directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r535687 - in /directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared: service/ store/ store/operations/
Date Mon, 07 May 2007 00:07:32 GMT
Author: erodriguez
Date: Sun May  6 17:07:31 2007
New Revision: 535687

URL: http://svn.apache.org/viewvc?view=rev&rev=535687
Log:
Updated Kerberos principal retrieval to support multiple key types.

Modified:
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/GetPrincipalStoreEntry.java
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntry.java
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalObjectFactory.java
    directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalStateFactory.java

Modified: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/GetPrincipalStoreEntry.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/GetPrincipalStoreEntry.java?view=diff&rev=535687&r1=535686&r2=535687
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/GetPrincipalStoreEntry.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/GetPrincipalStoreEntry.java
Sun May  6 17:07:31 2007
@@ -37,6 +37,7 @@
 {
     private String contextKey = "context";
 
+
     public PrincipalStoreEntry getEntry( KerberosPrincipal principal, PrincipalStore store,
ErrorType errorType )
         throws Exception
     {
@@ -51,7 +52,7 @@
             throw new KerberosException( errorType );
         }
 
-        if ( entry == null || entry.getEncryptionKey() == null )
+        if ( entry == null || entry.getKeyMap().isEmpty() )
         {
             throw new KerberosException( errorType );
         }

Modified: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntry.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntry.java?view=diff&rev=535687&r1=535686&r2=535687
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntry.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntry.java
Sun May  6 17:07:31 2007
@@ -20,6 +20,8 @@
 package org.apache.directory.server.kerberos.shared.store;
 
 
+import java.util.Map;
+
 import javax.security.auth.kerberos.KerberosPrincipal;
 
 import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
@@ -50,16 +52,18 @@
     private int maxRenew;
     private int kdcFlags;
     private SamType samType;
-    private EncryptionKey key;
+
     private boolean disabled;
     private boolean lockedOut;
     private KerberosTime expiration;
 
+    private Map<EncryptionType, EncryptionKey> keyMap;
+
 
-    PrincipalStoreEntry(String commonName, String userId, KerberosPrincipal principal, int
keyVersionNumber,
+    PrincipalStoreEntry( String commonName, String userId, KerberosPrincipal principal, int
keyVersionNumber,
         KerberosTime validStart, KerberosTime validEnd, KerberosTime passwordEnd, int maxLife,
int maxRenew,
-        int kdcFlags, int keyType, byte[] key, String realmName, SamType samType, boolean
disabled, 
-        boolean lockedOut, KerberosTime expiration )
+        int kdcFlags, int keyType, Map<EncryptionType, EncryptionKey> keyMap, String
realmName, SamType samType,
+        boolean disabled, boolean lockedOut, KerberosTime expiration )
     {
         this.commonName = commonName;
         this.userId = userId;
@@ -75,27 +79,27 @@
         this.lockedOut = lockedOut;
         this.expiration = expiration;
         this.samType = samType;
-        this.key = new EncryptionKey( EncryptionType.getTypeByOrdinal( keyType ), key, keyVersionNumber
);
+        this.keyMap = keyMap;
     }
 
-    
+
     public boolean isDisabled()
     {
         return disabled;
     }
-    
-    
+
+
     public boolean isLockedOut()
     {
         return lockedOut;
     }
-    
-    
+
+
     public KerberosTime getExpiration()
     {
         return expiration;
     }
-    
+
 
     public String getCommonName()
     {
@@ -109,9 +113,9 @@
     }
 
 
-    public EncryptionKey getEncryptionKey()
+    public Map<EncryptionType, EncryptionKey> getKeyMap()
     {
-        return key;
+        return keyMap;
     }
 
 

Modified: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java?view=diff&rev=535687&r1=535686&r2=535687
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java
Sun May  6 17:07:31 2007
@@ -20,8 +20,17 @@
 package org.apache.directory.server.kerberos.shared.store;
 
 
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
 import javax.security.auth.kerberos.KerberosPrincipal;
 
