directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r586084 [3/4] - in /directory/sandbox/djencks/triplesec-jacc2: ./ admin-api2/src/main/java/org/apache/directory/triplesec/admin/ admin-api2/src/test/java/org/apache/directory/triplesec/admin/ changelog/src/main/java/org/apache/directory/tri...
Date Thu, 18 Oct 2007 19:02:13 GMT
Modified: directory/sandbox/djencks/triplesec-jacc2/itest-data/src/main/resources/server.xml
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/itest-data/src/main/resources/server.xml?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/itest-data/src/main/resources/server.xml (original)
+++ directory/sandbox/djencks/triplesec-jacc2/itest-data/src/main/resources/server.xml Thu Oct 18 12:02:07 2007
@@ -1,183 +1,28 @@
 <?xml version="1.0" encoding="UTF-8"?>
 
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
-        "http://www.springframework.org/dtd/spring-beans.dtd">
 
-<beans>
-  <!-- bean I didn't convert -->
-  <bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
-    <property name="properties">
-      <props>
-        <!-- JNDI security properties used to get initial contexts.         -->
-        <prop key="java.naming.security.authentication">simple</prop>
-        <prop key="java.naming.security.principal">uid=admin,ou=system</prop>
-        <prop key="java.naming.security.credentials">secret</prop>
-        <prop key="java.naming.provider.url">dc=example,dc=com</prop>
-        <prop key="java.naming.factory.state">org.apache.directory.triplesec.store.ProfileStateFactory</prop>
-        <prop key="java.naming.factory.object">org.apache.directory.triplesec.store.ProfileObjectFactory</prop>
-
-        <!--
-        <prop key="kdc.primary.realm">EXAMPLE.COM</prop>
-        <prop key="kdc.principal">krbtgt/EXAMPLE.COM@EXAMPLE.COM</prop>
-        <prop key="kdc.encryption.types">des-cbc-md5 des3-cbc-sha1 des3-cbc-md5 des-cbc-md4 des-cbc-crc</prop>
-        <prop key="kdc.entryBaseDn">ou=users,dc=example,dc=com</prop>
-        <prop key="kdc.java.naming.security.credentials">secret</prop>
-
-        <prop key="changepw.entryBaseDn">ou=users,dc=example,dc=com</prop>
-        <prop key="changepw.java.naming.security.credentials">secret</prop>
-        <prop key="changepw.principal">kadmin/changepw@EXAMPLE.COM</prop>
-
-        -->
-        <!-- All times are in minutes -->
-        <!--
-                <prop key="kdc.allowable.clockskew">5</prop>
-                <prop key="kdc.tgs.maximum.ticket.lifetime">1440</prop>
-                <prop key="kdc.tgs.maximum.renewable.lifetime">10080</prop>
-                <prop key="kdc.pa.enc.timestamp.required">true</prop>
-                <prop key="kdc.tgs.empty.addresses.allowed">true</prop>
-                <prop key="kdc.tgs.forwardable.allowed">true</prop>
-                <prop key="kdc.tgs.proxiable.allowed">true</prop>
-                <prop key="kdc.tgs.postdate.allowed">true</prop>
-                <prop key="kdc.tgs.renewable.allowed">true</prop>
-        -->
-
-        <prop key="triplesec.entry.basedn">ou=Users,dc=example,dc=com</prop>
-        <prop key="triplesec.load.testdata">true</prop>
-        <prop key="kerberos.sam.type.7">org.apache.directory.triplesec.verifier.hotp.DefaultHotpSamVerifier</prop>
-      </props>
-    </property>
-  </bean>
-
-
-  <mutableServerStartupConfiguration id="configuration" xmlns="http://apacheds.org/config/1.0"
-                                     workingDirectory="example.com"
-                                     synchPeriodMillis="15000"
-                                     maxThreads="8"
-                                     allowAnonymousAccess="false"
-                                     accessControlEnabled="false"
-                                     denormalizeOpAttrsEnabled="false"
-                                     ldifDirectory="serverHome/conf"
-          >
-
-    <changePasswordConfiguration>
-      <changePasswordConfiguration
-              enabled="false"
-              ipPort="1464">
-      </changePasswordConfiguration>
-    </changePasswordConfiguration>
-
-    <ntpConfiguration>
-      <ntpConfiguration
-              enabled="false"
-              ipPort="123">
-      </ntpConfiguration>
-    </ntpConfiguration>
-
-    <dnsConfiguration>
-      <dnsConfiguration
-              enabled="false"
-              ipPort="53">
-      </dnsConfiguration>
-    </dnsConfiguration>
-
-    <kdcConfiguration>
-      <kdcConfiguration
-              enabled="false"
-              ipPort="1088">
-      </kdcConfiguration>
-    </kdcConfiguration>
-
-    <ldapsConfiguration>
-      <ldapConfiguration id="ldapsConfiguration"
-                         enabled="false"
-                         ipPort="636"
-                         enableLdaps="true">
-      </ldapConfiguration>
-    </ldapsConfiguration>
-
-    <ldapConfiguration>
-      <ldapConfiguration id="ldapConfiguration"
-                         ipPort="10389"
-                         allowAnonymousAccess="false"
-                         saslHost="ldap.example.com"
-                         saslPrincipal="ldap/ldap.example.com@EXAMPLE.COM"
-                         searchBaseDn="ou=users,ou=system"
-                         maxTimeLimit="15000"
-                         maxSizeLimit="1000">
-
-        <!-- The list of supported authentication mechanisms.                   -->
-        <supportedMechanisms>
-          <value xmlns="http://www.springframework.org/schema/beans">SIMPLE</value>
-          <value xmlns="http://www.springframework.org/schema/beans">CRAM-MD5</value>
-          <value xmlns="http://www.springframework.org/schema/beans">DIGEST-MD5</value>
-          <!--<value xmlns="http://www.springframework.org/schema/beans">GSSAPI</value>-->
-        </supportedMechanisms>
-
-        <!-- The desired quality-of-protection, used by DIGEST-MD5 and GSSAPI.  -->
-        <saslQop>
-          <value xmlns="http://www.springframework.org/schema/beans">auth</value>
-          <value xmlns="http://www.springframework.org/schema/beans">auth-int</value>
-          <value xmlns="http://www.springframework.org/schema/beans">auth-conf</value>
-        </saslQop>
-
-        <!-- The realms serviced by this SASL host, used by DIGEST-MD5 and GSSAPI. -->
-        <saslRealms>
-          <value xmlns="http://www.springframework.org/schema/beans">example.com</value>
-          <value xmlns="http://www.springframework.org/schema/beans">apache.org</value>
-        </saslRealms>
-
-        <!-- the collection of extended operation handlers to install           -->
-        <extendedOperationHandlers>
-          <!--startTlsHandler/-->
-          <gracefulShutdownHandler/>
-          <launchDiagnosticUiHandler/>
-          <!-- The Stored Procedure Extended Operation is not stable yet and it may cause security risks.-->
-          <!--storedProcedureExtendedOperationHandler/-->
-        </extendedOperationHandlers>
-      </ldapConfiguration>
-    </ldapConfiguration>
-
-    <systemPartitionConfiguration>
-      <!-- use the following partitionConfiguration to override defaults for  -->
-      <!-- the system partition                                               -->
-      <mutableBTreePartitionConfiguration id="systemPartitionConfiguration"
-                                          name="system"
-                                          cacheSize="100"
-                                          suffix="ou=system"
-                                          optimizerEnabled="true"
-                                          synchOnWrite="true"
-                                          partitionClassName="org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition">
+<spring:beans xmlns:spring="http://xbean.apache.org/schemas/spring/1.0" xmlns="http://apacheds.org/config/1.0">
+
+  <defaultDirectoryService id="directoryService" instanceId="default"
+                           workingDirectory="example.com"
+                           allowAnonymousAccess="true"
+                           accessControlEnabled="false"
+                           denormalizeOpAttrsEnabled="false">
+    <systemPartition>
+      <!-- use the following partitionConfiguration to override defaults for -->
+      <!-- the system partition                                              -->
+      <jdbmPartition id="system" cacheSize="100" suffix="ou=system" optimizerEnabled="true" syncOnWrite="true">
         <indexedAttributes>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.1"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.2"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.3"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.4"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.5"
-                  cacheSize="10"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.6"
-                  cacheSize="10"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.7"
-                  cacheSize="10"/>
-          <mutableIndexConfiguration
-                  attributeId="ou"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="uid"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="objectClass"
-                  cacheSize="100"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.1" cacheSize="100"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.2" cacheSize="100"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.3" cacheSize="100"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.4" cacheSize="100"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.5" cacheSize="10"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.6" cacheSize="10"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.7" cacheSize="10"/>
+          <jdbmIndex attributeId="ou" cacheSize="100"/>
+          <jdbmIndex attributeId="uid" cacheSize="100"/>
+          <jdbmIndex attributeId="objectClass" cacheSize="100"/>
         </indexedAttributes>
         <contextEntry>
           <value xmlns="http://www.springframework.org/schema/beans">
@@ -187,54 +32,28 @@
             ou: system
           </value>
         </contextEntry>
-      </mutableBTreePartitionConfiguration>
-    </systemPartitionConfiguration>
+      </jdbmPartition>
+    </systemPartition>
 
