directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From akaras...@apache.org
Subject svn commit: r655409 - in /directory: apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/ apacheds/trunk/protocol-ldap/src/test/java/org/apache/directory/server/ldap/ apacheds/trunk/server-unit/src/main/java/org/apache/...
Date Mon, 12 May 2008 04:21:35 GMT
Author: akarasulu
Date: Sun May 11 21:21:34 2008
New Revision: 655409

URL: http://svn.apache.org/viewvc?rev=655409&view=rev
Log:
Fix for DIRSERVER-1171: Improper use of SASL mechanisms and simple binds

Modified:
    directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/DefaultBindHandler.java
    directory/apacheds/trunk/protocol-ldap/src/test/java/org/apache/directory/server/ldap/LdapServerSettingsTest.java
    directory/apacheds/trunk/server-unit/src/main/java/org/apache/directory/server/unit/AbstractServerTest.java
    directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/SaslBindITest.java
    directory/shared/trunk/ldap-constants/src/main/java/org/apache/directory/shared/ldap/constants/SupportedSaslMechanisms.java

Modified: directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/DefaultBindHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/DefaultBindHandler.java?rev=655409&r1=655408&r2=655409&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/DefaultBindHandler.java
(original)
+++ directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/DefaultBindHandler.java
Sun May 11 21:21:34 2008
@@ -249,8 +249,7 @@
     }
 
     /**
-     * This method handle a 'simple' authentication. Of course, the 'SIMPLE' mechanism
-     * must have been allowed in the configuration, otherwise an error is thrown.
+     * This method handles 'simple' authentication. 
      *
      * @param bindRequest the bind request
      * @param session the mina IoSession
@@ -258,25 +257,9 @@
      */
     private void handleSimpleAuth( IoSession session, BindRequest bindRequest ) throws NamingException
     {
-        LdapServer ldapServer = ( LdapServer )
-                session.getAttribute( LdapServer.class.toString() );
-
         @SuppressWarnings( "unchecked" )
-        Set<String> supportedMechanisms = ldapServer.getSupportedMechanisms();
         LdapResult bindResult = bindRequest.getResultResponse().getLdapResult();
 
-        // First, deal with Simple Authentication
-        // Guard clause:  Reject SIMPLE mechanism.
-        if ( !supportedMechanisms.contains( SupportedSaslMechanisms.SIMPLE ) )
-        {
-            LOG.error( "Bind error : SIMPLE authentication not supported. Please check the
server.xml configuration file (supportedMechanisms field)" );
-
-            bindResult.setResultCode( ResultCodeEnum.STRONG_AUTH_REQUIRED );
-            bindResult.setErrorMessage( "Simple binds are disabled." );
-            session.write( bindRequest.getResultResponse() );
-            return;
-        }
-
         // Initialize the environment which will be used to create the context
         Hashtable<String, Object> env = getEnvironment( bindRequest, AuthenticationLevel.SIMPLE.toString()
);
 
@@ -353,7 +336,7 @@
     {
         String sessionMechanism = bindRequest.getSaslMechanism();
 
-        if ( sessionMechanism.equals( SupportedSaslMechanisms.SIMPLE ) )
+        if ( sessionMechanism.equals( SupportedSaslMechanisms.PLAIN ) )
         {
             /*
              * This is the principal name that will be used to bind to the DIT.
@@ -676,7 +659,7 @@
      */
     private String getAuthenticationLevel( String sessionMechanism )
     {
-        if ( sessionMechanism.equals( SupportedSaslMechanisms.SIMPLE ) )
+        if ( sessionMechanism.equals( SupportedSaslMechanisms.PLAIN ) )
         {
             return AuthenticationLevel.SIMPLE.toString();
         }

