Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 75875 invoked from network); 21 May 2007 01:53:35 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 21 May 2007 01:53:35 -0000 Received: (qmail 45537 invoked by uid 500); 21 May 2007 01:53:41 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 45478 invoked by uid 500); 21 May 2007 01:53:41 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 45467 invoked by uid 99); 21 May 2007 01:53:41 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 20 May 2007 18:53:41 -0700 X-ASF-Spam-Status: No, hits=-99.5 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 20 May 2007 18:53:32 -0700 Received: by eris.apache.org (Postfix, from userid 65534) id 69E4C1A981A; Sun, 20 May 2007 18:53:12 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r539993 [1/2] - in /directory/apacheds/branches/kerberos-encryption-types: btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/ constants/src/main/java/org/apache/directory/server/constants/ core-unit/src/test/jav... Date: Mon, 21 May 2007 01:53:10 -0000 To: commits@directory.apache.org From: erodriguez@apache.org X-Mailer: svnmailer-1.1.0 Message-Id: <20070521015312.69E4C1A981A@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: erodriguez Date: Sun May 20 18:53:07 2007 New Revision: 539993 URL: http://svn.apache.org/viewvc?view=rev&rev=539993 Log: Merged revisions r533844:539990 from ApacheDS trunk to 'kerberos-encryption-types' branch. Added: directory/apacheds/branches/kerberos-encryption-types/server-unit/src/test/java/org/apache/directory/server/BackupUtilitiesSP.java - copied unchanged from r539990, directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/BackupUtilitiesSP.java directory/apacheds/branches/kerberos-encryption-types/server-unit/src/test/java/org/apache/directory/server/ListUtilsSP.java - copied unchanged from r539990, directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/ListUtilsSP.java Removed: directory/apacheds/branches/kerberos-encryption-types/server-unit/src/test/java/org/apache/directory/server/BackupUtilities.java Modified: directory/apacheds/branches/kerberos-encryption-types/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexComparator.java directory/apacheds/branches/kerberos-encryption-types/constants/src/main/java/org/apache/directory/server/constants/MetaSchemaConstants.java directory/apacheds/branches/kerberos-encryption-types/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchContextITest.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/jndi/ServerContext.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/jndi/ServerLdapContext.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeService.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexusProxy.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreePartition.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResult.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ExpressionEnumerator.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/referral/ReferralLut.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/schema/SchemaService.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/trigger/AbstractStoredProcedureParameterInjector.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/trigger/AddStoredProcedureParameterInjector.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/trigger/DeleteStoredProcedureParameterInjector.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/trigger/ModifyDNStoredProcedureParameterInjector.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/trigger/ModifyStoredProcedureParameterInjector.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/trigger/StoredProcedureParameterInjector.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/trigger/TriggerService.java directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/trigger/TriggerSpecCache.java directory/apacheds/branches/kerberos-encryption-types/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java directory/apacheds/branches/kerberos-encryption-types/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmIndex.java directory/apacheds/branches/kerberos-encryption-types/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmMasterTable.java directory/apacheds/branches/kerberos-encryption-types/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/BindHandler.java directory/apacheds/branches/kerberos-encryption-types/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchResponseIterator.java directory/apacheds/branches/kerberos-encryption-types/schema-bootstrap/src/main/schema/apache.schema directory/apacheds/branches/kerberos-encryption-types/schema-bootstrap/src/main/schema/apachemeta.schema directory/apacheds/branches/kerberos-encryption-types/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultAttributeTypeRegistry.java directory/apacheds/branches/kerberos-encryption-types/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultObjectClassRegistry.java directory/apacheds/branches/kerberos-encryption-types/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultOidRegistry.java directory/apacheds/branches/kerberos-encryption-types/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultSyntaxRegistry.java directory/apacheds/branches/kerberos-encryption-types/server-jndi/src/main/java/org/apache/directory/server/jndi/ServerContextFactory.java directory/apacheds/branches/kerberos-encryption-types/server-unit/src/test/java/org/apache/directory/server/DefaultServerTriggerServiceTest.java Modified: directory/apacheds/branches/kerberos-encryption-types/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexComparator.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexComparator.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexComparator.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexComparator.java Sun May 20 18:53:07 2007 @@ -21,7 +21,6 @@ import org.apache.directory.server.schema.SerializableComparator; -import org.apache.directory.shared.ldap.util.LongComparator; /** * TupleComparator for index records. @@ -41,7 +40,23 @@ public int compare( Object o1, Object o2 ) { - return LongComparator.INSTANCE.compare( o1, o2 ); + try + { + long thisVal = (Long)o1; + long anotherVal = (Long)o2; + return ( thisVal < anotherVal ? -1 : ( thisVal == anotherVal ? 0 : 1 ) ); + } + catch ( NullPointerException npe ) + { + if ( o1 == null ) + { + throw new IllegalArgumentException( "Argument 'obj1' is null" ); + } + else + { + throw new IllegalArgumentException( "Argument 'obj2' is null" ); + } + } } }; Modified: directory/apacheds/branches/kerberos-encryption-types/constants/src/main/java/org/apache/directory/server/constants/MetaSchemaConstants.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/constants/src/main/java/org/apache/directory/server/constants/MetaSchemaConstants.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/constants/src/main/java/org/apache/directory/server/constants/MetaSchemaConstants.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/constants/src/main/java/org/apache/directory/server/constants/MetaSchemaConstants.java Sun May 20 18:53:07 2007 @@ -69,7 +69,7 @@ String M_MUST_AT = "m-must"; String M_MAY_AT = "m-may"; String M_TYPE_OBJECT_CLASS_AT = "m-typeObjectClass"; - String X_HUMAN_READIBLE_AT = "x-humanReadible"; + String X_HUMAN_READIBLE_AT = "x-humanReadable"; // -- schema extensions & values -- Modified: directory/apacheds/branches/kerberos-encryption-types/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchContextITest.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchContextITest.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchContextITest.