directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r519811 - in /directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos: kdc/ kdc/preauthentication/ kdc/ticketgrant/ protocol/
Date Mon, 19 Mar 2007 03:13:56 GMT
Author: erodriguez
Date: Sun Mar 18 20:13:56 2007
New Revision: 519811

URL: http://svn.apache.org/viewvc?view=rev&rev=519811
Log:
Clean-up of Kerberos protocol configuration.
o  Enhancements to support Spring.
o  Removal of all code related to map-based configuration.
o  Some parameter names standardized with other protocol providers.

Modified:
    directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java
    directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java
    directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java
    directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java
    directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java
    directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java

Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java?view=diff&rev=519811&r1=519810&r2=519811
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java
(original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java
Sun Mar 18 20:13:56 2007
@@ -17,26 +17,21 @@
  *  under the License. 
  *  
  */
-
 package org.apache.directory.server.kerberos.kdc;
 
 
 import java.util.ArrayList;
-import java.util.Dictionary;
-import java.util.HashMap;
 import java.util.List;
-import java.util.Map;
 
 import javax.security.auth.kerberos.KerberosPrincipal;
 
-import org.apache.directory.server.core.DirectoryService;
-import org.apache.directory.server.core.configuration.ConfigurationException;
 import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
-import org.apache.directory.server.protocol.shared.LoadStrategy;
 import org.apache.directory.server.protocol.shared.ServiceConfiguration;
 
 
 /**
+ * Contains the configuration parameters for the Kerberos protocol provider.
+ * 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
@@ -44,387 +39,341 @@
 {
     private static final long serialVersionUID = 522567370475574165L;
 
-    /** the prop key const for kdc principal */
-    public static final String PRINCIPAL_KEY = "principal";
-
-    /** the prop key const for the kdc's primary realm */
-    public static final String REALM_KEY = "realm";
-
-    /** the prop key const for encryption types */
-    public static final String ENCRYPTION_TYPES_KEY = "encryption.types";
-
-    /** the prop key const for allowable clockskew */
-    public static final String ALLOWABLE_CLOCKSKEW_KEY = "allowable.clockskew";
-
-    /** the prop key const for empty addresses allowed */
-    public static final String EMPTY_ADDRESSES_ALLOWED_KEY = "empty.addresses.allowed";
+    /** The default kdc port */
+    private static final int DEFAULT_IP_PORT = 88;
 
-    /** the prop key const for requiring encrypted timestamps */
-    public static final String PA_ENC_TIMESTAMP_REQUIRED_KEY = "pa.enc.timestamp.required";
+    /** The default kdc search base DN */
+    public static final String DEFAULT_SEARCH_BASEDN = "ou=users,dc=example,dc=com";
 
-    /** the prop key const for the maximum ticket lifetime */
-    public static final String TGS_MAXIMUM_TICKET_LIFETIME_KEY = "tgs.maximum.ticket.lifetime";
-
-    /** the prop key const for the maximum renewable lifetime */
-    public static final String TGS_MAXIMUM_RENEWABLE_LIFETIME_KEY = "tgs.maximum.renewable.lifetime";
-
-    /** the prop key const for allowing forwardable tickets */
-    public static final String TGS_FORWARDABLE_ALLOWED_KEY = "tgs.forwardable.allowed";
-
-    /** the prop key const for allowing proxiable tickets */
-    public static final String TGS_PROXIABLE_ALLOWED_KEY = "tgs.proxiable.allowed";
-
-    /** the prop key const for allowing postdated tickets */
-    public static final String TGS_POSTDATE_ALLOWED_KEY = "tgs.postdate.allowed";
+    /** The default kdc service pid */
+    private static final String DEFAULT_PID = "org.apache.kerberos";
 
-    /** the prop key const for allowing renewable tickets */
-    public static final String TGS_RENEWABLE_ALLOWED_KEY = "tgs.renewable.allowed";
+    /** The default kdc service name */
+    private static final String DEFAULT_NAME = "Apache Kerberos Service";
 
-    /** the default kdc principal */
+    /** The default kdc service principal */
     private static final String DEFAULT_PRINCIPAL = "krbtgt/EXAMPLE.COM@EXAMPLE.COM";
 
