directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kayyag...@apache.org
Subject svn commit: r996470 - in /directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api: NoVerificationTrustManager.java SaslRequest.java callback/ callback/SaslCallbackHandler.java
Date Mon, 13 Sep 2010 09:38:49 GMT
Author: kayyagari
Date: Mon Sep 13 09:38:48 2010
New Revision: 996470

URL: http://svn.apache.org/viewvc?rev=996470&view=rev
Log:
o a holder for the data required for SASL request processing
o a callback handler used in SASL operations
o a blind X509 trust manager

Added:
    directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/NoVerificationTrustManager.java
    directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/SaslRequest.java
    directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/callback/
    directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/callback/SaslCallbackHandler.java

Added: directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/NoVerificationTrustManager.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/NoVerificationTrustManager.java?rev=996470&view=auto
==============================================================================
--- directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/NoVerificationTrustManager.java
(added)
+++ directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/NoVerificationTrustManager.java
Mon Sep 13 09:38:48 2010
@@ -0,0 +1,61 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+
+package org.apache.directory.ldap.client.api;
+
+
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.X509TrustManager;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * An implementation of {@link X509TrustManager} which trusts the given certificates without
verifying them.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class NoVerificationTrustManager implements X509TrustManager
+{
+
+    private static final Logger LOG = LoggerFactory.getLogger( NoVerificationTrustManager.class
);
+
+
+    public void checkClientTrusted( X509Certificate[] x509Certificates, String s ) throws
CertificateException
+    {
+        LOG.debug( "checkClientTrusted {}", x509Certificates[0] );
+    }
+
+
+    public void checkServerTrusted( X509Certificate[] x509Certificates, String s ) throws
CertificateException
+    {
+        LOG.debug( "checkServerTrusted {}", x509Certificates[0] );
+    }
+
+
+    public X509Certificate[] getAcceptedIssuers()
+    {
+        return new X509Certificate[0];
+    }
+
+}

Added: directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/SaslRequest.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/SaslRequest.java?rev=996470&view=auto
==============================================================================
--- directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/SaslRequest.java
(added)
+++ directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/SaslRequest.java
Mon Sep 13 09:38:48 2010
@@ -0,0 +1,103 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+
+package org.apache.directory.ldap.client.api;
+
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.directory.shared.ldap.message.BindRequest;
+
+
+/**
+ * Holds the data required to complete the SASL operation
+ *  
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class SaslRequest
+{
+    /** the bind request */
+    private BindRequest bindReq;
+
+    /** the sasl mechaism's properties */
+    private Map<String, String> saslMechProps = new HashMap<String, String>();
+
+    /** SASL realm name on the server */
+    private String realmName;
+
+    /** the authorization ID of the entity */
+    private String authorizationId;
+
+
+    protected SaslRequest( BindRequest bindReq )
+    {
+        this.bindReq = bindReq;
+    }
+
+
+    public BindRequest getBindReq()
+    {
+        return bindReq;
+    }
+
+
+    public Map<String, String> getSaslMechProps()
+    {
+        return saslMechProps;
+    }
+
+
+    public void setSaslMechProps( Map<String, String> saslMechProps )
+    {
+        this.saslMechProps = saslMechProps;
+    }
+
+
+    public String getRealmName()
+    {
+        return realmName;
+    }
+
+
+    public void setRealmName( String realmName )
+    {
+        this.realmName = realmName;
+    }
+
+
+    public String getAuthorizationId()
+    {
+        return authorizationId;
+    }
+
+
+    public void setAuthorizationId( String authorizationId )
+    {
+        this.authorizationId = authorizationId;
+    }
+
+
+    public void setBindReq( BindRequest bindReq )
+    {
+        this.bindReq = bindReq;
+    }
+
+}

Added: directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/callback/SaslCallbackHandler.java
URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/callback/SaslCallbackHandler.java?rev=996470&view=auto
==============================================================================
--- directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/callback/SaslCallbackHandler.java
(added)
+++ directory/shared/trunk/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/callback/SaslCallbackHandler.java
Mon Sep 13 09:38:48 2010
@@ -0,0 +1,95 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+
+package org.apache.directory.ldap.client.api.callback;
+
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.sasl.RealmCallback;
+
+import org.apache.directory.ldap.client.api.SaslRequest;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * The CallbackHandler implementation used by the LdapConnection during SASL mechanism based
bind operations.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class SaslCallbackHandler implements CallbackHandler
+{
+
+    private SaslRequest saslReq;
+
+    private static final Logger LOG = LoggerFactory.getLogger( SaslCallbackHandler.class
);
+    
+    public SaslCallbackHandler( SaslRequest saslReq )
+    {
+        this.saslReq = saslReq;
+    }
+
+
+    public void handle( Callback[] callbacks ) throws IOException, UnsupportedCallbackException
+    {
+        for ( Callback cb : callbacks )
+        {
+            if ( cb instanceof NameCallback )
+            {
+                NameCallback ncb = ( NameCallback ) cb;
+                
+                String name = saslReq.getBindReq().getName().getRdn().getUpValue().getString();
+                LOG.debug( "sending name {} in the NameCallback", name );
+                
+                ncb.setName( name );
+            }
+
+            else if ( cb instanceof PasswordCallback )
+            {
+                PasswordCallback pcb = ( PasswordCallback ) cb;
+                LOG.debug( "sending credentials in the PasswordCallback" );
+                pcb.setPassword( StringTools.utf8ToString( saslReq.getBindReq().getCredentials()
).toCharArray() );
+            }
+            
+            else if( cb instanceof RealmCallback )
+            {
+                RealmCallback rcb = ( RealmCallback ) cb;
+                
+                if( saslReq.getRealmName() != null )
+                {
+                    LOG.debug( "sending the user specified realm value {} in the RealmCallback",
saslReq.getRealmName() );
+                    rcb.setText( saslReq.getRealmName() );                    
+                }
+                else
+                {
+                    LOG.debug( "No user specified relam value, sending the default realm
value {} in the RealmCallback", rcb.getDefaultText() );
+                    rcb.setText( rcb.getDefaultText() );
+                }
+            }
+        }
+    }
+}



Mime
View raw message