directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r681578 [2/2] - in /directory/apacheds/branches/bigbang: core-constants/src/main/java/org/apache/directory/server/constants/ core/src/main/java/org/apache/directory/server/core/authn/ core/src/main/java/org/apache/directory/server/core/part...
Date Fri, 01 Aug 2008 01:20:22 GMT
Modified: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/SimpleMechanismHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/SimpleMechanismHandler.java?rev=681578&r1=681577&r2=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/SimpleMechanismHandler.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/SimpleMechanismHandler.java Thu Jul 31 18:20:21 2008
@@ -20,9 +20,22 @@
 package org.apache.directory.server.newldap.handlers.bind;
 
 
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.interceptor.context.BindOperationContext;
+import org.apache.directory.server.newldap.LdapProtocolUtils;
 import org.apache.directory.server.newldap.LdapSession;
+import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
+import org.apache.directory.shared.ldap.exception.LdapException;
 import org.apache.directory.shared.ldap.message.BindRequest;
+import org.apache.directory.shared.ldap.message.BindResponse;
+import org.apache.directory.shared.ldap.message.LdapResult;
+import org.apache.directory.shared.ldap.message.ResultCodeEnum;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.util.ExceptionUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
+import javax.naming.Name;
 import javax.security.sasl.SaslServer;
 
 
@@ -36,8 +49,83 @@
  */
 public class SimpleMechanismHandler implements MechanismHandler
 {
-    public SaslServer handleMechanism( LdapSession session, BindRequest bindRequest ) throws Exception
+    /** The logger instance */
+    private static final Logger LOG = LoggerFactory.getLogger( SimpleMechanismHandler.class );
+
+    
+    public SaslServer handleMechanism( LdapSession ldapSession, CoreSession adminSession, BindRequest bindRequest ) throws Exception
     {
+        // create a new Bind context, with a null session, as we don't have 
+        // any context yet.
+        BindOperationContext opContext = new BindOperationContext( null );
+        
+        // Stores the DN of the user to check, and its password
+        opContext.setDn( bindRequest.getName() );
+        opContext.setCredentials( bindRequest.getCredentials() );
+
+        // Stores the request controls into the operation context
+        LdapProtocolUtils.setRequestControls( opContext, bindRequest );
+        
+        try
+        {
+            // And call the OperationManager bind operation.
+            adminSession.getDirectoryService().getOperationManager().bind( opContext );
+            
+            // As a result, store the created session in the Core Session
+            ldapSession.setCoreSession( opContext.getSession() );
+            
+            // Return the successful response
+            BindResponse response = ( BindResponse ) bindRequest.getResultResponse();
+            response.getLdapResult().setResultCode( ResultCodeEnum.SUCCESS );
+            LdapProtocolUtils.setResponseControls( opContext, response );
+            
+            // Write it back to the client
+            ldapSession.getIoSession().write( response );
+            LOG.debug( "Returned SUCCESS message: {}.", response );
+        }
+        catch ( Exception e )
+        {
+            // Something went wrong. Write back an error message            
+            ResultCodeEnum code = null;
+            LdapResult result = bindRequest.getResultResponse().getLdapResult();
+
+            if ( e instanceof LdapException )
+            {
+                code = ( ( LdapException ) e ).getResultCode();
+                result.setResultCode( code );
+            }
+            else
+            {
+                code = ResultCodeEnum.getBestEstimate( e, bindRequest.getType() );
+                result.setResultCode( code );
+            }
+
+            String msg = "Bind failed: " + e.getMessage();
+
+            if ( LOG.isDebugEnabled() )
+            {
+                msg += ":\n" + ExceptionUtils.getStackTrace( e );
+                msg += "\n\nBindRequest = \n" + bindRequest.toString();
+            }
+
+            Name name = null;
+            
+            if ( e instanceof LdapAuthenticationException )
+            {
+                name = ((LdapAuthenticationException)e).getResolvedName();
+            }
+            
+            if ( ( name != null )
+                && ( ( code == ResultCodeEnum.NO_SUCH_OBJECT ) || ( code == ResultCodeEnum.ALIAS_PROBLEM )
+                    || ( code == ResultCodeEnum.INVALID_DN_SYNTAX ) || ( code == ResultCodeEnum.ALIAS_DEREFERENCING_PROBLEM ) ) )
+            {
+                result.setMatchedDn( new LdapDN( name ) );
+            }
+
+            result.setErrorMessage( msg );
+            ldapSession.getIoSession().write( bindRequest.getResultResponse() );
+        }
+        
         return null;
     }
 }

Copied: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5CallbackHandler.java (from r681116, directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/CramMd5CallbackHandler.java)
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5CallbackHandler.java?p2=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5CallbackHandler.java&p1=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/CramMd5CallbackHandler.java&r1=681116&r2=681578&rev=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/CramMd5CallbackHandler.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5CallbackHandler.java Thu Jul 31 18:20:21 2008
@@ -17,12 +17,28 @@
  *  under the License.
  *
  */
-package org.apache.directory.server.newldap.handlers.bind;
+package org.apache.directory.server.newldap.handlers.bind.cramMD5;
 
 
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.entry.ClonedServerEntry;
+import org.apache.directory.server.core.filtering.EntryFilteringCursor;
 import org.apache.directory.server.newldap.LdapSession;
-import org.apache.directory.shared.ldap.NotImplementedException;
+import org.apache.directory.server.newldap.handlers.bind.AbstractSaslCallbackHandler;
+import org.apache.directory.server.newldap.handlers.bind.SaslConstants;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
+import org.apache.directory.shared.ldap.entry.EntryAttribute;
+import org.apache.directory.shared.ldap.filter.ExprNode;
+import org.apache.directory.shared.ldap.filter.FilterParser;
+import org.apache.directory.shared.ldap.filter.SearchScope;
+import org.apache.directory.shared.ldap.message.AliasDerefMode;
 import org.apache.directory.shared.ldap.message.BindRequest;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.schema.AttributeType;
+import org.apache.directory.shared.ldap.schema.AttributeTypeOptions;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -39,10 +55,12 @@
 {
     private static final Logger LOG = LoggerFactory.getLogger( CramMd5CallbackHandler.class );
 
-    private LdapSession session;
+    private LdapSession ldapSession;
+    
+    private CoreSession adminSession;
 
     private String bindDn;
-    private String userPassword;
+    //private String userPassword;
 
 
     /**
@@ -52,16 +70,50 @@
      * @param bindRequest the bind message
      * @param directoryService the directory service core
      */
-    public CramMd5CallbackHandler( LdapSession session, BindRequest bindRequest )
+    public CramMd5CallbackHandler( LdapSession ldapSession, CoreSession adminSession, BindRequest bindRequest )
     {
-        super( session.getCoreSession().getDirectoryService() );
-        this.session = session;
+        super( adminSession.getDirectoryService(), bindRequest );
+        this.ldapSession = ldapSession;
+        this.adminSession = adminSession;
     }
 
 
-    protected String lookupPassword( String username, String realm )
+    protected EntryAttribute lookupPassword( String username, String realm )
     {
-        throw new NotImplementedException();
+        try
+        {
+            ExprNode filter = FilterParser.parse( "(uid=" + username + ")" );
+            Set<AttributeTypeOptions> returningAttributes = new HashSet<AttributeTypeOptions>();
+            
+            AttributeType passwordAT = adminSession.getDirectoryService().getRegistries().getAttributeTypeRegistry().lookup( SchemaConstants.USER_PASSWORD_AT );
+            returningAttributes.add( new AttributeTypeOptions( passwordAT) );
+            bindDn = (String)ldapSession.getSaslProperties().get( SaslConstants.SASL_USER_BASE_DN );
+            
+            LdapDN baseDn = new LdapDN( bindDn );
+
+            EntryFilteringCursor cursor = adminSession.search( 
+                baseDn, 
+                SearchScope.SUBTREE, 
+                filter, 
+                AliasDerefMode.DEREF_ALWAYS, 
+                returningAttributes );
+            
+            cursor.beforeFirst();
+            
+            ClonedServerEntry entry = null;
+            
+            while ( cursor.next() )
+            {
+                entry = cursor.get();
+                ldapSession.getSaslProperties().put( SaslConstants.SASL_AUTHENT_USER, entry );
+            }
+
+            return entry.get( passwordAT );
+        }
+        catch ( Exception e )
+        {
+            return null;
+        }
     }
 
