Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 76132 invoked from network); 24 May 2007 00:27:54 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 24 May 2007 00:27:53 -0000 Received: (qmail 68357 invoked by uid 500); 24 May 2007 00:27:58 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 68280 invoked by uid 500); 24 May 2007 00:27:57 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 68269 invoked by uid 99); 24 May 2007 00:27:57 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 23 May 2007 17:27:57 -0700 X-ASF-Spam-Status: No, hits=-98.6 required=10.0 tests=ALL_TRUSTED,INFO_TLD,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 23 May 2007 17:27:47 -0700 Received: by eris.apache.org (Postfix, from userid 65534) id 453C51A9825; Wed, 23 May 2007 17:27:27 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r541123 [4/25] - in /directory/apacheds/branches/apacheds-sasl-branch: ./ benchmarks/ bootstrap-extract/ bootstrap-extract/src/ bootstrap-extract/src/main/ bootstrap-extract/src/main/java/ bootstrap-extract/src/main/java/org/ bootstrap-extr... Date: Thu, 24 May 2007 00:27:07 -0000 To: commits@directory.apache.org From: erodriguez@apache.org X-Mailer: svnmailer-1.1.0 Message-Id: <20070524002727.453C51A9825@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Modified: directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceObjectClassChangeHandlingITest.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceObjectClassChangeHandlingITest.java?view=diff&rev=541123&r1=541122&r2=541123 ============================================================================== --- directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceObjectClassChangeHandlingITest.java (original) +++ directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceObjectClassChangeHandlingITest.java Wed May 23 17:26:40 2007 @@ -33,6 +33,7 @@ import javax.naming.directory.SearchResult; import org.apache.directory.server.core.unit.AbstractAdminTestCase; +import org.apache.directory.shared.ldap.constants.SchemaConstants; import org.apache.directory.shared.ldap.message.AttributeImpl; import org.apache.directory.shared.ldap.message.AttributesImpl; import org.apache.directory.shared.ldap.message.ModificationItemImpl; @@ -76,7 +77,7 @@ Attributes subentry = new AttributesImpl(); Attribute objectClass = new AttributeImpl( "objectClass" ); objectClass.add( "top" ); - objectClass.add( "subentry" ); + objectClass.add( SchemaConstants.SUBENTRY_OC ); objectClass.add( "collectiveAttributeSubentry" ); subentry.put( objectClass ); subentry.put( "subtreeSpecification", "{ specificationFilter item:organizationalPerson }" ); Modified: directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/AbstractTriggerServiceTest.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/AbstractTriggerServiceTest.java?view=diff&rev=541123&r1=541122&r2=541123 ============================================================================== --- directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/AbstractTriggerServiceTest.java (original) +++ directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/AbstractTriggerServiceTest.java Wed May 23 17:26:40 2007 @@ -33,6 +33,7 @@ import org.apache.directory.server.core.partition.PartitionNexus; import org.apache.directory.server.core.subtree.SubentryService; import org.apache.directory.server.core.unit.AbstractTestCase; +import org.apache.directory.shared.ldap.constants.SchemaConstants; import org.apache.directory.shared.ldap.message.AttributeImpl; import org.apache.directory.shared.ldap.message.AttributesImpl; @@ -171,7 +172,7 @@ Attribute objectClass = new AttributeImpl( "objectClass" ); subentry.put( objectClass ); objectClass.add( "top" ); - objectClass.add( "subentry" ); + objectClass.add( SchemaConstants.SUBENTRY_OC ); objectClass.add( "triggerExecutionSubentry" ); subentry.put( "subtreeSpecification", subtree ); subentry.put( "prescriptiveTriggerSpecification", triggerSpec ); Modified: directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/BackupUtilities.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/BackupUtilities.java?view=diff&rev=541123&r1=541122&r2=541123 ============================================================================== --- directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/BackupUtilities.java (original) +++ directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/BackupUtilities.java Wed May 23 17:26:40 2007 @@ -22,4 +22,11 @@ backupCtx.createSubcontext( deletedEntryRdn, deletedEntry ); log.info( "Backed up deleted entry to \"" + ( ( LdapContext ) backupCtx.lookup( deletedEntryRdn ) ).getNameInNamespace() + "\"" ); } + + public static void duplicateDeletedEntry( LdapContext ctx, Name deletedEntryName, Name operationPrincipal, Attributes deletedEntry ) throws NamingException + { + LdapContext backupCtx = ( LdapContext ) ctx.lookup( "ou=backupContext,ou=system" ); + String deletedEntryRdn = deletedEntryName.get( deletedEntryName.size() - 1 ); + backupCtx.createSubcontext( deletedEntryRdn + "," + deletedEntryRdn, deletedEntry ); + } } Modified: directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/DefaulTriggerServiceITest.