-    /** the default kdc base DN */
-    public static final String KDC_ENTRY_BASEDN = "ou=users,dc=example,dc=com";
-
-    /** the default kdc realm */
+    /** The default kdc realm */
     private static final String DEFAULT_REALM = "EXAMPLE.COM";
 
-    /** the default kdc port */
-    private static final String DEFAULT_IP_PORT = "88";
-
-    /** the default allowable clockskew */
+    /** The default allowable clockskew */
     private static final long DEFAULT_ALLOWABLE_CLOCKSKEW = 5 * MINUTE;
 
-    /** the default encryption types */
+    /** The default encryption types */
     private static final String[] DEFAULT_ENCRYPTION_TYPES = new String[]
         { "des-cbc-md5" };
 
-    /** the default for allowing empty addresses */
+    /** The default for allowing empty addresses */
     private static final boolean DEFAULT_EMPTY_ADDRESSES_ALLOWED = true;
 
-    /** the default for requiring encrypted timestamps */
+    /** The default for requiring encrypted timestamps */
     private static final boolean DEFAULT_PA_ENC_TIMESTAMP_REQUIRED = true;
 
-    /** the default for the maximum ticket lifetime */
+    /** The default for the maximum ticket lifetime */
     private static final int DEFAULT_TGS_MAXIMUM_TICKET_LIFETIME = MINUTE * 1440;
 
-    /** the default for the maximum renewable lifetime */
+    /** The default for the maximum renewable lifetime */
     private static final int DEFAULT_TGS_MAXIMUM_RENEWABLE_LIFETIME = MINUTE * 10080;
 
-    /** the default for allowing forwardable tickets */
+    /** The default for allowing forwardable tickets */
     private static final boolean DEFAULT_TGS_FORWARDABLE_ALLOWED = true;
 
-    /** the default for allowing proxiable tickets */
+    /** The default for allowing proxiable tickets */
     private static final boolean DEFAULT_TGS_PROXIABLE_ALLOWED = true;
 
-    /** the default for allowing postdatable tickets */
+    /** The default for allowing postdatable tickets */
     private static final boolean DEFAULT_TGS_POSTDATE_ALLOWED = true;
 
-    /** the default for allowing renewable tickets */
+    /** The default for allowing renewable tickets */
     private static final boolean DEFAULT_TGS_RENEWABLE_ALLOWED = true;
 
-    private static final String DEFAULT_PID = "org.apache.kerberos";
-    private static final String DEFAULT_NAME = "Apache Kerberos Service";
-    private static final String DEFAULT_PREFIX = "kdc.";
-
+    /** The encryption types. */
     private EncryptionType[] encryptionTypes;
 
+    /** The primary realm */
+    private String primaryRealm = DEFAULT_REALM;
+
+    /** The service principal name. */
+    private String servicePrincipal = DEFAULT_PRINCIPAL;
+
+    /** The allowable clock skew. */
+    private long allowableClockSkew = DEFAULT_ALLOWABLE_CLOCKSKEW;
+
+    /** Whether pre-authentication by encrypted timestamp is required. */
+    private boolean isPaEncTimestampRequired = DEFAULT_PA_ENC_TIMESTAMP_REQUIRED;
+
+    /** The maximum ticket lifetime. */
+    private long maximumTicketLifetime = DEFAULT_TGS_MAXIMUM_TICKET_LIFETIME;
+
+    /** The maximum renewable lifetime. */
+    private long maximumRenewableLifetime = DEFAULT_TGS_MAXIMUM_RENEWABLE_LIFETIME;
+
+    /** Whether empty addresses are allowed. */
+    private boolean isEmptyAddressesAllowed = DEFAULT_EMPTY_ADDRESSES_ALLOWED;
+
+    /** Whether forwardable addresses are allowed. */
+    private boolean isForwardableAllowed = DEFAULT_TGS_FORWARDABLE_ALLOWED;
+
+    /** Whether proxiable addresses are allowed. */
+    private boolean isProxiableAllowed = DEFAULT_TGS_PROXIABLE_ALLOWED;
+
+    /** Whether postdating is allowed. */
+    private boolean isPostdateAllowed = DEFAULT_TGS_POSTDATE_ALLOWED;
+
+    /** Whether renewable tickets are allowed. */
+    private boolean isRenewableAllowed = DEFAULT_TGS_RENEWABLE_ALLOWED;
+
 
