directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r720084 - in /directory/apacheds/branches/apacheds-mina2: core/src/main/java/org/apache/directory/server/core/ core/src/main/java/org/apache/directory/server/core/partition/ core/src/test/java/org/apache/directory/server/core/authz/support/...
Date Mon, 24 Nov 2008 01:10:26 GMT
Author: elecharny
Date: Sun Nov 23 17:10:26 2008
New Revision: 720084

URL: http://svn.apache.org/viewvc?rev=720084&view=rev
Log:
o Added the code which will remove the userPassword from the entries when doing a search.
(DIRSERVER-997)
o Added some comment and Javadoc
o Added some defensive code in Partition to be sure that a newly added partition is contained
into the NamingContexts

Modified:
    directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
    directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DirectoryService.java
    directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java
    directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexus.java
    directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
    directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java
    directory/apacheds/branches/apacheds-mina2/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/SearchHandler.java

Modified: directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java?rev=720084&r1=720083&r2=720084&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
Sun Nov 23 17:10:26 2008
@@ -162,6 +162,9 @@
     
     /** The referral manager */
     private ReferralManager referralManager;
+    
+    /** A flag to tell if the userPassword attribute's value must be hidden */
+    private boolean passwordHidden = false;
 
     /** remove me after implementation is completed */
     private static final String PARTIAL_IMPL_WARNING =
@@ -1536,4 +1539,22 @@
     {
         this.eventService = eventService;
     }
+    
+    
+    /**
+     * {@inheritDoc}
+     */
+    public boolean isPasswordHidden()
+    {
+        return passwordHidden;
+    }
+    
+    
+    /**
+     * {@inheritDoc}
+     */
+    public void setPassordHidden( boolean passwordHidden )
+    {
+        this.passwordHidden = passwordHidden;
+    }
 }

Modified: directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DirectoryService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DirectoryService.java?rev=720084&r1=720083&r2=720084&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DirectoryService.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/DirectoryService.java
Sun Nov 23 17:10:26 2008
@@ -254,6 +254,15 @@
 
 
     /**
+     * Returns <tt>true</tt> if the service requires the userPassword attribute
+     * to be masked. It's an option in the server.xml file.
+     *
+     * @return true if the service requires that the userPassword is to be hidden
+     */
+    boolean isPasswordHidden();
+
+    
+    /**
      * Sets whether to allow anonymous access to entries other than the RootDSE.  If the
      * access control subsystem is enabled then access to some entries may not be allowed
      * even when full anonymous access is enabled.
@@ -264,6 +273,14 @@
 
 
     /**
+     * Sets whether the userPassword attribute is readable, or hidden.
+     *
+     * @param passwordHidden true to enable hide the userPassword attribute, false otherwise
+     */
+    void setPassordHidden( boolean passwordHidden );
+
+
+    /**
      * Returns interceptors in the server.
      *
      * @return the interceptors in the server.

Modified: directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java?rev=720084&r1=720083&r2=720084&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java
Sun Nov 23 17:10:26 2008
@@ -644,21 +644,43 @@
     }
 
 
+    /**
+     * {@inheritDoc}
+     */
     public synchronized void removeContextPartition( RemoveContextPartitionOperationContext
removeContextPartition ) throws Exception
     {
+    	// Get the Partition name. It's a DN.
         String key = removeContextPartition.getDn().getNormName();
+        
+        // Retrieve this partition from the aprtition's table
         Partition partition = partitions.get( key );
         
         if ( partition == null )
         {
-            throw new NameNotFoundException( "No partition with suffix: " + key );
+            String msg = "No partition with suffix: " + key;
+            LOG.error( msg );
+            throw new NameNotFoundException( msg );
         }
+        
+        String partitionSuffix = partition.getUpSuffixDn().getUpName();
 