 
@@ -69,10 +121,10 @@
     {
         if ( LOG.isDebugEnabled() )
         {
-            LOG.debug( "Converted username " + getUsername() + " to DN " + bindDn + " with password " + userPassword );
+            LOG.debug( "Converted username " + getUsername() + " to DN " + bindDn );
         }
 
-        session.getIoSession().setAttribute( Context.SECURITY_PRINCIPAL, bindDn );
+        ldapSession.getSaslProperties().put( Context.SECURITY_PRINCIPAL, bindDn );
 
         authorizeCB.setAuthorizedID( bindDn );
         authorizeCB.setAuthorized( true );

Copied: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5MechanismHandler.java (from r681116, directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/CramMd5MechanismHandler.java)
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5MechanismHandler.java?p2=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5MechanismHandler.java&p1=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/CramMd5MechanismHandler.java&r1=681116&r2=681578&rev=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/CramMd5MechanismHandler.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5MechanismHandler.java Thu Jul 31 18:20:21 2008
@@ -17,10 +17,13 @@
  *  under the License.
  *
  */
-package org.apache.directory.server.newldap.handlers.bind;
+package org.apache.directory.server.newldap.handlers.bind.cramMD5;
 
 
+import org.apache.directory.server.core.CoreSession;
 import org.apache.directory.server.newldap.LdapSession;
+import org.apache.directory.server.newldap.handlers.bind.MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.SaslConstants;
 import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
 import org.apache.directory.shared.ldap.message.BindRequest;
 
@@ -40,29 +43,24 @@
  */
 public class CramMd5MechanismHandler implements MechanismHandler
 {
-    public SaslServer handleMechanism( LdapSession session, BindRequest bindRequest ) throws Exception
+    public SaslServer handleMechanism( LdapSession ldapSession, CoreSession adminSession, BindRequest bindRequest ) throws Exception
     {
-        SaslServer ss;
+        SaslServer ss = (SaslServer)ldapSession.getSaslProperties().get( SaslConstants.SASL_SERVER );
 
         // TODO - don't use session properties anymore
-        if ( session.getIoSession().containsAttribute( SASL_CONTEXT ) )
+        if ( ss == null )
         {
-            ss = ( SaslServer ) session.getIoSession().getAttribute( SASL_CONTEXT );
-        }
-        else
-        {
-            String saslHost = ( String ) session.getIoSession().getAttribute( "saslHost" );
+            String saslHost = ldapSession.getLdapServer().getSaslHost();
+            String userBaseDn = ldapSession.getLdapServer().getSearchBaseDn();
+            ldapSession.getSaslProperties().put( SaslConstants.SASL_HOST, saslHost );
+            ldapSession.getSaslProperties().put( SaslConstants.SASL_USER_BASE_DN, userBaseDn );
+            
 
-            /*
-             * Sasl will throw an exception is Sasl.QOP properties are set.
-             * CRAM-MD5 doesn't support QoP.
-             */
             Map<String, String> saslProps = new HashMap<String, String>();
+            CallbackHandler callbackHandler = new CramMd5CallbackHandler( ldapSession, adminSession, bindRequest );
 
-            CallbackHandler callbackHandler = new CramMd5CallbackHandler( session, bindRequest );
-
-            ss = Sasl.createSaslServer( SupportedSaslMechanisms.CRAM_MD5, "ldap", saslHost, saslProps, callbackHandler );
-            session.getIoSession().setAttribute( SASL_CONTEXT, ss );
+            ss = Sasl.createSaslServer( SupportedSaslMechanisms.CRAM_MD5, SaslConstants.LDAP_PROTOCOL, saslHost, saslProps, callbackHandler );
+            ldapSession.putSaslProperties( SaslConstants.SASL_SERVER, ss );
         }
 
         return ss;

Copied: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5CallbackHandler.java (from r681116, directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/DigestMd5CallbackHandler.java)
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5CallbackHandler.java?p2=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5CallbackHandler.java&p1=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/DigestMd5CallbackHandler.java&r1=681116&r2=681578&rev=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/DigestMd5CallbackHandler.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5CallbackHandler.java Thu Jul 31 18:20:21 2008
@@ -17,11 +17,13 @@
  *  under the License.
  *
  */
-package org.apache.directory.server.newldap.handlers.bind;
+package org.apache.directory.server.newldap.handlers.bind.digestMD5;
 
 
 import org.apache.directory.server.core.DirectoryService;
+import org.apache.directory.server.newldap.handlers.bind.AbstractSaslCallbackHandler;
 import org.apache.directory.shared.ldap.NotImplementedException;
+import org.apache.directory.shared.ldap.entry.EntryAttribute;
 import org.apache.directory.shared.ldap.message.BindRequest;
 import org.apache.mina.common.IoSession;
 import org.slf4j.Logger;
@@ -40,7 +42,6 @@
     private static final Logger LOG = LoggerFactory.getLogger( DigestMd5CallbackHandler.class );
 
     private IoSession session;
-    private BindRequest bindRequest;
 
     private String bindDn;
     private String userPassword;
@@ -55,13 +56,12 @@
      */
     public DigestMd5CallbackHandler( DirectoryService directoryService, BindRequest bindRequest )
     {
-        super( directoryService );
-        this.bindRequest = bindRequest;
+        super( directoryService, bindRequest );
     }
 
 
     // TODO - should return not be a byte[]
-    protected String lookupPassword( String username, String realm )
+    protected EntryAttribute lookupPassword( String username, String realm )
     {
         // TODO - Use realm with multi-realm support.
         throw new NotImplementedException();

Copied: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5MechanismHandler.java (from r681116, directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/DigestMd5MechanismHandler.java)
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5MechanismHandler.java?p2=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5MechanismHandler.java&p1=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/DigestMd5MechanismHandler.java&r1=681116&r2=681578&rev=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/DigestMd5MechanismHandler.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5MechanismHandler.java Thu Jul 31 18:20:21 2008
@@ -17,10 +17,13 @@
  *  under the License.
  *
  */
-package org.apache.directory.server.newldap.handlers.bind;
+package org.apache.directory.server.newldap.handlers.bind.digestMD5;
 
 
+import org.apache.directory.server.core.CoreSession;
 import org.apache.directory.server.newldap.LdapSession;
+import org.apache.directory.server.newldap.handlers.bind.MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.SaslConstants;
 import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
 import org.apache.directory.shared.ldap.message.BindRequest;
 
@@ -39,13 +42,13 @@
  */
 public class DigestMd5MechanismHandler implements MechanismHandler
 {
-    public SaslServer handleMechanism( LdapSession session, BindRequest bindRequest ) throws Exception
+    public SaslServer handleMechanism( LdapSession session, CoreSession adminSession, BindRequest bindRequest ) throws Exception
     {
         SaslServer ss;
 
-        if ( session.getIoSession().containsAttribute( SASL_CONTEXT ) )
+        if ( session.getIoSession().containsAttribute( SaslConstants.SASL_SERVER ) )
         {
-            ss = ( SaslServer ) session.getIoSession().getAttribute( SASL_CONTEXT );
+            ss = ( SaslServer ) session.getIoSession().getAttribute( SaslConstants.SASL_SERVER );
         }
         else
         {
@@ -55,8 +58,8 @@
             CallbackHandler callbackHandler = new DigestMd5CallbackHandler( 
                 session.getCoreSession().getDirectoryService(), bindRequest );
 
-            ss = Sasl.createSaslServer( SupportedSaslMechanisms.DIGEST_MD5, "ldap", saslHost, saslProps, callbackHandler );
-            session.getIoSession().setAttribute( SASL_CONTEXT, ss );
+            ss = Sasl.createSaslServer( SupportedSaslMechanisms.DIGEST_MD5, SaslConstants.LDAP_PROTOCOL, saslHost, saslProps, callbackHandler );
+            session.getIoSession().setAttribute( SaslConstants.SASL_SERVER, ss );
         }
 
         return ss;