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchContextITest.java Sun May 20 18:53:07 2007 @@ -393,7 +393,7 @@ assertTrue( "contains ou=system", map.containsKey( "ou=system" ) ); assertTrue( "contains ou=users,ou=system", map.containsKey( "ou=users,ou=system" ) ); assertTrue( "contains uid=admin,ou=system", map.containsKey( "uid=admin,ou=system" ) ); - assertTrue( "contains cn=administrators,ou=groups,ou=system", map.containsKey( "cn=administrators,ou=groups,ou=system" ) ); + assertTrue( "contains cn=administrators,ou=groups,ou=system", map.containsKey( "cn=Administrators,ou=groups,ou=system" ) ); } Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java Sun May 20 18:53:07 2007 @@ -71,6 +71,7 @@ import org.apache.directory.server.schema.registries.Registries; import org.apache.directory.shared.ldap.constants.JndiPropertyConstants; import org.apache.directory.shared.ldap.constants.SchemaConstants; +import org.apache.directory.shared.ldap.constants.ServerDNConstants; import org.apache.directory.shared.ldap.exception.LdapAuthenticationNotSupportedException; import org.apache.directory.shared.ldap.exception.LdapConfigurationException; import org.apache.directory.shared.ldap.exception.LdapNamingException; @@ -537,25 +538,24 @@ // create administrator group // ------------------------------------------------------------------- - String upName = "cn=Administrators,ou=groups,ou=system"; - LdapDN normName = new LdapDN( "cn=administrators,ou=groups,ou=system" ); - normName.normalize( oidsMap ); + LdapDN name = new LdapDN( ServerDNConstants.ADMINISTRATORS_GROUP_DN ); + name.normalize( oidsMap ); - if ( !partitionNexus.hasEntry( new EntryOperationContext( normName ) ) ) + if ( !partitionNexus.hasEntry( new EntryOperationContext( name ) ) ) { firstStart = true; Attributes attributes = new AttributesImpl(); Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT ); objectClass.add( SchemaConstants.TOP_OC ); - objectClass.add( "groupOfUniqueNames" ); + objectClass.add( SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC ); attributes.put( objectClass ); attributes.put( SchemaConstants.CN_AT, "Administrators" ); - attributes.put( "uniqueMember", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + attributes.put( SchemaConstants.UNIQUE_MEMBER_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); - partitionNexus.add( new AddOperationContext( normName, attributes ) ); + partitionNexus.add( new AddOperationContext( name, attributes ) ); Interceptor authzInterceptor = interceptorChain.get( AuthorizationService.NAME ); @@ -574,7 +574,7 @@ } AuthorizationService authzSrvc = ( AuthorizationService ) authzInterceptor; - authzSrvc.cacheNewGroup( upName, normName, attributes ); + authzSrvc.cacheNewGroup( name, attributes ); } @@ -945,7 +945,7 @@ for ( int i = 0; i < binaryArray.length; i++ ) { - binaries.add( StringTools.lowerCase( StringTools.trim( binaryArray[i] ) ) ); + binaries.add( StringTools.lowerCaseAscii( StringTools.trim( binaryArray[i] ) ) ); } } @@ -974,9 +974,10 @@ // add the lowercased name for the names for the attributeType String[] names = type.getNames(); + for ( int ii = 0; ii < names.length; ii++ ) { - binaries.add( StringTools.lowerCase( StringTools.trim( names[ii] ) ) ); + binaries.add( StringTools.lowerCaseAscii( StringTools.trim( names[ii] ) ) ); } } } Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java Sun May 20 18:53:07 2007 @@ -73,7 +73,6 @@ /** The service name */ public static final String NAME = "authenticationService"; - /** Speedup for logs */ private static final boolean IS_DEBUG = log.isDebugEnabled(); @@ -89,7 +88,6 @@ { } - /** * Registers and initializes all {@link Authenticator}s to this service. */ @@ -116,7 +114,6 @@ /** * Deinitializes and deregisters all {@link Authenticator}s from this service. */ - @SuppressWarnings("unchecked") public void destroy() { Set> clonedAuthenticatorCollections = new HashSet>(); @@ -448,7 +445,7 @@ { // The DN is always normalized here LdapDN normBindDn = opContext.getDn(); - String bindUpDn = opContext.getDn().getUpName(); + String bindUpDn = normBindDn.getUpName(); if ( IS_DEBUG ) { Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java Sun May 20 18:53:07 2007 @@ -91,10 +91,6 @@ /** The service name */ public static final String NAME = "authorizationService"; - /** the entry ACI attribute string: entryACI */ - private static final String ENTRYACI_ATTR = "entryACI"; - /** the subentry ACI attribute string: subentryACI */ - private static final String SUBENTRYACI_ATTR = "subentryACI"; /** * the multivalued op attr used to track the perscriptive access control * subentries that apply to an entry. @@ -152,18 +148,25 @@ /** a tupleCache that responds to add, delete, and modify attempts */ private TupleCache tupleCache; + /** a groupCache that responds to add, delete, and modify attempts */ private GroupCache groupCache; + /** a normalizing ACIItem parser */ private ACIItemParser aciParser; + /** use and instance of the ACDF engine */ private ACDFEngine engine; + /** interceptor chain */ private InterceptorChain chain; + /** attribute type registry */ private AttributeTypeRegistry attrRegistry; + /** whether or not this interceptor is activated */ private boolean enabled = false; + /** the system wide subschemaSubentryDn */ private String subschemaSubentryDn; @@ -174,7 +177,14 @@ private String subentryOid; private String acSubentryOid; + /** A storage for the entryACI attributeType */ + private AttributeType entryAciType; + + /** the subentry ACI attribute type */ + private AttributeType subentryAciType; + public static final SearchControls DEFAULT_SEARCH_CONTROLS = new SearchControls(); + /** * Initializes this interceptor based service by getting a handle on the nexus, setting up * the tupe and group membership caches and the ACIItem parser and the ACDF engine. @@ -197,6 +207,8 @@ acSubentryOid = oidRegistry.getOid( AC_SUBENTRY_ATTR ); objectClassType = attrRegistry.lookup( objectClassOid ); acSubentryType = attrRegistry.lookup( acSubentryOid ); + entryAciType = attrRegistry.lookup( SchemaConstants.ENTRY_ACI_AT_OID ); + subentryAciType = attrRegistry.lookup( SchemaConstants.SUBENTRY_ACI_AT_OID ); aciParser = new ACIItemParser( new ConcreteNameComponentNormalizer( attrRegistry, oidRegistry ), attrRegistry.getNormalizerMapping() ); engine = new ACDFEngine( factoryCfg.getRegistries().getOidRegistry(), attrRegistry ); @@ -204,8 +216,8 @@ enabled = factoryCfg.getStartupConfiguration().isAccessControlEnabled(); // stuff for dealing with subentries (garbage for now) - String subschemaSubentry = ( String ) factoryCfg.getPartitionNexus().getRootDSE( null ).get( "subschemaSubentry" ) - .get(); + String subschemaSubentry = ( String ) factoryCfg.getPartitionNexus().getRootDSE( null ). + get( "subschemaSubentry" ).get(); LdapDN subschemaSubentryDnName = new LdapDN( subschemaSubentry ); subschemaSubentryDnName.normalize( attrRegistry.getNormalizerMapping() ); subschemaSubentryDn = subschemaSubentryDnName.toNormName(); @@ -256,10 +268,12 @@ } Attribute subentries = AttributeUtils.getAttribute( entry, acSubentryType ); + if ( subentries == null ) { return; } + for ( int ii = 0; ii < subentries.size(); ii++ ) { String subentryDn = ( String ) subentries.get( ii ); @@ -278,7 +292,8 @@ */ private void addEntryAciTuples( Collection tuples, Attributes entry ) throws NamingException { - Attribute entryAci = entry.get( ENTRYACI_ATTR ); + Attribute entryAci = AttributeUtils.getAttribute( entry, entryAciType ); + if ( entryAci == null ) { return; @@ -327,9 +342,10 @@ // will contain the subentryACI attributes that effect subentries LdapDN parentDn = ( LdapDN ) dn.clone(); parentDn.remove( dn.size() - 1 ); - Attributes administrativeEntry = proxy.lookup( new LookupOperationContext( parentDn, new String[] - { SUBENTRYACI_ATTR }) , PartitionNexusProxy.LOOKUP_BYPASS ); - Attribute subentryAci = administrativeEntry.get( SUBENTRYACI_ATTR ); + Attributes administrativeEntry = proxy.lookup( + new LookupOperationContext( parentDn, new String[] + { SchemaConstants.SUBENTRY_ACI_AT }) , PartitionNexusProxy.LOOKUP_BYPASS ); + Attribute subentryAci = AttributeUtils.getAttribute( administrativeEntry, subentryAciType ); if ( subentryAci == null ) { @@ -400,7 +416,7 @@ { next.add( addContext ); tupleCache.subentryAdded( name.getUpName(), name, entry ); - groupCache.groupAdded( name.getUpName(), name, entry ); + groupCache.groupAdded( name, entry ); return; } @@ -430,9 +446,11 @@ // now we must check if attribute type and value scope permission is granted NamingEnumeration attributeList = entry.getAll(); + while ( attributeList.hasMore() ) { Attribute attr = ( Attribute ) attributeList.next(); + for ( int ii = 0; ii < attr.size(); ii++ ) { engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, attr @@ -446,7 +464,7 @@ // if the entry added is a subentry or a groupOf[Unique]Names we must // update the ACITuple cache and the groups cache to keep them in sync tupleCache.subentryAdded( name.getUpName(), name, entry ); - groupCache.groupAdded( name.getUpName(), name, entry ); + groupCache.groupAdded( name, entry ); } @@ -657,7 +675,11 @@ Invocation invocation = InvocationStack.getInstance().peek(); LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal(); LdapDN principalDn = principal.getJndiName(); - principalDn.normalize( attrRegistry.getNormalizerMapping() ); + + if ( !principalDn.isNormalized() ) + { + principalDn.normalize( attrRegistry.getNormalizerMapping() ); + } if ( isPrincipalAnAdministrator( principalDn ) || !enabled ) { @@ -767,6 +789,7 @@ // but after this service. Attributes importedEntry = proxy.lookup( new LookupOperationContext( oriChildName ), PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS ); + // As the target entry does not exist yet and so // its subentry operational attributes are not there, // we need to construct an entry to represent it @@ -869,9 +892,6 @@ groupCache.groupRenamed( oriChildName, newName ); } - public static final SearchControls DEFAULT_SEARCH_CONTROLS = new SearchControls(); - - public NamingEnumeration list( NextInterceptor next, OperationContext opContext ) throws NamingException { Invocation invocation = InvocationStack.getInstance().peek(); @@ -996,9 +1016,9 @@ } - public void cacheNewGroup( String upName, LdapDN normName, Attributes entry ) throws NamingException + public void cacheNewGroup( LdapDN name, Attributes entry ) throws NamingException { - this.groupCache.groupAdded( upName, normName, entry ); + groupCache.groupAdded( name, entry ); } @@ -1032,11 +1052,13 @@ * values remaining then the entire attribute is removed. */ NamingEnumeration idList = result.getAttributes().getIDs(); + while ( idList.hasMore() ) { // if attribute type scope access is not allowed then remove the attribute and continue String id = ( String ) idList.next(); Attribute attr = result.getAttributes().get( id ); + if ( !engine.hasPermission( invocation.getProxy(), userGroups, userDn, ctx.getPrincipal() .getAuthenticationLevel(), normName, attr.getID(), null, SEARCH_ATTRVAL_PERMS, tuples, entry ) ) { Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java Sun May 20 18:53:07 2007 @@ -50,7 +50,9 @@ import org.apache.directory.server.core.partition.PartitionNexus; import org.apache.directory.server.schema.registries.AttributeTypeRegistry; import org.apache.directory.shared.ldap.constants.SchemaConstants; +import org.apache.directory.shared.ldap.constants.ServerDNConstants; import org.apache.directory.shared.ldap.exception.LdapNoPermissionException; +import org.apache.directory.shared.ldap.message.ServerSearchResult; import org.apache.directory.shared.ldap.name.LdapDN; import org.apache.directory.shared.ldap.schema.AttributeType; import org.apache.directory.shared.ldap.schema.OidNormalizer; @@ -132,7 +134,7 @@ GROUP_BASE_DN = PartitionNexus.getGroupsBaseName(); GROUP_BASE_DN.normalize( normalizerMapping ); - ADMIN_GROUP_DN = new LdapDN( "cn=Administrators,ou=groups,ou=system" ); + ADMIN_GROUP_DN = new LdapDN( ServerDNConstants.ADMINISTRATORS_GROUP_DN ); ADMIN_GROUP_DN.normalize( normalizerMapping ); attrRegistry = factoryCfg.getRegistries().getAttributeTypeRegistry(); @@ -548,9 +550,12 @@ private boolean isSearchable( Invocation invocation, SearchResult result ) throws NamingException { LdapDN principalDn = ( ( ServerContext ) invocation.getCaller() ).getPrincipal().getJndiName(); - LdapDN dn; - dn = new LdapDN( result.getName() ); - dn.normalize( normalizerMapping ); + LdapDN dn = ((ServerSearchResult)result).getDn(); + + if ( !dn.isNormalized() ) + { + dn.normalize( normalizerMapping ); + } // Admin users gets full access to all entries if ( isAnAdministrator( principalDn ) ) Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java Sun May 20 18:53:07 2007 @@ -20,7 +20,6 @@ package org.apache.directory.server.core.authz; -import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.Hashtable; @@ -31,23 +30,26 @@ import org.apache.directory.server.core.DirectoryServiceConfiguration; import org.apache.directory.server.core.interceptor.context.SearchOperationContext; import org.apache.directory.server.core.partition.PartitionNexus; +import org.apache.directory.server.schema.registries.AttributeTypeRegistry; import org.apache.directory.shared.ldap.constants.SchemaConstants; +import org.apache.directory.shared.ldap.constants.ServerDNConstants; import org.apache.directory.shared.ldap.filter.AssertionEnum; import org.apache.directory.shared.ldap.filter.BranchNode; import org.apache.directory.shared.ldap.filter.SimpleNode; import org.apache.directory.shared.ldap.message.ModificationItemImpl; import org.apache.directory.shared.ldap.name.LdapDN; +import org.apache.directory.shared.ldap.schema.AttributeType; import org.apache.directory.shared.ldap.schema.OidNormalizer; import org.apache.directory.shared.ldap.util.AttributeUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import javax.naming.Name; import javax.naming.NamingException; import javax.naming.NamingEnumeration; import javax.naming.directory.Attribute; import javax.naming.directory.Attributes; import javax.naming.directory.DirContext; +import javax.naming.directory.ModificationItem; import javax.naming.directory.SearchControls; import javax.naming.directory.SearchResult; @@ -60,14 +62,6 @@ */ public class GroupCache { - /** the member attribute for a groupOfNames: member */ - private static final String MEMBER_ATTR = "member"; - /** the member attribute for a groupOfUniqueNames: uniqueMember */ - private static final String UNIQUEMEMBER_ATTR = "uniqueMember"; - /** the groupOfNames objectClass: groupOfNames */ - private static final String GROUPOFNAMES_OC = "groupOfNames"; - /** the groupOfUniqueNames objectClass: groupOfUniqueNames */ - private static final String GROUPOFUNIQUENAMES_OC = "groupOfUniqueNames"; /** the logger for this class */ private static final Logger log = LoggerFactory.getLogger( GroupCache.class ); @@ -76,18 +70,31 @@ /** String key for the DN of a group to a Set (HashSet) for the Strings of member DNs */ private final Map> groups = new HashMap>(); + /** a handle on the partition nexus */ private final PartitionNexus nexus; + /** the env to use for searching */ private final Hashtable env; + /** Stores a reference to the AttributeType registry */ + private AttributeTypeRegistry attributeTypeRegistry; + + /** A storage for the member attributeType */ + private AttributeType memberAT; + + /** A storage for the uniqueMember attributeType */ + private AttributeType uniqueMemberAT; + /** * The OIDs normalizer map */ private Map normalizerMap; /** the normalized dn of the administrators group */ - LdapDN administratorsGroupDn; + private LdapDN administratorsGroupDn; + + private