directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r950470 - in /directory: apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/interceptor/context/ apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/operations/bind/ apacheds/trunk/core/src/main/java...
Date Wed, 02 Jun 2010 10:19:27 GMT
Author: elecharny
Date: Wed Jun  2 10:19:26 2010
New Revision: 950470

URL: http://svn.apache.org/viewvc?rev=950470&view=rev
Log:
o Added loggers and logs in authenticator classes
o the getAuthenticationLevel() and authenticate() methods now throw a LdapException instead
of a NamingException
o The authenticatorType is now an enum, not a String
o Added missing Javadoc

Modified:
    directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/interceptor/context/BindOperationContext.java
    directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/operations/bind/SimpleBindIT.java
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AnonymousAuthenticator.java
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/Authenticator.java
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java
    directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/StrongAuthenticator.java
    directory/shared/trunk/ldap-constants/src/main/java/org/apache/directory/shared/ldap/constants/AuthenticationLevel.java

Modified: directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/interceptor/context/BindOperationContext.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/interceptor/context/BindOperationContext.java?rev=950470&r1=950469&r2=950470&view=diff
==============================================================================
--- directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/interceptor/context/BindOperationContext.java
(original)
+++ directory/apacheds/trunk/core-api/src/main/java/org/apache/directory/server/core/interceptor/context/BindOperationContext.java
Wed Jun  2 10:19:26 2010
@@ -34,11 +34,14 @@ import org.apache.directory.server.core.
 import org.apache.directory.server.i18n.I18n;
 import org.apache.directory.shared.ldap.codec.MessageTypeEnum;
 import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
-import org.apache.directory.shared.ldap.entry.Modification;
 import org.apache.directory.shared.ldap.entry.Entry;
+import org.apache.directory.shared.ldap.entry.Modification;
+import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
 import org.apache.directory.shared.ldap.message.control.Control;
 import org.apache.directory.shared.ldap.name.DN;
 import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 
 /**
@@ -50,6 +53,9 @@ import org.apache.directory.shared.ldap.
  */
 public class BindOperationContext implements OperationContext
 {
+    /** A logger for this class */
+    private static final Logger LOG = LoggerFactory.getLogger( BindOperationContext.class
);
+
     /** The password */
     private byte[] credentials;
 
@@ -106,10 +112,13 @@ public class BindOperationContext implem
      * <li>UNAUTHENT</li>
      * <li>INVALID</li>
      */
-    public AuthenticationLevel getAuthenticationLevel()
+    public AuthenticationLevel getAuthenticationLevel() throws LdapAuthenticationException
     {
+        // First check if the SASL mechanism has been set
         if ( ( saslMechanism == null ) )
         {
+            // No, it's either a SIMPLE, ANONYMOUS, UNAUTHENT or an error
+            // 
             if ( dn.isEmpty() )
             {
                 if ( StringTools.isEmpty( credentials ) )
@@ -120,7 +129,8 @@ public class BindOperationContext implem
                 else
                 {
                     // If we have a password but no DN, this is invalid 
-                    return AuthenticationLevel.INVALID;
+                    LOG.info( "Bad authentication for {}", dn );
+                    throw new LdapAuthenticationException( "Invalid authentication" );
                 }
             }
             else if ( StringTools.isEmpty( credentials ) )

Modified: directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/operations/bind/SimpleBindIT.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/operations/bind/SimpleBindIT.java?rev=950470&r1=950469&r2=950470&view=diff
==============================================================================
--- directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/operations/bind/SimpleBindIT.java
(original)
+++ directory/apacheds/trunk/core-integ/src/test/java/org/apache/directory/server/core/operations/bind/SimpleBindIT.java
Wed Jun  2 10:19:26 2010
@@ -423,11 +423,11 @@ public class SimpleBindIT extends Abstra
         }
         catch ( NameNotFoundException nnfe )
         {
-            assertTrue( true );
+            fail();
         }
-        catch ( NamingException ne )
+        catch ( AuthenticationException ne )
         {
-            fail();
+            assertTrue( true );
         }
     }
 }

