directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r519826 - /directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
Date Mon, 19 Mar 2007 03:58:32 GMT
Author: erodriguez
Date: Sun Mar 18 20:58:32 2007
New Revision: 519826

URL: http://svn.apache.org/viewvc?view=rev&rev=519826
Log:
Updated chain configuration to use LdapConfiguration bean instead of hard-coded values.

Modified:
    directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java

Modified: directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java?view=diff&rev=519826&r1=519825&r2=519826
==============================================================================
--- directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
(original)
+++ directory/apacheds/branches/apacheds-sasl-branch/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
Sun Mar 18 20:58:32 2007
@@ -20,8 +20,11 @@
 package org.apache.directory.server.ldap.support.bind;
 
 
+import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
@@ -30,11 +33,10 @@
 import javax.security.auth.kerberos.KerberosPrincipal;
 import javax.security.sasl.Sasl;
 
+import org.apache.directory.server.ldap.LdapConfiguration;
 import org.apache.directory.server.ldap.constants.SupportedSASLMechanisms;
 import org.apache.mina.common.IoSession;
 import org.apache.mina.handler.chain.IoHandlerCommand;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 
 /**
@@ -43,58 +45,101 @@
  */
 public class ConfigureChain implements IoHandlerCommand
 {
-    private static final Logger log = LoggerFactory.getLogger( ConfigureChain.class );
+    public void execute( NextCommand next, IoSession session, Object message ) throws Exception
+    {
+        LdapConfiguration config = ( LdapConfiguration ) session.getAttribute( LdapConfiguration.class.toString()
);
+
+        Map<String, String> saslProps = new HashMap<String, String>();
+        saslProps.put( Sasl.QOP, getActiveQop( config ) );
+        saslProps.put( "com.sun.security.sasl.digest.realm", getActiveRealms( config ) );
+        session.setAttribute( "saslProps", saslProps );
 
+        session.setAttribute( "supportedMechanisms", getActiveMechanisms( config ) );
+        session.setAttribute( "saslHost", config.getSaslHost() );
+        session.setAttribute( "saslSubject", getSubject( config.getSaslPrincipal() ) );
+        session.setAttribute( "baseDn", config.getSaslBaseDn() );
 
-    public void execute( NextCommand next, IoSession session, Object message ) throws Exception
+        next.execute( session, message );
+    }
+
+
+    private Set getActiveMechanisms( LdapConfiguration config )
     {
-        /**
-         * TODO - Take intersection of supported mechanisms and mechanisms enabled in configuration.
-         */
-        Set<String> supportedMechanisms = new HashSet<String>();
+        List<String> supportedMechanisms = new ArrayList<String>();
         supportedMechanisms.add( SupportedSASLMechanisms.SIMPLE );
         supportedMechanisms.add( SupportedSASLMechanisms.CRAM_MD5 );
         supportedMechanisms.add( SupportedSASLMechanisms.DIGEST_MD5 );
         supportedMechanisms.add( SupportedSASLMechanisms.GSSAPI );
-        session.setAttribute( "supportedMechanisms", supportedMechanisms );
 
-        /**
-         * TODO - Take host from configuration.
-         */
-        String saslHost = "localhost";
-        session.setAttribute( "saslHost", saslHost );
+        Set<String> activeMechanisms = new HashSet<String>();
 
-        Map<String, String> saslProps = new HashMap<String, String>();
+        Iterator it = config.getSupportedMechanisms().iterator();
+        while ( it.hasNext() )
+        {
+            String desiredMechanism = ( String ) it.next();
+            if ( supportedMechanisms.contains( desiredMechanism ) )
+            {
+                activeMechanisms.add( desiredMechanism );
+            }
+        }
 
-        /**
-         * TODO - Take service principal name from configuration.
-         * TODO - Create Subject with key material from directory.
-         */
-        String servicePrincipalName = "ldap/" + saslHost + "@EXAMPLE.COM";
-        session.setAttribute( "saslSubject", getSubject( servicePrincipalName ) );
-
-        /**
-         * TODO - Take QoP props from configuration.
-         */
-        saslProps.put( Sasl.QOP, "auth,auth-int,auth-conf" );
-
-        /**
-         * TODO - Take realms from configuration.
-         */
-        saslProps.put( "com.sun.security.sasl.digest.realm", "example.com apache.org" );
+        return activeMechanisms;
+    }
 
-        session.setAttribute( "saslProps", saslProps );
 
-        /**
-         * TODO - Get one or more base DN's for user lookups.
-         * TODO - Make decision on base DN lookup vs. regex mapping.
-         */
-        session.setAttribute( "baseDn", "ou=users,dc=example,dc=com" );
+    private String getActiveQop( LdapConfiguration config )
+    {
+        List<String> supportedQop = new ArrayList<String>();
+        supportedQop.add( "auth" );
+        supportedQop.add( "auth-int" );
+        supportedQop.add( "auth-conf" );
+
+        StringBuilder saslQop = new StringBuilder();
+
+        Iterator it = config.getSaslQop().iterator();
+        while ( it.hasNext() )
+        {
+            String desiredQopLevel = ( String ) it.next();
+            if ( supportedQop.contains( desiredQopLevel ) )
+            {
+                saslQop.append( desiredQopLevel );
+            }
+
+            if ( it.hasNext() )
+            {
+                // QOP is comma-delimited
+                saslQop.append( "," );
+            }
+        }
 
-        next.execute( session, message );
+        return saslQop.toString();
+    }
+
+
+    private String getActiveRealms( LdapConfiguration config )
+    {
+        StringBuilder realms = new StringBuilder();
+
+        Iterator it = config.getSaslRealms().iterator();
+        while ( it.hasNext() )
+        {
+            String realm = ( String ) it.next();
+            realms.append( realm );
+
+            if ( it.hasNext() )
+            {
+                // realms are space-delimited
+                realms.append( " " );
+            }
+        }
+
+        return realms.toString();
     }
 
 
+    /**
+     * TODO - Create Subject with key material from directory.
+     */
     private Subject getSubject( String servicePrincipalName )
     {
         KerberosPrincipal servicePrincipal = new KerberosPrincipal( servicePrincipalName
);



Mime
View raw message