Copied: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiCallbackHandler.java (from r681116, directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/GssapiCallbackHandler.java)
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiCallbackHandler.java?p2=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiCallbackHandler.java&p1=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/GssapiCallbackHandler.java&r1=681116&r2=681578&rev=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/GssapiCallbackHandler.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiCallbackHandler.java Thu Jul 31 18:20:21 2008
@@ -17,14 +17,17 @@
  *  under the License.
  *
  */
-package org.apache.directory.server.newldap.handlers.bind;
+package org.apache.directory.server.newldap.handlers.bind.gssapi;
 
 
 import org.apache.directory.server.core.DirectoryService;
 import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
 import org.apache.directory.server.kerberos.shared.store.operations.GetPrincipal;
+import org.apache.directory.server.newldap.LdapSession;
+import org.apache.directory.server.newldap.handlers.bind.AbstractSaslCallbackHandler;
+import org.apache.directory.shared.ldap.entry.EntryAttribute;
 import org.apache.directory.shared.ldap.message.BindRequest;
-import org.apache.mina.common.IoSession;
+import org.apache.directory.shared.ldap.name.LdapDN;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -43,8 +46,7 @@
 {
     private static final Logger LOG = LoggerFactory.getLogger( GssapiCallbackHandler.class );
 
-    private IoSession session;
-    private BindRequest bindRequest;
+    private LdapSession ldapSession;
 
 
     /**
@@ -54,15 +56,14 @@
      * @param bindRequest the bind message
      * @param directoryService the directory service core
      */
-    public GssapiCallbackHandler( DirectoryService directoryService, IoSession session, BindRequest bindRequest )
+    public GssapiCallbackHandler( DirectoryService directoryService, LdapSession ldapSession, BindRequest bindRequest )
     {
-        super( directoryService );
-        this.session = session;
-        this.bindRequest = bindRequest;
+        super( directoryService, bindRequest );
+        this.ldapSession = ldapSession;
     }
 
 
-    protected String lookupPassword( String username, String password )
+    protected EntryAttribute lookupPassword( String username, String password )
     {
         // do nothing, password not used by GSSAPI
         return null;
@@ -73,18 +74,18 @@
     {
         LOG.debug( "Processing conversion of principal name to DN." );
 
-        Hashtable<String, Object> env = getEnvironment( session );
+        Hashtable<String, Object> env = getEnvironment( ldapSession.getIoSession() );
 
-        LdapContext ctx = getContext( session, bindRequest, env );
+        LdapContext ctx = getContext( ldapSession.getIoSession(), bindRequest, env );
 
         String username = authorizeCB.getAuthorizationID();
 
         GetPrincipal getPrincipal = new GetPrincipal( new KerberosPrincipal( username ) );
-        PrincipalStoreEntry entry = ( PrincipalStoreEntry ) getPrincipal.execute( ctx, null );
+        PrincipalStoreEntry entry = ( PrincipalStoreEntry ) getPrincipal.execute( ldapSession.getCoreSession(), (LdapDN)null );
         String bindDn = entry.getDistinguishedName();
 
         LOG.debug( "Converted username {} to DN {}.", username, bindDn );
-        session.setAttribute( Context.SECURITY_PRINCIPAL, bindDn );
+        ldapSession.getIoSession().setAttribute( Context.SECURITY_PRINCIPAL, bindDn );
 
         authorizeCB.setAuthorizedID( bindDn );
         authorizeCB.setAuthorized( true );

Copied: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiMechanismHandler.java (from r681116, directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/GssapiMechanismHandler.java)
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiMechanismHandler.java?p2=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiMechanismHandler.java&p1=directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/GssapiMechanismHandler.java&r1=681116&r2=681578&rev=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/GssapiMechanismHandler.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/gssapi/GssapiMechanismHandler.java Thu Jul 31 18:20:21 2008
@@ -17,10 +17,13 @@
  *  under the License.
  *
  */
-package org.apache.directory.server.newldap.handlers.bind;
+package org.apache.directory.server.newldap.handlers.bind.gssapi;
 
 
+import org.apache.directory.server.core.CoreSession;
 import org.apache.directory.server.newldap.LdapSession;
+import org.apache.directory.server.newldap.handlers.bind.MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.SaslConstants;
 import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
 import org.apache.directory.shared.ldap.message.BindRequest;
 
@@ -41,33 +44,33 @@
  */
 public class GssapiMechanismHandler implements MechanismHandler
 {
-    public SaslServer handleMechanism( LdapSession session, BindRequest bindRequest ) throws Exception
+    public SaslServer handleMechanism( LdapSession ldapSession, CoreSession adminSession, BindRequest bindRequest ) throws Exception
     {
         SaslServer ss;
 
-        if ( session.getIoSession().containsAttribute( SASL_CONTEXT ) )
+        if ( ldapSession.getIoSession().containsAttribute( SaslConstants.SASL_SERVER ) )
         {
-            ss = ( SaslServer ) session.getIoSession().getAttribute( SASL_CONTEXT );
+            ss = ( SaslServer ) ldapSession.getIoSession().getAttribute( SaslConstants.SASL_SERVER );
         }
         else
         {
-            Subject subject = ( Subject ) session.getIoSession().getAttribute( "saslSubject" );
+            Subject subject = ( Subject ) ldapSession.getIoSession().getAttribute( "saslSubject" );
 
-            final Map<String, String> saslProps = ( Map<String, String> ) session.getIoSession().getAttribute( "saslProps" );
-            final String saslHost = ( String ) session.getIoSession().getAttribute( "saslHost" );
+            final Map<String, String> saslProps = ( Map<String, String> ) ldapSession.getIoSession().getAttribute( "saslProps" );
+            final String saslHost = ( String ) ldapSession.getIoSession().getAttribute( "saslHost" );
 
             final CallbackHandler callbackHandler = new GssapiCallbackHandler( 
-                session.getCoreSession().getDirectoryService(), session.getIoSession(), bindRequest );
+                ldapSession.getCoreSession().getDirectoryService(), ldapSession, bindRequest );
 
             ss = ( SaslServer ) Subject.doAs( subject, new PrivilegedExceptionAction<SaslServer>()
             {
                 public SaslServer run() throws Exception
                 {
-                    return Sasl.createSaslServer( SupportedSaslMechanisms.GSSAPI, "ldap", saslHost, saslProps, callbackHandler );
+                    return Sasl.createSaslServer( SupportedSaslMechanisms.GSSAPI, SaslConstants.LDAP_PROTOCOL, saslHost, saslProps, callbackHandler );
                 }
             } );
 
-            session.getIoSession().setAttribute( SASL_CONTEXT, ss );
+            ldapSession.getIoSession().setAttribute( SaslConstants.SASL_SERVER, ss );
         }
 
         return ss;

Modified: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmMechanismHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmMechanismHandler.java?rev=681578&r1=681577&r2=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmMechanismHandler.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmMechanismHandler.java Thu Jul 31 18:20:21 2008
@@ -20,8 +20,10 @@
 package org.apache.directory.server.newldap.handlers.bind.ntlm;
 
 
+import org.apache.directory.server.core.CoreSession;
 import org.apache.directory.server.newldap.LdapSession;
 import org.apache.directory.server.newldap.handlers.bind.MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.SaslConstants;
 import org.apache.directory.shared.ldap.message.BindRequest;
 
 import javax.security.sasl.SaslServer;
@@ -54,13 +56,13 @@
     }
 
 
-    public SaslServer handleMechanism( LdapSession session, BindRequest bindRequest ) throws Exception
+    public SaslServer handleMechanism( LdapSession ldapSession, CoreSession adminSession, BindRequest bindRequest ) throws Exception
     {
         SaslServer ss;
 
-        if ( session.getIoSession().containsAttribute( SASL_CONTEXT ) )
+        if ( ldapSession.getIoSession().containsAttribute( SaslConstants.SASL_SERVER ) )
         {
-            ss = ( SaslServer ) session.getIoSession().getAttribute( SASL_CONTEXT );
+            ss = ( SaslServer ) ldapSession.getIoSession().getAttribute( SaslConstants.SASL_SERVER );
         }
         else
         {
@@ -69,8 +71,8 @@
                 initProvider();
             }
             
-            ss = new NtlmSaslServer( provider, bindRequest, session.getIoSession() );
-            session.getIoSession().setAttribute( SASL_CONTEXT, ss );
+            ss = new NtlmSaslServer( provider, bindRequest, ldapSession );
+            ldapSession.getIoSession().setAttribute( SaslConstants.SASL_SERVER, ss );
         }
 
         return ss;

