }
+
+
+    public void integrityCheckPassed( ServerProfile p )
+    {
+    }
+
+
+    public void accountLocked( ServerProfile p, ResynchParameters params )
+    {
+    }
+
+
+    public void verifying( KerberosPrincipal principal )
+    {
+    }
+}

Added: directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpSamVerifier.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpSamVerifier.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpSamVerifier.java (added)
+++ directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/HotpSamVerifier.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,41 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import org.apache.directory.server.kerberos.sam.SamVerifier;
+import org.safehaus.triplesec.verifier.hotp.HotpMonitor;
+
+
+/**
+ * Specialized version of the SamVerifier which exposes a monitor interface.
+ *
+ * @version $Rev$
+ */
+public interface HotpSamVerifier extends SamVerifier
+{
+    /**
+     * Gets the monitor that receives notable events within the hotp
+     * verification process.
+     *
+     * @return the monitor for the HOTP verification workflow
+     */
+    HotpMonitor getHotpMonitor();
+}

Added: directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/PreauthFailedException.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/PreauthFailedException.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/PreauthFailedException.java (added)
+++ directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/PreauthFailedException.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,53 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import org.safehaus.otp.HotpErrorConstants;
+import org.safehaus.triplesec.verifier.hotp.HotpException;
+
+
+/**
+ * Exception thrown when a HOTP account is locked.
+ *
+ * @version $Rev$
+ */
+public class PreauthFailedException extends HotpException
+{
+    private static final long serialVersionUID = 3995853734626716589L;
+
+
+    public PreauthFailedException()
+    {
+        super( HotpErrorConstants.HOTPAUTH_FAILURE_VAL, HotpErrorConstants.HOTPAUTH_FAILURE_MSG );
+    }
+
+
+    public PreauthFailedException( Throwable throwable )
+    {
+        super( HotpErrorConstants.HOTPAUTH_FAILURE_VAL, HotpErrorConstants.HOTPAUTH_FAILURE_MSG, throwable );
+    }
+
+
+    public PreauthFailedException( String s, Throwable throwable )
+    {
+        super( HotpErrorConstants.HOTPAUTH_FAILURE_VAL, s, throwable );
+    }
+}

Added: directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/ResynchInProgressException.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/ResynchInProgressException.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/ResynchInProgressException.java (added)
+++ directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/ResynchInProgressException.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,53 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import org.safehaus.otp.HotpErrorConstants;
+import org.safehaus.triplesec.verifier.hotp.HotpException;
+
+
+/**
+ * Exception thrown when a HOTP account is locked.
+ *
+ * @version $Rev$
+ */
+public class ResynchInProgressException extends HotpException
+{
+    private static final long serialVersionUID = 3398366394639243079L;
+
+
+    public ResynchInProgressException()
+    {
+        super( HotpErrorConstants.RESYNCH_INPROGRESS_VAL, HotpErrorConstants.RESYNCH_INPROGRESS_MSG );
+    }
+
+
+    public ResynchInProgressException( Throwable throwable )
+    {
+        super( HotpErrorConstants.RESYNCH_INPROGRESS_VAL, HotpErrorConstants.RESYNCH_INPROGRESS_MSG, throwable );
+    }
+
+
+    public ResynchInProgressException( String s, Throwable throwable )
+    {
+        super( HotpErrorConstants.RESYNCH_INPROGRESS_VAL, s, throwable );
+    }
+}