-    <partitionConfigurations>
-      <mutableBTreePartitionConfiguration id="examplePartitionConfiguration"
-                                          name="example"
-                                          cacheSize="100"
-                                          suffix="dc=example,dc=com"
-                                          optimizerEnabled="true"
-                                          synchOnWrite="true"
-                                          partitionClassName="org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition">
+    <partitions>
+      <!-- NOTE: when specifying new partitions you need not include those   -->
+      <!-- attributes below with OID's which are the system indices, if left -->
+      <!-- out they will be automatically configured for you with defaults.  -->
+      <jdbmPartition id="example" cacheSize="100" suffix="dc=example,dc=com" optimizerEnabled="true"
+                     syncOnWrite="true">
         <indexedAttributes>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.1"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.2"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.3"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.4"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.5"
-                  cacheSize="10"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.6"
-                  cacheSize="10"/>
-          <mutableIndexConfiguration
-                  attributeId="1.3.6.1.4.1.18060.0.4.1.2.7"
-                  cacheSize="10"/>
-          <mutableIndexConfiguration
-                  attributeId="dc"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="ou"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="krb5PrincipalName"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="uid"
-                  cacheSize="100"/>
-          <mutableIndexConfiguration
-                  attributeId="objectClass"
-                  cacheSize="100"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.1" cacheSize="100"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.2" cacheSize="100"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.3" cacheSize="100"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.4" cacheSize="100"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.5" cacheSize="10"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.6" cacheSize="10"/>
+          <jdbmIndex attributeId="1.3.6.1.4.1.18060.0.4.1.2.7" cacheSize="10"/>
+          <jdbmIndex attributeId="dc" cacheSize="100"/>
+          <jdbmIndex attributeId="ou" cacheSize="100"/>
+          <jdbmIndex attributeId="krb5PrincipalName" cacheSize="100"/>
+          <jdbmIndex attributeId="uid" cacheSize="100"/>
+          <jdbmIndex attributeId="objectClass" cacheSize="100"/>
         </indexedAttributes>
         <contextEntry>
           <value xmlns="http://www.springframework.org/schema/beans">
@@ -244,54 +63,144 @@
             dc: example
           </value>
         </contextEntry>
-      </mutableBTreePartitionConfiguration>
-    </partitionConfigurations>
+      </jdbmPartition>
+    </partitions>
 
     <interceptors>
-      <normalizationService/>
-      <authenticationService/>
-      <referralService/>
-      <authorizationService/>
-      <defaultAuthorizationService/>
-      <exceptionService/>
-      <operationalAttributeService/>
-      <!-- Uncomment to enable the password policy service
-      <passwordPolicyService/>
-      <keyDerivationService/>
+      <normalizationInterceptor/>
+      <authenticationInterceptor/>
+      <referralInterceptor/>
+      <aciAuthorizationInterceptor/>
+      <defaultAuthorizationInterceptor/>
+      <exceptionInterceptor/>
+      <operationalAttributeInterceptor/>
+
+      <!-- Uncomment to enable the password policy interceptor
+      <passwordPolicyInterceptor/>
+      <keyDerivationInterceptor/>
       -->
-      <schemaService/>
-      <subentryService/>
-      <collectiveAttributeService/>
-      <eventService/>
+
+      <schemaInterceptor/>
+      <subentryInterceptor/>
+      <collectiveAttributeInterceptor/>
+      <eventInterceptor/>
       <policyProtectionInterceptor xmlns="http://triplesec.directory.apache.org/config/1.0"/>
-      <triggerService/>
+      <triggerInterceptor/>
 
-      <!-- Uncomment to enable replication service -->
-      <!--
-              <replicationService >
-                <configuration>
-                  <replicationConfiguration
-                    serverPort="10390"
-                    peerReplicas="instance_b@localhost:10392">
-                    <replicaId>
-                      <replicaId id="instance_a"/>
-                    </replicaId>
-                  </replicationConfiguration>
-                </configuration>
-              </replicationService>
+      <!-- Uncomment to enable replication interceptor
+      <replicationInterceptor>
+        <configuration>
+          <replicationConfiguration serverPort="10390" peerReplicas="instance_b@localhost:10392">
+            <replicaId>
+              <replicaId id="instance_a"/>
+            </replicaId>
+          </replicationConfiguration>
+        </configuration>
+      </replicationInterceptor>
       -->
     </interceptors>
-  </mutableServerStartupConfiguration>
+  </defaultDirectoryService>
 
+  <standardThreadPool id="standardThreadPool" maxThreads="8"/>
+  <datagramAcceptor id="datagramAcceptor" logicExecutor="#standardThreadPool"/>
+  <socketAcceptor id="socketAcceptor" logicExecutor="#standardThreadPool"/>
+
+<!--  missing  atou=users,dc=example,dc=com
+  <changePasswordServer ipPort="60464">
+    <directoryService>#directoryService</directoryService>
+    <datagramAcceptor>#datagramAcceptor</datagramAcceptor>
+    <socketAcceptor>#socketAcceptor</socketAcceptor>
+  </changePasswordServer>
+-->
+<!--  missing atou=users,dc=example,dc=com
+  <kdcServer ipPort="60088">
+    <directoryService>#directoryService</directoryService>
+    <datagramAcceptor>#datagramAcceptor</datagramAcceptor>
+    <socketAcceptor>#socketAcceptor</socketAcceptor>
+  </kdcServer>
+-->
+  <ntpServer ipPort="60123">
+    <datagramAcceptor>#datagramAcceptor</datagramAcceptor>
+    <socketAcceptor>#socketAcceptor</socketAcceptor>
+  </ntpServer>
+<!--  missing atou=users,dc=example,dc=com
+  <dnsServer ipPort="8053">
+    <directoryService>#directoryService</directoryService>
+    <datagramAcceptor>#datagramAcceptor</datagramAcceptor>
+    <socketAcceptor>#socketAcceptor</socketAcceptor>
+  </dnsServer>
+-->
+
+<!-- no certificate  -->
+  <ldapServer id="ldapsServer"
+          enabled="false"
+              ipPort="60636"
+              enableLdaps="true">
+    <directoryService>#directoryService</directoryService>
+    <socketAcceptor>#socketAcceptor</socketAcceptor>
+  </ldapServer>
+
+  <ldapServer id="ldapServer"
+              ipPort="10389"
+              allowAnonymousAccess="false"
+              saslHost="ldap.example.com"
+              saslPrincipal="ldap/ldap.example.com@EXAMPLE.COM"
+              searchBaseDn="ou=users,ou=system"
+              maxTimeLimit="15000"
+              maxSizeLimit="1000">
+
+    <directoryService>#directoryService</directoryService>
+    <socketAcceptor>#socketAcceptor</socketAcceptor>
+    <!-- The list of supported authentication mechanisms.                   -->
+    <supportedMechanisms>
+      <value xmlns="http://www.springframework.org/schema/beans">SIMPLE</value>
+      <value xmlns="http://www.springframework.org/schema/beans">CRAM-MD5</value>
+      <value xmlns="http://www.springframework.org/schema/beans">DIGEST-MD5</value>
+      <!--<value xmlns="http://www.springframework.org/schema/beans">GSSAPI</value>-->
+    </supportedMechanisms>
+
+    <!-- The desired quality-of-protection, used by DIGEST-MD5 and GSSAPI.  -->
+    <saslQop>
+      <value xmlns="http://www.springframework.org/schema/beans">auth</value>
+      <value xmlns="http://www.springframework.org/schema/beans">auth-int</value>
+      <value xmlns="http://www.springframework.org/schema/beans">auth-conf</value>
+    </saslQop>
+
+    <!-- The realms serviced by this SASL host, used by DIGEST-MD5 and GSSAPI. -->
+    <saslRealms>
+      <value xmlns="http://www.springframework.org/schema/beans">example.com</value>
+      <value xmlns="http://www.springframework.org/schema/beans">apache.org</value>
+    </saslRealms>
+
+    <!-- the collection of extended operation handlers to install           -->
+    <extendedOperationHandlers>
+      <!--startTlsHandler/-->
+      <gracefulShutdownHandler/>
+      <launchDiagnosticUiHandler/>
+      <!-- The Stored Procedure Extended Operation is not stable yet and it may cause security risks.-->
+      <!--storedProcedureExtendedOperationHandler/-->
+    </extendedOperationHandlers>
+  </ldapServer>
+
+
+  <apacheDS id="apacheDS"
+            synchPeriodMillis="15000"
+            allowAnonymousAccess="false"
+            ldifDirectory="serverHome/conf">
+
+    <directoryService>#directoryService</directoryService>
+    <ldapServer>#ldapServer</ldapServer>
+    <ldapsServer>#ldapsServer</ldapsServer>
+  </apacheDS>
 