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.io.decoder.EncryptionKeyDecoder;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
 import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
 import org.apache.directory.server.kerberos.shared.messages.value.SamType;
 
@@ -52,38 +61,40 @@
     private int kdcFlags;
     private int encryptionType;
     private SamType samType;
-    private byte[] key;
+
     private boolean disabled = false;
     private boolean lockedOut = false;
     private KerberosTime expiration = KerberosTime.INFINITY;
 
+    private Map<EncryptionType, EncryptionKey> keyMap;
+
 
     public PrincipalStoreEntry getEntry()
     {
         return new PrincipalStoreEntry( commonName, userId, principal, keyVersionNumber,
validStart, validEnd,
-            passwordEnd, maxLife, maxRenew, kdcFlags, encryptionType, key, realmName, samType,

-            disabled, lockedOut, expiration );
+            passwordEnd, maxLife, maxRenew, kdcFlags, encryptionType, keyMap, realmName,
samType, disabled, lockedOut,
+            expiration );
     }
 
-    
+
     public void setDisabled( boolean disabled )
     {
         this.disabled = disabled;
     }
-    
-    
+
+
     public void setLockedOut( boolean lockedOut )
     {
         this.lockedOut = lockedOut;
     }
-    
-    
+
+
     public void setExpiration( KerberosTime expiration )
     {
         this.expiration = expiration;
     }
 
-    
+
     public void setCommonName( String commonName )
     {
         this.commonName = commonName;
@@ -108,9 +119,9 @@
     }
 
 
-    public void setKey( byte[] key )
+    public void setKeyMap( Map<EncryptionType, EncryptionKey> keyMap )
     {
-        this.key = key;
+        this.keyMap = keyMap;
     }
 
 
@@ -165,5 +176,29 @@
     public void setSamType( SamType samType )
     {
         this.samType = samType;
+    }
+
+
+    public Map<EncryptionType, EncryptionKey> reconstituteKeyMap( Attribute krb5key
) throws NamingException,
+        IOException
+    {
+        Map<EncryptionType, EncryptionKey> map = new HashMap<EncryptionType, EncryptionKey>();
+
+        for ( int ii = 0; ii < krb5key.size(); ii++ )
+        {
+            Object key = krb5key.get( ii );
+
+            if ( key instanceof String )
+            {
+                throw new NamingException(
+                    "JNDI should not return a string for the Kerberos key: JNDI property
java.naming.ldap.attributes.binary must include the krb5key attribute." );
+            }
+
+            byte[] encryptionKeyBytes = ( byte[] ) key;
+            EncryptionKey encryptionKey = EncryptionKeyDecoder.decode( encryptionKeyBytes
);
+            map.put( encryptionKey.getKeyType(), encryptionKey );
+        }
+
+        return map;
     }
 }

Modified: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java?view=diff&rev=535687&r1=535686&r2=535687
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java
Sun May  6 17:07:31 2007
@@ -21,18 +21,24 @@
 package org.apache.directory.server.kerberos.shared.store.operations;
 
 
+import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
 
 import javax.naming.Name;
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.naming.directory.DirContext;
+import javax.naming.directory.InvalidAttributeValueException;
 import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
 import javax.security.auth.kerberos.KerberosPrincipal;
 
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
 import org.apache.directory.server.kerberos.shared.messages.value.SamType;
 import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
 import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
@@ -53,6 +59,7 @@
 
     private static final String filter = "(objectClass=krb5Principal)";
 
+
     public Object execute( DirContext ctx, Name searchBaseDn )
     {
         SearchControls controls = new SearchControls();
@@ -70,7 +77,6 @@
                 SearchResult result = ( SearchResult ) answer.next();
                 attrs = result.getAttributes();
                 PrincipalStoreEntry entry = getEntry( attrs );
-                System.out.println( "Result name is " + result.getName() );
                 answers.add( entry );
             }
 
@@ -113,13 +119,25 @@
             modifier.setSamType( SamType.getTypeByOrdinal( Integer.parseInt( samType ) )
);
         }
 