     /**
-     * Creates a new instance with default settings.
+     * Creates a new instance of KdcConfiguration.
      */
     public KdcConfiguration()
     {
-        this( getDefaultConfig(), LoadStrategy.LDAP );
+        super.setServiceName( DEFAULT_NAME );
+        super.setIpPort( DEFAULT_IP_PORT );
+        super.setServicePid( DEFAULT_PID );
+        super.setSearchBaseDn( DEFAULT_SEARCH_BASEDN );
+
+        prepareEncryptionTypes();
     }
 
 
     /**
-     * Creates a new instance with default settings that operates on the
-     * {@link DirectoryService} with the specified ID.
+     * Returns the allowable clock skew.
+     *
+     * @return The allowable clock skew.
      */
-    public KdcConfiguration(String instanceId)
+    public long getAllowableClockSkew()
     {
-        this( getDefaultConfig(), LoadStrategy.LDAP );
-        setInstanceId( instanceId );
+        return allowableClockSkew;
     }
 
 
-    public KdcConfiguration( Map<String, String> properties )
+    /**
+     * @return the isEmptyAddressesAllowed
+     */
+    public boolean isEmptyAddressesAllowed()
     {
-        this( properties, LoadStrategy.LDAP );
+        return isEmptyAddressesAllowed;
     }
 
 
-    public KdcConfiguration( Map<String, String> properties, int strategy )
+    /**
+     * @return the isForwardableAllowed
+     */
+    public boolean isForwardableAllowed()
     {
-        if ( properties == null )
-        {
-            configuration = getDefaultConfig();
-        }
-        else
-        {
-            loadProperties( DEFAULT_PREFIX, properties, strategy );
-        }
-
-        int port = getPort();
-
-        if ( port < 1 || port > 0xFFFF )
-        {
-            throw new ConfigurationException( "Invalid value:  " + IP_PORT_KEY + "=" + port
);
-        }
-
-        prepareEncryptionTypes();
+        return isForwardableAllowed;
     }
 
 
-    public static Map<String, String> getDefaultConfig()
+    /**
+     * @return the isPostdateAllowed
+     */
+    public boolean isPostdateAllowed()
     {
-        Map<String, String> defaults = new HashMap<String, String>();
-
-        defaults.put( SERVICE_PID, DEFAULT_PID );
-        defaults.put( IP_PORT_KEY, DEFAULT_IP_PORT );
-
-        return defaults;
+        return isPostdateAllowed;
     }
 
 
-    public boolean isDifferent( Dictionary config )
+    /**
+     * @return the isProxiableAllowed
+     */
+    public boolean isProxiableAllowed()
     {
-        int port = getPort();
-
-        if ( port == Integer.parseInt( ( String ) config.get( IP_PORT_KEY ) ) )
-        {
-            return false;
-        }
-
-        return true;
+        return isProxiableAllowed;
     }
 
 
-    public String getName()
+    /**
+     * @return the isRenewableAllowed
+     */
+    public boolean isRenewableAllowed()
     {
-        return DEFAULT_NAME;
+        return isRenewableAllowed;
     }
 
 
-    public String getPrimaryRealm()
+    /**
+     * @return the maximumRenewableLifetime
+     */
+    public long getMaximumRenewableLifetime()
     {
-        String key = REALM_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return get( key );
-        }
-
-        return DEFAULT_REALM;
+        return maximumRenewableLifetime;
     }
 
 
-    public KerberosPrincipal getKdcPrincipal()
+    /**
+     * @return the maximumTicketLifetime
+     */
+    public long getMaximumTicketLifetime()
     {
-        String key = PRINCIPAL_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return new KerberosPrincipal( get( key ) );
-        }
-
-        return new KerberosPrincipal( DEFAULT_PRINCIPAL );
+        return maximumTicketLifetime;
     }
 