Modified: directory/apacheds/trunk/protocol-ldap/src/test/java/org/apache/directory/server/ldap/LdapServerSettingsTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/test/java/org/apache/directory/server/ldap/LdapServerSettingsTest.java?rev=655409&r1=655408&r2=655409&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-ldap/src/test/java/org/apache/directory/server/ldap/LdapServerSettingsTest.java
(original)
+++ directory/apacheds/trunk/protocol-ldap/src/test/java/org/apache/directory/server/ldap/LdapServerSettingsTest.java
Sun May 11 21:21:34 2008
@@ -77,11 +77,11 @@
         LdapServer server = new LdapServer();
         Map<String, MechanismHandler> handlers = new HashMap<String,MechanismHandler>();
         MechanismHandler handler = new SimpleMechanismHandler();
-        handlers.put( SupportedSaslMechanisms.SIMPLE, handler );
+        handlers.put( SupportedSaslMechanisms.PLAIN, handler );
         server.setSaslMechanismHandlers( handlers );
-        assertEquals( handler, server.getMechanismHandler( SupportedSaslMechanisms.SIMPLE
) );
-        assertTrue( server.getSupportedMechanisms().contains( SupportedSaslMechanisms.SIMPLE
) );
-        server.removeSaslMechanismHandler( SupportedSaslMechanisms.SIMPLE );
-        assertNull( server.getMechanismHandler( SupportedSaslMechanisms.SIMPLE ) );
+        assertEquals( handler, server.getMechanismHandler( SupportedSaslMechanisms.PLAIN
) );
+        assertTrue( server.getSupportedMechanisms().contains( SupportedSaslMechanisms.PLAIN
) );
+        server.removeSaslMechanismHandler( SupportedSaslMechanisms.PLAIN );
+        assertNull( server.getMechanismHandler( SupportedSaslMechanisms.PLAIN ) );
     }
 }

Modified: directory/apacheds/trunk/server-unit/src/main/java/org/apache/directory/server/unit/AbstractServerTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/server-unit/src/main/java/org/apache/directory/server/unit/AbstractServerTest.java?rev=655409&r1=655408&r2=655409&view=diff
==============================================================================
--- directory/apacheds/trunk/server-unit/src/main/java/org/apache/directory/server/unit/AbstractServerTest.java
(original)
+++ directory/apacheds/trunk/server-unit/src/main/java/org/apache/directory/server/unit/AbstractServerTest.java
Sun May 11 21:21:34 2008
@@ -268,7 +268,7 @@
     {
         Map<String, MechanismHandler> mechanismHandlerMap = new HashMap<String,MechanismHandler>();
 
-        mechanismHandlerMap.put( SupportedSaslMechanisms.SIMPLE, new SimpleMechanismHandler()
);
+        mechanismHandlerMap.put( SupportedSaslMechanisms.PLAIN, new SimpleMechanismHandler()
);
 
         CramMd5MechanismHandler cramMd5MechanismHandler = new CramMd5MechanismHandler();
         cramMd5MechanismHandler.setDirectoryService( directoryService );

Modified: directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/SaslBindITest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/SaslBindITest.java?rev=655409&r1=655408&r2=655409&view=diff
==============================================================================
--- directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/SaslBindITest.java
(original)
+++ directory/apacheds/trunk/server-unit/src/test/java/org/apache/directory/server/SaslBindITest.java
Sun May 11 21:21:34 2008
@@ -207,7 +207,7 @@
             assertTrue( result.contains( SupportedSaslMechanisms.DIGEST_MD5 ) );
             assertTrue( result.contains( SupportedSaslMechanisms.CRAM_MD5 ) );
             assertTrue( result.contains( SupportedSaslMechanisms.NTLM ) );
-            assertTrue( result.contains( SupportedSaslMechanisms.SIMPLE ) );
+            assertTrue( result.contains( SupportedSaslMechanisms.PLAIN ) );
             assertTrue( result.contains( SupportedSaslMechanisms.GSS_SPNEGO ) );
         }
         catch ( NamingException e )

Modified: directory/shared/trunk/ldap-constants/src/main/java/org/apache/directory/shared/ldap/constants/SupportedSaslMechanisms.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap-constants/src/main/java/org/apache/directory/shared/ldap/constants/SupportedSaslMechanisms.java?rev=655409&r1=655408&r2=655409&view=diff
==============================================================================
--- directory/shared/trunk/ldap-constants/src/main/java/org/apache/directory/shared/ldap/constants/SupportedSaslMechanisms.java
(original)
+++ directory/shared/trunk/ldap-constants/src/main/java/org/apache/directory/shared/ldap/constants/SupportedSaslMechanisms.java
Sun May 11 21:21:34 2008
@@ -31,7 +31,7 @@
     String CRAM_MD5 = "CRAM-MD5";
     String DIGEST_MD5 = "DIGEST-MD5";
     String GSSAPI = "GSSAPI";
-    String SIMPLE = "SIMPLE";
+    String PLAIN = "PLAIN";
 
     /** Not a SASL JDK supported mechanism */
     String NTLM = "NTLM";



Mime
View raw message