Modified: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmSaslServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmSaslServer.java?rev=681578&r1=681577&r2=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmSaslServer.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmSaslServer.java Thu Jul 31 18:20:21 2008
@@ -20,12 +20,12 @@
 package org.apache.directory.server.newldap.handlers.bind.ntlm;
 
 
+import org.apache.directory.server.newldap.LdapSession;
+import org.apache.directory.server.newldap.handlers.bind.AbstractSaslServer;
 import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
 import org.apache.directory.shared.ldap.message.BindRequest;
-import org.apache.mina.common.IoSession;
 
 import javax.naming.Context;
-import javax.security.sasl.SaslServer;
 import javax.security.sasl.SaslException;
 
 
@@ -37,24 +37,24 @@
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $$Rev$$
  */
-public class NtlmSaslServer implements SaslServer
+public class NtlmSaslServer extends AbstractSaslServer
 {
     enum NegotiationState { INITIALIZED, TYPE_1_RECEIVED, TYPE_2_SENT, TYPE_3_RECEIVED, COMPLETED }
 
     private NegotiationState state = NegotiationState.INITIALIZED;
     private final NtlmProvider provider;
-    private final BindRequest request;
-    private final IoSession session;
 
     
-    public NtlmSaslServer( NtlmProvider provider, BindRequest request, IoSession session )
+    public NtlmSaslServer( NtlmProvider provider, BindRequest bindRequest, LdapSession ldapSession )
     {
-        this.session = session;
-        this.request = request;
+        super( ldapSession, null, bindRequest );
         this.provider = provider;
     }
 
 
+    /**
+     * {@inheritDoc}
+     */
     public String getMechanismName()
     {
         return SupportedSaslMechanisms.NTLM;
@@ -101,6 +101,9 @@
     }
 
 
+    /**
+     * {@inheritDoc}
+     */
     public byte[] evaluateResponse( byte[] response ) throws SaslException
     {
         if ( response == null )
@@ -121,7 +124,7 @@
             case TYPE_1_RECEIVED:
                 try
                 {
-                    retval = provider.generateChallenge( session, response );
+                    retval = provider.generateChallenge( getLdapSession().getIoSession(), response );
                 }
                 catch ( Exception e )
                 {
@@ -132,8 +135,8 @@
                 boolean result;
                 try
                 {
-                    result = provider.authenticate( session, response );
-                    session.setAttribute( Context.SECURITY_PRINCIPAL, request.getName().toString() );
+                    result = provider.authenticate( getLdapSession().getIoSession(), response );
+                    getLdapSession().getIoSession().setAttribute( Context.SECURITY_PRINCIPAL, getBindRequest().getName().toString() );
                 }
                 catch ( Exception e )
                 {
@@ -151,38 +154,11 @@
     }
 
 
+    /**
+     * {@inheritDoc}
+     */
     public boolean isComplete()
     {
         return state == NegotiationState.COMPLETED;
     }
-
-
-    // --- NOT USED ---
-    public String getAuthorizationID()
-    {
-        return "";
-    }
-
-
-    public byte[] unwrap( byte[] incoming, int offset, int len ) throws SaslException
-    {
-        return new byte[0];
-    }
-
-
-    public byte[] wrap( byte[] outgoing, int offset, int len ) throws SaslException
-    {
-        return new byte[0];
-    }
-
-
-    public Object getNegotiatedProperty( String propName )
-    {
-        return "";
-    }
-
-
-    public void dispose() throws SaslException
-    {
-    }
 }

Added: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/plain/PlainMechanismHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/plain/PlainMechanismHandler.java?rev=681578&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/plain/PlainMechanismHandler.java (added)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/plain/PlainMechanismHandler.java Thu Jul 31 18:20:21 2008
@@ -0,0 +1,58 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+package org.apache.directory.server.newldap.handlers.bind.plain;
+
+
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.newldap.LdapSession;
+import org.apache.directory.server.newldap.handlers.bind.MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.SaslConstants;
+import org.apache.directory.shared.ldap.message.BindRequest;
+
+import javax.security.sasl.SaslServer;
+
+
+/**
+ * A handler for the PLAIN Sasl mechanism. 
+ *
+ * @org.apache.xbean.XBean
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class PlainMechanismHandler implements MechanismHandler
+{
+    
+    /**
+     * {@inheritDoc}
+     */
+    public SaslServer handleMechanism( LdapSession ldapSession, CoreSession adminSession, BindRequest bindRequest ) throws Exception
+    {
+        SaslServer ss = ( SaslServer ) ldapSession.getSaslProperties().get( SaslConstants.SASL_SERVER );
+        
+        if ( ss == null )
+        {
+            
+            ss = new PlainSaslServer( ldapSession, adminSession, bindRequest );
+            ldapSession.getSaslProperties().put( SaslConstants.SASL_SERVER, ss );
+        }
+
+        return ss;
+    }
+}
\ No newline at end of file