   <!-- another bean I didn't convert -->
-  <bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
-    <property name="customEditors">
-      <map>
-        <entry key="javax.naming.directory.Attributes">
-          <bean class="org.apache.directory.server.core.configuration.AttributesPropertyEditor"/>
-        </entry>
-      </map>
-    </property>
-  </bean>
-</beans>
+  <spring:bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
+    <spring:property name="customEditors">
+      <spring:map>
+        <spring:entry key="javax.naming.directory.Attributes">
+          <spring:bean class="org.apache.directory.server.core.configuration.AttributesPropertyEditor"/>
+        </spring:entry>
+      </spring:map>
+    </spring:property>
+  </spring:bean>
+</spring:beans>

Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/pom.xml
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/pom.xml?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/pom.xml (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/pom.xml Thu Oct 18 12:02:07 2007
@@ -33,6 +33,10 @@
   </description>
   <dependencies>
     <dependency>
+      <groupId>org.apache.directory.server</groupId>
+      <artifactId>apacheds-core</artifactId>
+    </dependency>
+    <dependency>
       <groupId>${project.groupId}</groupId>
       <artifactId>triplesec-crypto</artifactId>
       <version>${project.version}</version>

Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/LdapBindLoginModule.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/LdapBindLoginModule.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/LdapBindLoginModule.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/LdapBindLoginModule.java Thu Oct 18 12:02:07 2007
@@ -39,8 +39,11 @@
 import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 
+import org.apache.directory.server.core.DirectoryService;
+import org.apache.directory.shared.ldap.name.LdapDN;
+
 /**
- * @version $Rev$ $Date$
+ * @version $Rev:564501 $ $Date:2007-08-10 00:58:38 -0700 (Fri, 10 Aug 2007) $
  */
 public class LdapBindLoginModule implements LoginModule
 {
@@ -54,6 +57,7 @@
     private Hashtable<String, Object> env;
     private String realm;
     private String[] keys;
+    private DirectoryService directoryService;
 
     private String rdn;
 
@@ -62,6 +66,7 @@
 //        this.subject = subject;
         this.callbackHandler = callbackHandler;
         this.sharedState = sharedState;
+        directoryService = ( DirectoryService ) options.get(DirectoryService.class.getName());
         env = new Hashtable<String, Object>( options );
         realm = ( String ) env.remove( REALM_KEY );
         keys = ( ( String ) env.remove( ATTR_KEYS ) ).split( " " );
@@ -93,14 +98,16 @@
         sharedState.put("javax.security.auth.login.name", name);
         sharedState.put("javax.security.auth.login.password", passwordChars);
         String dn = getDn( name );
-        env.put( Context.SECURITY_PRINCIPAL, dn );
-        env.put( Context.SECURITY_CREDENTIALS, password );
+//        env.put( Context.SECURITY_PRINCIPAL, dn );
+//        env.put( Context.SECURITY_CREDENTIALS, password );
         try
         {
-            DirContext ctx = new InitialDirContext( env );
+            //this has got to be wrong
+            DirContext ctx = directoryService.getJndiContext( new LdapDN(dn), dn, password.getBytes( ), "simple", dn );//new InitialDirContext( env );
             try
             {
-                Attributes attrs = ctx.getAttributes( rdn, keys );
+//                Attributes attrs = ctx.getAttributes( rdn, keys );
+                Attributes attrs = ctx.getAttributes( "", keys );
                 for ( String key : keys )
                 {
                     Attribute attr = attrs.get( key );

Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausLoginModule.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausLoginModule.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausLoginModule.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausLoginModule.java Thu Oct 18 12:02:07 2007
@@ -28,18 +28,17 @@
 import javax.naming.Context;
 import javax.naming.NamingException;
 import javax.naming.directory.InitialDirContext;
-import javax.security.auth.spi.LoginModule;
-import javax.security.auth.login.LoginException;
 import javax.security.auth.Subject;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
 
-import org.apache.directory.triplesec.otp.HotpErrorConstants;
 import org.apache.directory.triplesec.guardian.ApplicationPolicy;
-import org.apache.directory.triplesec.guardian.Profile;
-
+import org.apache.directory.triplesec.guardian.Session;
+import org.apache.directory.triplesec.otp.HotpErrorConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -65,7 +64,8 @@
     private Map sharedState;
     private Map options;
     private PolicyCallback policyCallback;
-    private Profile profile;
+    private String name;
+    private Session session;
     LoginModule module;
 
 
@@ -122,7 +122,7 @@
             if ( module.commit() )
             {
                 this.subject.getPrincipals().clear();
-                this.subject.getPrincipals().add( new SafehausPrincipal( this.profile ) );
+                this.subject.getPrincipals().add( new SafehausPrincipal( name, session ) );
                 return true;
             }
             
@@ -202,11 +202,11 @@
         // -------------------------------------------------------------------
 
         final String passcode = passcodeCallback.getPasscode();
-        this.profile = policy.getProfile( profileId );
-        if ( this.profile == null )
+        session = policy.getSession( profileId );
+        if ( session == null )
         {
             log.info( "Profile " + profileId + " not found for user." );
-            return false;
+            throw new LoginException("No session for user");
         }
         else if ( profileId.equals( "admin" ) )
         {
@@ -222,7 +222,7 @@
             
             if ( bindAs( "uid=admin,ou=system", "admin" ) )
             {
-                this.subject.getPrincipals().add( new SafehausPrincipal( profile ) );
+                this.subject.getPrincipals().add( new SafehausPrincipal( profileId,  session) );
                 return true;
             }
             else
@@ -232,15 +232,7 @@
         }
         else
         {
-            log.info( "Profile " + profileId + " found for user " + profile.getUserName() );
-        }
-        
-        // If the profile is disabled then throw and exceptions
-        if ( profile.isDisabled() )
-        {
-            throw new AccountDisabledException( "The profile "  + profile.getProfileId() 
-                + " associated with your account for application " 
-                + profile.getApplicationRelativeDistinguishedName() + " has been disabled." );
+            log.info( "Profile " + profileId + " found for user " + profileId );
         }
         
         // -------------------------------------------------------------------
@@ -249,7 +241,7 @@
 
         CallbackHandler cbHandler;
         final StringBuffer krb5PrincipalName = new StringBuffer();
-        krb5PrincipalName.append( profile.getUserName() ).append( "@" ).append( realm.toUpperCase() );
+        krb5PrincipalName.append( profileId ).append( "@" ).append( realm.toUpperCase() );
         if ( passcode == null || passcode.length() == 0 )  
         {
             cbHandler = new CallbackHandler() 
@@ -304,7 +296,7 @@
             // Now we verify the static password using LDAP
             // ---------------------------------------------------------------
 
-            bindAs( getUserDn( profile.getUserName(), realm ), profile.getUserName() );
+            bindAs( getUserDn( profileId, realm ), profileId );
         }
         
         try

Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausPrincipal.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausPrincipal.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausPrincipal.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/SafehausPrincipal.java Thu Oct 18 12:02:07 2007
@@ -20,8 +20,10 @@
 package org.apache.directory.triplesec.jaas;
 
 import java.security.Principal;
+import java.util.Set;
 
-import org.apache.directory.triplesec.guardian.Profile;
+import org.apache.directory.triplesec.guardian.Role;
+import org.apache.directory.triplesec.guardian.Session;
 
 
 /**
@@ -34,28 +36,28 @@
 public class SafehausPrincipal implements Principal
 {
     /** the Guardian authorization profile for this principal */
-    private Profile profile;
+    private String name;
+    private Session session;
 
 
-    SafehausPrincipal( Profile profile )
+    public SafehausPrincipal( String name, Session session )
     {
-        this.profile = profile;
+        this.name = name;
+        this.session = session;
     }
-    
-    
+
     public String getName()
     {
-        return profile.getProfileId();
+        return name;
     }
 
