Return-Path: Delivered-To: apmail-directory-commits-archive@www.apache.org Received: (qmail 69666 invoked from network); 24 Jul 2007 04:39:59 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 24 Jul 2007 04:39:59 -0000 Received: (qmail 52531 invoked by uid 500); 24 Jul 2007 04:40:00 -0000 Delivered-To: apmail-directory-commits-archive@directory.apache.org Received: (qmail 52476 invoked by uid 500); 24 Jul 2007 04:40:00 -0000 Mailing-List: contact commits-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@directory.apache.org Delivered-To: mailing list commits@directory.apache.org Received: (qmail 52465 invoked by uid 99); 24 Jul 2007 04:40:00 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 23 Jul 2007 21:39:59 -0700 X-ASF-Spam-Status: No, hits=-99.5 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 23 Jul 2007 21:39:57 -0700 Received: by eris.apache.org (Postfix, from userid 65534) id 36B6F1A981A; Mon, 23 Jul 2007 21:39:37 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r558926 - in /directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos: kdc/ kdc/authentication/ kdc/ticketgrant/ protocol/ Date: Tue, 24 Jul 2007 04:39:36 -0000 To: commits@directory.apache.org From: erodriguez@apache.org X-Mailer: svnmailer-1.1.0 Message-Id: <20070724043937.36B6F1A981A@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: erodriguez Date: Mon Jul 23 21:39:32 2007 New Revision: 558926 URL: http://svn.apache.org/viewvc?view=rev&rev=558926 Log: Clean-up of logging monitors in protocol-kerberos AS and TGS: o Reordered logged attributes to read more intuitively (start time before end time, etc.) o Minor refactoring to simply make AS and TGS monitors more similar. o Corrected service names used during logging, which was confusing. o Fixed error message logging, which never worked. Added: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/MonitorContext.java (contents, props changed) - copied, changed from r558907, directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorContext.java Removed: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorContext.java Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorReply.java directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationServiceChain.java directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorReply.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorReply.java?view=diff&rev=558926&r1=558925&r2=558926 ============================================================================== --- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorReply.java (original) +++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorReply.java Mon Jul 23 21:39:32 2007 @@ -20,7 +20,6 @@ package org.apache.directory.server.kerberos.kdc; -import org.apache.directory.server.kerberos.shared.messages.ErrorMessage; import org.apache.directory.server.kerberos.shared.messages.KdcReply; import org.apache.mina.common.IoSession; import org.apache.mina.handler.chain.IoHandlerCommand; @@ -37,37 +36,50 @@ /** the log for this class */ private static final Logger log = LoggerFactory.getLogger( MonitorReply.class ); + private String serviceName; + private String contextKey = "context"; + /** + * Creates a new instance of MonitorReply. + * + * @param serviceName + */ + public MonitorReply( String serviceName ) + { + this.serviceName = serviceName; + } + + public void execute( NextCommand next, IoSession session, Object message ) throws Exception { KdcContext kdcContext = ( KdcContext ) session.getAttribute( getContextKey() ); Object reply = kdcContext.getReply(); - if ( reply instanceof KdcReply ) + if ( log.isDebugEnabled() ) { - KdcReply success = ( KdcReply ) reply; - - if ( log.isDebugEnabled() ) + if ( reply instanceof KdcReply ) { + KdcReply success = ( KdcReply ) reply; + try { StringBuffer sb = new StringBuffer(); - sb.append( "Responding to authentication request with reply:" ); + sb.append( "Responding with " + serviceName + " reply:" ); + sb.append( "\n\t" + "messageType: " + success.getMessageType() ); + sb.append( "\n\t" + "protocolVersionNumber: " + success.getProtocolVersionNumber() ); + sb.append( "\n\t" + "nonce: " + success.getNonce() ); + sb.append( "\n\t" + "clientPrincipal: " + success.getClientPrincipal() ); sb.append( "\n\t" + "client realm: " + success.getClientRealm() ); - sb.append( "\n\t" + "server realm: " + success.getServerRealm() ); sb.append( "\n\t" + "serverPrincipal: " + success.getServerPrincipal() ); - sb.append( "\n\t" + "clientPrincipal: " + success.getClientPrincipal() ); - sb.append( "\n\t" + "hostAddresses: " + success.getClientAddresses() ); + sb.append( "\n\t" + "server realm: " + success.getServerRealm() ); + sb.append( "\n\t" + "auth time: " + success.getAuthTime() ); sb.append( "\n\t" + "start time: " + success.getStartTime() ); sb.append( "\n\t" + "end time: " + success.getEndTime() ); - sb.append( "\n\t" + "auth time: " + success.getAuthTime() ); - sb.append( "\n\t" + "renew till time: " + success.getRenewTill() ); - sb.append( "\n\t" + "messageType: " + success.getMessageType() ); - sb.append( "\n\t" + "nonce: " + success.getNonce() ); - sb.append( "\n\t" + "protocolVersionNumber: " + success.getProtocolVersionNumber() ); + sb.append( "\n\t" + "renew-till time: " + success.getRenewTill() ); + sb.append( "\n\t" + "hostAddresses: " + success.getClientAddresses() ); log.debug( sb.toString() ); } @@ -75,36 +87,6 @@ { // This is a monitor. No exceptions should bubble up. log.error( "Error in reply monitor", e ); - } - } - } - else - { - if ( reply instanceof ErrorMessage ) - { - ErrorMessage error = ( ErrorMessage ) reply; - - if ( log.isDebugEnabled() ) - { - try - { - StringBuffer sb = new StringBuffer(); - - sb.append( "Responding to authentication request with error:" ); - sb.append( "\n\t" + "serverPrincipal: " + error.getServerPrincipal() ); - sb.append( "\n\t" + "clientPrincipal: " + error.getClientPrincipal() ); - sb.append( "\n\t" + "server time: " + error.getClientTime() ); - sb.append( "\n\t" + "client time: " + error.getServerTime() ); - sb.append( "\n\t" + "error code: " + error.getErrorCode() ); - sb.append( "\n\t" + "explanatory text: " + error.getExplanatoryText() ); - - log.debug( sb.toString() ); - } - catch ( Exception e ) - { - // This is a monitor. No exceptions should bubble up. - log.error( "Error in reply monitor", e ); - } } } } Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java?view=diff&rev=558926&r1=558925&r2=558926 ============================================================================== --- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java (original) +++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java Mon Jul 23 21:39:32 2007 @@ -37,35 +37,49 @@ /** the log for this class */ private static final Logger log = LoggerFactory.getLogger( MonitorRequest.class ); + private String serviceName; + private String contextKey = "context"; + /** + * Creates a new instance of MonitorRequest. + * + * @param serviceName + */ + public MonitorRequest( String serviceName ) + { + this.serviceName = serviceName; + } + + public void execute( NextCommand next, IoSession session, Object message ) throws Exception { KdcContext kdcContext = ( KdcContext ) session.getAttribute( getContextKey() ); KdcRequest request = kdcContext.getRequest(); - String clientAddress = kdcContext.getClientAddress().getHostAddress(); if ( log.isDebugEnabled() ) { try { + String clientAddress = kdcContext.getClientAddress().getHostAddress(); + StringBuffer sb = new StringBuffer(); - sb.append( "Responding to authentication request:" ); - sb.append( "\n\t" + "realm: " + request.getRealm() ); - sb.append( "\n\t" + "serverPrincipal: " + request.getServerPrincipal() ); - sb.append( "\n\t" + "clientPrincipal: " + request.getClientPrincipal() ); - sb.append( "\n\t" + "clientAddress: " + clientAddress ); - sb.append( "\n\t" + "hostAddresses: " + request.getAddresses() ); - sb.append( "\n\t" + "encryptionType: " + getEncryptionTypes( request ) ); - sb.append( "\n\t" + "from krb time: " + request.getFrom() ); - sb.append( "\n\t" + "realm krb time: " + request.getRtime() ); - sb.append( "\n\t" + "kdcOptions: " + request.getKdcOptions() ); + sb.append( "Received " + serviceName + " request:" ); sb.append( "\n\t" + "messageType: " + request.getMessageType() ); - sb.append( "\n\t" + "nonce: " + request.getNonce() ); sb.append( "\n\t" + "protocolVersionNumber: " + request.getProtocolVersionNumber() ); - sb.append( "\n\t" + "till: " + request.getTill() ); + sb.append( "\n\t" + "clientAddress: " + clientAddress ); + sb.append( "\n\t" + "nonce: " + request.getNonce() ); + sb.append( "\n\t" + "kdcOptions: " + request.getKdcOptions() ); + sb.append( "\n\t" + "clientPrincipal: " + request.getClientPrincipal() ); + sb.append( "\n\t" + "serverPrincipal: " + request.getServerPrincipal() ); + sb.append( "\n\t" + "encryptionType: " + getEncryptionTypes( request ) ); + sb.append( "\n\t" + "realm: " + request.getRealm() ); + sb.append( "\n\t" + "from time: " + request.getFrom() ); + sb.append( "\n\t" + "till time: " + request.getTill() ); + sb.append( "\n\t" + "renew-till time: " + request.getRtime() ); + sb.append( "\n\t" + "hostAddresses: " + request.getAddresses() ); log.debug( sb.toString() ); } Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationServiceChain.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationServiceChain.java?view=diff&rev=558926&r1=558925&r2=558926 ============================================================================== --- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationServiceChain.java (original) +++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationServiceChain.java Mon Jul 23 21:39:32 2007 @@ -20,24 +20,39 @@ package org.apache.directory.server.kerberos.kdc.authentication; +import org.apache.directory.server.kerberos.kdc.MonitorReply; import org.apache.directory.server.kerberos.kdc.MonitorRequest; import org.apache.directory.server.kerberos.kdc.SelectEncryptionType; import org.apache.directory.server.kerberos.kdc.preauthentication.PreAuthenticationChain; import org.apache.mina.handler.chain.IoHandlerChain; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** + * KRB_AS_REQ verification and KRB_AS_REP generation. + * * @author Apache Directory Project * @version $Rev$, $Date$ */ public class AuthenticationServiceChain extends IoHandlerChain { + /** the log for this class */ + private static final Logger log = LoggerFactory.getLogger( AuthenticationServiceChain.class ); + + private String serviceName = "Authentication Service (AS)"; + + /** * Creates a new instance of AuthenticationServiceChain. */ public AuthenticationServiceChain() { - addLast( "monitorRequest", new MonitorRequest() ); + if ( log.isDebugEnabled() ) + { + addLast( "monitorRequest", new MonitorRequest( serviceName ) ); + } + addLast( "configureAuthenticationChain", new ConfigureAuthenticationChain() ); addLast( "selectEncryptionType", new SelectEncryptionType() ); addLast( "getClientEntry", new GetClientEntry() ); @@ -46,6 +61,17 @@ addLast( "getServerEntry", new GetServerEntry() ); addLast( "generateTicket", new GenerateTicket() ); addLast( "buildReply", new BuildReply() ); + + if ( log.isDebugEnabled() ) + { + addLast( "monitorContext", new MonitorContext( serviceName ) ); + } + + if ( log.isDebugEnabled() ) + { + addLast( "monitorReply", new MonitorReply( serviceName ) ); + } + addLast( "sealReply", new SealReply() ); } } Copied: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/MonitorContext.java (from r558907, directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorContext.java) URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/MonitorContext.java?view=diff&rev=558926&p1=directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorContext.java&r1=558907&p2=directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/MonitorContext.java&r2=558926 ============================================================================== --- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorContext.java (original) +++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/MonitorContext.java Mon Jul 23 21:39:32 2007 @@ -17,9 +17,15 @@ * under the License. * */ -package org.apache.directory.server.kerberos.kdc; +package org.apache.directory.server.kerberos.kdc.authentication; +import java.net.InetAddress; + +import javax.security.auth.kerberos.KerberosPrincipal; + +import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType; +import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry; import org.apache.mina.common.IoSession; import org.apache.mina.handler.chain.IoHandlerCommand; import org.slf4j.Logger; @@ -35,24 +41,64 @@ /** the log for this