static final Set EMPTY_GROUPS = new HashSet(); /** * Creates a static group cache. @@ -97,12 +104,15 @@ public GroupCache( DirectoryServiceConfiguration factoryCfg ) throws NamingException { normalizerMap = factoryCfg.getRegistries().getAttributeTypeRegistry().getNormalizerMapping(); - this.nexus = factoryCfg.getPartitionNexus(); - this.env = ( Hashtable ) factoryCfg.getEnvironment().clone(); + nexus = factoryCfg.getPartitionNexus(); + env = ( Hashtable ) factoryCfg.getEnvironment().clone(); + attributeTypeRegistry = factoryCfg.getRegistries().getAttributeTypeRegistry(); + memberAT = attributeTypeRegistry.lookup( SchemaConstants.MEMBER_AT_OID ); + uniqueMemberAT = attributeTypeRegistry.lookup( SchemaConstants.UNIQUE_MEMBER_AT_OID ); + // stuff for dealing with the admin group - administratorsGroupDn = new LdapDN( "cn=Administrators,ou=groups,ou=system" ); - administratorsGroupDn.normalize( normalizerMap ); + administratorsGroupDn = parseNormalized( ServerDNConstants.ADMINISTRATORS_GROUP_DN ); initialize(); } @@ -122,8 +132,8 @@ // normalized sets of members to cache within the map BranchNode filter = new BranchNode( AssertionEnum.OR ); - filter.addNode( new SimpleNode( SchemaConstants.OBJECT_CLASS_AT, GROUPOFNAMES_OC, AssertionEnum.EQUALITY ) ); - filter.addNode( new SimpleNode( SchemaConstants.OBJECT_CLASS_AT, GROUPOFUNIQUENAMES_OC, AssertionEnum.EQUALITY ) ); + filter.addNode( new SimpleNode( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.GROUP_OF_NAMES_OC, AssertionEnum.EQUALITY ) ); + filter.addNode( new SimpleNode( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC, AssertionEnum.EQUALITY ) ); Iterator suffixes = nexus.listSuffixes( null ); @@ -139,27 +149,27 @@ while ( results.hasMore() ) { SearchResult result = ( SearchResult ) results.next(); - String groupDn = result.getName(); - groupDn = parseNormalized( groupDn ).toString(); + LdapDN groupDn = parseNormalized( result.getName() ); Attribute members = getMemberAttribute( result.getAttributes() ); if ( members != null ) { Set memberSet = new HashSet( members.size() ); addMembers( memberSet, members ); - groups.put( groupDn, memberSet ); + groups.put( groupDn.getNormName(), memberSet ); } else { - log.warn( "Found group '" + groupDn + "' without any member or uniqueMember attributes" ); + log.warn( "Found group '{}' without any member or uniqueMember attributes", groupDn.getUpName() ); } } + results.close(); } if ( IS_DEBUG ) { - log.debug( "group cache contents on startup:\n" + groups ); + log.debug( "group cache contents on startup:\n {}", groups ); } } @@ -177,27 +187,33 @@ if ( oc == null ) { - if ( entry.get( MEMBER_ATTR ) != null ) + Attribute member = AttributeUtils.getAttribute( entry, memberAT ); + + if ( member != null ) { - return entry.get( MEMBER_ATTR ); + return member; } - if ( entry.get( UNIQUEMEMBER_ATTR ) != null ) + Attribute uniqueMember = AttributeUtils.getAttribute(entry, uniqueMemberAT ); + + if ( uniqueMember != null ) { - return entry.get( UNIQUEMEMBER_ATTR ); + return uniqueMember; } return null; } - if ( AttributeUtils.containsValueCaseIgnore( oc, GROUPOFNAMES_OC ) ) + if ( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_NAMES_OC ) || + AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_NAMES_OC_OID ) ) { - return entry.get( MEMBER_ATTR ); + return AttributeUtils.getAttribute( entry, memberAT ); } - if ( AttributeUtils.containsValueCaseIgnore( oc, GROUPOFUNIQUENAMES_OC ) ) + if ( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC ) || + AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC_OID )) { - return entry.get( UNIQUEMEMBER_ATTR ); + return AttributeUtils.getAttribute(entry, uniqueMemberAT ); } return null; @@ -269,7 +285,7 @@ * @param entry the group entry's attributes * @throws NamingException if there are problems accessing the attr values */ - public void groupAdded( String upName, Name normName, Attributes entry ) throws NamingException + public void groupAdded( LdapDN name, Attributes entry ) throws NamingException { Attribute members = getMemberAttribute( entry ); @@ -280,11 +296,11 @@ Set memberSet = new HashSet( members.size() ); addMembers( memberSet, members ); - groups.put( normName.toString(), memberSet ); + groups.put( name.getNormName(), memberSet ); if ( IS_DEBUG ) { - log.debug( "group cache contents after adding " + normName.toString() + ":\n" + groups ); + log.debug( "group cache contents after adding '{}' :\n {}", name.getUpName(), groups ); } } @@ -296,7 +312,7 @@ * @param name the normalized DN of the group entry * @param entry the attributes of entry being deleted */ - public void groupDeleted( Name name, Attributes entry ) + public void groupDeleted( LdapDN name, Attributes entry ) { Attribute members = getMemberAttribute( entry ); @@ -305,11 +321,11 @@ return; } - groups.remove( name.toString() ); + groups.remove( name.getNormName() ); if ( IS_DEBUG ) { - log.debug( "group cache contents after deleting " + name.toString() + ":\n" + groups ); + log.debug( "group cache contents after deleting '{}' :\n {}", name.getUpName(), groups ); } } @@ -331,16 +347,20 @@ case ( DirContext.ADD_ATTRIBUTE ): addMembers( memberSet, members ); break; + case ( DirContext.REPLACE_ATTRIBUTE ): if ( members.size() > 0 ) { memberSet.clear(); addMembers( memberSet, members ); } + break; + case ( DirContext.REMOVE_ATTRIBUTE ): removeMembers( memberSet, members ); break; + default: throw new InternalError( "Undefined modify operation value of " + modOp ); } @@ -356,22 +376,24 @@ * @param entry the group entry being modified * @throws NamingException if there are problems accessing attribute values */ - public void groupModified( Name name, ModificationItemImpl[] mods, Attributes entry ) throws NamingException + public void groupModified( LdapDN name, ModificationItemImpl[] mods, Attributes entry ) throws NamingException { Attribute members = null; String memberAttrId = null; Attribute oc = entry.get( SchemaConstants.OBJECT_CLASS_AT ); - if ( AttributeUtils.containsValueCaseIgnore( oc, GROUPOFNAMES_OC ) ) + if ( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_NAMES_OC ) || + AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_NAMES_OC_OID )) { - members = entry.get( MEMBER_ATTR ); - memberAttrId = MEMBER_ATTR; + members = AttributeUtils.getAttribute( entry, memberAT ); + memberAttrId = SchemaConstants.MEMBER_AT; } - if ( AttributeUtils.containsValueCaseIgnore( oc, GROUPOFUNIQUENAMES_OC ) ) + if ( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC ) || + AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC_OID ) ) { - members = entry.get( UNIQUEMEMBER_ATTR ); - memberAttrId = UNIQUEMEMBER_ATTR; + members = AttributeUtils.getAttribute(entry, uniqueMemberAT ); + memberAttrId = SchemaConstants.UNIQUE_MEMBER_AT; } if ( members == null ) @@ -379,15 +401,15 @@ return; } - for ( int ii = 0; ii < mods.length; ii++ ) + for ( ModificationItem modification:mods ) { - if ( memberAttrId.equalsIgnoreCase( mods[ii].getAttribute().getID() ) ) + if ( memberAttrId.equalsIgnoreCase( modification.getAttribute().getID() ) ) { - Set memberSet = groups.get( name.toString() ); + Set memberSet = groups.get( name.getNormName() ); if ( memberSet != null ) { - modify( memberSet, mods[ii].getModificationOp(), mods[ii].getAttribute() ); + modify( memberSet, modification.getModificationOp(), modification.getAttribute() ); } break; @@ -396,7 +418,7 @@ if ( IS_DEBUG ) { - log.debug( "group cache contents after modifying " + name.toString() + ":\n" + groups ); + log.debug( "group cache contents after modifying '{}' :\n {}", name.getUpName(), groups ); } } @@ -411,7 +433,7 @@ * @param entry the entry being modified * @throws NamingException if there are problems accessing attribute values */ - public void groupModified( Name name, int