directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pamarce...@apache.org
Subject svn commit: r1071662 - in /directory: apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/ apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/ shared/branches/m1/ldap-client-api...
Date Thu, 17 Feb 2011 15:55:51 GMT
Author: pamarcelot
Date: Thu Feb 17 15:55:50 2011
New Revision: 1071662

URL: http://svn.apache.org/viewvc?rev=1071662&view=rev
Log:
Fix for DIRAPI-42 (Add additional classes and clean method arguments for SASL binds (CRAM-MD5,
DIGEST-MD5, GSS-API)).
Added support for specifying:
o Quality of Protection
o Security Strength
o Require mutual authentication

Added:
    directory/shared/branches/m1/ldap-model/src/main/java/org/apache/directory/shared/ldap/model/constants/SaslSecurityStrength.java
Modified:
    directory/apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapServer.java
    directory/apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/SaslFilter.java
    directory/shared/branches/m1/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapNetworkConnection.java
    directory/shared/branches/m1/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/SaslRequest.java
    directory/shared/branches/m1/ldap-model/src/main/java/org/apache/directory/shared/ldap/model/constants/SaslQoP.java
    directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/ConnectionParameter.java
    directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/ConnectionIO.java
    directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/jndi/JNDIConnectionWrapper.java
    directory/studio/branches/m1/plugins/connection.ui/src/main/java/org/apache/directory/studio/connection/ui/widgets/AuthenticationParameterPage.java

Modified: directory/apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapServer.java?rev=1071662&r1=1071661&r2=1071662&view=diff
==============================================================================
--- directory/apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapServer.java
(original)
+++ directory/apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapServer.java
Thu Feb 17 15:55:50 2011
@@ -226,10 +226,10 @@ public class LdapServer extends Director
         super.setServiceName( SERVICE_NAME_DEFAULT );
 
         saslQop = new HashSet<String>();
-        saslQop.add( SaslQoP.QOP_AUTH );
-        saslQop.add( SaslQoP.QOP_AUTH_INT );
-        saslQop.add( SaslQoP.QOP_AUTH_CONF );
-        saslQopString = SaslQoP.QOP_AUTH + ',' + SaslQoP.QOP_AUTH_INT + ',' + SaslQoP.QOP_AUTH_CONF;
+        saslQop.add( SaslQoP.AUTH.getValue() );
+        saslQop.add( SaslQoP.AUTH_INT.getValue() );
+        saslQop.add( SaslQoP.AUTH_CONF.getValue() );
+        saslQopString = SaslQoP.AUTH.getValue() + ',' + SaslQoP.AUTH_INT.getValue() + ','
+ SaslQoP.AUTH_CONF.getValue();
 
         saslRealms = new ArrayList<String>();
         saslRealms.add( "example.com" );

Modified: directory/apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/SaslFilter.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/SaslFilter.java?rev=1071662&r1=1071661&r2=1071662&view=diff
==============================================================================
--- directory/apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/SaslFilter.java
(original)
+++ directory/apacheds/branches/m1/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/bind/SaslFilter.java
Thu Feb 17 15:55:50 2011
@@ -89,7 +89,8 @@ public class SaslFilter extends IoFilter
          * Unwrap the data for mechanisms that support QoP (DIGEST-MD5, GSSAPI).
          */
         String qop = ( String ) saslServer.getNegotiatedProperty( Sasl.QOP );
-        boolean hasSecurityLayer = ( qop != null && ( qop.equals( SaslQoP.QOP_AUTH_INT
) || qop.equals( SaslQoP.QOP_AUTH_CONF ) ) );
+        boolean hasSecurityLayer = ( qop != null && ( qop.equals( SaslQoP.AUTH_INT.getValue()
) || qop
+            .equals( SaslQoP.AUTH_CONF.getValue() ) ) );
 
         if ( hasSecurityLayer )
         {
@@ -133,7 +134,8 @@ public class SaslFilter extends IoFilter
          * Wrap the data for mechanisms that support QoP (DIGEST-MD5, GSSAPI).
          */
         String qop = ( String ) saslServer.getNegotiatedProperty( Sasl.QOP );
-        boolean hasSecurityLayer = ( qop != null && ( qop.equals( SaslQoP.QOP_AUTH_INT
) || qop.equals( SaslQoP.QOP_AUTH_CONF ) ) );
+        boolean hasSecurityLayer = ( qop != null && ( qop.equals( SaslQoP.AUTH_INT.getValue()
) || qop
+            .equals( SaslQoP.AUTH_CONF.getValue() ) ) );
 