Added: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/plain/PlainSaslServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/plain/PlainSaslServer.java?rev=681578&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/plain/PlainSaslServer.java (added)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/plain/PlainSaslServer.java Thu Jul 31 18:20:21 2008
@@ -0,0 +1,251 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.newldap.handlers.bind.plain;
+
+
+import java.io.IOException;
+
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.interceptor.context.BindOperationContext;
+import org.apache.directory.server.newldap.LdapSession;
+import org.apache.directory.server.newldap.handlers.bind.AbstractSaslServer;
+import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
+import org.apache.directory.shared.ldap.message.BindRequest;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.schema.PrepareString;
+import org.apache.directory.shared.ldap.util.StringTools;
+
+import javax.naming.InvalidNameException;
+import javax.security.sasl.SaslException;
+
+
+/**
+ * A SaslServer implementation for PLAIN based SASL mechanism.  This is
+ * required unfortunately because the JDK's SASL provider does not support
+ * this mechanism.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $$Rev$$
+ */
+public class PlainSaslServer extends AbstractSaslServer
+{
+    /** The authzid property stored into the LdapSession instance */
+    public static final String SASL_PLAIN_AUTHZID = "authzid";
+    
+    /** The authcid property stored into the LdapSession instance */
+    public static final String SASL_PLAIN_AUTHCID = "authcid";
+
+    /** The password property stored into the LdapSession instance */
+    public static final String SASL_PLAIN_PASSWORD = "password";
+    
+    
+    /**
+     * The possible states for the negotiation of a PLAIN mechanism. 
+     */
+    private enum NegotiationState 
+    {
+        INITIALIZED,    // Negotiation has just started 
+        MECH_RECEIVED,  // We have received the PLAIN mechanism
+        COMPLETED       // The user/password have been received
+    }
+    
+    
+    /**
+     * The different state used by the iInitialResponse decoding
+     */
+    private enum InitialResponse
+    {
+        AUTHZID_EXPECTED,    // We are expecting a authzid element
+        AUTHCID_EXPECTED,    // We are expecting a authcid element 
+        PASSWORD_EXPECTED    // We are expecting a password element
+    }
+
+    /** The current negotiation state */
+    private NegotiationState state;
+    
+    
+    /**
+     * 
+     * Creates a new instance of PlainSaslServer.
+     *
+     * @param bindRequest The associated BindRequest object
+     * @param ldapSession The associated LdapSession instance 
+     */
+    public PlainSaslServer( LdapSession ldapSession, CoreSession adminSession, BindRequest bindRequest )
+    {
+        super( ldapSession, adminSession, bindRequest );
+        state = NegotiationState.INITIALIZED;
+        
+        // Reinitialize the SASL properties
+        getLdapSession().getSaslProperties().remove( SASL_PLAIN_AUTHZID );
+        getLdapSession().getSaslProperties().remove( SASL_PLAIN_AUTHCID );
+        getLdapSession().getSaslProperties().remove( SASL_PLAIN_PASSWORD );
+    }
+
+
+    /**
+     * {@inheritDoc}
+     */
+    public String getMechanismName()
+    {
+        return SupportedSaslMechanisms.PLAIN;
+    }
+
+
+    /**
+     * {@inheritDoc}
+     */
+    public byte[] evaluateResponse( byte[] initialResponse ) throws SaslException
+    {
+        if ( StringTools.isEmpty( initialResponse ) )
+        {
+            state = NegotiationState.MECH_RECEIVED;
+            return null;
+        }
+        else
+        {
+            // Split the credentials in three parts :
+            // - the optional authzId
+            // - the authId
+            // - the password
+            InitialResponse element = InitialResponse.AUTHZID_EXPECTED;
+            String authzId = null;
+            String authcId = null;
+            String password = null;
+            
+            int start = 0;
+            int end = 0;
+            
+            try
+            {
+                for ( byte b:initialResponse )
+                {
+                    if ( b == '\0' )
+                    {
+                        if ( start - end == 0 )
+                        {
+                            // We don't have any value
+                            if ( element == InitialResponse.AUTHZID_EXPECTED )
+                            {
+                                // This is optional : do nothing, but change
+                                // the element type
+                                element = InitialResponse.AUTHCID_EXPECTED;
+                                continue;
+                            }
+                            else
+                            {
+                                // This not allowed
+                                throw new IllegalArgumentException( "response with no auhcid or no password" );
+                            }
+                        }
+                        else
+                        {
+                            start++;
+                            String value = new String( initialResponse, start, end - start + 1, "UTF-8" );
+                            
+                            switch ( element )
+                            {
+                                case AUTHZID_EXPECTED :
+                                    element = InitialResponse.AUTHCID_EXPECTED;
+                                    authzId = PrepareString.normalize( value, PrepareString.StringType.CASE_EXACT_IA5 );
+                                    end++;
+                                    start = end;
+                                    break;
+                                    
+                                case AUTHCID_EXPECTED :
+                                    element = InitialResponse.PASSWORD_EXPECTED;
+                                    authcId = PrepareString.normalize( value, PrepareString.StringType.DIRECTORY_STRING );
+                                    end++;
+                                    start = end;
+                                    break;
+                                    
+                                    
+                                default :
+                                    // This is an error !
+                                    throw new IllegalArgumentException( "'\0' chars are not allowed in authcid or no password" );
+                            }
+                        }
+                    }
+                    else
+                    {
+                        end++;
+                    }
+                }
+            
+                if ( start == end )
+                {
+                    throw new IllegalArgumentException( "response with no auhcid or no password" );
+                }
+                
+                start++;
+                String value = StringTools.utf8ToString( initialResponse, start, end - start + 1 );
+                
+                password = PrepareString.normalize( value, PrepareString.StringType.CASE_EXACT_IA5 );
+                
+                if ( ( authcId == null ) || ( password == null ) )
+                {
+                    throw new IllegalArgumentException( "response with no auhcid or no password" );
+                }
+                
+                // Now that we have the authcid and password, try to authenticate.
+                CoreSession userSession = authenticate( authcId, password );
+                
+                getLdapSession().setCoreSession( userSession );
+                
+                state = NegotiationState.COMPLETED;
+            }
+            catch ( IOException ioe )
+            {
+                throw new IllegalArgumentException( "The given InitialReponse is incorrect" );
+            }
+            catch ( InvalidNameException ine )
+            {
+                throw new IllegalArgumentException( "Cannot authenticate an invalid authcid DN" );
+            }
+            catch ( Exception e )
+            {
+                throw new SaslException( "Cannot authenticate the user " + authcId );
+            }
+        }
+
+        return StringTools.EMPTY_BYTES;
+    }
+
+
+    public boolean isComplete()
+    {
+        return state == NegotiationState.COMPLETED;
+    }
+    
+    
+    /**
+     * Try to authenticate the usr against the underlying LDAP server.
+     */
+    private CoreSession authenticate( String user, String password ) throws InvalidNameException, Exception
+    {
+        BindOperationContext bindContext = new BindOperationContext( getLdapSession().getCoreSession() );
+        bindContext.setDn( new LdapDN( user ) );
+        bindContext.setCredentials( StringTools.getBytesUtf8( password ) );
+        
+        getAdminSession().getDirectoryService().getOperationManager().bind( bindContext );
+        
+        return bindContext.getSession();
+    }
+}

Modified: directory/apacheds/branches/bigbang/protocol-newldap/src/test/java/org/apache/directory/server/newldap/LdapServerSettingsTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/test/java/org/apache/directory/server/newldap/LdapServerSettingsTest.java?rev=681578&r1=681577&r2=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/test/java/org/apache/directory/server/newldap/LdapServerSettingsTest.java (original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/test/java/org/apache/directory/server/newldap/LdapServerSettingsTest.java Thu Jul 31 18:20:21 2008
@@ -28,7 +28,7 @@
 import org.apache.directory.server.newldap.ExtendedOperationHandler;
 import org.apache.directory.server.newldap.LdapServer;
 import org.apache.directory.server.newldap.handlers.bind.MechanismHandler;
-import org.apache.directory.server.newldap.handlers.bind.PlainMechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.plain.PlainMechanismHandler;
 import org.apache.directory.server.newldap.handlers.extended.StartTlsHandler;
 import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
 

Modified: directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/catalog/GetCatalog.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/catalog/GetCatalog.java?rev=681578&r1=681577&r2=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/catalog/GetCatalog.java (original)
+++ directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/catalog/GetCatalog.java Thu Jul 31 18:20:21 2008
@@ -24,20 +24,20 @@
 import java.util.HashMap;
 import java.util.Map;
 
-import javax.naming.Name;
-import javax.naming.NamingEnumeration;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
-
 import org.apache.directory.server.constants.ApacheSchemaConstants;
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.entry.ServerEntry;
+import org.apache.directory.server.core.filtering.EntryFilteringCursor;
 import org.apache.directory.server.protocol.shared.store.ContextOperation;
+import org.apache.directory.shared.ldap.entry.EntryAttribute;
+import org.apache.directory.shared.ldap.filter.FilterParser;
+import org.apache.directory.shared.ldap.filter.SearchScope;
+import org.apache.directory.shared.ldap.message.AliasDerefMode;
+import org.apache.directory.shared.ldap.name.LdapDN;
 
 
 /**
- * A JNDI context operation for building a catalog.
+ * A Session operation for building a catalog.
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
@@ -45,34 +45,46 @@
 public class GetCatalog implements ContextOperation
 {
     private static final long serialVersionUID = -6657995003127926278L;
-    private static final String ENTRY = ApacheSchemaConstants.APACHE_CATALOG_ENTRY_OC;
-    private static final String ENTRY_NAME = "apacheCatalogEntryName";
-    private static final String ENTRY_BASEDN = "apacheCatalogEntryBaseDn";
 
 
     /**
      * Note that the base is relative to the existing context.
      */
-    public Object execute( DirContext ctx, Name base ) throws Exception
+    public Object execute( CoreSession session, LdapDN base ) throws Exception
     {
-        SearchControls controls = new SearchControls();
-        controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
-
-        String filter = "(objectClass=" + ENTRY + ")";
+        String filter = "(objectClass=" + ApacheSchemaConstants.APACHE_CATALOG_ENTRY_OC + ")";
 
-        NamingEnumeration<SearchResult> list = ctx.search( "", filter, controls );
+        EntryFilteringCursor list = session.search( 
+            LdapDN.EMPTY_LDAPDN, 
+            SearchScope.SUBTREE, 
+            FilterParser.parse( filter ), 
+            AliasDerefMode.DEREF_ALWAYS,
+            null );
 
         Map<String, String> catalog = new HashMap<String, String>();
 
-        while ( list.hasMore() )
+        list.beforeFirst();
+        
+        while ( list.next() )
         {
-            SearchResult result = list.next();
-
-            Attributes attrs = result.getAttributes();
-            Attribute attr;
+            ServerEntry result = list.get();
 