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/DefaulTriggerServiceITest.java?view=diff&rev=541123&r1=541122&r2=541123 ============================================================================== --- directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/DefaulTriggerServiceITest.java (original) +++ directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/DefaulTriggerServiceITest.java Wed May 23 17:26:40 2007 @@ -54,7 +54,9 @@ // Create the Triger Specification within a Trigger Subentry. createTriggerSubentry( "triggerSubentry1", - "AFTER Delete CALL \"" + BackupUtilities.class.getName() + ".backupDeleted\" ( $ldapContext \"\", $name, $operationPrincipal, $deletedEntry )" ); + "AFTER Delete " + + " CALL \"" + BackupUtilities.class.getName() + ".backupDeleted\" ( $ldapContext \"\", $name, $operationPrincipal, $deletedEntry );" + + "CALL \"" + BackupUtilities.class.getName() + ".duplicateDeletedEntry\" ( $ldapContext \"\", $name, $operationPrincipal, $deletedEntry ); " ); // Create a test entry which is selected by the Trigger Subentry. Attributes testEntry = new AttributesImpl( "ou", "testou", true ); @@ -73,6 +75,7 @@ // Check if the Trigger really worked (backed up the deleted entry). assertNotNull( sysRoot.lookup( "ou=testou,ou=backupContext" ) ); + assertNotNull( sysRoot.lookup( "ou=testou,ou=testou,ou=backupContext" ) ); } /*public void testBeforeDeleteLogWarning() throws NamingException Modified: directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/SubentryServiceForTriggersITest.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/SubentryServiceForTriggersITest.java?view=diff&rev=541123&r1=541122&r2=541123 ============================================================================== --- directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/SubentryServiceForTriggersITest.java (original) +++ directory/apacheds/branches/apacheds-sasl-branch/core-unit/src/test/java/org/apache/directory/server/core/trigger/SubentryServiceForTriggersITest.java Wed May 23 17:26:40 2007 @@ -34,6 +34,7 @@ import org.apache.directory.server.core.subtree.SubentryService; import org.apache.directory.server.core.unit.AbstractAdminTestCase; +import org.apache.directory.shared.ldap.constants.SchemaConstants; import org.apache.directory.shared.ldap.exception.LdapNoSuchAttributeException; import org.apache.directory.shared.ldap.message.AttributeImpl; import org.apache.directory.shared.ldap.message.AttributesImpl; @@ -66,11 +67,11 @@ Attributes subentry = new AttributesImpl(); Attribute objectClass = new AttributeImpl( "objectClass" ); objectClass.add( "top" ); - objectClass.add( "subentry" ); + objectClass.add( SchemaConstants.SUBENTRY_OC ); objectClass.add( "triggerExecutionSubentry" ); subentry.put( objectClass ); subentry.put( "subtreeSpecification", "{ base \"ou=configuration\" }" ); - subentry.put( "prescriptiveTriggerSpecification", "AFTER Delete CALL \"LogUtils.logDelete\"($name)" ); + subentry.put( "prescriptiveTriggerSpecification", "AFTER Delete CALL \"LogUtils.logDelete\"($name);" ); subentry.put( "cn", "testsubentry" ); return subentry; } @@ -80,12 +81,12 @@ Attributes subentry = new AttributesImpl(); Attribute objectClass = new AttributeImpl( "objectClass" ); objectClass.add( "top" ); - objectClass.add( "subentry" ); + objectClass.add( SchemaConstants.SUBENTRY_OC ); objectClass.add( "triggerExecutionSubentry" ); subentry.put( objectClass ); String spec = "{ base \"ou=configuration\", specificExclusions { chopBefore:\"cn=unmarked\" } }"; subentry.put( "subtreeSpecification", spec ); - subentry.put( "prescriptiveTriggerSpecification", "AFTER Delete CALL \"LogUtils.logDelete\"($name)" ); + subentry.put( "prescriptiveTriggerSpecification", "AFTER Delete CALL \"LogUtils.logDelete\"($name);" ); subentry.put( "cn", "testsubentry" ); return subentry; } Modified: directory/apacheds/branches/apacheds-sasl-branch/core/pom.xml URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/core/pom.xml?view=diff&rev=541123&r1=541122&r2=541123 ============================================================================== --- directory/apacheds/branches/apacheds-sasl-branch/core/pom.xml (original) +++ directory/apacheds/branches/apacheds-sasl-branch/core/pom.xml Wed May 23 17:26:40 2007 @@ -4,7 +4,7 @@ org.apache.directory.server build - 1.5.0-SNAPSHOT + 1.5.1-SNAPSHOT apacheds-core ApacheDS Core Modified: directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java?view=diff&rev=541123&r1=541122&r2=541123 ============================================================================== --- directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java (original) +++ directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java Wed May 23 17:26:40 2007 @@ -20,6 +20,7 @@ package org.apache.directory.server.core; +import java.io.File; import java.io.IOException; import java.util.HashSet; import java.util.Hashtable; @@ -40,6 +41,10 @@ import org.apache.directory.server.core.configuration.StartupConfiguration; import org.apache.directory.server.core.interceptor.Interceptor; import org.apache.directory.server.core.interceptor.InterceptorChain; +import org.apache.directory.server.core.interceptor.context.AddContextPartitionOperationContext; +import org.apache.directory.server.core.interceptor.context.AddOperationContext; +import org.apache.directory.server.core.interceptor.context.EntryOperationContext; +import org.apache.directory.server.core.interceptor.context.LookupOperationContext; import org.apache.directory.server.core.jndi.AbstractContextFactory; import org.apache.directory.server.core.jndi.DeadContext; import org.apache.directory.server.core.jndi.PropertyKeys; @@ -57,14 +62,19 @@ import org.apache.directory.server.schema.bootstrap.CoreSchema; import org.apache.directory.server.schema.bootstrap.Schema; import org.apache.directory.server.schema.bootstrap.SystemSchema; +import org.apache.directory.server.schema.bootstrap.partition.DbFileListing; import org.apache.directory.server.schema.bootstrap.partition.SchemaPartitionExtractor; import org.apache.directory.server.schema.registries.AttributeTypeRegistry; import org.apache.directory.server.schema.registries.DefaultOidRegistry; import org.apache.directory.server.schema.registries.DefaultRegistries; import org.apache.directory.server.schema.registries.OidRegistry; import