-        byte[] keyBytes = ( byte[] ) attrs.get( KerberosAttribute.KEY ).get();
+        if ( attrs.get( KerberosAttribute.KEY ) != null )
+        {
+            Attribute krb5key = attrs.get( KerberosAttribute.KEY );
+            try
+            {
+                Map<EncryptionType, EncryptionKey> keyMap = modifier.reconstituteKeyMap(
krb5key );
+                modifier.setKeyMap( keyMap );
+            }
+            catch ( IOException ioe )
+            {
+                throw new InvalidAttributeValueException( "Account Kerberos key attribute
'" + KerberosAttribute.KEY
+                    + "' contained an invalid value for krb5key." );
+            }
+        }
 
         modifier.setCommonName( commonName );
         modifier.setPrincipal( new KerberosPrincipal( principal ) );
         modifier.setEncryptionType( Integer.parseInt( encryptionType ) );
         modifier.setKeyVersionNumber( Integer.parseInt( keyVersionNumber ) );
-        modifier.setKey( keyBytes );
 
         return modifier.getEntry();
     }

Modified: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java?view=diff&rev=535687&r1=535686&r2=535687
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
Sun May  6 17:07:31 2007
@@ -20,17 +20,22 @@
 package org.apache.directory.server.kerberos.shared.store.operations;
 
 
+import java.io.IOException;
 import java.text.ParseException;
+import java.util.Map;
 
 import javax.naming.Name;
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.naming.directory.DirContext;
 import javax.naming.directory.InvalidAttributeValueException;
 import javax.naming.directory.SearchResult;
 import javax.security.auth.kerberos.KerberosPrincipal;
 
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
 import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
 import org.apache.directory.server.kerberos.shared.messages.value.SamType;
 import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
@@ -57,8 +62,10 @@
 
     /**
      * Creates the action to be used against the embedded ApacheDS DIT.
+     * 
+     * @param principal 
      */
-    public GetPrincipal(KerberosPrincipal principal)
+    public GetPrincipal( KerberosPrincipal principal )
     {
         this.principal = principal;
     }
@@ -77,7 +84,7 @@
 
         String[] attrIDs =
             { KerberosAttribute.PRINCIPAL, KerberosAttribute.VERSION, KerberosAttribute.TYPE,
KerberosAttribute.KEY,
-                KerberosAttribute.SAM_TYPE, KerberosAttribute.ACCOUNT_DISABLED, 
+                KerberosAttribute.SAM_TYPE, KerberosAttribute.ACCOUNT_DISABLED,
                 KerberosAttribute.ACCOUNT_EXPIRATION_TIME, KerberosAttribute.ACCOUNT_LOCKEDOUT
};
 
         Attributes matchAttrs = new AttributesImpl( true );
@@ -128,28 +135,28 @@
 
         if ( attrs.get( KerberosAttribute.ACCOUNT_DISABLED ) != null )
         {
-            String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_DISABLED ).get();

+            String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_DISABLED ).get();
             modifier.setDisabled( "true".equalsIgnoreCase( val ) );
         }
 
         if ( attrs.get( KerberosAttribute.ACCOUNT_LOCKEDOUT ) != null )
         {
-            String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_LOCKEDOUT ).get();

+            String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_LOCKEDOUT ).get();
             modifier.setLockedOut( "true".equalsIgnoreCase( val ) );
         }
-        
+
         if ( attrs.get( KerberosAttribute.ACCOUNT_EXPIRATION_TIME ) != null )
         {
-            String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_EXPIRATION_TIME
).get(); 
+            String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_EXPIRATION_TIME
).get();
             try
             {
                 modifier.setExpiration( KerberosTime.getTime( val ) );
             }
             catch ( ParseException e )
             {
-                throw new InvalidAttributeValueException( "Account expiration attribute "
+
-                    KerberosAttribute.ACCOUNT_EXPIRATION_TIME 
-                    + " contained an invalid value for generalizedTime: " + val );
+                throw new InvalidAttributeValueException( "Account expiration attribute "
+                    + KerberosAttribute.ACCOUNT_EXPIRATION_TIME + " contained an invalid
value for generalizedTime: "
+                    + val );
             }
         }
 
