directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r569731 - /directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java
Date Sat, 25 Aug 2007 20:35:47 GMT
Author: elecharny
Date: Sat Aug 25 13:35:46 2007
New Revision: 569731

URL: http://svn.apache.org/viewvc?rev=569731&view=rev
Log:
Fixed DIRSERVER-853 : added some checks in the isReferral() method

Modified:
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java?rev=569731&r1=569730&r2=569731&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java
Sat Aug 25 13:35:46 2007
@@ -78,6 +78,7 @@
 import org.apache.directory.shared.ldap.name.LdapDN;
 import org.apache.directory.shared.ldap.schema.AttributeType;
 import org.apache.directory.shared.ldap.util.AttributeUtils;
+import org.apache.directory.shared.ldap.util.StringTools;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -164,9 +165,107 @@
         {
             if ( SchemaConstants.REFERRAL_OC.equalsIgnoreCase( ( String ) oc.get( ii ) )
)
             {
+            	//We have a referral ObjectClass, let's check that the ref is
+            	// valid, accordingly to the RFC
+            	
+            	// Get the 'ref' attributeType
+            	Attribute ref = entry.get( SchemaConstants.REF_AT );
+            	
+            	if ( ref == null )
+            	{
+            		// very unlikely, as we have already checked the entry in SchemaService
+            		String message = "An entry with a 'referral' ObjectClass must contains a 'ref'
Attribute";
+            		log.error( message );
+            		throw new NamingException( message );
+            	}
+            	
+            	NamingEnumeration refs = ref.getAll();
+            	
+            	while ( refs.hasMoreElements() )
+            	{
+            		Object refObj = refs.nextElement(); 
+            		
+            		// it should be a String
+            		if ( refObj instanceof String )
+            		{
+            			String refVal = (String)refObj;
+            			
+            			try
+            			{
+            				LdapURL ldapUrl = new LdapURL( refVal );
+            				
+            				// We have a LDAP URL, we have to check that :
+            				// - we don't have scope specifier
+            				// - we don't have filters
+            				// - we don't have attribute description list
+            				// - we don't have extensions
+            				// - the DN is not empty
+            				
+            				if ( ldapUrl.getScope() != SearchControls.OBJECT_SCOPE )
+            				{
+            					// This is the default value if we don't have any scope
+            					// Let's assume that it's incorrect if we get something
+            					// else in the LdapURL
+            					String message = "An LDAPURL should not contains a scope";
+            					log.error( message );
+            					throw new NamingException( message );
+            				}
+            				
+            				if ( !StringTools.isEmpty( ldapUrl.getFilter() ) )
+            				{
+            					String message = "An LDAPURL should not contains filters";
+            					log.error( message );
+            					throw new NamingException( message );
+            				}
+            				
+            				if ( ( ldapUrl.getAttributes() != null ) && ( ldapUrl.getAttributes().size()
!= 0 ) )
+            				{
+            					String message = "An LDAPURL should not contains any description attribute
list";
+            					log.error( message );
+            					throw new NamingException( message );
+            				}
+            				
+            				if ( ( ldapUrl.getExtensions() != null ) && ( ldapUrl.getExtensions().size()
!= 0 ) )
+            				{
+            					String message = "An LDAPURL should not contains any extension";
+            					log.error( message );
+            					throw new NamingException( message );
+            				}
+            				
+            				if ( ( ldapUrl.getCriticalExtensions() != null ) && ( ldapUrl.getCriticalExtensions().size()
!= 0 ) )
+            				{
+            					String message = "An LDAPURL should not contains any critical extension";
+            					log.error( message );
+            					throw new NamingException( message );
+            				}
+            				
+            				LdapDN dn = ldapUrl.getDn();
+            				
+            				if ( ( dn == null ) || dn.isEmpty() )
+            				{
+            					String message = "An LDAPURL should contains a non-empty DN";
+            					log.error( message );
+            					throw new NamingException( message );
+            				}
+            			}
+            			catch ( LdapURLEncodingException luee )
+            			{
+            				// Either the URL is invalid, or it's not a LDAP URL.
+            				// we will just ignore this LdapURL.
+            				continue;
+            			}
+            		}
+            		else
+            		{
+            			String message = "Invalid referral value, it should be a String";
+            			log.error( message );
+            			throw new NamingException( message );
+            		}
+            	}
                 return true;
             }
         }
+        
         return false;
     }
 



Mime
View raw message