Added: directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/ResynchStartingException.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/ResynchStartingException.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/ResynchStartingException.java (added)
+++ directory/trunks/triplesec/verifier/src/main/java/org/safehaus/triplesec/verifier/hotp/ResynchStartingException.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,53 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import org.safehaus.otp.HotpErrorConstants;
+import org.safehaus.triplesec.verifier.hotp.HotpException;
+
+
+/**
+ * Exception thrown when a HOTP account is locked.
+ *
+ * @version $Rev$
+ */
+public class ResynchStartingException extends HotpException
+{
+    private static final long serialVersionUID = -6737173851940225520L;
+
+
+    public ResynchStartingException()
+    {
+        super( HotpErrorConstants.RESYNCH_STARTING_VAL, HotpErrorConstants.RESYNCH_STARTING_MSG );
+    }
+
+
+    public ResynchStartingException( Throwable throwable )
+    {
+        super( HotpErrorConstants.RESYNCH_STARTING_VAL, HotpErrorConstants.RESYNCH_STARTING_MSG, throwable );
+    }
+
+
+    public ResynchStartingException( String s, Throwable throwable )
+    {
+        super( HotpErrorConstants.RESYNCH_STARTING_VAL, s, throwable );
+    }
+}

Added: directory/trunks/triplesec/verifier/src/test/java/org/safehaus/triplesec/verifier/hotp/GenerateHotp.java
URL: http://svn.apache.org/viewvc/directory/trunks/triplesec/verifier/src/test/java/org/safehaus/triplesec/verifier/hotp/GenerateHotp.java?view=auto&rev=486187
==============================================================================
--- directory/trunks/triplesec/verifier/src/test/java/org/safehaus/triplesec/verifier/hotp/GenerateHotp.java (added)
+++ directory/trunks/triplesec/verifier/src/test/java/org/safehaus/triplesec/verifier/hotp/GenerateHotp.java Tue Dec 12 07:23:31 2006
@@ -0,0 +1,184 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.safehaus.triplesec.verifier.hotp;
+
+
+import java.io.File;
+import java.util.*;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+import javax.naming.NamingException;
+import javax.naming.Context;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttributes;
+
+import org.safehaus.triplesec.store.*;
+import org.safehaus.triplesec.store.schema.SafehausSchema;
+import org.safehaus.profile.ServerProfile;
+import org.safehaus.profile.BaseServerProfileModifier;
+import org.safehaus.otp.Hotp;
+import org.safehaus.otp.Base64;
+import org.apache.directory.server.core.schema.bootstrap.*;
+import org.apache.directory.server.core.configuration.MutableStartupConfiguration;
+import org.apache.directory.server.core.configuration.MutablePartitionConfiguration;
+import org.apache.directory.server.core.configuration.Configuration;
+import org.apache.directory.shared.ldap.message.LockableAttributesImpl;
+import org.apache.directory.shared.ldap.message.LockableAttributeImpl;
+import org.apache.directory.server.protocol.shared.store.Krb5KdcEntryFilter;
+import org.apache.directory.server.protocol.shared.store.LdifFileLoader;
+
+
+/**
+ * Generates the next Hotp value and updates the store.  Running test cases
+ * will effect the values stored within the store.  Deleting the store will
+ * reinitialize the store.
+ *
+ * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
+ * @version $Rev$
+ */
+public class GenerateHotp
+{
+    public static final KerberosPrincipal DEFAULT_PRINCIPAL = new KerberosPrincipal( "akarasulu@EXAMPLE.COM" );
+
+
+    public static void main( String[] args )
+    {
+        KerberosPrincipal principal = null;
+
+        try
+        {
+            principal = DEFAULT_PRINCIPAL;
+
+            MutableStartupConfiguration config = new MutableStartupConfiguration();
+
+            MutablePartitionConfiguration partConfig = new MutablePartitionConfiguration();
+            partConfig.setName( "example" );
+
+            HashSet indices = new HashSet();
+            indices.add( "dc" );
+            indices.add( "ou" );
+            indices.add( "objectClass" );
+            indices.add( "krb5PrincipalName" );
+            indices.add( "uid" );
+            partConfig.setIndexedAttributes( indices );
+
+            partConfig.setSuffix( "dc=example,dc=com" );
+