-
     /**
      * Gets the Guardian authorization profile for this SafehausPrincipal.
      * 
      * @return the authorization Profile 
      */
-    public Profile getAuthorizationProfile()
+    public Session getAuthorizationSession()
     {
-        return profile;
+        return session;
     }
 }

Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipal.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipal.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipal.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/main/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipal.java Thu Oct 18 12:02:07 2007
@@ -23,8 +23,7 @@
 import java.security.Principal;
 
 import org.apache.directory.triplesec.guardian.RealmPolicy;
-import org.apache.directory.triplesec.guardian.Profile;
-import org.apache.directory.triplesec.guardian.ApplicationPolicy;
+import org.apache.directory.triplesec.guardian.Session;
 
 /**
  * @version $Rev:564501 $ $Date:2007-08-10 00:58:38 -0700 (Fri, 10 Aug 2007) $
@@ -51,9 +50,9 @@
      *
      * @return the authorization Profile
      */
-    public Profile getProfile(String applicationName)
+    public Session getSession(String applicationName)
     {
-        return realmPolicy.getProfile(profileId, applicationName);
+        return realmPolicy.getSession(profileId, applicationName);
 //        return realmPolicy.getProfile(profileId);
     }
 

Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/test/java/org/apache/directory/triplesec/jaas/LdapBindLoginModuleIntegrationTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/test/java/org/apache/directory/triplesec/jaas/LdapBindLoginModuleIntegrationTest.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/test/java/org/apache/directory/triplesec/jaas/LdapBindLoginModuleIntegrationTest.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/test/java/org/apache/directory/triplesec/jaas/LdapBindLoginModuleIntegrationTest.java Thu Oct 18 12:02:07 2007
@@ -33,6 +33,7 @@
 
 import org.apache.directory.triplesec.integration.TriplesecIntegration;
 import org.apache.directory.triplesec.jaas.TestLoginConfiguration;
+import org.apache.directory.server.core.DirectoryService;
 
 /**
  * @version $Rev:564501 $ $Date:2007-08-10 00:58:38 -0700 (Fri, 10 Aug 2007) $
@@ -66,12 +67,14 @@
 
     public void testLogin() throws Exception
     {
-        Map<String, String> options = new HashMap<String, String>();
+        Map<String, Object> options = new HashMap<String, Object>();
         options.put( Context.PROVIDER_URL, "ldap://localhost:" + super.getLdapPort() + "/dc=example,dc=com" );
         options.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
         options.put( Context.SECURITY_AUTHENTICATION, "simple" );
         options.put( LdapBindLoginModule.REALM_KEY, "example.com" );
         options.put( LdapBindLoginModule.ATTR_KEYS, "uid krb5PrincipalName" );
+
+        options.put( DirectoryService.class.getName(), server.getDirectoryService() );
 
         AppConfigurationEntry entry1 = new AppConfigurationEntry( LdapBindLoginModule.class.getName(),
                 AppConfigurationEntry.LoginModuleControlFlag.REQUISITE,

Modified: directory/sandbox/djencks/triplesec-jacc2/jaas/src/test/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipalLoginModuleTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jaas/src/test/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipalLoginModuleTest.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jaas/src/test/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipalLoginModuleTest.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jaas/src/test/java/org/apache/directory/triplesec/jaas/TriplesecRealmPrincipalLoginModuleTest.java Thu Oct 18 12:02:07 2007
@@ -21,29 +21,13 @@
 package org.apache.directory.triplesec.jaas;
 
 import java.util.Map;
-import java.util.HashMap;
-import java.util.Set;
-import java.util.Iterator;
-import java.security.Permissions;
-import java.security.Permission;
 
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
 import javax.security.auth.Subject;
 import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 
 import junit.framework.TestCase;
-import org.apache.directory.triplesec.jaas.TestLoginConfiguration;
-import org.apache.directory.triplesec.guardian.RealmPolicy;
-import org.apache.directory.triplesec.guardian.Profile;
-import org.apache.directory.triplesec.guardian.GuardianException;
-import org.apache.directory.triplesec.guardian.Roles;
-import org.apache.directory.triplesec.guardian.Role;
-import org.apache.directory.triplesec.guardian.StringPermission;
-import org.apache.directory.triplesec.guardian.ApplicationPolicy;
-import org.apache.directory.triplesec.guardian.PolicyChangeListener;
 
 /**
  * @version $Rev:564501 $ $Date:2007-08-10 00:58:38 -0700 (Fri, 10 Aug 2007) $
@@ -144,108 +128,5 @@
         }
     }
 
-    private class MockRealmPolicy implements RealmPolicy
-    {
-        private final String profileId;
-        private final String appRdn;
-        private final Profile profile;
-        private String appRdn2 = "appName=foo";
-        private final Profile emptyProfile;
-
-        public MockRealmPolicy( String profileId, String appRdn, Profile profile )
-        {
-            this.profileId = profileId;
-            this.appRdn = appRdn;
-            this.profile = profile;
-            emptyProfile = new Profile( new MockAppPolicy( appRdn2 ), profileId, profileId, new Roles( appRdn2, new Role[] {} ), new Permissions(), new Permissions(), false );
-
-        }
-
-        public Profile getProfile( String profileId, String applicationRdn ) throws GuardianException
-        {
-            if ( this.profileId.equals( profileId ) && this.appRdn.equals( applicationRdn ) )
-            {
-                return profile;
-            }
-            return emptyProfile;
-        }
-
-        public void close()
-        {
-        }
-    }
-
-    private class MockAppPolicy implements ApplicationPolicy
-    {
-        private final String appRdn;
-
-        public MockAppPolicy( String appRdn )
-        {
-            this.appRdn = appRdn;
-        }
-
-        public boolean removePolicyListener( PolicyChangeListener listener ) throws GuardianException
-        {
-            return false;
-        }
-
-        public boolean addPolicyListener( PolicyChangeListener listener ) throws GuardianException
-        {
-            return false;
-        }
-
-        public String getApplicationRelativeDistinguishedName()
-        {
-            return appRdn;
-        }
-
-        public Roles getRoles()
-        {
-            return null;
-        }
-
-        public Map<String, Permission> getPermissions()
-        {
-            return null;
-        }
-
-        public Set getDependentProfileNames( Role role ) throws GuardianException
-        {
-            return null;
-        }
 
-        public Set getDependentProfileNames( String permissionID ) throws GuardianException
-        {
-            return null;
-        }
-
-        public Set getUserProfileIds( String userName ) throws GuardianException
-        {
-            return null;
-        }
-
-        public Iterator getProfileIdIterator() throws GuardianException
-        {
-            return null;
-        }
-
-        public Profile getProfile( String profileId ) throws GuardianException
-        {
-            return null;
-        }
-
-        public Profile getAdminProfile()
-        {
-            return null;
-        }
-
-        public String getDescription()
-        {
-            return null;
-        }
-
-        public void close() throws GuardianException
-        {
-        }
-    }
 }

Modified: directory/sandbox/djencks/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java Thu Oct 18 12:02:07 2007
@@ -25,7 +25,7 @@
 import javax.security.jacc.PolicyConfiguration;
 import javax.security.jacc.PolicyContextException;
 
-import org.apache.directory.triplesec.guardian.Profile;
+import org.apache.directory.triplesec.guardian.Session;
 import org.apache.directory.triplesec.jaas.TriplesecRealmPrincipal;
 
 
@@ -68,7 +68,7 @@
         {
             if ( principal instanceof TriplesecRealmPrincipal )
             {
-                Profile profile = ( ( TriplesecRealmPrincipal ) principal ).getProfile( contextID );
+                Session profile = ( ( TriplesecRealmPrincipal ) principal ).getSession( contextID );
 
                 return profile.implies( permission );
 

Modified: directory/sandbox/djencks/triplesec-jacc2/jacc/src/test/java/org/apache/directory/triplesec/jacc/TripleSecPolicyIntegrationTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/jacc/src/test/java/org/apache/directory/triplesec/jacc/TripleSecPolicyIntegrationTest.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/jacc/src/test/java/org/apache/directory/triplesec/jacc/TripleSecPolicyIntegrationTest.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/jacc/src/test/java/org/apache/directory/triplesec/jacc/TripleSecPolicyIntegrationTest.java Thu Oct 18 12:02:07 2007
@@ -64,12 +64,18 @@
 
     private static final String APP_NAME = "mockContext";
 