class */ private static final Logger log = LoggerFactory.getLogger( MonitorContext.class ); + private String serviceName; + private String contextKey = "context"; - public void execute( NextCommand next, IoSession session, Object message ) throws Exception + /** + * Creates a new instance of MonitorContext. + * + * @param serviceName + */ + public MonitorContext( String serviceName ) { - KdcContext kdcContext = ( KdcContext ) session.getAttribute( getContextKey() ); + this.serviceName = serviceName; + } + + public void execute( NextCommand next, IoSession session, Object message ) throws Exception + { if ( log.isDebugEnabled() ) { try { + AuthenticationContext authContext = ( AuthenticationContext ) session.getAttribute( getContextKey() ); + + long clockSkew = authContext.getConfig().getAllowableClockSkew(); + InetAddress clientAddress = authContext.getClientAddress(); + StringBuffer sb = new StringBuffer(); - sb.append( "Monitoring context:" ); - sb.append( "\n\t" + "config: " + kdcContext.getConfig() ); - sb.append( "\n\t" + "store: " + kdcContext.getStore() ); - sb.append( "\n\t" + "request: " + kdcContext.getRequest() ); - sb.append( "\n\t" + "reply: " + kdcContext.getReply() ); + sb.append( "Monitoring " + serviceName + " context:" ); + + sb.append( "\n\t" + "clockSkew " + clockSkew ); + sb.append( "\n\t" + "clientAddress " + clientAddress ); + + KerberosPrincipal clientPrincipal = authContext.getClientEntry().getPrincipal(); + PrincipalStoreEntry clientEntry = authContext.getClientEntry(); + + sb.append( "\n\t" + "principal " + clientPrincipal ); + sb.append( "\n\t" + "cn " + clientEntry.getCommonName() ); + sb.append( "\n\t" + "realm " + clientEntry.getRealmName() ); + sb.append( "\n\t" + "principal " + clientEntry.getPrincipal() ); + sb.append( "\n\t" + "SAM type " + clientEntry.getSamType() ); + + KerberosPrincipal serverPrincipal = authContext.getRequest().getServerPrincipal(); + PrincipalStoreEntry serverEntry = authContext.getServerEntry(); + + sb.append( "\n\t" + "principal " + serverPrincipal ); + sb.append( "\n\t" + "cn " + serverEntry.getCommonName() ); + sb.append( "\n\t" + "realm " + serverEntry.getRealmName() ); + sb.append( "\n\t" + "principal " + serverEntry.getPrincipal() ); + sb.append( "\n\t" + "SAM type " + serverEntry.getSamType() ); + + EncryptionType encryptionType = authContext.getEncryptionType(); + int clientKeyVersion = clientEntry.getKeyMap().get( encryptionType ).getKeyVersion(); + int serverKeyVersion = serverEntry.getKeyMap().get( encryptionType ).getKeyVersion(); + sb.append( "\n\t" + "Request key type " + encryptionType ); + sb.append( "\n\t" + "Client key version " + clientKeyVersion ); + sb.append( "\n\t" + "Server key version " + serverKeyVersion ); log.debug( sb.toString() ); } Propchange: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/MonitorContext.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/MonitorContext.java ------------------------------------------------------------------------------ --- svn:keywords (added) +++ svn:keywords Mon Jul 23 21:39:32 2007 @@ -0,0 +1,4 @@ +Rev +Revision +Date +Id Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java?view=diff&rev=558926&r1=558925&r2=558926 ============================================================================== --- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java (original) +++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java Mon Jul 23 21:39:32 2007 @@ -26,12 +26,9 @@ import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType; import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType; -import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest; import org.apache.directory.server.kerberos.shared.messages.components.Ticket; import org.apache.directory.server.kerberos.shared.messages.value.HostAddress; import org.apache.directory.server.kerberos.shared.messages.value.HostAddresses; -import org.apache.directory.server.kerberos.shared.replay.ReplayCache; -import org.apache.directory.server.kerberos.shared.store.PrincipalStore; import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry; import org.apache.mina.common.IoSession; import org.apache.mina.handler.chain.IoHandlerCommand; @@ -48,9 +45,22 @@ /** the