         IoBuffer saslLayerBuffer = null;
 

Modified: directory/shared/branches/m1/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapNetworkConnection.java
URL: http://svn.apache.org/viewvc/directory/shared/branches/m1/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapNetworkConnection.java?rev=1071662&r1=1071661&r2=1071662&view=diff
==============================================================================
--- directory/shared/branches/m1/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapNetworkConnection.java
(original)
+++ directory/shared/branches/m1/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/LdapNetworkConnection.java
Thu Feb 17 15:55:50 2011
@@ -28,6 +28,7 @@ import java.net.SocketAddress;
 import java.security.PrivilegedExceptionAction;
 import java.util.ArrayList;
 import java.util.Collection;
+import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
@@ -60,6 +61,8 @@ import org.apache.directory.shared.asn1.
 import org.apache.directory.shared.ldap.codec.api.LdapCodecService;
 import org.apache.directory.shared.ldap.codec.api.LdapCodecServiceFactory;
 import org.apache.directory.shared.ldap.codec.api.MessageEncoderException;
+import org.apache.directory.shared.ldap.model.constants.SaslQoP;
+import org.apache.directory.shared.ldap.model.constants.SaslSecurityStrength;
 import org.apache.directory.shared.ldap.model.constants.SchemaConstants;
 import org.apache.directory.shared.ldap.model.cursor.Cursor;
 import org.apache.directory.shared.ldap.model.cursor.SearchCursor;
@@ -3554,24 +3557,6 @@ public class LdapNetworkConnection exten
 
 
     /**
-     * perform SASL based bind operation @see {@link #bindSasl(SaslRequest)}
-     */
-    private BindFuture bindSasl( String name, byte[] credentials, String saslMech, String
authzId, String realmName,
-        Control... ctrls )
-        throws LdapException, IOException
-    {
-        SaslRequest saslRequest = new SaslRequest( saslMech ); // TODO fix this
-        saslRequest.setUsername( name );
-        saslRequest.setCredentials( credentials );
-        saslRequest.setAuthorizationId( authzId );
-        saslRequest.setRealmName( realmName );
-        saslRequest.addAllControls( ctrls );
-
-        return bindSasl( saslRequest );
-    }
-
-
-    /**
      * Process the SASL Bind. It's a dialog with the server, we will send a first BindRequest,
receive
      * a response and the, if this response is a challenge, continue by sending a new BindRequest
with
      * the requested informations.
@@ -3609,13 +3594,36 @@ public class LdapNetworkConnection exten
             byte[] response = null;
             ResultCodeEnum result = null;
 
+            // Creating a map for SASL properties
+            Map<String, Object> properties = new HashMap<String, Object>();
+
+            // Quality of Protection SASL property
+            if ( saslRequest.getQualityOfProtection() != null )
+            {
+
+                properties.put( Sasl.QOP, saslRequest.getQualityOfProtection().getValue()
);
+            }
+
+            // Security Strength SASL property
+            if ( saslRequest.getSecurityStrength() != null )
+            {
+                properties.put( Sasl.STRENGTH, saslRequest.getSecurityStrength().getValue()
);
+            }
+
+            // Mutual Authentication SASL property
+            if ( saslRequest.isMutualAuthentication() )
+            {
+                properties.put( Sasl.SERVER_AUTH, "true" );
+            }
+
+            // Creating a SASL Client
             SaslClient sc = Sasl.createSaslClient(
                 new String[]
                     { bindRequest.getSaslMechanism() },
                 saslRequest.getAuthorizationId(),
                 "ldap",
                 config.getLdapHost(),
-                null,
+                properties,
                 new SaslCallbackHandler( saslRequest ) );
 