+    private static final String USER_NAME = "mockUser";
+    private static final String USER_PW = "mockUser";
+    private static final String ROLE = "mockRole";
+
+
     private RealmPolicy realmPolicy;
     private static final String BASE_URL = "dc=example,dc=com";
     private String providerUrl;
     private static boolean POLICY_INSTALLED = false;
     private PolicyConfigurationFactory policyConfigurationFactory;
     private Properties props;
+    private static final String PERM_NAME = "mockPerm100";
 
     public TripleSecPolicyIntegrationTest() throws Exception
     {
@@ -153,7 +159,7 @@
         PolicyContext.setContextID( APP_NAME );
         PolicyConfiguration policyConfiguration = policyConfigurationFactory.getPolicyConfiguration( APP_NAME, false );
         policyConfiguration.commit();
-        StringPermission perm = new StringPermission( "mockPerm0" );
+        StringPermission perm = new StringPermission( PERM_NAME );
         realmPolicy = RealmPolicyFactory.newInstance( providerUrl, props );
 
         checkPermission( perm );
@@ -161,18 +167,19 @@
 
     public void testAddPermission() throws Exception
     {
-        StringPermission perm = new StringPermission( "mockPerm100" );
+        StringPermission perm = new StringPermission( PERM_NAME );
         PolicyContext.setContextID( APP_NAME );
         PolicyConfiguration policyConfiguration = policyConfigurationFactory.getPolicyConfiguration( APP_NAME, false );
-        policyConfiguration.addToRole( "mockRole1", perm );
+        policyConfiguration.addToRole( ROLE, perm );
         policyConfiguration.commit();
         realmPolicy = RealmPolicyFactory.newInstance( providerUrl, props );
 
         InitialDirContext ctx = getContext( providerUrl, props );
 
-        String contextDn = "roleName=mockRole1,ou=roles,appName=mockContext,appName=mockApplication,ou=applications";
+        String contextDn = "roleName=" + ROLE + ",ou=roles,appName=mockContext,appName=mockApplication,ou=applications";
         Attributes attrs = ctx.getAttributes( contextDn );
-        assertEquals( "mockPerm0", ( String ) attrs.get( "grants" ).get() );
+        //the name is generated and not the same as the string permission name
+        assertEquals("Actual permission name: " + ( String ) attrs.get( "grants" ).get(), "mockContextperm0", ( String ) attrs.get( "grants" ).get() );
 
         checkPermission( perm );
     }
@@ -229,7 +236,7 @@
 //        CallbackHandler callbackHandler = new TestCallbackHandler("akarasulu", "mockProfile1", "maxwell".toCharArray());
         CallbackHandler callbackHandler = null;
         Map<String, Object> sharedState = new HashMap<String, Object>();
-        sharedState.put( TriplesecRealmPrincipalLoginModule.PROFILE_KEY, "mockProfile1" );
+        sharedState.put( TriplesecRealmPrincipalLoginModule.PROFILE_KEY, USER_NAME );
         module.initialize( subject, callbackHandler, sharedState, options );
         module.login();
         module.commit();
@@ -252,7 +259,7 @@
             {
                 try
                 {
-                    acc.checkPermission( new StringPermission( "mockPerm0" ) );
+                    acc.checkPermission( new StringPermission( PERM_NAME ) );
                     return true;
                 } catch ( AccessControlException e )
                 {
@@ -267,7 +274,7 @@
             {
                 try
                 {
-                    acc.checkPermission( new StringPermission( "mockPerm0" ) );
+                    acc.checkPermission( new StringPermission( PERM_NAME ) );
                     return true;
                 } catch ( AccessControlException e )
                 {

Modified: directory/sandbox/djencks/triplesec-jacc2/main/src/main/java/org/apache/directory/triplesec/Service.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/main/src/main/java/org/apache/directory/triplesec/Service.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/main/src/main/java/org/apache/directory/triplesec/Service.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/main/src/main/java/org/apache/directory/triplesec/Service.java Thu Oct 18 12:02:07 2007
@@ -32,10 +32,8 @@
 
 import org.apache.directory.daemon.DaemonApplication;
 import org.apache.directory.daemon.InstallationLayout;
-import org.apache.directory.server.core.configuration.ShutdownConfiguration;
-import org.apache.directory.server.core.configuration.SyncConfiguration;
 import org.apache.directory.server.kerberos.sam.SamSubsystem;
-import org.apache.directory.server.configuration.MutableServerStartupConfiguration;
+import org.apache.directory.server.core.DefaultDirectoryService;
 import org.apache.directory.shared.ldap.name.LdapDN;
 import org.apache.directory.shared.ldap.util.PropertiesUtils;
 
@@ -76,7 +74,7 @@
     private static Logger log = LoggerFactory.getLogger( TriplesecUberjarMain.class );
 
     /** The environment setting used to start the server */
-    private Properties env;
+//    private Properties env;
     /** the time the server was started */
     private long startTime;
     /** a possible override port to use instead of what is present within the configuration */
@@ -227,7 +225,7 @@
 
     public void init( InstallationLayout installationLayout, String[] args ) throws Exception
     {
-        MutableServerStartupConfiguration cfg;
+        DefaultDirectoryService cfg;
 
         log.debug( "init(InstallationLayout,String[]) called" );
         
@@ -248,16 +246,16 @@
             log.info( "server: loading settings from ", layout.getConfigurationFile() );
             ApplicationContext factory = null;
             factory = new FileSystemXmlApplicationContext( layout.getConfigurationFile().toURL().toString() );
-            cfg = (MutableServerStartupConfiguration) factory.getBean( "configuration" );
-            env = ( Properties ) factory.getBean( "environment" );
+            cfg = (DefaultDirectoryService) factory.getBean( "directoryService" );
+//            env = ( Properties ) factory.getBean( "environment" );
         }
         else if ( args.length > 0 && new File( args[0] ).exists() ) // hack that takes server.xml file argument
         {
             log.info( "server: loading settings from ", args[0] );
             ApplicationContext factory = null;
             factory = new FileSystemXmlApplicationContext( new File( args[0] ).toURL().toString() );
-            cfg = (MutableServerStartupConfiguration) factory.getBean( "configuration" );
-            env = ( Properties ) factory.getBean( "environment" );
+            cfg = (DefaultDirectoryService) factory.getBean( "directoryService" );
+//            env = ( Properties ) factory.getBean( "environment" );
         }
         else
         {
@@ -288,67 +286,67 @@
             cfg.setWorkingDirectory( layout.getPartitionsDirectory() );
         }
 
-        env.setProperty( Context.PROVIDER_URL, "ou=system" );
-        env.setProperty( Context.INITIAL_CONTEXT_FACTORY, TriplsecContextFactory.class.getName() );
-        env.putAll( cfg.toJndiEnvironment() );
+//        env.setProperty( Context.PROVIDER_URL, "ou=system" );
+//        env.setProperty( Context.INITIAL_CONTEXT_FACTORY, TriplsecContextFactory.class.getName() );
+//        env.putAll( cfg.toJndiEnvironment() );
 
         if ( krb5PortOverride != UNDEFINED_PORT_OVERRIDE )
         {
 //            cfg.setEnableKerberos( true );
-            env.put( "kdc.ipPort", Integer.toString( krb5PortOverride ) );
-            env.put( "kdc.ipPort", Integer.toString( krb5PortOverride ) );
+//            env.put( "kdc.ipPort", Integer.toString( krb5PortOverride ) );
+//            env.put( "kdc.ipPort", Integer.toString( krb5PortOverride ) );
         }
 
         if ( changepwPortOverride != UNDEFINED_PORT_OVERRIDE )
         {
 //            cfg.setEnableChangePassword( true );
-            env.put( "changepw.ipPort", Integer.toString( changepwPortOverride ) );
-            env.put( "changepw.ipPort", Integer.toString( changepwPortOverride ) );
+//            env.put( "changepw.ipPort", Integer.toString( changepwPortOverride ) );
+//            env.put( "changepw.ipPort", Integer.toString( changepwPortOverride ) );
         }
 
         if ( ntpPortOverride != UNDEFINED_PORT_OVERRIDE )
         {
 //            cfg.setEnableNtp( true );
-            env.put( "ntp.ipPort", Integer.toString( ntpPortOverride ) );
-            env.put( "ntp.ipPort", Integer.toString( ntpPortOverride ) );
+//            env.put( "ntp.ipPort", Integer.toString( ntpPortOverride ) );
+//            env.put( "ntp.ipPort", Integer.toString( ntpPortOverride ) );
         }
 
