directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r683215 - in /directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers: ./ bind/cramMD5/ bind/digestMD5/ bind/ntlm/
Date Wed, 06 Aug 2008 10:39:44 GMT
Author: elecharny
Date: Wed Aug  6 03:39:42 2008
New Revision: 683215

URL: http://svn.apache.org/viewvc?rev=683215&view=rev
Log:
Store a LdapPrincipal instea dof a serverEntry in the SASL_AUTHENT_USER, as we may not have
a ServerEntry for external users.

Modified:
    directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/NewBindHandler.java
    directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5CallbackHandler.java
    directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5CallbackHandler.java
    directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmSaslServer.java

Modified: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/NewBindHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/NewBindHandler.java?rev=683215&r1=683214&r2=683215&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/NewBindHandler.java
(original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/NewBindHandler.java
Wed Aug  6 03:39:42 2008
@@ -32,8 +32,8 @@
 
 import org.apache.directory.server.core.CoreSession;
 import org.apache.directory.server.core.DirectoryService;
+import org.apache.directory.server.core.authn.LdapPrincipal;
 import org.apache.directory.server.core.entry.ClonedServerEntry;
-import org.apache.directory.server.core.entry.ServerEntry;
 import org.apache.directory.server.core.interceptor.context.BindOperationContext;
 import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
 import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
@@ -464,9 +464,9 @@
             // Create the user's coreSession
             try
             {
-                ServerEntry userEntry = (ServerEntry)ldapSession.getSaslProperty( SaslConstants.SASL_AUTHENT_USER
);
+                LdapPrincipal ldapPrincipal = (LdapPrincipal)ldapSession.getSaslProperty(
SaslConstants.SASL_AUTHENT_USER );
                 
-                CoreSession userSession = ds.getSession( userEntry.getDn(), userEntry.get(
SchemaConstants.USER_PASSWORD_AT ).getBytes(), saslMechanism, null );
+                CoreSession userSession = ds.getSession( ldapPrincipal.getJndiName(), ldapPrincipal.getUserPassword(),
saslMechanism, null );
                 
                 ldapSession.setCoreSession( userSession );
                 

Modified: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5CallbackHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5CallbackHandler.java?rev=683215&r1=683214&r2=683215&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5CallbackHandler.java
(original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/cramMD5/CramMd5CallbackHandler.java
Wed Aug  6 03:39:42 2008
@@ -24,11 +24,13 @@
 import java.util.Set;
 
 import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.authn.LdapPrincipal;
 import org.apache.directory.server.core.entry.ClonedServerEntry;
 import org.apache.directory.server.core.filtering.EntryFilteringCursor;
 import org.apache.directory.server.newldap.LdapSession;
 import org.apache.directory.server.newldap.handlers.bind.AbstractSaslCallbackHandler;
 import org.apache.directory.server.newldap.handlers.bind.SaslConstants;
+import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
 import org.apache.directory.shared.ldap.constants.SchemaConstants;
 import org.apache.directory.shared.ldap.entry.EntryAttribute;
 import org.apache.directory.shared.ldap.filter.ExprNode;
@@ -39,6 +41,7 @@
 import org.apache.directory.shared.ldap.name.LdapDN;
 import org.apache.directory.shared.ldap.schema.AttributeType;
 import org.apache.directory.shared.ldap.schema.AttributeTypeOptions;
+import org.apache.directory.shared.ldap.util.StringTools;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -101,7 +104,11 @@
             while ( cursor.next() )
             {
                 entry = cursor.get();
-                ldapSession.putSaslProperty( SaslConstants.SASL_AUTHENT_USER, entry );
+                LdapPrincipal ldapPrincipal = new LdapPrincipal( 
+                    entry.getDn(), 
+                    AuthenticationLevel.STRONG, 
+                    entry.get( SchemaConstants.USER_PASSWORD_AT ).getBytes() );
+                ldapSession.putSaslProperty( SaslConstants.SASL_AUTHENT_USER, ldapPrincipal
);
             }
 
             return entry.get( passwordAT );