+        // Retrieve the namingContexts from the RootDSE : the partition
+        // suffix must be present in those namingContexts
         EntryAttribute namingContexts = rootDSE.get( SchemaConstants.NAMING_CONTEXTS_AT );
         
         if ( namingContexts != null )
         {
-            namingContexts.remove( partition.getUpSuffixDn().getUpName() );
+            if ( namingContexts.contains( partitionSuffix ) )
+            {
+                namingContexts.remove( partitionSuffix );
+            }
+            else
+            {
+                String msg = "No partition with suffix '" + key + 
+                                    "' can be found in the NamingContexts";
+                LOG.error( msg );
+                throw new NameNotFoundException( msg );
+            }
         }
 
         // Update the partition tree

Modified: directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexus.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexus.java?rev=720084&r1=720083&r2=720084&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexus.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexus.java
Sun Nov 23 17:10:26 2008
@@ -183,6 +183,12 @@
     public abstract void addContextPartition( AddContextPartitionOperationContext opContext
) throws Exception;
 
 
+    /**
+     * Remove a partition from the server.
+     * 
+     * @param opContext The Remove Partition context
+     * @throws Exception If the removal can't be done
+     */
     public abstract void removeContextPartition( RemoveContextPartitionOperationContext opContext
) throws Exception;
 
 

Modified: directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java?rev=720084&r1=720083&r2=720084&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
Sun Nov 23 17:10:26 2008
@@ -815,6 +815,15 @@
         public void setEventService( EventService eventService )
         {
         }
+        
+        public boolean isPasswordHidden()
+        {
+            return false;
+        }
+        
+        public void setPassordHidden( boolean passwordHidden )
+        {
+        }
     }
 
     

Modified: directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java?rev=720084&r1=720083&r2=720084&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java
Sun Nov 23 17:10:26 2008
@@ -622,5 +622,16 @@
             // TODO Auto-generated method stub
             
         }
+
+        
+        public boolean isPasswordHidden()
+        {
+            return false;
+        }
+        
+        
+        public void setPassordHidden( boolean passwordHidden )
+        {
+        }
     }
 }

Modified: directory/apacheds/branches/apacheds-mina2/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/SearchHandler.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/apacheds-mina2/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/SearchHandler.java?rev=720084&r1=720083&r2=720084&view=diff
==============================================================================
--- directory/apacheds/branches/apacheds-mina2/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/SearchHandler.java
(original)
+++ directory/apacheds/branches/apacheds-mina2/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/SearchHandler.java
Sun Nov 23 17:10:26 2008
@@ -439,8 +439,9 @@
         EntryAttribute ref = entry.getOriginalEntry().get( SchemaConstants.REF_AT );
         boolean hasManageDsaItControl = req.getControls().containsKey( ManageDsaITControl.CONTROL_OID
);
 
-        if ( ref != null && ! hasManageDsaItControl )
+        if ( ( ref != null ) && ! hasManageDsaItControl )
         {
+            // The entry is a referral.
             SearchResponseReference respRef;
             respRef = new SearchResponseReferenceImpl( req.getMessageId() );
             respRef.setReferral( new ReferralImpl() );
@@ -470,9 +471,11 @@
                     case SUBTREE:
                         ldapUrl.setScope( SearchScope.SUBTREE.getJndiScope() );
                         break;
+                        
                     case ONELEVEL: // one level here is object level on remote server
                         ldapUrl.setScope( SearchScope.OBJECT.getJndiScope() );
                         break;
+                        
                     default:
                         throw new IllegalStateException( "Unexpected base scope." );
                 }
@@ -484,11 +487,19 @@
         }
         else 
         {
+            // The entry is not a referral, or the ManageDsaIt control is set
             SearchResponseEntry respEntry;
             respEntry = new SearchResponseEntryImpl( req.getMessageId() );
             respEntry.setEntry( entry );
             respEntry.setObjectName( entry.getDn() );
             
+            // Filter the userPassword if the server mandate to do so
+            if ( session.getCoreSession().getDirectoryService().isPasswordHidden() )
+            {
+                // Remove the userPassord attribute from the entry.
+                respEntry.getEntry().removeAttributes( SchemaConstants.USER_PASSWORD_AT );
+            }
+            
             return respEntry;
         }
     }



Mime
View raw message