         // -------------------------------------------------------------------
         // Get and/or create the userContext where profiles are subordinates
         // -------------------------------------------------------------------
-
-        DirContext userContext = null;
-        try
-        {
-            LdapDN dn = new LdapDN( env.getProperty( "triplesec.entry.basedn" ) );
-            dn.remove( dn.size() - 1 );
-            env.setProperty( Context.PROVIDER_URL, dn.toString() );
-            userContext = new InitialDirContext( env );
-        }
-        catch ( NamingException e )
-        {
-            e.printStackTrace();
-            System.exit( -5 );
-        }
+        //TODO WHERE???
+        DirContext userContext = cfg.getJndiContext( "");
+//        try
+//        {
+//            LdapDN dn = new LdapDN( env.getProperty( "triplesec.entry.basedn" ) );
+//            dn.remove( dn.size() - 1 );
+//            env.setProperty( Context.PROVIDER_URL, dn.toString() );
+//            userContext = new InitialDirContext( env );
+//        }
+//        catch ( NamingException e )
+//        {
+//            e.printStackTrace();
+//            System.exit( -5 );
+//        }
 
         // set the user context for the sam subsystem
         SamSubsystem.getInstance().setUserContext( userContext, "ou=Users" );
 
         // setup demo profiles
-        try
-        {
-            if ( PropertiesUtils.get( env, "triplesec.load.testdata", true ) )
-            {
-                ServerProfileStore store;
-                store = new DefaultServerProfileStore( ( DirContext ) userContext.lookup( "ou=users" ) );
-                addDemoProfiles( store, env.getProperty( "kdc.primary.realm" ) );
-            }
-        }
-        catch ( NamingException e )
-        {
-            e.printStackTrace();
-            System.exit( -7 );
-        }
+//        try
+//        {
+//            if ( PropertiesUtils.get( env, "triplesec.load.testdata", true ) )
+//            {
+//                ServerProfileStore store;
+//                store = new DefaultServerProfileStore( ( DirContext ) userContext.lookup( "ou=users" ) );
+//                addDemoProfiles( store, env.getProperty( "kdc.primary.realm" ) );
+//            }
+//        }
+//        catch ( NamingException e )
+//        {
+//            e.printStackTrace();
+//            System.exit( -7 );
+//        }
         
 //        try
 //        {
@@ -479,8 +477,8 @@
             workerThread.join( 500 );
         }
 
-        env.putAll( new ShutdownConfiguration().toJndiEnvironment() );
-        new InitialDirContext( env );
+//        env.putAll( new ShutdownConfiguration().toJndiEnvironment() );
+//        new InitialDirContext( env );
     }
 
 
@@ -522,8 +520,8 @@
 
     public void synch() throws Exception
     {
-        env.putAll( new SyncConfiguration().toJndiEnvironment() );
-        new InitialDirContext( env );
+//        env.putAll( new SyncConfiguration().toJndiEnvironment() );
+//        new InitialDirContext( env );
     }
 
 

Modified: directory/sandbox/djencks/triplesec-jacc2/pom.xml
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/pom.xml?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/pom.xml (original)
+++ directory/sandbox/djencks/triplesec-jacc2/pom.xml Thu Oct 18 12:02:07 2007
@@ -160,95 +160,97 @@
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-core</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
-<!--
-        <exclusions>
-          <exclusion>
-            <groupId>org.apache.directory.server</groupId>
-            <artifactId>apacheds-bootstrap-partition</artifactId>
-          </exclusion>
-        </exclusions>
--->
+        <version>1.5.2-SNAPSHOT</version>
+      </dependency>
+      <dependency>
+        <groupId>org.apache.directory.installers</groupId>
+        <artifactId>apacheds-noarch-installer</artifactId>
+        <version>1.5.2-SNAPSHOT</version>
+      </dependency>
+      <dependency>
+        <groupId>org.apache.directory.server</groupId>
+        <artifactId>apacheds-protocol-ntp</artifactId>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
 
       <dependency>
         <groupId>org.apache.directory.shared</groupId>
         <artifactId>shared-ldap</artifactId>
-        <version>0.9.7-SNAPSHOT</version>
+        <version>0.9.8-SNAPSHOT</version>
       </dependency>
 
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-core-unit</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
 
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-kerberos-shared</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
 
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-protocol-kerberos</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
 
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-schema-bootstrap</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-schema-extras</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-bootstrap-extract</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-jdbm-store</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-schema-registries</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
 
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-server-tools</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
 
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-core-shared</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
 
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-server-jndi</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
 
       <dependency>
         <groupId>org.apache.directory.server</groupId>
         <artifactId>apacheds-xbean-spring</artifactId>
-        <version>1.5.1-SNAPSHOT</version>
+        <version>1.5.2-SNAPSHOT</version>
       </dependency>
 
       <dependency>
         <groupId>org.apache.directory.shared</groupId>
         <artifactId>shared-asn1-codec</artifactId>
-        <version>0.9.7-SNAPSHOT</version>
+        <version>0.9.8-SNAPSHOT</version>
       </dependency>
 
       <dependency>
@@ -260,7 +262,7 @@
       <dependency>
         <groupId>org.apache.xbean</groupId>
         <artifactId>xbean-spring</artifactId>
-        <version>3.1</version>
+        <version>3.2</version>
       </dependency>
 
       <dependency>
@@ -619,12 +621,12 @@
         <plugin>
           <groupId>org.apache.directory.daemon</groupId>
           <artifactId>daemon-plugin</artifactId>
-          <version>1.5.1-SNAPSHOT</version>
+          <version>1.5.2-SNAPSHOT</version>
         </plugin>
         <plugin>
           <groupId>org.apache.directory.server</groupId>
           <artifactId>apacheds-core-plugin</artifactId>
-          <version>1.5.1-SNAPSHOT</version>
+          <version>1.5.2-SNAPSHOT</version>
         </plugin>
 
         <plugin>
@@ -726,7 +728,7 @@
         <module>admin-api2</module>
         <module>guardian-api</module>
         <module>guardian-ldap</module>
-        <module>guardian-ldif</module>
+        <!--<module>guardian-ldif</module>-->
         <module>utils-hauskeys</module>
       </modules>
 
@@ -759,7 +761,7 @@
         <module>admin-api2</module>
         <module>guardian-api</module>
         <module>guardian-ldap</module>
-        <module>guardian-ldif</module>
+        <!--<module>guardian-ldif</module>-->
         <module>utils-hauskeys</module>
         <module>smstrial-schema</module>
         <module>webapp-smstrial</module>
@@ -810,7 +812,7 @@
         <module>admin-api2</module>
         <module>guardian-api</module>
         <module>guardian-ldap</module>
-        <module>guardian-ldif</module>
+        <!--<module>guardian-ldif</module>-->
         <module>utils-hauskeys</module>
 
         <module>smstrial-schema</module>

Modified: directory/sandbox/djencks/triplesec-jacc2/store/src/main/java/org/apache/directory/triplesec/store/interceptor/ApplicationAciManager.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/store/src/main/java/org/apache/directory/triplesec/store/interceptor/ApplicationAciManager.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/store/src/main/java/org/apache/directory/triplesec/store/interceptor/ApplicationAciManager.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/store/src/main/java/org/apache/directory/triplesec/store/interceptor/ApplicationAciManager.java Thu Oct 18 12:02:07 2007
@@ -23,6 +23,7 @@
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashSet;
+import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
@@ -31,19 +32,18 @@
 import javax.naming.directory.Attributes;
 import javax.naming.directory.DirContext;
 
-import org.apache.directory.server.core.authn.AuthenticationService;
-import org.apache.directory.server.core.authz.AuthorizationService;
-import org.apache.directory.server.core.collective.CollectiveAttributeService;
+import org.apache.directory.server.core.authn.AuthenticationInterceptor;
+import org.apache.directory.server.core.authz.AciAuthorizationInterceptor;
+import org.apache.directory.server.core.collective.CollectiveAttributeInterceptor;
 import org.apache.directory.server.core.interceptor.context.AddOperationContext;
 import org.apache.directory.server.core.interceptor.context.DeleteOperationContext;
 import org.apache.directory.server.core.interceptor.context.GetSuffixOperationContext;
 import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
 import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
-import org.apache.directory.server.core.interceptor.context.OperationContext;
 import org.apache.directory.server.core.invocation.InvocationStack;
-import org.apache.directory.server.core.normalization.NormalizationService;
+import org.apache.directory.server.core.normalization.NormalizationInterceptor;
 import org.apache.directory.server.core.partition.PartitionNexusProxy;
-import org.apache.directory.server.core.schema.SchemaService;
+import org.apache.directory.server.core.schema.SchemaInterceptor;
 import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
 import org.apache.directory.shared.ldap.exception.LdapNameAlreadyBoundException;
 import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -82,17 +82,17 @@
     static
     {
         Collection<String> c = new HashSet<String>();
-        c.add( NormalizationService.class.getName() );
-        c.add( AuthenticationService.class.getName() );
+        c.add( NormalizationInterceptor.class.getName() );
+        c.add( AuthenticationInterceptor.class.getName() );
 //        c.add( ReferralService.class.getName() );
-        c.add( AuthorizationService.class.getName() );
+        c.add( AciAuthorizationInterceptor.class.getName() );
 //        c.add( DefaultAuthorizationService.class.getName() );
 //        c.add( ExceptionService.class.getName() );
 //        c.add( OperationalAttributeService.class.getName() );
-        c.add( SchemaService.class.getName() );
+        c.add( SchemaInterceptor.class.getName() );
 //        c.add( SubentryService.class.getName() );
         c.add( PolicyProtectionInterceptor.class.getName() );
-        c.add( CollectiveAttributeService.class.getName() );
+        c.add( CollectiveAttributeInterceptor.class.getName() );
 //        c.add( EventService.class.getName() );
 //        c.add( TriggerService.class.getName() );
         ADD_BYPASS = Collections.unmodifiableCollection( c );
@@ -414,7 +414,7 @@
 
