directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r535679 - in /directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service: MonitorContext.java VerifyServiceTicketAuthHeader.java
Date Sun, 06 May 2007 23:36:53 GMT
Author: erodriguez
Date: Sun May  6 16:36:53 2007
New Revision: 535679

URL: http://svn.apache.org/viewvc?view=rev&rev=535679
Log:
Updated Change Password protocol to work with multiple key types.

Modified:
    directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java
    directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java

Modified: directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java?view=diff&rev=535679&r1=535678&r2=535679
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java
Sun May  6 16:36:53 2007
@@ -24,6 +24,7 @@
 
 import javax.security.auth.kerberos.KerberosPrincipal;
 
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
 import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
 import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
 import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
@@ -49,13 +50,15 @@
 
     private String contextKey = "context";
 
+
     public void execute( NextCommand next, IoSession session, Object message ) throws Exception
     {
         if ( log.isDebugEnabled() )
         {
             try
             {
-                ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute(
getContextKey() );
+                ChangePasswordContext changepwContext = ( ChangePasswordContext ) session
+                    .getAttribute( getContextKey() );
 
                 PrincipalStore store = changepwContext.getStore();
                 ApplicationRequest authHeader = changepwContext.getAuthHeader();
@@ -91,15 +94,18 @@
                 sb.append( "\n\t" + "caddr contains sender  " + caddrContainsSender );
 
                 KerberosPrincipal ticketServerPrincipal = ticket.getServerPrincipal();
-                PrincipalStoreEntry ticketPrincipal = changepwContext.getServerEntry();
+                sb.append( "\n\t" + "Ticket principal       " + ticketServerPrincipal );
 
-                sb.append( "\n\t" + "principal              " + ticketServerPrincipal );
+                PrincipalStoreEntry ticketPrincipal = changepwContext.getServerEntry();
                 sb.append( "\n\t" + "cn                     " + ticketPrincipal.getCommonName()
);
                 sb.append( "\n\t" + "realm                  " + ticketPrincipal.getRealmName()
);
-                sb.append( "\n\t" + "principal              " + ticketPrincipal.getPrincipal()
);
+                sb.append( "\n\t" + "Service principal      " + ticketPrincipal.getPrincipal()
);
                 sb.append( "\n\t" + "SAM type               " + ticketPrincipal.getSamType()
);
-                sb.append( "\n\t" + "Key type               " + ticketPrincipal.getEncryptionKey().getKeyType()
);
-                sb.append( "\n\t" + "Key version            " + ticketPrincipal.getEncryptionKey().getKeyVersion()
);
+
+                EncryptionType encryptionType = ticket.getEncPart().getEncryptionType();
+                int keyVersion = ticketPrincipal.getKeyMap().get( encryptionType ).getKeyVersion();
+                sb.append( "\n\t" + "Ticket key type        " + encryptionType );
+                sb.append( "\n\t" + "Service key version    " + keyVersion );
 
                 log.debug( sb.toString() );
             }
@@ -114,7 +120,7 @@
     }
 
 
-    public String getContextKey()
+    protected String getContextKey()
     {
         return ( this.contextKey );
     }

Modified: directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java?view=diff&rev=535679&r1=535678&r2=535679
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java
Sun May  6 16:36:53 2007
@@ -23,6 +23,7 @@
 import java.net.InetAddress;
 
 import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
 import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
 import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
 import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
@@ -40,13 +41,17 @@
 {
     private String contextKey = "context";
 
+
     public void execute( NextCommand next, IoSession session, Object message ) throws Exception
     {
         ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute(
getContextKey() );
 
         ApplicationRequest authHeader = changepwContext.getAuthHeader();
         Ticket ticket = changepwContext.getTicket();
-        EncryptionKey serverKey = changepwContext.getServerEntry().getEncryptionKey();
+
+        EncryptionType encryptionType = ticket.getEncPart().getEncryptionType();
+        EncryptionKey serverKey = changepwContext.getServerEntry().getKeyMap().get( encryptionType
);
+
         long clockSkew = changepwContext.getConfig().getClockSkew();
         ReplayCache replayCache = changepwContext.getReplayCache();
         boolean emptyAddressesAllowed = changepwContext.getConfig().isEmptyAddressesAllowed();



Mime
View raw message