org.apache.directory.server.schema.registries.Registries; +import org.apache.directory.shared.ldap.constants.JndiPropertyConstants; +import org.apache.directory.shared.ldap.constants.SchemaConstants; +import org.apache.directory.shared.ldap.constants.ServerDNConstants; import org.apache.directory.shared.ldap.exception.LdapAuthenticationNotSupportedException; import org.apache.directory.shared.ldap.exception.LdapConfigurationException; +import org.apache.directory.shared.ldap.exception.LdapNamingException; import org.apache.directory.shared.ldap.exception.LdapNoPermissionException; import org.apache.directory.shared.ldap.ldif.Entry; import org.apache.directory.shared.ldap.message.AttributeImpl; @@ -87,7 +97,7 @@ class DefaultDirectoryService extends DirectoryService { private static final Logger log = LoggerFactory.getLogger( DefaultDirectoryService.class ); - private static final String BINARY_KEY = "java.naming.ldap.attributes.binary"; + private static final String BINARY_KEY = JndiPropertyConstants.JNDI_LDAP_ATTRIBUTES_BINARY; private final String instanceId; @@ -461,29 +471,29 @@ /* * If the admin entry is there, then the database was already created */ - if ( !partitionNexus.hasEntry( PartitionNexus.getAdminName() ) ) + if ( !partitionNexus.hasEntry( new EntryOperationContext( PartitionNexus.getAdminName() ) ) ) { firstStart = true; Attributes attributes = new AttributesImpl(); - Attribute objectClass = new AttributeImpl( "objectClass" ); - objectClass.add( "top" ); - objectClass.add( "person" ); - objectClass.add( "organizationalPerson" ); - objectClass.add( "inetOrgPerson" ); + Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT ); + objectClass.add( SchemaConstants.TOP_OC ); + objectClass.add( SchemaConstants.PERSON_OC ); + objectClass.add( SchemaConstants.ORGANIZATIONAL_PERSON_OC ); + objectClass.add( SchemaConstants.INET_ORG_PERSON_OC ); attributes.put( objectClass ); - attributes.put( "uid", PartitionNexus.ADMIN_UID ); - attributes.put( "userPassword", PartitionNexus.ADMIN_PASSWORD ); - attributes.put( "displayName", "Directory Superuser" ); - attributes.put( "cn", "system administrator" ); - attributes.put( "sn", "administrator" ); - attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); - attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() ); - attributes.put( "displayName", "Directory Superuser" ); + attributes.put( SchemaConstants.UID_AT, PartitionNexus.ADMIN_UID ); + attributes.put( SchemaConstants.USER_PASSWORD_AT, PartitionNexus.ADMIN_PASSWORD ); + attributes.put( SchemaConstants.DISPLAY_NAME_AT, "Directory Superuser" ); + attributes.put( SchemaConstants.CN_AT, "system administrator" ); + attributes.put( SchemaConstants.SN_AT, "administrator" ); + attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); + attributes.put( SchemaConstants.DISPLAY_NAME_AT, "Directory Superuser" ); - partitionNexus.add(PartitionNexus.getAdminName(), - attributes ); + partitionNexus.add( new AddOperationContext( PartitionNexus.getAdminName(), + attributes ) ); } // ------------------------------------------------------------------- @@ -494,21 +504,21 @@ LdapDN userDn = new LdapDN( "ou=users,ou=system" ); userDn.normalize( oidsMap ); - if ( !partitionNexus.hasEntry( userDn ) ) + if ( !partitionNexus.hasEntry( new EntryOperationContext( userDn ) ) ) { firstStart = true; Attributes attributes = new AttributesImpl(); - Attribute objectClass = new AttributeImpl( "objectClass" ); - objectClass.add( "top" ); - objectClass.add( "organizationalUnit" ); + Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT ); + objectClass.add( SchemaConstants.TOP_OC ); + objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC ); attributes.put( objectClass ); - attributes.put( "ou", "users" ); - attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); - attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() ); + attributes.put( SchemaConstants.OU_AT, "users" ); + attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); - partitionNexus.add( userDn, attributes ); + partitionNexus.add( new AddOperationContext( userDn, attributes ) ); } // ------------------------------------------------------------------- @@ -518,48 +528,47 @@ LdapDN groupDn = new LdapDN( "ou=groups,ou=system" ); groupDn.normalize( oidsMap ); - if ( !partitionNexus.hasEntry( groupDn ) ) + if ( !partitionNexus.hasEntry( new EntryOperationContext( groupDn ) ) ) { firstStart = true; Attributes attributes = new AttributesImpl(); - Attribute objectClass = new AttributeImpl( "objectClass" ); - objectClass.add( "top" ); - objectClass.add( "organizationalUnit" ); + Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT ); + objectClass.add( SchemaConstants.TOP_OC ); + objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC ); attributes.put( objectClass ); - attributes.put( "ou", "groups" ); - attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); - attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() ); + attributes.put( SchemaConstants.OU_AT, "groups" ); + attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); - partitionNexus.add( groupDn, attributes ); + partitionNexus.add( new AddOperationContext( groupDn, attributes ) ); } // ------------------------------------------------------------------- // create administrator group // ------------------------------------------------------------------- - String upName = "cn=Administrators,ou=groups,ou=system"; - LdapDN normName = new LdapDN( "cn=administrators,ou=groups,ou=system" ); - normName.normalize( oidsMap ); + LdapDN name = new LdapDN( ServerDNConstants.ADMINISTRATORS_GROUP_DN ); + name.normalize( oidsMap ); - if ( !partitionNexus.hasEntry( normName ) ) + if ( !partitionNexus.hasEntry( new EntryOperationContext( name ) ) ) { firstStart = true; Attributes attributes = new AttributesImpl(); - Attribute objectClass = new AttributeImpl( "objectClass" ); - objectClass.add( "top" ); - objectClass.add( "groupOfUniqueNames" ); + Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT ); + objectClass.add( SchemaConstants.TOP_OC ); + objectClass.add( SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC ); attributes.put( objectClass ); - attributes.put( "cn", "Administrators" ); - attributes.put( "uniqueMember", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); - attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); - attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() ); + attributes.put( SchemaConstants.CN_AT, "Administrators" ); + attributes.put( SchemaConstants.UNIQUE_MEMBER_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); - partitionNexus.add(normName, attributes ); + partitionNexus.add( new AddOperationContext( name, attributes ) ); - Interceptor authzInterceptor = interceptorChain.get( "authorizationService" ); + Interceptor authzInterceptor = interceptorChain.get( AuthorizationService.NAME ); if ( authzInterceptor == null ) { @@ -576,7 +585,7 @@ } AuthorizationService authzSrvc = ( AuthorizationService ) authzInterceptor; - authzSrvc.cacheNewGroup( upName, normName, attributes ); + authzSrvc.cacheNewGroup( name, attributes ); } @@ -587,21 +596,21 @@ LdapDN configurationDn = new LdapDN( "ou=configuration,ou=system" ); configurationDn.normalize( oidsMap ); - if ( !partitionNexus.hasEntry( configurationDn ) ) + if ( !partitionNexus.hasEntry( new EntryOperationContext( configurationDn ) ) ) { firstStart = true; Attributes attributes = new AttributesImpl(); - Attribute objectClass = new AttributeImpl( "objectClass" ); - objectClass.add( "top" ); - objectClass.add( "organizationalUnit" ); + Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT ); + objectClass.add( SchemaConstants.TOP_OC ); + objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC ); attributes.put( objectClass ); - attributes.put( "ou", "configuration" ); - attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); - attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() ); + attributes.put( SchemaConstants.OU_AT, "configuration" ); + attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); - partitionNexus.add( configurationDn, attributes ); + partitionNexus.add( new AddOperationContext( configurationDn, attributes ) ); } // ------------------------------------------------------------------- @@ -611,21 +620,21 @@ LdapDN partitionsDn = new LdapDN( "ou=partitions,ou=configuration,ou=system" ); partitionsDn.normalize( oidsMap ); - if ( !partitionNexus.hasEntry( partitionsDn ) ) + if ( !partitionNexus.hasEntry( new EntryOperationContext( partitionsDn ) ) ) { firstStart = true; Attributes attributes = new AttributesImpl(); - Attribute objectClass = new AttributeImpl( "objectClass" ); - objectClass.add( "top" ); - objectClass.add( "organizationalUnit" ); + Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT ); + objectClass.add( SchemaConstants.TOP_OC ); + objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC ); attributes.put( objectClass ); - attributes.put( "ou", "partitions" ); - attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); - attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() ); + attributes.put( SchemaConstants.OU_AT, "partitions" ); + attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); - partitionNexus.add( partitionsDn, attributes ); + partitionNexus.add( new AddOperationContext( partitionsDn, attributes ) ); } // ------------------------------------------------------------------- @@ -635,21 +644,21 @@ LdapDN servicesDn = new LdapDN( "ou=services,ou=configuration,ou=system" ); servicesDn.normalize( oidsMap ); - if ( !partitionNexus.hasEntry( servicesDn ) ) + if ( !partitionNexus.hasEntry( new EntryOperationContext( servicesDn ) ) ) { firstStart = true; Attributes attributes = new AttributesImpl(); - Attribute objectClass = new AttributeImpl( "objectClass" ); - objectClass.add( "top" ); - objectClass.add( "organizationalUnit" ); + Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT ); + objectClass.add( SchemaConstants.TOP_OC ); + objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC ); attributes.put( objectClass ); - attributes.put( "ou", "services" ); - attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); - attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() ); + attributes.put( SchemaConstants.OU_AT, "services" ); + attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); - partitionNexus.add( servicesDn, attributes ); + partitionNexus.add( new AddOperationContext( servicesDn, attributes ) ); } // ------------------------------------------------------------------- @@ -659,21 +668,21 @@ LdapDN interceptorsDn = new LdapDN( "ou=interceptors,ou=configuration,ou=system" ); interceptorsDn.normalize( oidsMap ); - if ( !partitionNexus.hasEntry( interceptorsDn ) ) + if ( !partitionNexus.hasEntry( new EntryOperationContext( interceptorsDn ) ) ) { firstStart = true; Attributes attributes = new AttributesImpl(); - Attribute objectClass = new AttributeImpl( "objectClass" ); - objectClass.add( "top" ); - objectClass.add( "organizationalUnit" ); + Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT ); + objectClass.add( SchemaConstants.TOP_OC ); + objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC ); attributes.put( objectClass ); - attributes.put( "ou", "interceptors" ); - attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); - attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() ); + attributes.put( SchemaConstants.OU_AT, "interceptors" ); + attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); - partitionNexus.add( interceptorsDn, attributes ); + partitionNexus.add( new AddOperationContext( interceptorsDn, attributes ) ); } // ------------------------------------------------------------------- @@ -683,22 +692,22 @@ LdapDN sysPrefRootDn = new LdapDN( "prefNodeName=sysPrefRoot,ou=system"); sysPrefRootDn.normalize( oidsMap ); - if ( !partitionNexus.hasEntry( sysPrefRootDn ) ) + if ( !partitionNexus.hasEntry( new EntryOperationContext( sysPrefRootDn ) ) ) { firstStart = true; Attributes attributes = new AttributesImpl(); - Attribute objectClass = new AttributeImpl( "objectClass" ); - objectClass.add( "top" ); - objectClass.add( "organizationalUnit" ); + Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT ); + objectClass.add( SchemaConstants.TOP_OC ); + objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC ); attributes.put( objectClass ); - attributes.put( "objectClass", "extensibleObject" ); + attributes.put( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.EXTENSIBLE_OBJECT_OC ); attributes.put( "prefNodeName", "sysPrefRoot" ); - attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); - attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() ); + attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ); + attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ); - partitionNexus.add( sysPrefRootDn, attributes ); + partitionNexus.add( new AddOperationContext( sysPrefRootDn, attributes ) ); } return firstStart; @@ -716,8 +725,8 @@ LdapDN adminDn = new LdapDN( PartitionNexus.ADMIN_PRINCIPAL ); adminDn.normalize( configuration.getRegistries().getAttributeTypeRegistry().getNormalizerMapping() ); - Attributes adminEntry = partitionNexus.lookup( adminDn ); - Object userPassword = adminEntry.get( "userPassword" ).get(); + Attributes adminEntry = partitionNexus.lookup( new LookupOperationContext( adminDn ) ); + Object userPassword = adminEntry.get( SchemaConstants.USER_PASSWORD_AT ).get(); if ( userPassword instanceof byte[] ) { needToChangeAdminPassword = PartitionNexus.ADMIN_PASSWORD.equals( new String( @@ -816,17 +825,21 @@ // If not present extract schema partition from jar // -------------------------------------------------------------------- - SchemaPartitionExtractor extractor = null; - try - { - extractor = new SchemaPartitionExtractor( startupConfiguration.getWorkingDirectory() ); - extractor.extract(); - } - catch ( IOException e ) + File schemaDirectory = new File( startupConfiguration.getWorkingDirectory(), "schema" ); + SchemaPartitionExtractor extractor = null; + if ( ! schemaDirectory.exists() ) { - NamingException ne = new NamingException( "Failed to extract pre-loaded schema partition." ); - ne.setRootCause( e ); - throw ne; + try + { + extractor = new SchemaPartitionExtractor( startupConfiguration.getWorkingDirectory() ); + extractor.extract(); + } + catch ( IOException e ) + { + NamingException ne = new NamingException( "Failed to extract pre-loaded schema partition." ); + ne.setRootCause( e ); + throw ne; + } } // -------------------------------------------------------------------- @@ -836,14 +849,26 @@ MutablePartitionConfiguration schemaPartitionConfig = new MutablePartitionConfiguration(); schemaPartitionConfig.setName( "schema" ); schemaPartitionConfig.setCacheSize( 1000 ); - schemaPartitionConfig.setIndexedAttributes( extractor.getDbFileListing().getIndexedAttributes() ); + + DbFileListing listing = null; + try + { + listing = new DbFileListing(); + } + catch( IOException e ) + { + throw new LdapNamingException( "Got IOException while trying to read DBFileListing: " + e.getMessage(), + ResultCodeEnum.OTHER ); + } + + schemaPartitionConfig.setIndexedAttributes( listing.getIndexedAttributes() ); schemaPartitionConfig.setOptimizerEnabled( true ); schemaPartitionConfig.setSuffix( "ou=schema" ); Attributes entry = new AttributesImpl(); - entry.put( "objectClass", "top" ); - entry.get( "objectClass" ).add( "organizationalUnit" ); - entry.put( "ou", "schema" ); + entry.put( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC ); + entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( SchemaConstants.ORGANIZATIONAL_UNIT_OC ); + entry.put( SchemaConstants.OU_AT, "schema" ); schemaPartitionConfig.setContextEntry( entry ); JdbmPartition schemaPartition = new JdbmPartition(); schemaPartition.init( configuration, schemaPartitionConfig ); @@ -931,7 +956,7 @@ for ( int i = 0; i < binaryArray.length; i++ ) { - binaries.add( StringTools.lowerCase( StringTools.trim( binaryArray[i] ) ) ); + binaries.add( StringTools.lowerCaseAscii( StringTools.trim( binaryArray[i] ) ) ); } } @@ -960,9 +985,10 @@ // add the lowercased name for the names for the attributeType String[] names = type.getNames(); + for ( int ii = 0; ii < names.length; ii++ ) { - binaries.add( StringTools.lowerCase( StringTools.trim( names[ii] ) ) ); + binaries.add( StringTools.lowerCaseAscii( StringTools.trim( names[ii] ) ) ); } } } @@ -975,7 +1001,7 @@ partitionNexus = new DefaultPartitionNexus( new AttributesImpl() ); partitionNexus.init( configuration, null ); - partitionNexus.addContextPartition( schemaPartitionConfig ); + partitionNexus.addContextPartition( new AddContextPartitionOperationContext( schemaPartitionConfig ) ); interceptorChain = new InterceptorChain(); interceptorChain.init( configuration ); Modified: directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java?view=diff&rev=541123&r1=541122&r2=541123 ============================================================================== --- directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java (original) +++ directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java Wed May 23 17:26:40 2007 @@ -98,7 +98,7 @@ /** * Implement your initialization code here. */ - protected void doInit() throws