Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 39583 invoked from network); 19 Apr 2007 08:24:37 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 19 Apr 2007 08:24:37 -0000 Received: (qmail 57557 invoked by uid 500); 19 Apr 2007 08:24:43 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 57506 invoked by uid 500); 19 Apr 2007 08:24:43 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 57495 invoked by uid 99); 19 Apr 2007 08:24:43 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 19 Apr 2007 01:24:43 -0700 X-ASF-Spam-Status: No, hits=-99.5 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 19 Apr 2007 01:24:36 -0700 Received: by eris.apache.org (Postfix, from userid 65534) id 7DEE51A9838; Thu, 19 Apr 2007 01:24:16 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r530323 - /directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java Date: Thu, 19 Apr 2007 08:24:16 -0000 To: commits@directory.apache.org From: elecharny@apache.org X-Mailer: svnmailer-1.1.0 Message-Id: <20070419082416.7DEE51A9838@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: elecharny Date: Thu Apr 19 01:24:14 2007 New Revision: 530323 URL: http://svn.apache.org/viewvc?view=rev&rev=530323 Log: Fixed the cache system : it was not storing the principal Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java?view=diff&rev=530323&r1=530322&r2=530323 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java (original) +++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java Thu Apr 19 01:24:14 2007 @@ -177,7 +177,7 @@ * @return A byte array which can be empty if the password was not found * @throws NamingException If we have a problem during the lookup operation */ - private byte[] getStoredPassword( LdapDN principalDN ) throws NamingException + private LdapPrincipal getStoredPassword( LdapDN principalDN ) throws NamingException { LdapPrincipal principal = null; String principalNorm = principalDN.getNormName(); @@ -204,6 +204,15 @@ { storedPassword = ArrayUtils.EMPTY_BYTE_ARRAY; } + + // Create the new principal before storing it in the cache + principal = new LdapPrincipal( principalDN, AuthenticationLevel.SIMPLE, storedPassword ); + + // Now, update the local cache. + synchronized( credentialCache ) + { + credentialCache.put( principalDN.getNormName(), principal ); + } } else { @@ -211,7 +220,7 @@ storedPassword = principal.getUserPassword(); } - return storedPassword; + return principal; } /** @@ -250,33 +259,6 @@ return credentials; } - /** - * Helper function used to update the cache with the user's password, - * if the cache is not containing this information. - * - * The LdapPrincipal will be empty if this password is not cached. - */ - private LdapPrincipal updateCache( LdapPrincipal principal, LdapDN principalDn, byte[] storedPassword ) - { - if ( principal == null ) - { - // If we have found the credential, we have to store it in the cache - principal = new LdapPrincipal( principalDn, AuthenticationLevel.SIMPLE, storedPassword ); - - // Now, update the local cache. - synchronized( credentialCache ) - { - credentialCache.put( principalDn.getNormName(), principal ); - } - } - - if ( IS_DEBUG ) - { - log.debug( "{} Authenticated", principalDn ); - } - - return principal; - } /** * Looks up userPassword attribute of the entry whose name is the @@ -318,17 +300,21 @@ // ---- extract password from JNDI environment byte[] credentials = getCredentials( ctx, principalDn ); - boolean credentialsMatch = false; - LdapPrincipal principal = null; + LdapPrincipal principal = getStoredPassword( principalDn ); // Get the stored password, either from cache or from backend - byte[] storedPassword = getStoredPassword( principalDn ); + byte[] storedPassword = principal.getUserPassword(); // Short circuit for PLAIN TEXT passwords : we compare the byte array directly // Are the passwords equal ? if ( Arrays.equals( credentials, storedPassword ) ) { - return updateCache( principal, principalDn, storedPassword ); + if ( IS_DEBUG ) + { + log.debug( "{} Authenticated", principalDn ); + } + + return principal; } // Let's see if the stored password was encrypted @@ -352,7 +338,12 @@ // Now, compare the two passwords. if ( Arrays.equals( userPassword, encryptedStored ) ) { - return updateCache( principal, principalDn, storedPassword ); + if ( IS_DEBUG ) + { + log.debug( "{} Authenticated", principalDn ); + } + + return principal; } else {