 //        Attributes mods = new AttributesImpl();
 //        mods.put( "administrativeRole", "accessControlSpecificArea" );
-        ModificationItemImpl[] mods = new ModificationItemImpl[] { new ModificationItemImpl(DirContext.ADD_ATTRIBUTE, new AttributeImpl( "administrativeRole", "accessControlSpecificArea" )) };
+        List<ModificationItemImpl> mods = Collections.singletonList(  new ModificationItemImpl(DirContext.ADD_ATTRIBUTE, new AttributeImpl( "administrativeRole", "accessControlSpecificArea" )));
         ModifyOperationContext modContext = new ModifyOperationContext(appDn, mods);
         proxy.modify( modContext );
         acsaLut.add( appDn.getNormName() );

Modified: directory/sandbox/djencks/triplesec-jacc2/store/src/main/java/org/apache/directory/triplesec/store/interceptor/PolicyProtectionInterceptor.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/store/src/main/java/org/apache/directory/triplesec/store/interceptor/PolicyProtectionInterceptor.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/store/src/main/java/org/apache/directory/triplesec/store/interceptor/PolicyProtectionInterceptor.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/store/src/main/java/org/apache/directory/triplesec/store/interceptor/PolicyProtectionInterceptor.java Thu Oct 18 12:02:07 2007
@@ -19,6 +19,8 @@
  */
 package org.apache.directory.triplesec.store.interceptor;
 
+import java.util.List;
+
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
@@ -28,7 +30,7 @@
 import javax.naming.directory.SchemaViolationException;
 import javax.naming.directory.SearchControls;
 
-import org.apache.directory.server.core.DirectoryServiceConfiguration;
+import org.apache.directory.server.core.DirectoryService;
 import org.apache.directory.server.core.interceptor.BaseInterceptor;
 import org.apache.directory.server.core.interceptor.Interceptor;
 import org.apache.directory.server.core.interceptor.NextInterceptor;
@@ -45,9 +47,11 @@
 import org.apache.directory.server.core.invocation.InvocationStack;
 import org.apache.directory.server.core.partition.PartitionNexusProxy;
 import org.apache.directory.shared.ldap.filter.ExprNode;
-import org.apache.directory.shared.ldap.filter.FilterParserImpl;
+import org.apache.directory.shared.ldap.filter.FilterParser;
 import org.apache.directory.shared.ldap.name.LdapDN;
 import org.apache.directory.shared.ldap.util.NamespaceTools;
+import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.directory.shared.ldap.message.AliasDerefMode;
 
 
 /**
@@ -63,7 +67,7 @@
  */
 public class PolicyProtectionInterceptor extends BaseInterceptor
 {
-    private DirectoryServiceConfiguration factoryConfiguration;
+    private DirectoryService factoryConfiguration;
     private ApplicationAciManager aciManager = null;
     
 
@@ -72,7 +76,7 @@
     }
 
     
-    public void init(DirectoryServiceConfiguration factoryCfg) throws NamingException
+    public void init(DirectoryService factoryCfg) throws NamingException
     {
         factoryConfiguration = factoryCfg;
         aciManager = new ApplicationAciManager( factoryCfg.getRegistries().getAttributeTypeRegistry() );
@@ -225,11 +229,11 @@
             return;
         }
 
-        ModificationItem[] modItems = opContext.getModItems();
-        for( int i = modItems.length - 1; i >= 0; i-- )
+        List<ModificationItemImpl> modItems = opContext.getModItems();
+        for( ModificationItem item: modItems )
         {
-            Attribute attr = modItems[ i ].getAttribute();
-            switch( modItems[ i ].getModificationOp() ) {
+            Attribute attr = item.getAttribute();
+            switch( item.getModificationOp() ) {
             case DirContext.ADD_ATTRIBUTE:
             case DirContext.REPLACE_ATTRIBUTE:
                 checkAttributeAddition( next, baseName, attr );
@@ -657,7 +661,7 @@
         {
             try
             {
-                filter = new FilterParserImpl().parse(
+                filter = FilterParser.parse(
                         "(|" +
                         "(grants=" + nameValue + ")" +
                         "(denials=" + nameValue + ")" +
@@ -672,7 +676,7 @@
         {
             try
             {
-                filter = new FilterParserImpl().parse(
+                filter = FilterParser.parse(
                         "(roles=" + nameValue + ")" );
             }
             catch( Exception e )
@@ -685,7 +689,8 @@
         if( filter != null )
         {
             // execute search
-            NamingEnumeration e = next.search( new SearchOperationContext( baseName, factoryConfiguration.getEnvironment(),
+            //TODO I have no idea what AliasDerefMode means or is appropriate
+            NamingEnumeration e = next.search( new SearchOperationContext( baseName, AliasDerefMode.DEREF_IN_SEARCHING,
                     filter, ctrl ) );
 
             // throw an exception if search returned more than 0 usage.

Modified: directory/sandbox/djencks/triplesec-jacc2/store/src/main/schema/triplesec.schema
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/store/src/main/schema/triplesec.schema?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/store/src/main/schema/triplesec.schema (original)
+++ directory/sandbox/djencks/triplesec-jacc2/store/src/main/schema/triplesec.schema Thu Oct 18 12:02:07 2007
@@ -134,11 +134,11 @@
     MUST ( appName )
     MAY  ( userPassword $ description ) )
 
-objectclass ( 1.3.6.1.4.1.18060.0.4.6.3.201 NAME 'policyUser'
-    SUP top
-    AUXILIARY
-    MUST ( uid )
-    MAY  ( userPassword $ description $ triplesecDisabled ) )
+#objectclass ( 1.3.6.1.4.1.18060.0.4.6.3.201 NAME 'policyUser'
+#    SUP top
+#    AUXILIARY
+#    MUST ( uid )
+#    MAY  ( userPassword $ description $ triplesecDisabled ) )
 
 attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.201
         NAME 'permName'
@@ -176,57 +176,78 @@
         SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
 
 attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.205
-        NAME 'roles'
-        DESC 'the roles assigned to a profile'
+        NAME 'grantedRoles'
+        DESC 'the roles granted to a role'
         EQUALITY caseExactMatch
         SUBSTR caseExactSubstringsMatch
         SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
 
 attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.206
+        NAME 'deniedRoles'
+        DESC 'the roles denied to a role'
+        EQUALITY caseExactMatch
+        SUBSTR caseExactSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.207
         NAME 'profileId'
         DESC 'a profile identifier'
         EQUALITY caseExactMatch
         SUBSTR caseExactSubstringsMatch
         SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
 
-attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.207
+attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.208
         NAME 'user'
         DESC 'the name of a user defined in the policy store'
         EQUALITY caseExactMatch
         SUBSTR caseExactSubstringsMatch
         SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
 
+attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.209
+        NAME 'roles'
+        DESC 'the roles available to a user'
+        EQUALITY caseExactMatch
+        SUBSTR caseExactSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.210
+        NAME 'defaultRoles'
+        DESC 'the roles assigned to a user in the default session'
+        EQUALITY caseExactMatch
+        SUBSTR caseExactSubstringsMatch
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
 objectclass ( 1.3.6.1.4.1.18060.0.4.6.3.203 NAME 'policyRole'
     SUP top
     STRUCTURAL
     MUST ( roleName )
-    MAY  ( grants $ denials $ description ) )
+    MAY  ( grants $ denials $ grantedRoles $ deniedRoles $ description ) )
 