modOp, Attributes mods, Attributes entry ) throws NamingException + public void groupModified( LdapDN name, int modOp, Attributes mods, Attributes entry ) throws NamingException { Attribute members = getMemberAttribute( mods ); @@ -420,7 +442,7 @@ return; } - Set memberSet = groups.get( name.toString() ); + Set memberSet = groups.get( name.getNormName() ); if ( memberSet != null ) { @@ -429,7 +451,7 @@ if ( IS_DEBUG ) { - log.debug( "group cache contents after modifying " + name.toString() + ":\n" + groups ); + log.debug( "group cache contents after modifying '{}' :\n {}", name.getUpName(), groups ); } } @@ -443,12 +465,13 @@ */ public final boolean isPrincipalAnAdministrator( LdapDN principalDn ) { - if ( principalDn.toNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) + if ( principalDn.getNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) ) { return true; } - Set members = ( Set ) groups.get( administratorsGroupDn.toNormName() ); + Set members = ( Set ) groups.get( administratorsGroupDn.getNormName() ); + if ( members == null ) { log.warn( "What do you mean there is no administrators group? This is bad news." ); @@ -467,68 +490,67 @@ * @return a Set of Name objects representing the groups * @throws NamingException if there are problems accessing attribute values */ - public Set getGroups( String member ) throws NamingException + public Set getGroups( String member ) throws NamingException { + LdapDN normMember = null; + try { - member = parseNormalized( member ).toString(); + normMember = parseNormalized( member ); } catch ( NamingException e ) { - log - .warn( - "Malformed member DN. Could not find groups for member in GroupCache. Returning empty set for groups!", - e ); - return Collections.EMPTY_SET; + log.warn( "Malformed member DN. Could not find groups for member '{}' in GroupCache. Returning empty set for groups!", member, e ); + return EMPTY_GROUPS; } - Set memberGroups = null; + Set memberGroups = null; - Iterator list = groups.keySet().iterator(); - while ( list.hasNext() ) + for ( String group:groups.keySet() ) { - String group = ( String ) list.next(); - Set members = ( Set ) groups.get( group ); + Set members = groups.get( group ); if ( members == null ) { continue; } - if ( members.contains( member ) ) + if ( members.contains( normMember.getNormName() ) ) { if ( memberGroups == null ) { - memberGroups = new HashSet(); + memberGroups = new HashSet(); } - memberGroups.add( new LdapDN( group ) ); + memberGroups.add( parseNormalized( group ) ); } } if ( memberGroups == null ) { - return Collections.EMPTY_SET; + return EMPTY_GROUPS; } return memberGroups; } - public boolean groupRenamed( Name oldName, Name newName ) + public boolean groupRenamed( LdapDN oldName, LdapDN newName ) { - Set members = groups.remove( oldName.toString() ); + Set members = groups.remove( oldName.getNormName() ); if ( members != null ) { - groups.put( newName.toString(), members ); + groups.put( newName.getNormName(), members ); if ( IS_DEBUG ) { - log.debug( "group cache contents after renaming " + oldName.toString() + ":\n" + groups ); + log.debug( "group cache contents after renaming '{}' :\n{}", oldName.getUpName(), groups ); } + return true; } + return false; } } Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java Sun May 20 18:53:07 2007 @@ -87,7 +87,7 @@ /** a normalizing ACIItem parser */ private final ACIItemParser aciParser; - /** Stores a reference to the AtttributeType registry */ + /** Stores a reference to the AttributeType registry */ private AttributeTypeRegistry attributeTypeRegistry; /** A starage for the PrescriptiveACI attributeType */ Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java Sun May 20 18:53:07 2007 @@ -47,6 +47,7 @@ import org.apache.directory.server.core.partition.PartitionNexus; import org.apache.directory.server.schema.registries.AttributeTypeRegistry; import org.apache.directory.shared.ldap.message.AttributeImpl; +import org.apache.directory.shared.ldap.message.ServerSearchResult; import org.apache.directory.shared.ldap.name.LdapDN; import org.apache.directory.shared.ldap.schema.AttributeType; import org.apache.directory.shared.ldap.util.AttributeUtils; @@ -80,7 +81,7 @@ public boolean accept( Invocation invocation, SearchResult result, SearchControls controls ) throws NamingException { - LdapDN name = new LdapDN( result.getName() ); + LdapDN name = ((ServerSearchResult)result).getDn(); name = LdapDN.normalize( name, attrTypeRegistry.getNormalizerMapping() ); Attributes entry = result.getAttributes(); String[] retAttrs = controls.getReturningAttributes(); Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java Sun May 20 18:53:07 2007 @@ -428,22 +428,29 @@ */ public NamingEnumeration search( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException { - String msg = "Attempt to search under non-existant entry: "; LdapDN base = opContext.getDn(); - if ( base.size() == 0 ) + try { - return nextInterceptor.search( opContext ); - } + NamingEnumeration result = nextInterceptor.search( opContext ); + + if ( result.hasMoreElements() == false ) + { + if ( !base.isEmpty() && !( subschemSubentryDn.toNormName() ).equalsIgnoreCase( base.toNormName() ) ) + { + // We just check that the entry exists only if we didn't found any entry + assertHasEntry( nextInterceptor, "Attempt to search under non-existant entry:" , base ); + } + } - if ( ( subschemSubentryDn.toNormName() ).equalsIgnoreCase( base.toNormName() ) ) + return result; + } + catch ( NamingException ne ) { - return nextInterceptor.search( opContext ); + String msg = "Attempt to search under non-existant entry: "; + assertHasEntry( nextInterceptor, msg, base ); + throw ne; } - - assertHasEntry( nextInterceptor, msg, base ); - - return nextInterceptor.search( opContext ); } Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/jndi/ServerContext.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/jndi/ServerContext.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/jndi/ServerContext.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/jndi/ServerContext.java Sun May 20 18:53:07 2007 @@ -594,7 +594,16 @@ Object obj; LdapDN target = buildTarget( name ); - Attributes attributes = nexusProxy.lookup( new LookupOperationContext( target ) ); + Attributes attributes = null; + + if ( name.size() == 0 ) + { + attributes = nexusProxy.getRootDSE( new LookupOperationContext( target ) ); + } + else + { + attributes = nexusProxy.lookup( new LookupOperationContext( target ) ); + } try { @@ -859,7 +868,7 @@ LdapDN target = ( LdapDN ) dn.clone(); // Add to left hand side of cloned DN the relative name arg - target.addAll( target.size(), relativeName ); + target.addAllNormalized( target.size(), relativeName ); return target; } } Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/jndi/ServerLdapContext.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/jndi/ServerLdapContext.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/jndi/ServerLdapContext.