@@ -159,22 +166,24 @@
             modifier.setSamType( SamType.getTypeByOrdinal( Integer.parseInt( samType ) )
);
         }
 
-        Object key = attrs.get( KerberosAttribute.KEY ).get();
-        byte[] keyBytes = null;
-
-        if ( key instanceof String )
+        if ( attrs.get( KerberosAttribute.KEY ) != null )
         {
-            String msg = "JNDI should not return a string for the kerberos key: JNDI property
java.naming.ldap.attributes.binary must include the krb5key attribute.";
-            throw new NamingException( msg );
+            Attribute krb5key = attrs.get( KerberosAttribute.KEY );
+            try
+            {
+                Map<EncryptionType, EncryptionKey> keyMap = modifier.reconstituteKeyMap(
krb5key );
+                modifier.setKeyMap( keyMap );
+            }
+            catch ( IOException ioe )
+            {
+                throw new InvalidAttributeValueException( "Account Kerberos key attribute
'" + KerberosAttribute.KEY
+                    + "' contained an invalid value for krb5key." );
+            }
         }
 
-        keyBytes = ( byte[] ) key;
-        modifier.setKey( keyBytes );
-
         modifier.setPrincipal( new KerberosPrincipal( principal ) );
         modifier.setEncryptionType( Integer.parseInt( encryptionType ) );
         modifier.setKeyVersionNumber( Integer.parseInt( keyVersionNumber ) );
         return modifier.getEntry();
     }
-    
 }

Modified: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalObjectFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalObjectFactory.java?view=diff&rev=535687&r1=535686&r2=535687
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalObjectFactory.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalObjectFactory.java
Sun May  6 17:07:31 2007
@@ -21,14 +21,20 @@
 package org.apache.directory.server.kerberos.shared.store.operations;
 
 
+import java.io.IOException;
 import java.util.Hashtable;
+import java.util.Map;
 
 import javax.naming.Context;
 import javax.naming.Name;
+import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
+import javax.naming.directory.InvalidAttributeValueException;
 import javax.naming.spi.DirObjectFactory;
 import javax.security.auth.kerberos.KerberosPrincipal;
 
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
 import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
 import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntryModifier;
 import org.apache.directory.shared.ldap.constants.SchemaConstants;
@@ -59,7 +65,21 @@
         KerberosPrincipal principal = new KerberosPrincipal( ( String ) attrs.get( KerberosAttribute.PRINCIPAL
).get() );
         modifier.setPrincipal( principal );
 
-        modifier.setKey( ( byte[] ) attrs.get( KerberosAttribute.KEY ).get() );
+        if ( attrs.get( KerberosAttribute.KEY ) != null )
+        {
+            Attribute krb5key = attrs.get( KerberosAttribute.KEY );
+            try
+            {
+                Map<EncryptionType, EncryptionKey> keyMap = modifier.reconstituteKeyMap(
krb5key );
+                modifier.setKeyMap( keyMap );
+            }
+            catch ( IOException ioe )
+            {
+                throw new InvalidAttributeValueException( "Account Kerberos key attribute
'" + KerberosAttribute.KEY
+                    + "' contained an invalid value for krb5key." );
+            }
+        }
+
         modifier.setEncryptionType( Integer.parseInt( ( String ) attrs.get( KerberosAttribute.TYPE
).get() ) );
         modifier.setKeyVersionNumber( Integer.parseInt( ( String ) attrs.get( KerberosAttribute.VERSION
).get() ) );
 

Modified: directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalStateFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalStateFactory.java?view=diff&rev=535687&r1=535686&r2=535687
==============================================================================
--- directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalStateFactory.java
(original)
+++ directory/apacheds/branches/kerberos-encryption-types/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalStateFactory.java
Sun May  6 17:07:31 2007
@@ -21,6 +21,7 @@
 package org.apache.directory.server.kerberos.shared.store.operations;
 
