directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: r544736 - in /directory/apacheds/trunk: kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/ protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/
Date Wed, 06 Jun 2007 05:46:06 GMT
Author: erodriguez
Date: Tue Jun  5 22:46:05 2007
New Revision: 544736

URL: http://svn.apache.org/viewvc?view=rev&rev=544736
Log:
Added distinguished name (DN) to the available attributes resulting from principal retrieval.
 This is required for SASL GSSAPI but was not supported by kerberos-shared.  kerberos-shared
now supports DN, so the mostly duplicated GetPrincipal in protocol-ldap was removed and the
GetPrincipal in kerberos-shared is used in its place.

Removed:
    directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetPrincipal.java
Modified:
    directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
    directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
    directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GssapiCallbackHandler.java

Modified: directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java?view=diff&rev=544736&r1=544735&r2=544736
==============================================================================
--- directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
(original)
+++ directory/apacheds/trunk/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
Tue Jun  5 22:46:05 2007
@@ -63,7 +63,7 @@
     /**
      * Creates the action to be used against the embedded ApacheDS DIT.
      * 
-     * @param principal 
+     * @param principal The principal to search for in the directory.
      */
     public GetPrincipal( KerberosPrincipal principal )
     {
@@ -83,7 +83,7 @@
         }
 
         String[] attrIDs =
-            { KerberosAttribute.PRINCIPAL, KerberosAttribute.VERSION, KerberosAttribute.TYPE,
KerberosAttribute.KEY,
+            { KerberosAttribute.PRINCIPAL, KerberosAttribute.VERSION, KerberosAttribute.KEY,
                 KerberosAttribute.SAM_TYPE, KerberosAttribute.ACCOUNT_DISABLED,
                 KerberosAttribute.ACCOUNT_EXPIRATION_TIME, KerberosAttribute.ACCOUNT_LOCKEDOUT
};
 
@@ -107,7 +107,8 @@
                     return null;
                 }
 
-                entry = getEntry( attrs );
+                String distinguishedName = result.getName();
+                entry = getEntry( distinguishedName, attrs );
             }
         }
         catch ( NamingException e )
@@ -122,25 +123,22 @@
     /**
      * Marshals an a PrincipalStoreEntry from an Attributes object.
      *
+     * @param dn the distinguished name of the Kerberos principal
      * @param attrs the attributes of the Kerberos principal
      * @return the entry for the principal
      * @throws NamingException if there are any access problems
      */
-    private PrincipalStoreEntry getEntry( Attributes attrs ) throws NamingException
+    private PrincipalStoreEntry getEntry( String distinguishedName, Attributes attrs ) throws
NamingException
     {
         PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier();
 
+        modifier.setDistinguishedName( distinguishedName );
+
         String principal = ( String ) attrs.get( KerberosAttribute.PRINCIPAL ).get();
         modifier.setPrincipal( new KerberosPrincipal( principal ) );
 
         String keyVersionNumber = ( String ) attrs.get( KerberosAttribute.VERSION ).get();
         modifier.setKeyVersionNumber( Integer.parseInt( keyVersionNumber ) );
-
-        if ( attrs.get( KerberosAttribute.TYPE ) != null )
-        {
-            String val = ( String ) attrs.get( KerberosAttribute.TYPE ).get();
-            modifier.setEncryptionType( Integer.parseInt( val ) );
-        }
 
         if ( attrs.get( KerberosAttribute.ACCOUNT_DISABLED ) != null )
         {

Modified: directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java?view=diff&rev=544736&r1=544735&r2=544736
==============================================================================
--- directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
(original)
+++ directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
Tue Jun  5 22:46:05 2007
@@ -41,6 +41,7 @@
 import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
 import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
 import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
+import org.apache.directory.server.kerberos.shared.store.operations.GetPrincipal;
 import org.apache.directory.server.ldap.LdapConfiguration;
 import org.apache.directory.server.ldap.constants.SupportedSASLMechanisms;
 import org.apache.directory.server.protocol.shared.ServiceConfigurationException;

Modified: directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GssapiCallbackHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GssapiCallbackHandler.java?view=diff&rev=544736&r1=544735&r2=544736
==============================================================================
--- directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GssapiCallbackHandler.java
(original)
+++ directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GssapiCallbackHandler.java
Tue Jun  5 22:46:05 2007
@@ -27,6 +27,8 @@
 import javax.security.auth.kerberos.KerberosPrincipal;
 import javax.security.sasl.AuthorizeCallback;
 
+import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
+import org.apache.directory.server.kerberos.shared.store.operations.GetPrincipal;
 import org.apache.mina.common.IoSession;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -75,9 +77,8 @@
         String username = authorizeCB.getAuthorizationID();
 
         GetPrincipal getPrincipal = new GetPrincipal( new KerberosPrincipal( username ) );
-        // Don't actually want the entry, rather the hacked in dn.
-        getPrincipal.execute( ctx, null );
-        String bindDn = getPrincipal.getDn();
+        PrincipalStoreEntry entry = ( PrincipalStoreEntry ) getPrincipal.execute( ctx, null
);
+        String bindDn = entry.getDistinguishedName();
 
         log.debug( "Converted username " + username + " to DN " + bindDn + "." );
         session.setAttribute( Context.SECURITY_PRINCIPAL, bindDn );



Mime
View raw message