 
-    public String getEntryBaseDn()
+    /**
+     * @param allowableClockSkew the allowableClockSkew to set
+     */
+    public void setAllowableClockSkew( long allowableClockSkew )
     {
-        String key = ENTRY_BASEDN_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return get( key );
-        }
-
-        return KDC_ENTRY_BASEDN;
+        this.allowableClockSkew = allowableClockSkew;
     }
 
 
-    public EncryptionType[] getEncryptionTypes()
+    /**
+     * @param encryptionTypes the encryptionTypes to set
+     */
+    public void setEncryptionTypes( EncryptionType[] encryptionTypes )
     {
-        return encryptionTypes;
+        this.encryptionTypes = encryptionTypes;
     }
 
 
-    public Map<String, String> getProperties()
+    /**
+     * @param isEmptyAddressesAllowed the isEmptyAddressesAllowed to set
+     */
+    public void setEmptyAddressesAllowed( boolean isEmptyAddressesAllowed )
     {
-        // Request that the krb5key value be returned as binary
-        configuration.put( "java.naming.ldap.attributes.binary", "krb5Key" );
-
-        return configuration;
+        this.isEmptyAddressesAllowed = isEmptyAddressesAllowed;
     }
 
 
-    public long getClockSkew()
+    /**
+     * @param isForwardableAllowed the isForwardableAllowed to set
+     */
+    public void setForwardableAllowed( boolean isForwardableAllowed )
     {
-        String key = ALLOWABLE_CLOCKSKEW_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return MINUTE * Long.parseLong( get( key ) );
-        }
-
-        return DEFAULT_ALLOWABLE_CLOCKSKEW;
+        this.isForwardableAllowed = isForwardableAllowed;
     }
 
 
-    public int getPort()
+    /**
+     * @param isPaEncTimestampRequired the isPaEncTimestampRequired to set
+     */
+    public void setPaEncTimestampRequired( boolean isPaEncTimestampRequired )
     {
-        String key = IP_PORT_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return Integer.parseInt( get( key ) );
-        }
-
-        return Integer.parseInt( DEFAULT_IP_PORT );
+        this.isPaEncTimestampRequired = isPaEncTimestampRequired;
     }
 
 
-    public int getBufferSize()
+    /**
+     * @param isPostdateAllowed the isPostdateAllowed to set
+     */
+    public void setPostdateAllowed( boolean isPostdateAllowed )
     {
-        String key = BUFFER_SIZE_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return Integer.parseInt( get( key ) );
-        }
-
-        return DEFAULT_BUFFER_SIZE;
+        this.isPostdateAllowed = isPostdateAllowed;
     }
 
 
-    public boolean isPaEncTimestampRequired()
+    /**
+     * @param isProxiableAllowed the isProxiableAllowed to set
+     */
+    public void setProxiableAllowed( boolean isProxiableAllowed )
     {
-        String key = PA_ENC_TIMESTAMP_REQUIRED_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return "true".equalsIgnoreCase( get( key ) );
-        }
-
-        return DEFAULT_PA_ENC_TIMESTAMP_REQUIRED;
+        this.isProxiableAllowed = isProxiableAllowed;
     }
 
 
-    public long getMaximumTicketLifetime()
+    /**
+     * @param isRenewableAllowed the isRenewableAllowed to set
+     */
+    public void setRenewableAllowed( boolean isRenewableAllowed )
     {
-        String key = TGS_MAXIMUM_TICKET_LIFETIME_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return MINUTE * Long.parseLong( get( key ) );
-        }
-
-        return DEFAULT_TGS_MAXIMUM_TICKET_LIFETIME;
+        this.isRenewableAllowed = isRenewableAllowed;
     }
 
 
-    public long getMaximumRenewableLifetime()
+    /**
+     * @param kdcPrincipal the kdcPrincipal to set
+     */
+    public void setKdcPrincipal( String kdcPrincipal )
     {
-        String key = TGS_MAXIMUM_RENEWABLE_LIFETIME_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return MINUTE * Long.parseLong( get( key ) );
-        }
-
-        return DEFAULT_TGS_MAXIMUM_RENEWABLE_LIFETIME;
+        this.servicePrincipal = kdcPrincipal;
     }
 