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java?rev=950470&r1=950469&r2=950470&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java
Wed Jun  2 10:19:26 2010
@@ -20,8 +20,13 @@
 package org.apache.directory.server.core.authn;
 
 
+import javax.naming.NamingException;
+
 import org.apache.directory.server.core.DirectoryService;
+import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
 import org.apache.directory.shared.ldap.name.DN;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 
 /**
@@ -32,10 +37,14 @@ import org.apache.directory.shared.ldap.
  */
 public abstract class AbstractAuthenticator implements Authenticator
 {
+    /** A logger for the extending classes */
+    protected static final Logger LOG = LoggerFactory.getLogger( AbstractAuthenticator.class
);
+
+    /** The associated DirectoryService */
     private DirectoryService directoryService;
     
     /** authenticator type */
-    private final String authenticatorType;
+    private final AuthenticationLevel authenticatorType;
 
 
     /**
@@ -43,7 +52,7 @@ public abstract class AbstractAuthentica
      *
      * @param type the type of this authenticator (e.g. <tt>'simple'</tt>, <tt>'none'</tt>...)
      */
-    protected AbstractAuthenticator( String type )
+    protected AbstractAuthenticator( AuthenticationLevel type )
     {
         this.authenticatorType = type;
     }
@@ -59,7 +68,10 @@ public abstract class AbstractAuthentica
     }
     
 
-    public String getAuthenticatorType()
+    /**
+     * {@inheritDoc}
+     */
+    public AuthenticationLevel getAuthenticatorType()
     {
         return authenticatorType;
     }

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AnonymousAuthenticator.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AnonymousAuthenticator.java?rev=950470&r1=950469&r2=950470&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AnonymousAuthenticator.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AnonymousAuthenticator.java
Wed Jun  2 10:19:26 2010
@@ -40,7 +40,7 @@ public class AnonymousAuthenticator exte
      */
     public AnonymousAuthenticator()
     {
-        super( AuthenticationLevel.NONE.toString() );
+        super( AuthenticationLevel.NONE );
     }
 
 
@@ -57,6 +57,7 @@ public class AnonymousAuthenticator exte
         }
         else
         {
+            LOG.info( "Cannot authenticate as anonymous, the server does not allow it" );
             throw new LdapNoPermissionException( I18n.err( I18n.ERR_228 ) );
         }
     }

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java?rev=950470&r1=950469&r2=950470&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java
Wed Jun  2 10:19:26 2010
@@ -83,8 +83,7 @@ public class AuthenticationInterceptor e
     private static final boolean IS_DEBUG = LOG.isDebugEnabled();
 
     private Set<Authenticator> authenticators;
-    private final Map<String, Collection<Authenticator>> authenticatorsMapByType
= 
-        new HashMap<String, Collection<Authenticator>>();
+    private final Map<AuthenticationLevel, Collection<Authenticator>> authenticatorsMapByType
= new HashMap<AuthenticationLevel, Collection<Authenticator>>();
 
     private DirectoryService directoryService;
     
@@ -188,7 +187,7 @@ public class AuthenticationInterceptor e
      * @param type type of Authenticator sought
      * @return A list of Authenticators of the requested type or <tt>null</tt>
if no authenticator is found.
      */
-    private Collection<Authenticator> getAuthenticators( String type )
+    private Collection<Authenticator> getAuthenticators( AuthenticationLevel type )
     {
         Collection<Authenticator> result = authenticatorsMapByType.get( type );
 
@@ -314,7 +313,7 @@ public class AuthenticationInterceptor e
     
     private void invalidateAuthenticatorCaches( DN principalDn )
     {
-        for ( String authMech : authenticatorsMapByType.keySet() )
+        for ( AuthenticationLevel authMech : authenticatorsMapByType.keySet() )
         {
             Collection<Authenticator> authenticators = getAuthenticators( authMech
);
 
@@ -448,7 +447,7 @@ public class AuthenticationInterceptor e
             throw new LdapUnwillingToPerformException( ResultCodeEnum.UNWILLING_TO_PERFORM,
"Cannot Bind for DN " + opContext.getDn().getName() );
         }
 
