directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r678819 - /directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/LdapRequestHandler.java
Date Tue, 22 Jul 2008 17:30:21 GMT
Author: elecharny
Date: Tue Jul 22 10:30:21 2008
New Revision: 678819

URL: http://svn.apache.org/viewvc?rev=678819&view=rev
Log:
o Fixed the logic. There where some NPE as the coreSession might have been null, and some
other errors
o Added some Javadoc

Modified:
    directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/LdapRequestHandler.java

Modified: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/LdapRequestHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/LdapRequestHandler.java?rev=678819&r1=678818&r2=678819&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/LdapRequestHandler.java
(original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/LdapRequestHandler.java
Tue Jul 22 10:30:21 2008
@@ -64,9 +64,6 @@
 
 
     /**
-     * TODO - add notes about how this protects against unauthorized access
-     * and sets up the ldapSession's coreContext.
-     * 
      * Handle a LDAP message received during a session.
      * 
      * @param session the user session created when the user first connected
@@ -79,7 +76,13 @@
     {
         LdapSession ldapSession = ldapServer.getLdapSession( session );
 
-        if ( ! ( message instanceof BindRequest ) )
+        // We should check that the server allows anonymous requests
+        // only if it's not a BindRequest
+        if ( message instanceof BindRequest )
+        {
+        	handle( ldapSession, message );
+        }
+        else
         {
             CoreSession coreSession = null;
             
@@ -91,14 +94,25 @@
             if ( ldapSession.isAuthenticated() )
             {
                 coreSession = ldapSession.getCoreSession();
+                handle( ldapSession, message );
+                return;
             }
-            else if ( coreSession.getDirectoryService().isAllowAnonymousAccess() )
+            
+            coreSession = getLdapServer().getDirectoryService().getSession();
+            ldapSession.setCoreSession( coreSession );
+            
+            if ( coreSession.getDirectoryService().isAllowAnonymousAccess() )
             {
-                coreSession = getLdapServer().getDirectoryService().getSession();
-                ldapSession.setCoreSession( coreSession );
+            	// We are not authenticated, and the server allows anonymous access,
+            	// we have create a new Anonymous session. Just return.
+            	handle( ldapSession, message );
+            	return;
             }
             else if ( message instanceof ResultResponseRequest )
             {
+            	// The server does not allow anonymous access, and the client
+            	// is not authenticated : get out if the request expect a
+            	// response.
                 ResultResponse response = ( ( ResultResponseRequest ) message ).getResultResponse();
                 response.getLdapResult().setErrorMessage( "Anonymous access disabled." );
                 response.getLdapResult().setResultCode( ResultCodeEnum.INSUFFICIENT_ACCESS_RIGHTS
);
@@ -107,13 +121,19 @@
             }
             else
             {
+            	// Last case : the AbandonRequest. We just quit.
                 return;
             }
         }
-
-        handle( ldapSession, message );
     }
 
     
+    /**
+     * Handle a Ldap message associated with a session
+     * 
+     * @param session The associated session
+     * @param message The message we have to handle
+     * @throws Exception If there is an error during the processing of this message
+     */
     public abstract void handle( LdapSession session, T message ) throws Exception;
 }



Mime
View raw message