 
-    public boolean isEmptyAddressesAllowed()
+    /**
+     * @param maximumRenewableLifetime the maximumRenewableLifetime to set
+     */
+    public void setMaximumRenewableLifetime( long maximumRenewableLifetime )
     {
-        String key = EMPTY_ADDRESSES_ALLOWED_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return "true".equalsIgnoreCase( get( key ) );
-        }
-
-        return DEFAULT_EMPTY_ADDRESSES_ALLOWED;
+        this.maximumRenewableLifetime = maximumRenewableLifetime;
     }
 
 
-    public boolean isForwardableAllowed()
+    /**
+     * @param maximumTicketLifetime the maximumTicketLifetime to set
+     */
+    public void setMaximumTicketLifetime( long maximumTicketLifetime )
     {
-        String key = TGS_FORWARDABLE_ALLOWED_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return "true".equalsIgnoreCase( get( key ) );
-        }
-
-        return DEFAULT_TGS_FORWARDABLE_ALLOWED;
+        this.maximumTicketLifetime = maximumTicketLifetime;
     }
 
 
-    public boolean isProxiableAllowed()
+    /**
+     * @param primaryRealm the primaryRealm to set
+     */
+    public void setPrimaryRealm( String primaryRealm )
     {
-        String key = TGS_PROXIABLE_ALLOWED_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            return "true".equalsIgnoreCase( get( key ) );
-        }
-
-        return DEFAULT_TGS_PROXIABLE_ALLOWED;
+        this.primaryRealm = primaryRealm;
     }
 
 
-    public boolean isPostdateAllowed()
+    /**
+     * Returns the primary realm.
+     *
+     * @return The primary realm.
+     */
+    public String getPrimaryRealm()
     {
-        String key = TGS_POSTDATE_ALLOWED_KEY;
+        return primaryRealm;
+    }
 
-        if ( configuration.containsKey( key ) )
-        {
-            return "true".equalsIgnoreCase( get( key ) );
-        }
 
-        return DEFAULT_TGS_POSTDATE_ALLOWED;
+    /**
+     * Returns the service principal for this KDC service.
+     *
+     * @return The service principal for this KDC service.
+     */
+    public KerberosPrincipal getServicePrincipal()
+    {
+        return new KerberosPrincipal( servicePrincipal );
     }
 
 
-    public boolean isRenewableAllowed()
+    /**
+     * Returns the encryption types.
+     *
+     * @return The encryption types.
+     */
+    public EncryptionType[] getEncryptionTypes()
     {
-        String key = TGS_RENEWABLE_ALLOWED_KEY;
+        return encryptionTypes;
+    }
 
-        if ( configuration.containsKey( key ) )
-        {
-            return "true".equalsIgnoreCase( get( key ) );
-        }
 
-        return DEFAULT_TGS_RENEWABLE_ALLOWED;
+    /**
+     * Returns whether pre-authentication by encrypted timestamp is required.
+     *
+     * @return Whether pre-authentication by encrypted timestamp is required.
+     */
+    public boolean isPaEncTimestampRequired()
+    {
+        return isPaEncTimestampRequired;
     }
 
 
     private void prepareEncryptionTypes()
     {
-        String[] encryptionTypeStrings = null;
-
-        String key = ENCRYPTION_TYPES_KEY;
-
-        if ( configuration.containsKey( key ) )
-        {
-            encryptionTypeStrings = ( get( key ) ).split( "\\s" );
-        }
-        else
-        {
-            encryptionTypeStrings = DEFAULT_ENCRYPTION_TYPES;
-        }
+        String[] encryptionTypeStrings = DEFAULT_ENCRYPTION_TYPES;
 
         List<EncryptionType> encTypes = new ArrayList<EncryptionType>();
 
-        for ( String enc:encryptionTypeStrings )
+        for ( String enc : encryptionTypeStrings )
         {
-            for ( EncryptionType type:EncryptionType.VALUES )
+            for ( EncryptionType type : EncryptionType.VALUES )
             {
                 if ( type.toString().equalsIgnoreCase( enc ) )
                 {

Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java?view=diff&rev=519811&r1=519810&r2=519811
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java
(original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java
Sun Mar 18 20:13:56 2007
@@ -53,14 +53,23 @@
     private IoHandler handler;
 
 
-    public KerberosServer( KdcConfiguration config, IoAcceptor acceptor, IoServiceConfig
serviceConfig, PrincipalStore store )
+    /**
+     * Creates a new instance of KerberosServer.
+     *
+     * @param config
+     * @param acceptor
+     * @param serviceConfig
+     * @param store
+     */
+    public KerberosServer( KdcConfiguration config, IoAcceptor acceptor, IoServiceConfig
serviceConfig,
+        PrincipalStore store )
     {
         this.config = config;
         this.acceptor = acceptor;
         this.store = store;
 
-        String name = config.getName();
-        int port = config.getPort();
+        String name = config.getServiceName();
+        int port = config.getIpPort();
 
         try
         {
@@ -77,19 +86,29 @@
     }
 
 
+    /**
+     * Compares whether a {@link Dictionary} of configuration is different
+     * from the currently used configuration.
+     *
+     * @param newConfig
+     * @return <code>True</true> if the configuration is different.
+     */
     public boolean isDifferent( Dictionary newConfig )
     {
         return config.isDifferent( newConfig );
     }
 
 
+    /**
+     * Destroys this instance of the service.
+     */
     public void destroy()
     {
-        acceptor.unbind( new InetSocketAddress( config.getPort() ) );
+        acceptor.unbind( new InetSocketAddress( config.getIpPort() ) );
 
         acceptor = null;
         handler = null;
 
-        log.debug( config.getName() + " has stopped listening on port " + config.getPort()
);
+        log.debug( config.getServiceName() + " has stopped listening on port " + config.getIpPort()
);
     }
 }

Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java?view=diff&rev=519811&r1=519810&r2=519811
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java
(original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java
Sun Mar 18 20:13:56 2007
@@ -123,7 +123,7 @@
                     throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError()
);
                 }
 
-                if ( !timestamp.getTimeStamp().isInClockSkew( config.getClockSkew() ) )
+                if ( !timestamp.getTimeStamp().isInClockSkew( config.getAllowableClockSkew()
) )
                 {
                     throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_FAILED );
                 }

Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java?view=diff&rev=519811&r1=519810&r2=519811
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java
(original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java
Sun Mar 18 20:13:56 2007
@@ -60,7 +60,7 @@
                 PrincipalStore store = tgsContext.getStore();
                 ApplicationRequest authHeader = tgsContext.getAuthHeader();
                 Ticket tgt = tgsContext.getTgt();
-                long clockSkew = tgsContext.getConfig().getClockSkew();
+                long clockSkew = tgsContext.getConfig().getAllowableClockSkew();
                 ReplayCache replayCache = tgsContext.getReplayCache();
                 ChecksumType checksumType = tgsContext.getAuthenticator().getChecksum().getChecksumType();
                 InetAddress clientAddress = tgsContext.getClientAddress();

Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java?view=diff&rev=519811&r1=519810&r2=519811
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java
(original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java
Sun Mar 18 20:13:56 2007
@@ -45,7 +45,7 @@
         ApplicationRequest authHeader = tgsContext.getAuthHeader();
         Ticket tgt = tgsContext.getTgt();
         EncryptionKey serverKey = tgsContext.getTicketPrincipalEntry().getEncryptionKey();
-        long clockSkew = tgsContext.getConfig().getClockSkew();
+        long clockSkew = tgsContext.getConfig().getAllowableClockSkew();
         ReplayCache replayCache = tgsContext.getReplayCache();
         boolean emptyAddressesAllowed = tgsContext.getConfig().isEmptyAddressesAllowed();
         InetAddress clientAddress = tgsContext.getClientAddress();

Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java?view=diff&rev=519811&r1=519810&r2=519811
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java
(original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java
Sun Mar 18 20:13:56 2007
@@ -176,7 +176,7 @@
 
             KerberosException ke = ( KerberosException ) e;
 
-            session.write( getErrorMessage( config.getKdcPrincipal(), ke ) );
+            session.write( getErrorMessage( config.getServicePrincipal(), ke ) );
         }
     }
 



Mime
View raw message