-            String name = ( attr = attrs.get( ENTRY_NAME ) ) != null ? ( String ) attr.get() : null;
-            String basedn = ( attr = attrs.get( ENTRY_BASEDN ) ) != null ? ( String ) attr.get() : null;
+            String name = null;
+            EntryAttribute attribute = result.get( ApacheSchemaConstants.APACHE_CATALOGUE_ENTRY_NAME_AT );
+            
+            if ( attribute != null )
+            {
+                name = attribute.getString();
+            }
+            
+            String basedn = null;
+            attribute = result.get( ApacheSchemaConstants.APACHE_CATALOGUE_ENTRY_BASE_DN_AT );
+            
+            if ( attribute != null )
+            {
+                basedn = attribute.getString();
+            }
+            
 
             catalog.put( name, basedn );
         }

Added: directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/ContextOperation.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/ContextOperation.java?rev=681578&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/ContextOperation.java (added)
+++ directory/apacheds/branches/bigbang/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/ContextOperation.java Thu Jul 31 18:20:21 2008
@@ -0,0 +1,46 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.protocol.shared.store;
+
+
+import java.io.Serializable;
+
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+
+/**
+ * Interface to support the command pattern with JNDI contexts.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public interface ContextOperation extends Serializable
+{
+    /**
+     * The command pattern execute method.
+     * 
+     * @param session The CoreSession to execute the command with
+     * @param baseDn The base DN for working with the context
+     * @return Object The result returned by the command
+     * @throws Exception The exception thrown by the command
+     */
+    public Object execute( CoreSession session, LdapDN baseDn ) throws Exception;
+}

Modified: directory/apacheds/branches/bigbang/server-integ/src/main/java/org/apache/directory/server/integ/LdapServerFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/server-integ/src/main/java/org/apache/directory/server/integ/LdapServerFactory.java?rev=681578&r1=681577&r2=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/server-integ/src/main/java/org/apache/directory/server/integ/LdapServerFactory.java (original)
+++ directory/apacheds/branches/bigbang/server-integ/src/main/java/org/apache/directory/server/integ/LdapServerFactory.java Thu Jul 31 18:20:21 2008
@@ -26,11 +26,11 @@
 import org.apache.directory.server.core.DirectoryService;
 import org.apache.directory.server.core.integ.IntegrationUtils;
 import org.apache.directory.server.newldap.LdapServer;
-import org.apache.directory.server.newldap.handlers.bind.CramMd5MechanismHandler;
-import org.apache.directory.server.newldap.handlers.bind.DigestMd5MechanismHandler;
-import org.apache.directory.server.newldap.handlers.bind.GssapiMechanismHandler;
 import org.apache.directory.server.newldap.handlers.bind.MechanismHandler;
 import org.apache.directory.server.newldap.handlers.bind.SimpleMechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.cramMD5.CramMd5MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.digestMD5.DigestMd5MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.gssapi.GssapiMechanismHandler;
 import org.apache.directory.server.newldap.handlers.bind.ntlm.NtlmMechanismHandler;
 import org.apache.directory.server.newldap.handlers.extended.StartTlsHandler;
 import org.apache.directory.server.newldap.handlers.extended.StoredProcedureExtendedOperationHandler;

Modified: directory/apacheds/branches/bigbang/server-unit/src/main/java/org/apache/directory/server/unit/AbstractServerTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/server-unit/src/main/java/org/apache/directory/server/unit/AbstractServerTest.java?rev=681578&r1=681577&r2=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/server-unit/src/main/java/org/apache/directory/server/unit/AbstractServerTest.java (original)
+++ directory/apacheds/branches/bigbang/server-unit/src/main/java/org/apache/directory/server/unit/AbstractServerTest.java Thu Jul 31 18:20:21 2008
@@ -47,11 +47,11 @@
 import org.apache.directory.server.core.DirectoryService;
 import org.apache.directory.server.core.jndi.CoreContextFactory;
 import org.apache.directory.server.newldap.LdapServer;
-import org.apache.directory.server.newldap.handlers.bind.CramMd5MechanismHandler;
-import org.apache.directory.server.newldap.handlers.bind.DigestMd5MechanismHandler;
-import org.apache.directory.server.newldap.handlers.bind.GssapiMechanismHandler;
 import org.apache.directory.server.newldap.handlers.bind.MechanismHandler;
-import org.apache.directory.server.newldap.handlers.bind.SimpleMechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.plain.PlainMechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.cramMD5.CramMd5MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.digestMD5.DigestMd5MechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.gssapi.GssapiMechanismHandler;
 import org.apache.directory.server.newldap.handlers.bind.ntlm.NtlmMechanismHandler;
 import org.apache.directory.server.newldap.handlers.extended.StartTlsHandler;
 import org.apache.directory.server.newldap.handlers.extended.StoredProcedureExtendedOperationHandler;
@@ -280,7 +280,7 @@
     {
         Map<String, MechanismHandler> mechanismHandlerMap = new HashMap<String,MechanismHandler>();
 
-        mechanismHandlerMap.put( SupportedSaslMechanisms.PLAIN, new SimpleMechanismHandler() );
+        mechanismHandlerMap.put( SupportedSaslMechanisms.PLAIN, new PlainMechanismHandler() );
 
         CramMd5MechanismHandler cramMd5MechanismHandler = new CramMd5MechanismHandler();
         mechanismHandlerMap.put( SupportedSaslMechanisms.CRAM_MD5, cramMd5MechanismHandler );
@@ -392,7 +392,6 @@
         }
         catch ( Exception e )
         {
-            e.printStackTrace();
         }
 
         sysRoot = null;

Modified: directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/DITUtilitiesSP.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/DITUtilitiesSP.java?rev=681578&r1=681577&r2=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/DITUtilitiesSP.java (original)
+++ directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/DITUtilitiesSP.java Thu Jul 31 18:20:21 2008
@@ -20,12 +20,12 @@
 package org.apache.directory.server;
 
 import javax.naming.Name;
-import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
-import javax.naming.ldap.LdapContext;
 
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.entry.ClonedServerEntry;
+import org.apache.directory.server.core.filtering.EntryFilteringCursor;
+import org.apache.directory.shared.ldap.message.AliasDerefMode;
 import org.apache.directory.shared.ldap.name.LdapDN;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -48,17 +48,21 @@
      *        the subtree to be deleted
      * @throws NamingException
      */
-    public static void deleteSubtree( LdapContext ctx, Name rdn ) throws NamingException
+    public static void deleteSubtree( CoreSession session, Name rdn ) throws Exception
     {
-        NamingEnumeration results = ctx.search( rdn, "(objectClass=*)", new SearchControls() );
-        while ( results.hasMore() )
+        EntryFilteringCursor results = session.list( (LdapDN)rdn, AliasDerefMode.DEREF_ALWAYS, null );
+        
+        results.beforeFirst();
+        
+        while ( results.next() )
         {
-            SearchResult result = ( SearchResult ) results.next();
-            Name childRdn = new LdapDN( result.getName() );
+            ClonedServerEntry result = results.get();
+            Name childRdn = result.getDn();
             childRdn.remove( 0 );
-            deleteSubtree( ctx, childRdn );
+            deleteSubtree( session, childRdn );
         }
-        ctx.destroySubcontext( rdn );
+        
+        session.delete( (LdapDN)rdn );
         log.info( "Deleted: " + rdn );
     }
 }

Modified: directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/SaslBindITest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/SaslBindITest.java?rev=681578&r1=681577&r2=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/SaslBindITest.java (original)
+++ directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/SaslBindITest.java Thu Jul 31 18:20:21 2008
@@ -24,6 +24,7 @@
 import java.util.Hashtable;
 import java.util.Set;
 
+import javax.naming.AuthenticationException;
 import javax.naming.Context;
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
@@ -32,7 +33,6 @@
 import javax.naming.directory.DirContext;
 import javax.naming.directory.InitialDirContext;
 
-import org.apache.commons.lang.ArrayUtils;
 import org.apache.commons.net.SocketClient;
 import org.apache.directory.server.core.entry.DefaultServerEntry;
 import org.apache.directory.server.core.entry.ServerEntry;
@@ -53,6 +53,7 @@
 import org.apache.directory.shared.ldap.message.ResultCodeEnum;
 import org.apache.directory.shared.ldap.message.spi.BinaryAttributeDetector;
 import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.util.ArrayUtils;
 import org.apache.mina.common.IoSession;
 
 import org.junit.After;
@@ -99,6 +100,7 @@
 
         attrs = getPersonAttributes( "Nelson", "Horatio Nelson", "hnelson", "secret" );
         users.createSubcontext( "uid=hnelson", attrs );
+        directoryService.setAllowAnonymousAccess( true );
     }
 