NamingException + protected void doInit() { } @@ -150,7 +150,6 @@ * @return the principal for the name * @throws NamingException if there is a problem parsing name */ - // does not seem to be used protected static LdapPrincipal createLdapPrincipal( String name, AuthenticationLevel authenticationLeve ) throws NamingException { Modified: directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java?view=diff&rev=541123&r1=541122&r2=541123 ============================================================================== --- directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java (original) +++ directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java Wed May 23 17:26:40 2007 @@ -33,7 +33,7 @@ import javax.naming.NamingEnumeration; import javax.naming.NamingException; import javax.naming.directory.Attributes; -import javax.naming.directory.SearchControls; +import javax.naming.directory.SearchResult; import org.apache.directory.server.core.DirectoryServiceConfiguration; import org.apache.directory.server.core.configuration.AuthenticatorConfiguration; @@ -41,16 +41,21 @@ import org.apache.directory.server.core.interceptor.BaseInterceptor; import org.apache.directory.server.core.interceptor.Interceptor; import org.apache.directory.server.core.interceptor.NextInterceptor; +import org.apache.directory.server.core.interceptor.context.AddOperationContext; +import org.apache.directory.server.core.interceptor.context.BindOperationContext; +import org.apache.directory.server.core.interceptor.context.LookupOperationContext; +import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext; +import org.apache.directory.server.core.interceptor.context.MoveOperationContext; +import org.apache.directory.server.core.interceptor.context.OperationContext; +import org.apache.directory.server.core.interceptor.context.RenameOperationContext; import org.apache.directory.server.core.invocation.InvocationStack; import org.apache.directory.server.core.jndi.LdapJndiProperties; import org.apache.directory.server.core.jndi.ServerContext; import org.apache.directory.shared.ldap.exception.LdapAuthenticationException; -import org.apache.directory.shared.ldap.filter.ExprNode; -import org.apache.directory.shared.ldap.util.AttributeUtils; import org.apache.directory.shared.ldap.message.MessageTypeEnum; -import org.apache.directory.shared.ldap.message.ModificationItemImpl; import org.apache.directory.shared.ldap.name.LdapDN; - +import org.apache.directory.shared.ldap.util.AttributeUtils; +import org.apache.directory.shared.ldap.util.StringTools; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -65,6 +70,9 @@ { private static final Logger log = LoggerFactory.getLogger( AuthenticationService.class ); + /** The service name */ + public static final String NAME = "authenticationService"; + /** Speedup for logs */ private static final boolean IS_DEBUG = log.isDebugEnabled(); @@ -80,7 +88,6 @@ { } - /** * Registers and initializes all {@link Authenticator}s to this service. */ @@ -107,7 +114,6 @@ /** * Deinitializes and deregisters all {@link Authenticator}s from this service. */ - @SuppressWarnings("unchecked") public void destroy() { Set> clonedAuthenticatorCollections = new HashSet>(); @@ -194,45 +200,46 @@ } - public void add( NextInterceptor next, LdapDN normName, Attributes entry ) throws NamingException + public void add( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Adding the entry " + AttributeUtils.toString( entry ) + " for DN = '" - + normName.getUpName() + "'" ); + log.debug( "Adding the entry " + + AttributeUtils.toString( ((AddOperationContext)opContext).getEntry() ) + + " for DN = '" + opContext.getDn().getUpName() + "'" ); } checkAuthenticated( MessageTypeEnum.ADD_REQUEST ); - next.add(normName, entry ); + next.add( opContext ); } - public void delete( NextInterceptor next, LdapDN name ) throws NamingException + public void delete( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Deleting name = '" + name.toString() + "'" ); + log.debug( "Deleting name = '" + opContext.getDn().getUpName() + "'" ); } checkAuthenticated( MessageTypeEnum.DEL_REQUEST ); - next.delete( name ); - invalidateAuthenticatorCaches( name ); + next.delete( opContext ); + invalidateAuthenticatorCaches( opContext.getDn() ); } - public LdapDN getMatchedName ( NextInterceptor next, LdapDN dn ) throws NamingException + public LdapDN getMatchedName ( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Matching name = '" + dn.toString() + "'" ); + log.debug( "Matching name = '" + opContext.getDn().getUpName() + "'" ); } checkAuthenticated(); - return next.getMatchedName( dn ); + return next.getMatchedName( opContext ); } - public Attributes getRootDSE( NextInterceptor next ) throws NamingException + public Attributes getRootDSE( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { @@ -240,59 +247,47 @@ } checkAuthenticated(); - return next.getRootDSE(); + return next.getRootDSE( opContext ); } - public LdapDN getSuffix ( NextInterceptor next, LdapDN dn ) throws NamingException + public LdapDN getSuffix ( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Getting suffix for name = '" + dn.toString() + "'" ); + log.debug( "Getting suffix for name = '" + opContext.getDn().getUpName() + "'" ); } checkAuthenticated(); - return next.getSuffix( dn ); + return next.getSuffix( opContext ); } - public boolean hasEntry( NextInterceptor next, LdapDN name ) throws NamingException + public boolean hasEntry( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Testing if entry name = '" + name.toString() + "' exists" ); + log.debug( "Testing if entry name = '" + opContext.getDn().getUpName() + "' exists" ); } checkAuthenticated(); - return next.hasEntry( name ); + return next.hasEntry( opContext ); } - public