+            LockableAttributesImpl attrs = new LockableAttributesImpl();
+            LockableAttributeImpl attr = new LockableAttributeImpl( "objectClass" );
+            attr.add( "top" );
+            attr.add( "domain" );
+            attrs.put( attr );
+            attrs.put( "dc", "example" );
+            partConfig.setContextEntry( attrs );
+
+            Set schemas = new HashSet();
+            schemas.add( new SystemSchema() );
+            schemas.add( new SafehausSchema() );
+            schemas.add( new ApacheSchema() );
+            schemas.add( new CoreSchema() );
+            schemas.add( new CosineSchema() );
+            schemas.add( new InetorgpersonSchema() );
+            schemas.add( new Krb5kdcSchema() );
+            config.setBootstrapSchemas( schemas );
+            config.setContextPartitionConfigurations( Collections.singleton( partConfig ) );
+
+            partConfig.setSuffix( "dc=example,dc=com" );
+
+            Hashtable env = new Hashtable();
+            env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+            env.put( Context.PROVIDER_URL, "dc=example,dc=com" );
+            env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
+            env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+            env.put( Context.SECURITY_CREDENTIALS, "secret" );
+            env.put( Configuration.JNDI_KEY, config );
+            env.put( Context.STATE_FACTORIES, ProfileStateFactory.class.getName() );
+            env.put( Context.OBJECT_FACTORIES, ProfileObjectFactory.class.getName() );
+
+            DirContext userContext = new InitialDirContext( env );
+            try
+            {
+                userContext = ( DirContext ) userContext.lookup( "ou=users" );
+            }
+            catch ( NamingException e )
+            {
+                Attributes users = new BasicAttributes( "objectClass", "top", true );
+                users.get( "objectClass" ).add( "organizationalUnit" );
+                attrs.put( "ou", "users" );
+                userContext = userContext.createSubcontext( "ou=users", attrs );
+            }
+
+            ServerProfileStore store = new DefaultServerProfileStore( userContext );
+            store.init();
+
+            List filters = Collections.singletonList( new Krb5KdcEntryFilter() );
+            LdifFileLoader loader = new LdifFileLoader( userContext, new File( "safehaus.ldif" ), filters,
+                    GenerateHotp.class.getClassLoader() );
+            loader.execute();
+
+            if ( args.length > 0 )
+            {
+                principal = new KerberosPrincipal( args[0] );
+            }
+
+            ServerProfile p = store.getProfile( principal );
+
+            if ( p == null )
+            {
+                System.err.println( "Principal " + principal + " not found!" );
+
+                System.exit( -1 );
+            }
+
+            BaseServerProfileModifier modifier = new BaseServerProfileModifier( p );
+            System.out.println( "Secret hex = " + getHex( p.getSecret() ) );
+            System.out.println( "Secret base64 = " + new String( Base64.encode( p.getSecret() ) ) );
+            System.out.println( "Moving factor = " + p.getFactor() );
+            String hotp = Hotp.generate( p.getSecret(), p.getFactor(), DefaultHotpSamVerifier.HOTP_SIZE );
+            modifier.incrementFactor();
+            store.update( principal, modifier.getServerProfile() );
+            System.out.println( "The next HOTP value for principal " + principal + " is " + hotp );
+        }
+        catch ( NamingException e )
+        {
+            System.err.println( "Failed while accessing or updating principal " + principal + " in store!" );
+
+            System.exit( -3 );
+        }
+    }
+
+
+    public static final char[] HEXCHARS = { '0', '1', '2', '3', '4', '5', '6', '7',
+                                            '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
+    static String getHex( byte[] bytes )
+    {
+        StringBuffer buf = new StringBuffer();
+
+        for ( int ii = 0; ii < bytes.length; ii++ )
+        {
+            buf.append( HEXCHARS[ ( bytes[ii] & 0x70 ) >> 4] );
+            buf.append( HEXCHARS[bytes[ii] & 0x0f] );
+        }
+
+        return buf.toString();
+    }
+}



Mime
View raw message