 
@@ -202,6 +204,12 @@
     {
         try
         {
+            // We have to tell the server that it should accept anonymous
+            // auth, because we are reading the rootDSE
+            ldapServer.setAllowAnonymousAccess( true );
+            directoryService.setAllowAnonymousAccess( true );
+            
+            // Point on rootDSE
             DirContext context = new InitialDirContext();
 
             Attributes attrs = context.getAttributes( "ldap://localhost:" + port, new String[]
@@ -224,144 +232,11 @@
     }
 
 
-    /**
-     * Tests to make sure we still have anonymous access to the RootDSE.  The
-     * configuration for this testcase MUST disable anonymous access.
-     */
-    @Test
-    public void testAnonymousRootDSE()
-    {
-        try
-        {
-            Hashtable<String, String> env = new Hashtable<String, String>();
-            env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
-            env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
-
-            DirContext context = new InitialDirContext( env );
-
-            String[] attrIDs =
-                { "vendorName" };
-
-            Attributes attrs = context.getAttributes( "", attrIDs );
-
-            String vendorName = null;
-
-            if ( attrs.get( "vendorName" ) != null )
-            {
-                vendorName = ( String ) attrs.get( "vendorName" ).get();
-            }
-
-            assertEquals( "Apache Software Foundation", vendorName );
-        }
-        catch ( NamingException e )
-        {
-            fail( "Should not have caught exception." );
-        }
-    }
-
-
-    /**
-     * Tests to make sure binds below the RootDSE require authentication.
-     */
-    @Test
-    public void testAnonymousBelowRootDSE()
-    {
-        try
-        {
-            Hashtable<String, String> env = new Hashtable<String, String>();
-            env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
-            env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
-
-            DirContext context = new InitialDirContext( env );
-
-            String[] attrIDs =
-                { "vendorName" };
-
-            context.getAttributes( "dc=example,dc=com", attrIDs );
-
-            fail( "Should not have gotten here." );
-        }
-        catch ( NamingException e )
-        {
-            assertTrue( e.getMessage().contains( "Anonymous binds have been disabled!" ) );
-        }
-    }
-
-
-    /**
-     * Tests to make sure SIMPLE binds below the RootDSE work.
-     */
-    @Test
-    public void testSimpleBindBelowRootDSE()
-    {
-        try
-        {
-            Hashtable<String, String> env = new Hashtable<String, String>();
-            env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
-            env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
-
-            env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-            env.put( Context.SECURITY_PRINCIPAL, "uid=hnelson,ou=users,dc=example,dc=com" );
-            env.put( Context.SECURITY_CREDENTIALS, "secret" );
-
-            DirContext context = new InitialDirContext( env );
-
-            String[] attrIDs =
-                { "uid" };
-
-            Attributes attrs = context.getAttributes( "uid=hnelson,ou=users,dc=example,dc=com", attrIDs );
-
-            String uid = null;
-
-            if ( attrs.get( "uid" ) != null )
-            {
-                uid = ( String ) attrs.get( "uid" ).get();
-            }
-
-            assertEquals( uid, "hnelson" );
-        }
-        catch ( NamingException e )
-        {
-            fail( "Should not have caught exception." );
-        }
-    }
-
-
-    /**
-     * Tests to make sure SIMPLE binds below the RootDSE fail if the password is bad.
-     */
-    @Test
-    public void testSimpleBindBadPassword()
-    {
-        try
-        {
-            Hashtable<String, String> env = new Hashtable<String, String>();
-            env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
-            env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
-
-            env.put( Context.SECURITY_AUTHENTICATION, "simple" );
-            env.put( Context.SECURITY_PRINCIPAL, "uid=hnelson,ou=users,dc=example,dc=com" );
-            env.put( Context.SECURITY_CREDENTIALS, "badsecret" );
-
-            DirContext context = new InitialDirContext( env );
-
-            String[] attrIDs =
-                { "uid" };
-
-            context.getAttributes( "uid=hnelson,ou=users,dc=example,dc=com", attrIDs );
-
-            fail( "Should not have gotten here." );
-        }
-        catch ( NamingException e )
-        {
-            assertTrue( e.getMessage().contains( "Bind failed" ) );
-        }
-    }
 
 
     /**
      * Tests to make sure DIGEST-MD5 binds below the RootDSE work.
-     */
+     *
     @Test
     public void testSaslDigestMd5Bind() throws Exception
     {
@@ -399,7 +274,7 @@
 
     /**
      * Tests to make sure DIGEST-MD5 binds below the RootDSE fail if the realm is bad.
-     */
+     *
     @Test
     public void testSaslDigestMd5BindBadRealm()
     {
@@ -437,7 +312,7 @@
 
     /**
      * Tests to make sure DIGEST-MD5 binds below the RootDSE fail if the password is bad.
-     */
+     *
     @Test
     public void testSaslDigestMd5BindBadPassword()
     {
@@ -467,80 +342,11 @@
     }
 
 
-    /**
-     * Tests to make sure CRAM-MD5 binds below the RootDSE work.
-     */
-    @Test
-    public void testSaslCramMd5Bind()
-    {
-        try
-        {
-            Hashtable<String, String> env = new Hashtable<String, String>();
-            env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
-            env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
-
-            env.put( Context.SECURITY_AUTHENTICATION, "CRAM-MD5" );
-            env.put( Context.SECURITY_PRINCIPAL, "hnelson" );
-            env.put( Context.SECURITY_CREDENTIALS, "secret" );
-
-            DirContext context = new InitialDirContext( env );
-
-            String[] attrIDs =
-                { "uid" };
-
-            Attributes attrs = context.getAttributes( "uid=hnelson,ou=users,dc=example,dc=com", attrIDs );
-
-            String uid = null;
-
-            if ( attrs.get( "uid" ) != null )
-            {
-                uid = ( String ) attrs.get( "uid" ).get();
-            }
-
-            assertEquals( uid, "hnelson" );
-        }
-        catch ( NamingException e )
-        {
-            fail( "Should not have caught exception." );
-        }
-    }
-
-
-    /**
-     * Tests to make sure CRAM-MD5 binds below the RootDSE fail if the password is bad.
-     */
-    @Test
-    public void testSaslCramMd5BindBadPassword()
-    {
-        try
-        {
-            Hashtable<String, String> env = new Hashtable<String, String>();
-            env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
-            env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
-
-            env.put( Context.SECURITY_AUTHENTICATION, "CRAM-MD5" );
-            env.put( Context.SECURITY_PRINCIPAL, "hnelson" );
-            env.put( Context.SECURITY_CREDENTIALS, "badsecret" );
-
-            DirContext context = new InitialDirContext( env );
-
-            String[] attrIDs =
-                { "uid" };
-
-            context.getAttributes( "uid=hnelson,ou=users,dc=example,dc=com", attrIDs );
-
-            fail( "Should have thrown exception." );
-        }
-        catch ( NamingException e )
-        {
-            assertTrue( e.getMessage().contains( "Invalid response" ) );
-        }
-    }
 
 
     /**
      * Tests that the plumbing for NTLM bind works.
-     */
+     *
     @Test
     public void testNtlmBind() throws Exception
     {
@@ -560,7 +366,7 @@
 
     /**
      * Tests that the plumbing for NTLM bind works.
-     */
+     *
     @Test
     public void testGssSpnegoBind() throws Exception
     {
@@ -575,7 +381,7 @@
         assertEquals( 2, finalResponse.getMessageId() );
         assertEquals( ResultCodeEnum.SUCCESS, finalResponse.getLdapResult().getResultCode() );
         assertTrue( ArrayUtils.isEquals( "type3_test".getBytes(), provider.getType3Response() ) );
-    }
+    }*/
 
 
     class BogusNtlmProvider implements NtlmProvider

Modified: directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/operations/bind/SaslBindITest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/operations/bind/SaslBindITest.java?rev=681578&r1=681577&r2=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/operations/bind/SaslBindITest.java (original)
+++ directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/operations/bind/SaslBindITest.java Thu Jul 31 18:20:21 2008
@@ -23,8 +23,11 @@
 import java.util.Hashtable;
 import java.util.Set;
 