boolean isSuffix( NextInterceptor next, LdapDN name ) throws NamingException + public NamingEnumeration list( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Testing suffix for name = '" + name.toString() + "'" ); + log.debug( "Listing base = '" + opContext.getDn().getUpName() + "'" ); } checkAuthenticated(); - return next.isSuffix( name ); + return next.list( opContext ); } - public NamingEnumeration list( NextInterceptor next, LdapDN base ) throws NamingException - { - if ( IS_DEBUG ) - { - log.debug( "Listing base = '" + base.toString() + "'" ); - } - - checkAuthenticated(); - return next.list( base ); - } - - - public Iterator listSuffixes ( NextInterceptor next ) throws NamingException + public Iterator listSuffixes ( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { @@ -300,34 +295,33 @@ } checkAuthenticated(); - return next.listSuffixes(); + return next.listSuffixes( opContext ); } - public Attributes lookup( NextInterceptor next, LdapDN dn, String[] attrIds ) throws NamingException + public Attributes lookup( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Lookup name = '" + dn.toString() + "', attributes = " + attrIds ); - } - - checkAuthenticated(); - return next.lookup( dn, attrIds ); - } - - - public Attributes lookup( NextInterceptor next, LdapDN name ) throws NamingException - { - if ( IS_DEBUG ) - { - log.debug( "Lookup name = '" + name.toString() + "'" ); + LookupOperationContext ctx = (LookupOperationContext)opContext; + + List attrIds = ctx.getAttrsId(); + + if ( ( attrIds != null ) && ( attrIds.size() != 0 ) ) + { + String attrs = StringTools.listToString( attrIds ); + log.debug( "Lookup name = '" + ctx.getDn().getUpName() + "', attributes = " + attrs ); + } + else + { + log.debug( "Lookup name = '" + ctx.getDn().getUpName() + "', no attributes " ); + } } checkAuthenticated(); - return next.lookup( name ); + return next.lookup( opContext ); } - private void invalidateAuthenticatorCaches( LdapDN principalDn ) { for ( String authMech:authenticators.keySet() ) @@ -343,84 +337,74 @@ } - public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes mods ) throws NamingException + public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Modifying name = '" + name.toString() + "', modifs = " + AttributeUtils.toString( mods ) ); + log.debug( opContext.toString() ); } checkAuthenticated( MessageTypeEnum.MODIFY_REQUEST ); - next.modify( name, modOp, mods ); - invalidateAuthenticatorCaches( name ); + next.modify( opContext ); + invalidateAuthenticatorCaches( opContext.getDn() ); } - public void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] mods ) throws NamingException - { - if ( IS_DEBUG ) - { - log.debug( "Modifying name = '" + name.toString() + "'" ); - } - - checkAuthenticated( MessageTypeEnum.MODIFY_REQUEST ); - next.modify( name, mods ); - invalidateAuthenticatorCaches( name ); - } - - - public void modifyRn( NextInterceptor next, LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException + public void rename( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Modifying name = '" + name.toString() + "', new RDN = '" + newRn + "', oldRDN = '" - + deleteOldRn + "'" ); + log.debug( "Modifying name = '" + opContext.getDn().getUpName() + "', new RDN = '" + + ((RenameOperationContext)opContext).getNewRdn() + "', " + + "oldRDN = '" + ((RenameOperationContext)opContext).getDelOldDn() + "'" ); } checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST ); - next.modifyRn( name, newRn, deleteOldRn ); - invalidateAuthenticatorCaches( name ); + next.rename( opContext ); + invalidateAuthenticatorCaches( opContext.getDn() ); } - public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn ) + public void moveAndRename( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Moving name = '" + oriChildName.toString() + "' to name = '" + newParentName + "', new RDN = '" - + newRn + "', oldRDN = '" + deleteOldRn + "'" ); + log.debug( "Moving name = '" + opContext.getDn().getUpName() + "' to name = '" + + ((MoveAndRenameOperationContext)opContext).getParent() + "', new RDN = '" + + ((MoveAndRenameOperationContext)opContext).getNewRdn() + "', oldRDN = '" + + ((MoveAndRenameOperationContext)opContext).getDelOldDn() + "'" ); } checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST ); - next.move( oriChildName, newParentName, newRn, deleteOldRn ); - invalidateAuthenticatorCaches( oriChildName ); + next.moveAndRename( opContext ); + invalidateAuthenticatorCaches( opContext.getDn() ); } - public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName ) throws NamingException + public void move( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Moving name = '" + oriChildName.toString() + " to name = '" + newParentName + "'" ); + log.debug( "Moving name = '" + opContext.getDn().getUpName() + " to name = '" + + ((MoveOperationContext)opContext).getParent().getUpName() + "'" ); } checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST ); - next.move( oriChildName, newParentName ); - invalidateAuthenticatorCaches( oriChildName ); + next.move( opContext ); + invalidateAuthenticatorCaches( opContext.getDn() ); } - public NamingEnumeration search( NextInterceptor next, LdapDN base, Map env, ExprNode filter, - SearchControls searchCtls ) throws NamingException + public NamingEnumeration search( NextInterceptor next, OperationContext opContext ) throws NamingException { if ( IS_DEBUG ) { - log.debug( "Search for base = '" + base.toString() + "'" ); + log.debug( "Search for base = '" + opContext.getDn().getUpName() + "'" ); } checkAuthenticated( MessageTypeEnum.SEARCH_REQUEST ); - return next.search( base, env, filter, searchCtls ); + return next.search( opContext ); } @@ -456,19 +440,22 @@ } - public void bind( NextInterceptor