Modified: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5CallbackHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5CallbackHandler.java?rev=683215&r1=683214&r2=683215&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5CallbackHandler.java
(original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/digestMD5/DigestMd5CallbackHandler.java
Wed Aug  6 03:39:42 2008
@@ -24,11 +24,13 @@
 import java.util.Set;
 
 import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.authn.LdapPrincipal;
 import org.apache.directory.server.core.entry.ClonedServerEntry;
 import org.apache.directory.server.core.filtering.EntryFilteringCursor;
 import org.apache.directory.server.newldap.LdapSession;
 import org.apache.directory.server.newldap.handlers.bind.AbstractSaslCallbackHandler;
 import org.apache.directory.server.newldap.handlers.bind.SaslConstants;
+import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
 import org.apache.directory.shared.ldap.constants.SchemaConstants;
 import org.apache.directory.shared.ldap.entry.EntryAttribute;
 import org.apache.directory.shared.ldap.filter.ExprNode;
@@ -101,7 +103,11 @@
             while ( cursor.next() )
             {
                 entry = cursor.get();
-                ldapSession.putSaslProperty( SaslConstants.SASL_AUTHENT_USER, entry );
+                LdapPrincipal ldapPrincipal = new LdapPrincipal( 
+                    entry.getDn(), 
+                    AuthenticationLevel.STRONG, 
+                    entry.get( SchemaConstants.USER_PASSWORD_AT ).getBytes() );
+                ldapSession.putSaslProperty( SaslConstants.SASL_AUTHENT_USER, ldapPrincipal
);
             }
 
             return entry.get( passwordAT );

Modified: directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmSaslServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmSaslServer.java?rev=683215&r1=683214&r2=683215&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmSaslServer.java
(original)
+++ directory/apacheds/branches/bigbang/protocol-newldap/src/main/java/org/apache/directory/server/newldap/handlers/bind/ntlm/NtlmSaslServer.java
Wed Aug  6 03:39:42 2008
@@ -20,12 +20,18 @@
 package org.apache.directory.server.newldap.handlers.bind.ntlm;
 
 
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.core.interceptor.context.BindOperationContext;
 import org.apache.directory.server.newldap.LdapSession;
 import org.apache.directory.server.newldap.handlers.bind.AbstractSaslServer;
+import org.apache.directory.server.newldap.handlers.bind.SaslConstants;
 import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
 import org.apache.directory.shared.ldap.message.BindRequest;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.util.StringTools;
 
 import javax.naming.Context;
+import javax.naming.InvalidNameException;
 import javax.security.sasl.SaslException;
 
 
@@ -148,7 +154,8 @@
                 try
                 {
                     result = provider.authenticate( getLdapSession().getIoSession(), response
);
-                    getLdapSession().getIoSession().setAttribute( Context.SECURITY_PRINCIPAL,
getBindRequest().getName().toString() );
+                    
+                    getLdapSession().putSaslProperty( Context.SECURITY_PRINCIPAL, getBindRequest().getName().toString()
);
                 }
                 catch ( Exception e )
                 {
@@ -169,6 +176,21 @@
 
 
     /**
+     * Try to authenticate the usr against the underlying LDAP server.
+     */
+    private CoreSession authenticate( String user, String password ) throws InvalidNameException,
Exception
+    {
+        BindOperationContext bindContext = new BindOperationContext( getLdapSession().getCoreSession()
);
+        bindContext.setDn( new LdapDN( user ) );
+        bindContext.setCredentials( StringTools.getBytesUtf8( password ) );
+        
+        getAdminSession().getDirectoryService().getOperationManager().bind( bindContext );
+        
+        return bindContext.getSession();
+    }
+
+    
+    /**
      * {@inheritDoc}
      */
     public boolean isComplete()



Mime
View raw message