-        Collection<Authenticator> authenticators = getAuthenticators( level.getName()
);
+        Collection<Authenticator> authenticators = getAuthenticators( level );
 
         if ( authenticators == null )
         {

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/Authenticator.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/Authenticator.java?rev=950470&r1=950469&r2=950470&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/Authenticator.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/Authenticator.java
Wed Jun  2 10:19:26 2010
@@ -26,6 +26,7 @@ import org.apache.directory.server.core.
 import org.apache.directory.server.core.LdapPrincipal;
 import org.apache.directory.server.core.interceptor.context.BindOperationContext;
 import org.apache.directory.server.core.partition.DefaultPartitionNexus;
+import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
 import org.apache.directory.shared.ldap.name.DN;
 
 
@@ -51,7 +52,7 @@ public interface Authenticator
      * Returns the type of this authenticator (e.g. <tt>'simple'</tt>,
      * <tt>'none'</tt>,...).
      */
-    String getAuthenticatorType();
+    AuthenticationLevel getAuthenticatorType();
 
 
     /**

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java?rev=950470&r1=950469&r2=950470&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java
Wed Jun  2 10:19:26 2010
@@ -51,16 +51,14 @@ import org.apache.directory.server.i18n.
 import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
 import org.apache.directory.shared.ldap.constants.LdapSecurityConstants;
 import org.apache.directory.shared.ldap.constants.SchemaConstants;
-import org.apache.directory.shared.ldap.entry.EntryAttribute;
 import org.apache.directory.shared.ldap.entry.Entry;
+import org.apache.directory.shared.ldap.entry.EntryAttribute;
 import org.apache.directory.shared.ldap.entry.Value;
 import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
 import org.apache.directory.shared.ldap.name.DN;
 import org.apache.directory.shared.ldap.util.Base64;
 import org.apache.directory.shared.ldap.util.StringTools;
 import org.apache.directory.shared.ldap.util.UnixCrypt;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 
 /**
@@ -75,8 +73,6 @@ import org.slf4j.LoggerFactory;
  */
 public class SimpleAuthenticator extends AbstractAuthenticator
 {
-    private static final Logger LOG = LoggerFactory.getLogger( SimpleAuthenticator.class
);
-
     /** A speedup for logger in debug mode */
     private static final boolean IS_DEBUG = LOG.isDebugEnabled();
 
@@ -137,7 +133,7 @@ public class SimpleAuthenticator extends
      */
     public SimpleAuthenticator()
     {
-        super( AuthenticationLevel.SIMPLE.toString() );
+        super( AuthenticationLevel.SIMPLE );
         credentialCache = new LRUMap( DEFAULT_CACHE_SIZE );
     }
 
@@ -148,7 +144,7 @@ public class SimpleAuthenticator extends
      */
     public SimpleAuthenticator( int cacheSize )
     {
-        super( AuthenticationLevel.SIMPLE.toString() );
+        super( AuthenticationLevel.SIMPLE );
 
         credentialCache = new LRUMap( cacheSize > 0 ? cacheSize : DEFAULT_CACHE_SIZE );
     }
@@ -191,7 +187,7 @@ public class SimpleAuthenticator extends
      * @return A byte array which can be empty if the password was not found
      * @throws Exception If we have a problem during the lookup operation
      */
-    private LdapPrincipal getStoredPassword( BindOperationContext opContext ) throws Exception
+    private LdapPrincipal getStoredPassword( BindOperationContext opContext ) throws LdapAuthenticationException
     {
         LdapPrincipal principal = null;
 
@@ -272,7 +268,7 @@ public class SimpleAuthenticator extends
      *  The stored password is always using the unsalted form, and is stored as a bytes array.
      *  </p>
      */
-    public LdapPrincipal authenticate( BindOperationContext opContext ) throws Exception
+    public LdapPrincipal authenticate( BindOperationContext opContext ) throws LdapAuthenticationException
     {
         if ( IS_DEBUG )
         {
@@ -588,7 +584,7 @@ public class SimpleAuthenticator extends
      * @return the credentials from the backend
      * @throws Exception if there are problems accessing backend
      */
-    private byte[] lookupUserPassword( BindOperationContext opContext ) throws Exception
+    private byte[] lookupUserPassword( BindOperationContext opContext ) throws LdapAuthenticationException
     {
         // ---- lookup the principal entry's userPassword attribute
         Entry userEntry;