 
+import java.io.IOException;
 import java.util.Hashtable;
 
 import javax.naming.Context;
@@ -28,9 +29,13 @@
 import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
+import javax.naming.directory.InvalidAttributeValueException;
 import javax.naming.directory.SchemaViolationException;
 import javax.naming.spi.DirStateFactory;
 
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.io.encoder.EncryptionKeyEncoder;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
 import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
 import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
 import org.apache.directory.shared.ldap.constants.SchemaConstants;
@@ -82,7 +87,7 @@
             if ( !AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.UID_OBJECT_AT
) )
             {
                 oc.add( SchemaConstants.UID_OBJECT_AT );
-                
+
                 if ( p.getUserId() != null )
                 {
                     outAttrs.put( SchemaConstants.UID_AT, p.getUserId() );
@@ -99,8 +104,8 @@
                 outAttrs.put( "apacheSamType", "7" );
             }
 
-            if ( ! ( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.PERSON_OC
) ||
-                     oc.contains( SchemaConstants.PERSON_OC_OID ) ) )
+            if ( !( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.PERSON_OC
) || oc
+                .contains( SchemaConstants.PERSON_OC_OID ) ) )
             {
                 oc.add( SchemaConstants.PERSON_OC );
 
@@ -109,14 +114,14 @@
                 outAttrs.put( SchemaConstants.CN_AT, p.getCommonName() );
             }
 
-            if ( ! ( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.ORGANIZATIONAL_PERSON_OC
) ||
-                oc.contains( SchemaConstants.ORGANIZATIONAL_PERSON_OC_OID ) ) )
+            if ( !( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.ORGANIZATIONAL_PERSON_OC
) || oc
+                .contains( SchemaConstants.ORGANIZATIONAL_PERSON_OC_OID ) ) )
             {
                 oc.add( SchemaConstants.ORGANIZATIONAL_PERSON_OC );
             }
 
-            if ( ! ( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.INET_ORG_PERSON_OC
) ||
-                oc.contains( SchemaConstants.INET_ORG_PERSON_OC_OID ) ) )
+            if ( !( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.INET_ORG_PERSON_OC
) || oc
+                .contains( SchemaConstants.INET_ORG_PERSON_OC_OID ) ) )
             {
                 oc.add( SchemaConstants.INET_ORG_PERSON_OC );
             }
@@ -131,25 +136,31 @@
                 oc.add( "krb5KDCEntry" );
 
                 String principal = p.getPrincipal().getName();
-                byte[] keyBytes = p.getEncryptionKey().getKeyValue();
-                int keyType = p.getEncryptionKey().getKeyType().getOrdinal();
-                int keyVersion = p.getEncryptionKey().getKeyVersion();
+
+                EncryptionKey encryptionKey = p.getKeyMap().get( EncryptionType.DES_CBC_MD5
);
+
+                try
+                {
+                    outAttrs.put( KerberosAttribute.KEY, EncryptionKeyEncoder.encode( encryptionKey
) );
+                }
+                catch ( IOException ioe )
+                {
+                    throw new InvalidAttributeValueException( "Unable to encode Kerberos
key." );
+                }
+
+                int keyType = encryptionKey.getKeyType().getOrdinal();
+                int keyVersion = encryptionKey.getKeyVersion();
 
                 outAttrs.put( KerberosAttribute.PRINCIPAL, principal );
-                outAttrs.put( KerberosAttribute.KEY, keyBytes );
                 outAttrs.put( KerberosAttribute.TYPE, Integer.toString( keyType ) );
                 outAttrs.put( KerberosAttribute.VERSION, Integer.toString( keyVersion ) );
             }
 
             Result r = new Result( obj, outAttrs );
 
-            System.out.println( "Result from obj " + obj );
-            System.out.println( "Result attrs " + outAttrs );
-
             return r;
         }
 
-        System.out.println( "ERROR:  entry was not correct type " + obj );
         return null;
     }
 



Mime
View raw message