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/jndi/ServerLdapContext.java Sun May 20 18:53:07 2007 @@ -51,6 +51,9 @@ private Control[] responseControls = EMPTY_CONTROLS; private Control[] connectControls = EMPTY_CONTROLS; + /** A reference to the RTeferralService interceptor */ + private transient ReferralService refService = null; + /** * Creates an instance of an ServerLdapContext. @@ -62,6 +65,7 @@ public ServerLdapContext( DirectoryService service, Hashtable env ) throws NamingException { super( service, env ); + refService = (( ReferralService )service.getConfiguration().getInterceptorChain().get( ReferralService.NAME ) ); } @@ -75,6 +79,7 @@ ServerLdapContext( DirectoryService service, LdapPrincipal principal, LdapDN dn ) throws NamingException { super( service, principal, dn ); + refService = (( ReferralService )service.getConfiguration().getInterceptorChain().get( ReferralService.NAME ) ); } @@ -185,18 +190,27 @@ } - private transient ReferralService refService; + /** + * Check if a Name is a referral + * @param name The Name to check + * @return true if the Name is a referral. + * @throws NamingException If the Name is incorrect + */ public boolean isReferral( String name ) throws NamingException { - if ( refService == null ) - { - refService = ( ReferralService ) getService().getConfiguration().getInterceptorChain().get( - ReferralService.NAME ); - } - return refService.isReferral( name ); } + /** + * Check if a Name is a referral + * @param name The Name to check + * @return true if the Name is a referral. + * @throws NamingException If the Name is incorrect + */ + public boolean isReferral( LdapDN name ) throws NamingException + { + return refService.isReferral( name ); + } public ServerContext getRootContext() throws NamingException { Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeService.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeService.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeService.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeService.java Sun May 20 18:53:07 2007 @@ -459,7 +459,9 @@ } else if ( rdn.size() == 1 ) { - newDn.add( new Rdn( registry.lookup( rdn.getNormType() ).getName(), (String)rdn.getAtav().getValue() ) ); + String name = registry.lookup( rdn.getNormType() ).getName(); + String value = (String)rdn.getAtav().getValue(); + newDn.add( new Rdn( name, name, value, value ) ); continue; } Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java Sun May 20 18:53:07 2007 @@ -24,6 +24,7 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; +import java.util.Enumeration; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; @@ -68,9 +69,11 @@ import org.apache.directory.shared.ldap.message.AttributesImpl; import org.apache.directory.shared.ldap.message.ManageDsaITControl; import org.apache.directory.shared.ldap.message.PersistentSearchControl; +import org.apache.directory.shared.ldap.message.ServerSearchResult; import org.apache.directory.shared.ldap.message.SubentriesControl; import org.apache.directory.shared.ldap.message.extended.NoticeOfDisconnect; import org.apache.directory.shared.ldap.name.LdapDN; +import org.apache.directory.shared.ldap.name.Rdn; import org.apache.directory.shared.ldap.schema.AttributeType; import org.apache.directory.shared.ldap.schema.Normalizer; import org.apache.directory.shared.ldap.schema.UsageEnum; @@ -119,6 +122,99 @@ /** the backends keyed by normalized suffix strings */ private Map partitions = new HashMap(); + + private PartitionStructure partitionList = new PartitionContainer(); + + private interface PartitionStructure + { + boolean isPartition(); + public PartitionStructure addPartitionHandler( String name, PartitionStructure children ); + } + + private class PartitionContainer implements PartitionStructure + { + private Map children; + + private PartitionContainer() + { + children = new HashMap(); + } + + public boolean isPartition() + { + return false; + } + + public PartitionStructure addPartitionHandler( String name, PartitionStructure child ) + { + children.put( name, child ); + return this; + } + + public String toString() + { + StringBuilder sb = new StringBuilder(); + + sb.append( "Partition container :\n" ); + + for ( PartitionStructure child:children.values() ) + { + sb.append( '{' ).append( child.toString() ).append( "} " ); + } + + return sb.toString(); + } + } + + private class PartitionHandler implements PartitionStructure + { + private Partition partition; + + private PartitionHandler( Partition partition ) + { + this.partition = partition; + } + + public boolean isPartition() + { + return true; + } + + public PartitionStructure addPartitionHandler( String name, PartitionStructure partition ) + { + return this; + } + + public Partition getpartition() + { + return partition; + } + + public String toString() + { + try + { + return partition.getSuffix().getUpName(); + } + catch ( NamingException ne ) + { + return "Unkown partition"; + } + } +} + + private PartitionStructure buildPartitionStructure( PartitionStructure current, LdapDN dn, int index, Partition partition ) + { + if ( index == dn.size() - 1 ) + { + return current.addPartitionHandler( dn.getRdn( index ).toString(), new PartitionHandler( partition ) ); + } + else + { + return current.addPartitionHandler( dn.getRdn( index ).toString(), + buildPartitionStructure( new PartitionContainer(), dn, index + 1, partition ) ); + } + } /** the read only rootDSE attributes */ private final Attributes rootDSE; @@ -377,11 +473,15 @@ system.init( factoryCfg, systemCfg ); systemCfg.setContextPartition( system ); String key = system.getSuffix().toString(); + if ( partitions.containsKey( key ) ) { throw new ConfigurationException( "Duplicate partition suffix: " + key ); } + partitions.put( key, system ); + + buildPartitionStructure( partitionList, system.getSuffix(), 0, system ); Attribute namingContexts = rootDSE.get( NAMINGCTXS_ATTR ); namingContexts.add( system.getUpSuffix().getUpName() ); @@ -432,6 +532,7 @@ { MultiException error = null; Iterator list = this.partitions.values().iterator(); + while ( list.hasNext() ) { Partition partition = ( Partition ) list.next(); @@ -542,6 +643,7 @@ // Turn on default indices String key = config.getSuffix(); + if ( partitions.containsKey( key ) ) { throw new ConfigurationException( "Duplicate partition suffix: " + key ); @@ -553,6 +655,8 @@ } partitions.put( partition.getSuffix().toString(), partition ); + + buildPartitionStructure( partitionList, partition.getSuffix(), 0, partition ); Attribute namingContexts = rootDSE.get( NAMINGCTXS_ATTR ); namingContexts.add( partition.getUpSuffix().getUpName() ); @@ -776,7 +880,7 @@ // ----------------------------------------------------------- if ( ids == null || ids.length == 0 ) { - SearchResult result = new SearchResult( "", null, ( Attributes ) getRootDSE( null ).clone(), false ); + SearchResult result = new ServerSearchResult( "", null, ( Attributes ) getRootDSE( null ).clone(), false ); return new SingletonEnumeration( result ); } @@ -820,14 +924,14 @@ // return nothing if ( containsOneDotOne ) { - SearchResult result = new SearchResult( "", null, new AttributesImpl(), false ); + SearchResult result = new ServerSearchResult( "", null, new AttributesImpl(), false ); return new SingletonEnumeration( result ); } // return everything if ( containsAsterisk && containsPlus ) { - SearchResult result = new SearchResult( "", null, ( Attributes ) getRootDSE( null ).clone(), false ); + SearchResult result = new ServerSearchResult( "", null, ( Attributes ) getRootDSE( null ).clone(), false ); return new SingletonEnumeration( result ); } @@ -882,7 +986,7 @@ } } - SearchResult result = new SearchResult( "", null, attrs, false ); + SearchResult result = new ServerSearchResult( "", null, attrs, false ); return new SingletonEnumeration( result ); } Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexusProxy.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexusProxy.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexusProxy.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexusProxy.java Sun May 20 18:53:07 2007 @@ -24,6 +24,7 @@ import java.util.Collections; import java.util.HashSet; import java.util.Iterator; +import java.util.List; import java.util.Set; import javax.naming.Context; @@ -48,6 +49,8 @@ import org.apache.directory.server.core.enumeration.SearchResultFilteringEnumeration; import org.apache.directory.server.core.event.EventService; import org.apache.directory.server.core.interceptor.InterceptorChain; +import org.apache.directory.server.core.interceptor.context.GetRootDSEOperationContext; +import org.apache.directory.server.core.interceptor.context.LookupOperationContext; import org.apache.directory.server.core.interceptor.context.OperationContext; import org.apache.directory.server.core.interceptor.context.SearchOperationContext; import org.apache.directory.server.core.invocation.Invocation; @@ -91,6 +94,18 @@ /** Bypass String to use when ALL interceptors should be skipped */ public static final Collection BYPASS_ALL_COLLECTION = Collections.singleton( BYPASS_ALL ); + /** A static object to store the rootDSE entry with all the attributes */ + private static Attributes ROOT_DSE_ALL; + + /** A static object to store the rootDSE entry without operationnal attributes */ + private static Attributes ROOT_DSE_NO_OPERATIONNAL; + + /** A mutex to protect the rootDSE construction */ + private static final Object ROOT_DSE_ALL_MUTEX = new Object(); + + /** A mutex to protect the rootDSE construction */ + private static final Object ROOT_DSE_NOOP_MUTEX = new Object(); + private final Context caller; private final DirectoryService service; private final DirectoryServiceConfiguration configuration; @@ -140,7 +155,7 @@ * @param caller a JNDI {@link Context} object that will call this proxy * @param service a JNDI service */ - public PartitionNexusProxy(Context caller, DirectoryService service) + public PartitionNexusProxy(Context caller, DirectoryService service) throws NamingException { this.caller = caller; this.service = service; @@ -154,7 +169,7 @@ } - public void init( DirectoryServiceConfiguration factoryCfg, PartitionConfiguration cfg ) + public void init( DirectoryServiceConfiguration factoryCfg, PartitionConfiguration cfg ) throws NamingException { } @@ -463,6 +478,37 @@ public Attributes lookup( OperationContext opContext ) throws NamingException { + if ( opContext.getDn().size() == 0 ) + { + List attrs = ( (LookupOperationContext)opContext).getAttrsId(); + + if ( ( attrs == null ) || ( attrs.size() == 0 ) ) + { + synchronized( ROOT_DSE_NOOP_MUTEX ) + { + if ( ROOT_DSE_NO_OPERATIONNAL == null ) + { + ROOT_DSE_NO_OPERATIONNAL = lookup( opContext, ( Collection ) null ); + } + } + + return ROOT_DSE_NO_OPERATIONNAL; + } + else if ( ( attrs.size() == 1 ) && ( attrs.contains( "+" ) ) ) + { + synchronized( ROOT_DSE_ALL_MUTEX ) + { + if ( ROOT_DSE_ALL == null ) + { + ROOT_DSE_ALL = lookup( opContext, ( Collection ) null ); + } + } + + return ROOT_DSE_ALL; + } + + } + return lookup( opContext, ( Collection ) null ); } @@ -636,6 +682,19 @@ public Attributes getRootDSE( OperationContext opContext ) throws NamingException { + if ( opContext.getDn().size() == 0 ) + { + synchronized( ROOT_DSE_ALL_MUTEX ) + { + if ( ROOT_DSE_ALL == null ) + { + ROOT_DSE_ALL = getRootDSE( null, null ); + } + } + + return ROOT_DSE_ALL; + } + return getRootDSE( null, null ); } Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreePartition.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreePartition.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreePartition.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreePartition.java Sun May 20 18:53:07 2007 @@ -384,7 +384,7 @@ { LdapDN dn = opContext.getDn(); - Long id = getEntryId( dn.toString() ); + Long id = getEntryId( dn.getNormName() ); // don't continue if id is null if ( id == null ) Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResult.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResult.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResult.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResult.java Sun May 20 18:53:07 2007 @@ -20,9 +20,12 @@ package org.apache.directory.server.core.partition.impl.btree; +import javax.naming.InvalidNameException; import javax.naming.directory.Attributes; import javax.naming.directory.SearchResult; +import org.apache.directory.shared.ldap.message.ServerSearchResult; + /** * A special search result that includes the unique database primary key or @@ -32,7 +35,7 @@ * @author Apache Directory Project * @version $Rev$ */ -public class BTreeSearchResult extends SearchResult +public class BTreeSearchResult extends ServerSearchResult { private static final long serialVersionUID = 3976739172700860977L; @@ -52,7 +55,7 @@ * @param obj the object if any * @param attrs the attributes of the entry */ - public BTreeSearchResult(Long id, String name, Object obj, Attributes attrs) + public BTreeSearchResult(Long id, String name, Object obj, Attributes attrs) throws InvalidNameException { super( name, obj, attrs ); this.id = id; @@ -68,7 +71,7 @@ * @param attrs the attributes of the entry * @param isRelative whether or not the name is relative to the base */ - public BTreeSearchResult(Long id, String name, Object obj, Attributes attrs, boolean isRelative) + public BTreeSearchResult(Long id, String name, Object obj, Attributes attrs, boolean isRelative) throws InvalidNameException { super( name, obj, attrs, isRelative ); this.id = id; @@ -84,7 +87,7 @@ * @param obj the object if any * @param attrs the attributes of the entry */ - public BTreeSearchResult(Long id, String name, String className, Object obj, Attributes attrs) + public BTreeSearchResult(Long id, String name, String className, Object obj, Attributes attrs) throws InvalidNameException { super( name, className, obj, attrs ); this.id = id; @@ -102,7 +105,7 @@ * @param isRelative whether or not the name is relative to the base */ public BTreeSearchResult(Long id, String name, String className, Object obj, Attributes attrs, - boolean isRelative) + boolean isRelative) throws InvalidNameException { super( name, className, obj, attrs, isRelative ); this.id = id; Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ExpressionEnumerator.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ExpressionEnumerator.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ExpressionEnumerator.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ExpressionEnumerator.java Sun May 20 18:53:07 2007 @@ -170,7 +170,7 @@ // Recursively create NamingEnumerations for each child expression node for ( int ii = 0; ii < childEnumerations.length; ii++ ) { - childEnumerations[ii] = enumerate( ( ExprNode ) children.get( ii ) ); + childEnumerations[ii] = enumerate( children.get( ii ) ); } return new DisjunctionEnumeration( childEnumerations ); @@ -234,8 +234,8 @@ private NamingEnumeration enumConj( final BranchNode node ) throws NamingException { int minIndex = 0; - int minValue = Integer.MAX_VALUE; - int value = Integer.MAX_VALUE; + long minValue = Long.MAX_VALUE; + long value = Long.MAX_VALUE; /* * We scan the child nodes of a branch node searching for the child @@ -246,8 +246,8 @@ final List children = node.getChildren(); for ( int ii = 0; ii < children.size(); ii++ ) { - ExprNode child = ( ExprNode ) children.get( ii ); - value = ( ( Long ) child.get( "count" ) ).intValue(); + ExprNode child = children.get( ii ); + value = ( Long ) child.get( "count" ); minValue = Math.min( minValue, value ); if ( minValue == value ) @@ -257,14 +257,14 @@ } // Once found we build the child enumeration & the wrapping enum - final ExprNode minChild = ( ExprNode ) children.get( minIndex ); + final ExprNode minChild = children.get( minIndex ); IndexAssertion assertion = new IndexAssertion() { public boolean assertCandidate( IndexRecord rec ) throws NamingException { for ( int ii = 0; ii < children.size(); ii++ ) { - ExprNode child = ( ExprNode ) children.get( ii ); + ExprNode child = children.get( ii ); // Skip the child (with min scan count) chosen for enum if ( child == minChild ) Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/referral/ReferralLut.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/referral/ReferralLut.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/referral/ReferralLut.