log for this class */ private static final Logger log = LoggerFactory.getLogger( MonitorContext.class ); + private String serviceName; + private String contextKey = "context"; + /** + * Creates a new instance of MonitorContext. + * + * @param serviceName + */ + public MonitorContext( String serviceName ) + { + this.serviceName = serviceName; + } + + public void execute( NextCommand next, IoSession session, Object message ) throws Exception { if ( log.isDebugEnabled() ) @@ -59,11 +69,8 @@ { TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() ); - PrincipalStore store = tgsContext.getStore(); - ApplicationRequest authHeader = tgsContext.getAuthHeader(); Ticket tgt = tgsContext.getTgt(); long clockSkew = tgsContext.getConfig().getAllowableClockSkew(); - ReplayCache replayCache = tgsContext.getReplayCache(); ChecksumType checksumType = tgsContext.getAuthenticator().getChecksum().getChecksumType(); InetAddress clientAddress = tgsContext.getClientAddress(); HostAddresses clientAddresses = tgt.getClientAddresses(); @@ -76,10 +83,8 @@ StringBuffer sb = new StringBuffer(); - sb.append( "\n\t" + "store " + store ); - sb.append( "\n\t" + "authHeader " + authHeader ); - sb.append( "\n\t" + "tgt " + tgt ); - sb.append( "\n\t" + "replayCache " + replayCache ); + sb.append( "Monitoring " + serviceName + " context:" ); + sb.append( "\n\t" + "clockSkew " + clockSkew ); sb.append( "\n\t" + "checksumType " + checksumType ); sb.append( "\n\t" + "clientAddress " + clientAddress ); Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java?view=diff&rev=558926&r1=558925&r2=558926 ============================================================================== --- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java (original) +++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java Mon Jul 23 21:39:32 2007 @@ -39,6 +39,8 @@ /** the log for this class */ private static final Logger log = LoggerFactory.getLogger( TicketGrantingServiceChain.class ); + private String serviceName = "Ticket-Granting Service (TGS)"; + /** * Creates a new instance of TicketGrantingServiceChain. @@ -47,7 +49,7 @@ { if ( log.isDebugEnabled() ) { - addLast( "monitorRequest", new MonitorRequest() ); + addLast( "monitorRequest", new MonitorRequest( serviceName ) ); } addLast( "configureTicketGrantingChain", new ConfigureTicketGrantingChain() ); @@ -63,12 +65,12 @@ if ( log.isDebugEnabled() ) { - addLast( "monitorContext", new MonitorContext() ); + addLast( "monitorContext", new MonitorContext( serviceName ) ); } if ( log.isDebugEnabled() ) { - addLast( "monitorReply", new MonitorReply() ); + addLast( "monitorReply", new MonitorReply( serviceName ) ); } addLast( "sealReply", new SealReply() ); Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java?view=diff&rev=558926&r1=558925&r2=558926 ============================================================================== --- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java (original) +++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java Mon Jul 23 21:39:32 2007 @@ -196,7 +196,14 @@ log.warn( ke.getMessage() ); } - session.write( getErrorMessage( config.getServicePrincipal(), ke ) ); + ErrorMessage error = getErrorMessage( config.getServicePrincipal(), ke ); + + if ( log.isDebugEnabled() ) + { + logErrorMessage( error ); + } + + session.write( error ); } catch ( Exception e ) { @@ -231,6 +238,30 @@ modifier.setExplanatoryData( exception.getExplanatoryData() ); return modifier.getErrorMessage(); + } + + + protected void logErrorMessage( ErrorMessage error ) + { + try + { + StringBuffer sb = new StringBuffer(); + + sb.append( "Responding to request with error:" ); + sb.append( "\n\t" + "explanatory text: " + error.getExplanatoryText() ); + sb.append( "\n\t" + "error code: " + error.getErrorCode() ); + sb.append( "\n\t" + "clientPrincipal: " + error.getClientPrincipal() ); + sb.append( "\n\t" + "client time: " + error.getServerTime() ); + sb.append( "\n\t" + "serverPrincipal: " + error.getServerPrincipal() ); + sb.append( "\n\t" + "server time: " + error.getClientTime() ); + + log.debug( sb.toString() ); + } + catch ( Exception e ) + { + // This is a monitor. No exceptions should bubble up. + log.error( "Error in reply monitor", e ); + } }