directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r691266 - in /directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers: ./ bind/digestMD5/ bind/gssapi/ bind/ntlm/
Date Tue, 02 Sep 2008 14:37:15 GMT
Author: elecharny
Date: Tue Sep  2 07:37:15 2008
New Revision: 691266

URL: http://svn.apache.org/viewvc?rev=691266&view=rev
Log:
Removed the LdapPrincipal from the session to limit the password visibility to the minimum.

Modified:
    directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java
    directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/digestMD5/DigestMd5MechanismHandler.java
    directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/gssapi/GssapiMechanismHandler.java
    directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/ntlm/NtlmMechanismHandler.java

Modified: directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java?rev=691266&r1=691265&r2=691266&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java
(original)
+++ directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/BindHandler.java
Tue Sep  2 07:37:15 2008
@@ -468,6 +468,7 @@
                 
                 CoreSession userSession = ds.getSession( ldapPrincipal.getJndiName(), ldapPrincipal.getUserPassword(),
saslMechanism, null );
                 
+                // Set the user session into the ldap session 
                 ldapSession.setCoreSession( userSession );
                 
                 // Mark the user as authenticated
@@ -475,7 +476,6 @@
                 
                 // Call the cleanup method for the selected mechanism
                 MechanismHandler handler = (MechanismHandler)ldapSession.getSaslProperty(
SaslConstants.SASL_MECH_HANDLER );
-
                 handler.cleanup( ldapSession );
 
                 // And send a Success response

Modified: directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/digestMD5/DigestMd5MechanismHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/digestMD5/DigestMd5MechanismHandler.java?rev=691266&r1=691265&r2=691266&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/digestMD5/DigestMd5MechanismHandler.java
(original)
+++ directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/digestMD5/DigestMd5MechanismHandler.java
Tue Sep  2 07:37:15 2008
@@ -133,5 +133,6 @@
         ldapSession.removeSaslProperty( SaslConstants.SASL_USER_BASE_DN );
         ldapSession.removeSaslProperty( SaslConstants.SASL_MECH );
         ldapSession.removeSaslProperty( SaslConstants.SASL_PROPS );
+        ldapSession.removeSaslProperty( SaslConstants.SASL_AUTHENT_USER );
     }
 }

Modified: directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/gssapi/GssapiMechanismHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/gssapi/GssapiMechanismHandler.java?rev=691266&r1=691265&r2=691266&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/gssapi/GssapiMechanismHandler.java
(original)
+++ directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/gssapi/GssapiMechanismHandler.java
Tue Sep  2 07:37:15 2008
@@ -98,5 +98,6 @@
         ldapSession.removeSaslProperty( SaslConstants.SASL_USER_BASE_DN );
         ldapSession.removeSaslProperty( SaslConstants.SASL_MECH );
         ldapSession.removeSaslProperty( SaslConstants.SASL_PROPS );
+        ldapSession.removeSaslProperty( SaslConstants.SASL_AUTHENT_USER );
     }
 }

Modified: directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/ntlm/NtlmMechanismHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/ntlm/NtlmMechanismHandler.java?rev=691266&r1=691265&r2=691266&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/ntlm/NtlmMechanismHandler.java
(original)
+++ directory/apacheds/trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/ntlm/NtlmMechanismHandler.java
Tue Sep  2 07:37:15 2008
@@ -102,5 +102,6 @@
         ldapSession.removeSaslProperty( SaslConstants.SASL_USER_BASE_DN );
         ldapSession.removeSaslProperty( SaslConstants.SASL_MECH );
         ldapSession.removeSaslProperty( SaslConstants.SASL_PROPS );
+        ldapSession.removeSaslProperty( SaslConstants.SASL_AUTHENT_USER );
     }
 }
\ No newline at end of file



Mime
View raw message