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/referral/ReferralLut.java Sun May 20 18:53:07 2007 @@ -40,8 +40,9 @@ { /** the logger for this class */ private static final Logger log = LoggerFactory.getLogger( ReferralLut.class ); + /** the set of names in the LUT */ - private Set names = new HashSet(); + private Set names = new HashSet(); // ----------------------------------------------------------------------- @@ -56,8 +57,11 @@ public boolean isReferral( LdapDN dn ) { if ( dn == null ) + { throw new IllegalArgumentException( "dn cannot be null" ); - return names.contains( dn.toString() ); + } + + return names.contains( dn.getNormName() ); } @@ -69,7 +73,10 @@ public boolean isReferral( String dn ) { if ( dn == null ) + { throw new IllegalArgumentException( "dn cannot be null" ); + } + return names.contains( dn ); } @@ -84,24 +91,23 @@ public LdapDN getFarthestReferralAncestor( LdapDN dn ) { if ( dn == null ) + { throw new IllegalArgumentException( "dn cannot be null" ); + } + LdapDN farthest = new LdapDN(); + for ( int ii = 0; ii < dn.size(); ii++ ) { - try - { - farthest.add( dn.get( ii ) ); - } - catch ( InvalidNameException e ) - { - log.error( "Should never get this when moving names from a proper normalized name!", e ); - } + farthest.addNormalized( dn.getRdn( ii ) ); + // do not return dn if it is the farthest referral - if ( isReferral( farthest ) && farthest.size() != dn.size() ) + if ( isReferral( farthest ) && ( farthest.size() != dn.size() ) ) { return farthest; } } + return null; } @@ -116,7 +122,10 @@ public LdapDN getNearestReferralAncestor( LdapDN dn ) { if ( dn == null ) + { throw new IllegalArgumentException( "dn cannot be null" ); + } + LdapDN cloned = ( LdapDN ) dn.clone(); // do not return the argument dn if it is a referral (skip it) @@ -136,7 +145,7 @@ return null; } - while ( !isReferral( cloned ) && cloned.size() > 0 ) + while ( !isReferral( cloned ) && ( cloned.size() > 0 ) ) { try { @@ -147,6 +156,7 @@ log.error( "Should never get this when removing from a cloned normalized name!", e ); } } + return cloned.isEmpty() ? null : cloned; } @@ -163,10 +173,13 @@ public void referralAdded( LdapDN dn ) { if ( dn == null ) + { throw new IllegalArgumentException( "dn cannot be null" ); - if ( !names.add( dn.toString() ) && log.isWarnEnabled() ) + } + + if ( !names.add( dn.getNormName() ) && log.isWarnEnabled() ) { - log.warn( "found " + dn + " in refname lut while adding it" ); + log.warn( "found " + dn.getUpName() + " in refname lut while adding it" ); } } @@ -179,7 +192,10 @@ public void referralAdded( String dn ) { if ( dn == null ) + { throw new IllegalArgumentException( "dn cannot be null" ); + } + if ( !names.add( dn ) && log.isWarnEnabled() ) { log.warn( "found " + dn + " in refname lut while adding it" ); @@ -195,10 +211,13 @@ public void referralDeleted( LdapDN dn ) { if ( dn == null ) + { throw new IllegalArgumentException( "dn cannot be null" ); - if ( !names.remove( dn.toString() ) && log.isWarnEnabled() ) + } + + if ( !names.remove( dn.getNormName() ) && log.isWarnEnabled() ) { - log.warn( "cound not find " + dn + " in refname lut while deleting it" ); + log.warn( "cound not find " + dn.getUpName() + " in refname lut while deleting it" ); } } @@ -211,7 +230,10 @@ public void referralDeleted( String dn ) { if ( dn == null ) + { throw new IllegalArgumentException( "dn cannot be null" ); + } + if ( !names.remove( dn ) && log.isWarnEnabled() ) { log.warn( "cound not find " + dn + " in refname lut while deleting it" ); @@ -228,15 +250,19 @@ */ public void referralChanged( LdapDN oldDn, LdapDN newDn ) { - if ( oldDn == null || newDn == null ) + if ( ( oldDn == null ) || ( newDn == null ) ) + { throw new IllegalArgumentException( "old or new dn cannot be null" ); - if ( !names.remove( oldDn.toString() ) && log.isWarnEnabled() ) + } + + if ( !names.remove( oldDn.getNormName() ) && log.isWarnEnabled() ) { - log.warn( "cound not find old name (" + oldDn + ") in refname lut while moving or renaming it" ); + log.warn( "cound not find old name (" + oldDn.getUpName() + ") in refname lut while moving or renaming it" ); } - if ( !names.add( newDn.toString() ) && log.isWarnEnabled() ) + + if ( !names.add( newDn.getNormName() ) && log.isWarnEnabled() ) { - log.warn( "found new name (" + newDn + ") in refname lut while moving or renaming " + oldDn ); + log.warn( "found new name (" + newDn.getUpName() + ") in refname lut while moving or renaming " + oldDn ); } } @@ -250,12 +276,16 @@ */ public void referralChanged( String oldDn, String newDn ) { - if ( oldDn == null || newDn == null ) + if ( ( oldDn == null ) || ( newDn == null ) ) + { throw new IllegalArgumentException( "old or new dn cannot be null" ); + } + if ( !names.remove( oldDn ) && log.isWarnEnabled() ) { log.warn( "cound not find old name (" + oldDn + ") in refname lut while moving or renaming it" ); } + if ( !names.add( newDn ) && log.isWarnEnabled() ) { log.warn( "found new name (" + newDn + ") in refname lut while moving or renaming " + oldDn ); @@ -272,12 +302,16 @@ */ public void referralChanged( LdapDN oldDn, String newDn ) { - if ( oldDn == null || newDn == null ) + if ( ( oldDn == null ) || ( newDn == null ) ) + { throw new IllegalArgumentException( "old or new dn cannot be null" ); - if ( !names.remove( oldDn.toString() ) && log.isWarnEnabled() ) + } + + if ( !names.remove( oldDn.getNormName() ) && log.isWarnEnabled() ) { - log.warn( "cound not find old name (" + oldDn + ") in refname lut while moving or renaming it" ); + log.warn( "cound not find old name (" + oldDn.getUpName() + ") in refname lut while moving or renaming it" ); } + if ( !names.add( newDn ) && log.isWarnEnabled() ) { log.warn( "found new name (" + newDn + ") in refname lut while moving or renaming " + oldDn ); @@ -294,15 +328,19 @@ */ public void referralChanged( String oldDn, LdapDN newDn ) { - if ( oldDn == null || newDn == null ) + if ( ( oldDn == null ) || ( newDn == null ) ) + { throw new IllegalArgumentException( "old or new dn cannot be null" ); + } + if ( !names.remove( oldDn ) && log.isWarnEnabled() ) { log.warn( "cound not find old name (" + oldDn + ") in refname lut while moving or renaming it" ); } - if ( !names.add( newDn ) && log.isWarnEnabled() ) + + if ( !names.add( newDn.getNormName() ) && log.isWarnEnabled() ) { - log.warn( "found new name (" + newDn + ") in refname lut while moving or renaming " + oldDn ); + log.warn( "found new name (" + newDn.getUpName() + ") in refname lut while moving or renaming " + oldDn ); } } } Modified: directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java?view=diff&rev=539993&r1=539992&r2=539993 ============================================================================== --- directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java (original) +++ directory/apacheds/branches/kerberos-encryption-types/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java Sun May 20 18:53:07 2007 @@ -1079,7 +1079,13 @@ throw lre; } - + /** + * Check if the given name is a referral or not. + * + * @param name The DN to check + * @return true if the DN is a referral + * @throws NamingException I fthe DN is incorrect + */ public boolean isReferral( String name ) throws NamingException { if ( lut.isReferral( name ) ) @@ -1090,11 +1096,18 @@ LdapDN dn = new LdapDN( name ); dn.normalize( attrRegistry.getNormalizerMapping() ); - if ( lut.isReferral( dn ) ) - { - return true; - } + return lut.isReferral( dn ); + } - return false; + /** + * Check if the given name is a referral or not. + * + * @param name The DN to check + * @return true if the DN is a referral + * @throws NamingException I fthe DN is incorrect + */ + public boolean isReferral( LdapDN name ) throws NamingException + { + return lut.isReferral( name.isNormalized() ? name : LdapDN.normalize( name, attrRegistry.getNormalizerMapping() ) ); } }