next, LdapDN bindDn, byte[] credentials, List mechanisms, String saslAuthId ) - throws NamingException - { + public void bind( NextInterceptor next, OperationContext opContext ) + throws NamingException + { + // The DN is always normalized here + LdapDN normBindDn = opContext.getDn(); + String bindUpDn = normBindDn.getUpName(); if ( IS_DEBUG ) { - log.debug( "Bind operation. bindDn: " + bindDn ); + log.debug( "Bind operation. bindDn: " + bindUpDn ); } // check if we are already authenticated and if so we return making // sure first that the credentials are not exposed within context ServerContext ctx = ( ServerContext ) InvocationStack.getInstance().peek().getCaller(); - + if ( IS_DEBUG ) { log.debug( "bind: principal: " + ctx.getPrincipal() ); @@ -483,34 +470,38 @@ return; } - + // pick the first matching authenticator type Collection authenticators = null; - for ( String mechanism:mechanisms ) + for ( String mechanism:((BindOperationContext)opContext).getMechanisms() ) { authenticators = getAuthenticators( mechanism ); - + if ( authenticators != null ) { break; } } - + if ( authenticators == null ) { log.debug( "No authenticators found, delegating bind to the nexus." ); + // as a last resort try binding via the nexus - next.bind( bindDn, credentials, mechanisms, saslAuthId ); + next.bind( opContext ); + log.debug( "Nexus succeeded on bind operation." ); + // bind succeeded if we got this far - ctx.setPrincipal( new TrustedPrincipalWrapper( new LdapPrincipal( bindDn, LdapJndiProperties + ctx.setPrincipal( new TrustedPrincipalWrapper( new LdapPrincipal( normBindDn, LdapJndiProperties .getAuthenticationLevel( ctx.getEnvironment() ) ) ) ); + // remove creds so there is no security risk ctx.removeFromEnvironment( Context.SECURITY_CREDENTIALS ); return; } - + // TODO : we should refactor that. // try each authenticators for ( Authenticator authenticator:authenticators ) @@ -518,11 +509,14 @@ try { // perform the authentication - LdapPrincipal authorizationId = authenticator.authenticate( bindDn, ctx ); + LdapPrincipal authorizationId = authenticator.authenticate( normBindDn, ctx ); + // authentication was successful ctx.setPrincipal( new TrustedPrincipalWrapper( authorizationId ) ); + // remove creds so there is no security risk ctx.removeFromEnvironment( Context.SECURITY_CREDENTIALS ); + return; } catch ( LdapAuthenticationException e ) @@ -530,7 +524,7 @@ // authentication failed, try the next authenticator if ( log.isInfoEnabled() ) { - log.info( "Authenticator " + authenticator.getClass() + " failed to authenticate " + bindDn ); + log.info( "Authenticator " + authenticator.getClass() + " failed to authenticate " + bindUpDn ); } } catch ( Exception e ) @@ -538,11 +532,11 @@ // Log other exceptions than LdapAuthenticationException if ( log.isWarnEnabled() ) { - log.warn( "Unexpected exception from " + authenticator.getClass() + " for principal " + bindDn, e ); + log.warn( "Unexpected exception from " + authenticator.getClass() + " for principal " + bindUpDn, e ); } } } - + if ( log.isInfoEnabled() ) { log.info( "Cannot bind to the server " ); Modified: directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java?view=diff&rev=541123&r1=541122&r2=541123 ============================================================================== --- directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java (original) +++ directory/apacheds/branches/apacheds-sasl-branch/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java Wed May 23 17:26:40 2007 @@ -27,6 +27,7 @@ import org.apache.directory.shared.ldap.aci.AuthenticationLevel; import org.apache.directory.shared.ldap.name.LdapDN; +import org.apache.directory.shared.ldap.util.StringTools; /** @@ -41,13 +42,16 @@ private static final long serialVersionUID = 3906650782395676720L; /** the normalized distinguished name of the principal */ - private final Name name; + private final LdapDN name; /** the no name anonymous user whose DN is the empty String */ public static final LdapPrincipal ANONYMOUS = new LdapPrincipal(); /** the authentication level for this principal */ private final AuthenticationLevel authenticationLevel; + + /** The userPassword */ + private byte[] userPassword; /** @@ -58,10 +62,27 @@ * @param name the normalized distinguished name of the principal * @param authenticationLevel */ - LdapPrincipal( Name name, AuthenticationLevel authenticationLevel ) + LdapPrincipal( LdapDN name, AuthenticationLevel authenticationLevel ) { this.name = name; this.authenticationLevel = authenticationLevel; + this.userPassword = null; + } + + /** + * Creates a new LDAP/X500 principal without any group associations. Keep + * this package friendly so only code in the package can create a + * trusted principal. + * + * @param name the normalized distinguished name of the principal + * @param authenticationLevel + * @param userPassword The user password + */ + LdapPrincipal( LdapDN name, AuthenticationLevel authenticationLevel, byte[] userPassword ) + { + this.name = name; + this.authenticationLevel = authenticationLevel; + this.userPassword = userPassword; } @@ -71,8 +92,9 @@ */ private LdapPrincipal() { - this.name = new LdapDN(); - this.authenticationLevel = AuthenticationLevel.NONE; + name = new LdapDN(); + authenticationLevel = AuthenticationLevel.NONE; + userPassword = null; } @@ -93,7 +115,7 @@ */ public String getName() { - return name.toString(); + return name.getNormName(); } @@ -114,6 +136,18 @@ */ public String toString() { - return name.toString(); + return "['" + name.getUpName() + "', '" + StringTools.utf8ToString( userPassword ) +"']'"; + } + + + public byte[] getUserPassword() + { + return userPassword; + } + + + public void setUserPassword( byte[] userPassword ) + { + this.userPassword = userPassword; } }