+import javax.naming.AuthenticationNotSupportedException;
+import javax.naming.Context;
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
+import javax.naming.NoPermissionException;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.naming.directory.DirContext;
@@ -36,6 +39,7 @@
 import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmIndex;
 import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition;
 import org.apache.directory.server.newldap.handlers.bind.ntlm.NtlmMechanismHandler;
+import org.apache.directory.server.newldap.handlers.bind.plain.PlainMechanismHandler;
 import org.apache.directory.server.unit.AbstractServerTest;
 import org.apache.directory.server.xdbm.Index;
 import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
@@ -45,8 +49,6 @@
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
-//import static org.junit.Assert.assertTrue;
-//import static org.junit.Assert.fail;
 
 
 /**
@@ -125,10 +127,16 @@
          NtlmMechanismHandler ntlmMechanismHandler = new NtlmMechanismHandler();
          //ntlmMechanismHandler.setNtlmProvider( provider  );
          
+         // Inject the NTLM MechanismHandler
          ldapServer.removeSaslMechanismHandler( SupportedSaslMechanisms.NTLM );
          ldapServer.addSaslMechanismHandler( SupportedSaslMechanisms.NTLM, ntlmMechanismHandler );
          ldapServer.removeSaslMechanismHandler( SupportedSaslMechanisms.GSS_SPNEGO );
          ldapServer.addSaslMechanismHandler( SupportedSaslMechanisms.GSS_SPNEGO, ntlmMechanismHandler );
+         
+         // Inject the PLAIN MechanismHandler
+         PlainMechanismHandler plainMechanismHandler = new PlainMechanismHandler();
+         ldapServer.removeSaslMechanismHandler( SupportedSaslMechanisms.PLAIN );
+         ldapServer.addSaslMechanismHandler( SupportedSaslMechanisms.PLAIN, plainMechanismHandler );
      }
 
      
@@ -214,4 +222,177 @@
              fail( "Should not have caught exception." );
          }
      }
+     
+     
+     /**
+      * Tests to make sure PLAIN-binds works
+      */
+     @Test
+     public void testSaslBindPLAIN()
+     {
+         try
+         {
+             Hashtable<String, String> env = new Hashtable<String, String>();
+             env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+             env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
+
+             env.put( Context.SECURITY_AUTHENTICATION, "PLAIN" );
+             env.put( Context.SECURITY_PRINCIPAL, "uid=hnelson,ou=users,dc=example,dc=com" );
+             env.put( Context.SECURITY_CREDENTIALS, "secret" );
+
+             DirContext context = new InitialDirContext( env );
+
+             String[] attrIDs =
+                 { "uid" };
+
+             Attributes attrs = context.getAttributes( "uid=hnelson,ou=users,dc=example,dc=com", attrIDs );
+             String uid = null;
+
+             if ( attrs.get( "uid" ) != null )
+             {
+                 uid = ( String ) attrs.get( "uid" ).get();
+             }
+
+             assertEquals( uid, "hnelson" );
+         }
+         catch ( NamingException e )
+         {
+             fail( "Should not have caught exception." );
+         }
+     }
+
+
+     /**
+      * Test a SASL bind with an empty mechanism 
+      */
+     @Test
+     public void testSaslBindNoMech()
+     {
+         try
+         {
+             Hashtable<String, String> env = new Hashtable<String, String>();
+             env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+             env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
+
+             env.put( Context.SECURITY_AUTHENTICATION, "" );
+             env.put( Context.SECURITY_PRINCIPAL, "uid=hnelson,ou=users,dc=example,dc=com" );
+             env.put( Context.SECURITY_CREDENTIALS, "secret" );
+
+             new InitialDirContext( env );
+             fail( "Should not be there" );
+         }
+         catch ( AuthenticationNotSupportedException anse )
+         {
+             assertTrue( true );
+         }
+         catch ( NamingException ne )
+         {
+             fail( "Should not have caught exception." );
+         }
+     }
+
+
+     /**
+      * Tests to make sure binds below the RootDSE require authentication.
+      */
+     @Test
+     public void testAnonymousBelowRootDSE()
+     {
+         directoryService.setAllowAnonymousAccess( false );
+         
+         try
+         {
+             Hashtable<String, String> env = new Hashtable<String, String>();
+             env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+             env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
+
+             DirContext context = new InitialDirContext( env );
+
+             String[] attrIDs =
+                 { "vendorName" };
+
+             context.getAttributes( "dc=example,dc=com", attrIDs );
+
+             fail( "Should not have gotten here." );
+         }
+         catch ( NoPermissionException npe )
+         {
+             assertTrue( npe.getMessage().contains( "[LDAP: error code 50 - failed on search operation: Attempted operation by unauthenticated caller.]" ) );
+         }
+         catch ( NamingException ne )
+         {
+             fail( "Should not have gotten here" );
+         }
+     }
+
+
+     /**
+      * Tests to make sure CRAM-MD5 binds below the RootDSE work.
+      */
+     @Test
+     public void testSaslCramMd5Bind()
+     {
+         try
+         {
+             Hashtable<String, String> env = new Hashtable<String, String>();
+             env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+             env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
+
+             env.put( Context.SECURITY_AUTHENTICATION, "CRAM-MD5" );
+             env.put( Context.SECURITY_PRINCIPAL, "hnelson" );
+             env.put( Context.SECURITY_CREDENTIALS, "secret" );
+
+             DirContext context = new InitialDirContext( env );
+
+             String[] attrIDs =
+                 { "uid" };
+
+             Attributes attrs = context.getAttributes( "uid=hnelson,ou=users,dc=example,dc=com", attrIDs );
+
+             String uid = null;
+
+             if ( attrs.get( "uid" ) != null )
+             {
+                 uid = ( String ) attrs.get( "uid" ).get();
+             }
+
+             assertEquals( uid, "hnelson" );
+         }
+         catch ( NamingException e )
+         {
+             fail( "Should not have caught exception." );
+         }
+     }
+     
+     
+     /**
+      * Tests to make sure CRAM-MD5 binds below the RootDSE fail if the password is bad.
+      */
+     @Test
+     public void testSaslCramMd5BindBadPassword()
+     {
+         try
+         {
+             Hashtable<String, String> env = new Hashtable<String, String>();
+             env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+             env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
+
+             env.put( Context.SECURITY_AUTHENTICATION, "CRAM-MD5" );
+             env.put( Context.SECURITY_PRINCIPAL, "hnelson" );
+             env.put( Context.SECURITY_CREDENTIALS, "badsecret" );
+
+             DirContext context = new InitialDirContext( env );
+
+             String[] attrIDs =
+                 { "uid" };
+
+             context.getAttributes( "uid=hnelson,ou=users,dc=example,dc=com", attrIDs );
+
+             fail( "Should have thrown exception." );
+         }
+         catch ( NamingException e )
+         {
+             assertTrue( e.getMessage().contains( "Invalid response" ) );
+         }
+     }
 }

Modified: directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/operations/bind/SimpleBindITest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/operations/bind/SimpleBindITest.java?rev=681578&r1=681577&r2=681578&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/operations/bind/SimpleBindITest.java (original)
+++ directory/apacheds/branches/bigbang/server-unit/src/test/java/org/apache/directory/server/operations/bind/SimpleBindITest.java Thu Jul 31 18:20:21 2008
@@ -417,4 +417,43 @@
     		fail();
     	}
     }    
+
+
+    /**
+     * Tests to make sure we still have anonymous access to the RootDSE.
+     * The configuration for this test case MUST disable anonymous access.
+     */
+    @Test
+    public void testAnonymousRootDSE()
+    {
+        directoryService.setAllowAnonymousAccess( false );
+
+        try
+        {
+            Hashtable<String, String> env = new Hashtable<String, String>();
+            env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+            env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
+
+            DirContext context = new InitialDirContext( env );
+
+            String[] attrIDs =
+                { "vendorName" };
+
+            Attributes attrs = context.getAttributes( "", attrIDs );
+
+            String vendorName = null;
+
+            if ( attrs.get( "vendorName" ) != null )
+            {
+                vendorName = ( String ) attrs.get( "vendorName" ).get();
+            }
+
+            assertEquals( "Apache Software Foundation", vendorName );
+        }
+        catch ( NamingException e )
+        {
+            e.printStackTrace();
+            fail( "Should not have caught exception." );
+        }
+    }
 }



Mime
View raw message