-objectclass ( 1.3.6.1.4.1.18060.0.4.6.3.204 NAME 'policyProfile'
+objectclass ( 1.3.6.1.4.1.18060.0.4.6.3.204 NAME 'policyUser'
     SUP top
-    STRUCTURAL
-    MUST ( profileId $ user )
-    MAY  ( grants $ denials $ roles $ userPassword $ description $ triplesecDisabled ) )
+    AUXILIARY
+    MUST ( uid )
+    MAY  ( roles $ defaultRoles $ userPassword $ description $ triplesecDisabled ) )
 
 # -----------------------------------------------------------------------------
 # Java permission support
 # -----------------------------------------------------------------------------
 
-attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.208
+attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.211
         NAME 'permJavaClass'
         DESC 'the java class for a permission'
         EQUALITY caseExactMatch
         SUBSTR caseExactSubstringsMatch
         SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
 
-attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.209
+attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.212
         NAME 'permJavaName'
         DESC 'the name of a java permission'
         EQUALITY caseExactMatch
         SUBSTR caseExactSubstringsMatch
         SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
 
-attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.210
+attributetype ( 1.3.6.1.4.1.18060.0.4.6.2.213
         NAME 'permJavaActions'
         DESC 'the actions of a java permission'
         EQUALITY caseExactMatch

Modified: directory/sandbox/djencks/triplesec-jacc2/store/src/test/java/org/apache/directory/triplesec/store/ProfileFactoryITest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/store/src/test/java/org/apache/directory/triplesec/store/ProfileFactoryITest.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/store/src/test/java/org/apache/directory/triplesec/store/ProfileFactoryITest.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/store/src/test/java/org/apache/directory/triplesec/store/ProfileFactoryITest.java Thu Oct 18 12:02:07 2007
@@ -25,7 +25,6 @@
 import javax.naming.Context;
 
 import org.apache.directory.server.core.unit.AbstractAdminTestCase;
-import org.apache.directory.server.core.configuration.MutableStartupConfiguration;
 import org.apache.directory.server.schema.bootstrap.BootstrapSchemaLoader;
 import org.apache.directory.server.schema.bootstrap.Schema;
 import org.apache.directory.server.schema.bootstrap.SystemSchema;
@@ -57,7 +56,6 @@
 {
     public ProfileFactoryITest() throws NamingException
     {
-        MutableStartupConfiguration cfg = super.configuration;
         BootstrapSchemaLoader loader = new BootstrapSchemaLoader();
         DefaultRegistries bsRegistries = new DefaultRegistries( "bootstrap", loader, new DefaultOidRegistry() );
         Set<Schema> schemas = new HashSet<Schema>();
@@ -70,7 +68,7 @@
         schemas.add( new Krb5kdcSchema() );
 //        config.setBootstrapSchemas( schemas );
         loader.loadWithDependencies( schemas, bsRegistries );
-        cfg.setShutdownHookEnabled( false );
+//        cfg.setShutdownHookEnabled( false );
         super.overrideEnvironment( Context.OBJECT_FACTORIES, ProfileObjectFactory.class.getName() );
         super.overrideEnvironment( Context.STATE_FACTORIES, ProfileStateFactory.class.getName() );
     }

Modified: directory/sandbox/djencks/triplesec-jacc2/store/src/test/java/org/apache/directory/triplesec/store/ServerProfileStoreITest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/djencks/triplesec-jacc2/store/src/test/java/org/apache/directory/triplesec/store/ServerProfileStoreITest.java?rev=586084&r1=586083&r2=586084&view=diff
==============================================================================
--- directory/sandbox/djencks/triplesec-jacc2/store/src/test/java/org/apache/directory/triplesec/store/ServerProfileStoreITest.java (original)
+++ directory/sandbox/djencks/triplesec-jacc2/store/src/test/java/org/apache/directory/triplesec/store/ServerProfileStoreITest.java Thu Oct 18 12:02:07 2007
@@ -34,12 +34,6 @@
 import org.apache.commons.io.FileUtils;
 import org.apache.directory.shared.ldap.message.AttributeImpl;
 import org.apache.directory.shared.ldap.message.AttributesImpl;
-import org.apache.directory.server.core.configuration.Configuration;
-import org.apache.directory.server.core.configuration.MutablePartitionConfiguration;
-import org.apache.directory.server.core.configuration.MutableStartupConfiguration;
-import org.apache.directory.server.core.configuration.ShutdownConfiguration;
-//import org.apache.directory.server.protocol.shared.store.Krb5KdcEntryFilter;
-//import org.apache.directory.server.protocol.shared.store.LdifFileLoader;
 import org.apache.directory.server.schema.bootstrap.SystemSchema;
 import org.apache.directory.server.schema.bootstrap.CoreSchema;
 import org.apache.directory.server.schema.bootstrap.ApacheSchema;
@@ -50,6 +44,8 @@
 import org.apache.directory.server.schema.bootstrap.Schema;
 import org.apache.directory.server.schema.registries.DefaultRegistries;
 import org.apache.directory.server.schema.registries.DefaultOidRegistry;
+import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition;
+import org.apache.directory.server.core.DefaultDirectoryService;
 import org.apache.directory.triplesec.profile.BaseServerProfileModifier;
 import org.apache.directory.triplesec.profile.ProfileTestData;
 import org.apache.directory.triplesec.profile.ServerProfile;
@@ -86,12 +82,12 @@
         }
         FileUtils.forceDelete( workingDirectory );
 
-        MutableStartupConfiguration config = new MutableStartupConfiguration();
+        DefaultDirectoryService config = new DefaultDirectoryService();
         config.setWorkingDirectory( workingDirectory );
-        MutablePartitionConfiguration partConfig = new MutablePartitionConfiguration();
+        JdbmPartition partConfig = new JdbmPartition();
 //        partConfig.setName( "example" );
         //????
-        partConfig.setName( "example" );
+        partConfig.setId( "example" );
 
         HashSet indices = new HashSet();
         indices.add( "dc" );
@@ -123,20 +119,20 @@
         schemas.add( new Krb5kdcSchema() );
 //        config.setBootstrapSchemas( schemas );
         loader.loadWithDependencies( schemas, bsRegistries );
-        config.setPartitionConfigurations( Collections.singleton( partConfig ) );
+        config.setPartitions( Collections.singleton( partConfig ) );
         config.setShutdownHookEnabled( false );
 
-        Hashtable env = new Hashtable();
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        env.put( Context.PROVIDER_URL, "dc=example,dc=com" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        env.put( Configuration.JNDI_KEY, config );
-        env.put( Context.STATE_FACTORIES, ProfileStateFactory.class.getName() );
-        env.put( Context.OBJECT_FACTORIES, ProfileObjectFactory.class.getName() );
+//        Hashtable env = new Hashtable();
+//        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+//        env.put( Context.PROVIDER_URL, "dc=example,dc=com" );
+//        env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
+//        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+//        env.put( Context.SECURITY_CREDENTIALS, "secret" );
+//        env.put( Configuration.JNDI_KEY, config );
+//        env.put( Context.STATE_FACTORIES, ProfileStateFactory.class.getName() );
+//        env.put( Context.OBJECT_FACTORIES, ProfileObjectFactory.class.getName() );
 
-        userContext = new InitialDirContext( env );
+        userContext = config.getJndiContext( "dc=example,dc=com");
         try
         {
             userContext = ( DirContext ) userContext.lookup( "ou=users" );
@@ -163,17 +159,17 @@
     protected void tearDown() throws Exception
     {
         userContext.close();
-        ShutdownConfiguration config = new ShutdownConfiguration();
-        Hashtable env = new Hashtable();
-        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
-        env.put( Context.PROVIDER_URL, "dc=example,dc=com" );
-        env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
-        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-        env.put( Context.SECURITY_CREDENTIALS, "secret" );
-        env.put( Configuration.JNDI_KEY, config );
-        env.put( Context.STATE_FACTORIES, ProfileStateFactory.class.getName() );
-        env.put( Context.OBJECT_FACTORIES, ProfileObjectFactory.class.getName() );
-        new InitialDirContext( env );
+//        ShutdownConfiguration config = new ShutdownConfiguration();
+//        Hashtable env = new Hashtable();
+//        env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+//        env.put( Context.PROVIDER_URL, "dc=example,dc=com" );
+//        env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
+//        env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+//        env.put( Context.SECURITY_CREDENTIALS, "secret" );
+//        env.put( Configuration.JNDI_KEY, config );
+//        env.put( Context.STATE_FACTORIES, ProfileStateFactory.class.getName() );
+//        env.put( Context.OBJECT_FACTORIES, ProfileObjectFactory.class.getName() );
+//        new InitialDirContext( env );
 
         userContext = null;
         store = null;



Mime
View raw message