Modified: directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/StrongAuthenticator.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/StrongAuthenticator.java?rev=950470&r1=950469&r2=950470&view=diff
==============================================================================
--- directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/StrongAuthenticator.java
(original)
+++ directory/apacheds/trunk/core/src/main/java/org/apache/directory/server/core/authn/StrongAuthenticator.java
Wed Jun  2 10:19:26 2010
@@ -20,11 +20,10 @@
 package org.apache.directory.server.core.authn;
 
 
-import javax.naming.NamingException;
-
 import org.apache.directory.server.core.LdapPrincipal;
 import org.apache.directory.server.core.interceptor.context.BindOperationContext;
 import org.apache.directory.shared.ldap.constants.AuthenticationLevel;
+import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
 
 
 /**
@@ -43,15 +42,15 @@ public class StrongAuthenticator extends
      */
     public StrongAuthenticator()
     {
-        super( AuthenticationLevel.STRONG.toString() );
+        super( AuthenticationLevel.STRONG );
     }
 
 
     /**
-     * User has already been authenticated during SASL negotiation.  Set the authentication
level
+     * User has already been authenticated during SASL negotiation. Set the authentication
level
      * to strong and return an {@link LdapPrincipal}.
      */
-    public LdapPrincipal authenticate( BindOperationContext opContext ) throws NamingException
+    public LdapPrincipal authenticate( BindOperationContext opContext ) throws LdapAuthenticationException
     {
         // Possibly check if user account is disabled, other account checks.
         return new LdapPrincipal( opContext.getDn(), AuthenticationLevel.STRONG );

Modified: directory/shared/trunk/ldap-constants/src/main/java/org/apache/directory/shared/ldap/constants/AuthenticationLevel.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap-constants/src/main/java/org/apache/directory/shared/ldap/constants/AuthenticationLevel.java?rev=950470&r1=950469&r2=950470&view=diff
==============================================================================
--- directory/shared/trunk/ldap-constants/src/main/java/org/apache/directory/shared/ldap/constants/AuthenticationLevel.java
(original)
+++ directory/shared/trunk/ldap-constants/src/main/java/org/apache/directory/shared/ldap/constants/AuthenticationLevel.java
Wed Jun  2 10:19:26 2010
@@ -23,7 +23,13 @@ import org.apache.directory.shared.i18n.
 
 
 /**
- * An enumeration that represents the level of authentication.
+ * An enumeration that represents the level of authentication. We have 5 
+ * different levels :
+ * <ul>
+ * <li>NONE : anonymous</li>
+ * <li>SIMPLE : Simple authentication</li>
+ * <li>STRONG : SASL or external authentication</li>
+ * <li>UNAUTHENT>A special case when just doing some auditing</li>
  * 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
@@ -31,11 +37,6 @@ import org.apache.directory.shared.i18n.
 public enum AuthenticationLevel
 {
     /**
-     * Invalid authentication type
-     */
-    INVALID(-1, "invalid" ),
-    
-    /**
      * No authentication (anonymous access)
      */
     NONE( 0, "none" ),
@@ -55,8 +56,10 @@ public enum AuthenticationLevel
      */
     UNAUTHENT( 3, "unauthent" );
     
+    /** The internal numeric value */
     private int level;
     
+    /** The level name */
     private final String name;
 
     private AuthenticationLevel( int level, String name )
@@ -83,12 +86,22 @@ public enum AuthenticationLevel
     }
 
 
+    /**
+     * {@inheritDoc}
+     */
     public String toString()
     {
         return name;
     }
-    
-    
+
+
+    /**
+     * Return the AuthenticationLevel  associated with the given numeric level. This
+     * is used by the serialization process.
+     *
+     * @param val The numeric level we are looking at
+     * @return The associated AuthenticationLevel
+     */
     public static AuthenticationLevel getLevel( int val )
     {
         switch( val )



Mime
View raw message