             // If the SaslClient wasn't created, that means we can't create the SASL client

Modified: directory/shared/branches/m1/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/SaslRequest.java
URL: http://svn.apache.org/viewvc/directory/shared/branches/m1/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/SaslRequest.java?rev=1071662&r1=1071661&r2=1071662&view=diff
==============================================================================
--- directory/shared/branches/m1/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/SaslRequest.java
(original)
+++ directory/shared/branches/m1/ldap-client-api/src/main/java/org/apache/directory/ldap/client/api/SaslRequest.java
Thu Feb 17 15:55:50 2011
@@ -25,6 +25,8 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 
+import org.apache.directory.shared.ldap.model.constants.SaslQoP;
+import org.apache.directory.shared.ldap.model.constants.SaslSecurityStrength;
 import org.apache.directory.shared.ldap.model.message.Control;
 import org.apache.directory.shared.util.StringConstants;
 import org.apache.directory.shared.util.Strings;
@@ -35,8 +37,7 @@ import org.apache.directory.shared.util.
  *  
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  */
-// TODO make this class abstract
-public class SaslRequest
+public abstract class SaslRequest
 {
     /** The mechanism used to decode user identity */
     protected String saslMechanism;
@@ -56,10 +57,24 @@ public class SaslRequest
     /** The authorization ID of the entity */
     protected String authorizationId;
 
+    /** The quality of protection */
+    protected SaslQoP qualityOfProtection;
 
+    /** The security strength */
+    protected SaslSecurityStrength securityStrength;
+    
+    /** Require mutual authentication */
+    protected boolean mutualAuthentication = false;
+
+
+    /**
+     * Creates a new instance of SaslRequest.
+     *
+     * @param saslMechanism
+     *      the SASL mechanism
+     */
     protected SaslRequest( String saslMechanism )
     {
-        super();
         this.saslMechanism = saslMechanism;
     }
 
@@ -127,6 +142,17 @@ public class SaslRequest
 
 
     /**
+     * Gets the quality of protection.
+     *
+     * @return the quality of protection
+     */
+    public SaslQoP getQualityOfProtection()
+    {
+        return qualityOfProtection;
+    }
+
+
+    /**
      * Gets realm name.
      *
      * @return the realm name
@@ -149,6 +175,17 @@ public class SaslRequest
 
 
     /**
+     * Gets the security strength.
+     *
+     * @return the security strength
+     */
+    public SaslSecurityStrength getSecurityStrength()
+    {
+        return securityStrength;
+    }
+
+
+    /**
      * Gets the username.
      *
      * @return the username
@@ -160,6 +197,17 @@ public class SaslRequest
 
 
     /**
+     * Indicates if mutual authentication is required.
+     *
+     * @return the flag indicating if mutual authentication is required
+     */
+    public boolean isMutualAuthentication()
+    {
+        return mutualAuthentication;
+    }
+
+
+    /**
      * Sets the Authorization ID
      *
      * @param authorizationId The authorization ID
@@ -193,6 +241,28 @@ public class SaslRequest
 
 
     /**
+     * Sets the flag indicating if mutual authentication is required.
+     *
+     * @param mutualAuthentication the flag indicating if mutual authentication is required
+     */
+    public void setMutualAuthentication( boolean mutualAuthentication )
+    {
+        this.mutualAuthentication = mutualAuthentication;
+    }
+
+
+    /**
+     * Sets the quality of protection.
+     *
+     * @param qualityOfProtection the quality of protection
+     */
+    public void setQualityOfProtection( SaslQoP qualityOfProtection )
+    {
+        this.qualityOfProtection = qualityOfProtection;
+    }
+
+
+    /**
      * Sets the realm name.
      * 
      * @param realmName The realm name
@@ -215,6 +285,17 @@ public class SaslRequest
 
 
     /**
+     * Sets the security strength.
+     *
+     * @param securityStrength the security strength
+     */
+    public void setSecurityStrength( SaslSecurityStrength securityStrength )
+    {
+        this.securityStrength = securityStrength;
+    }
+
+
+    /**
      * Sets the username.
      *
      * @param username the username

Modified: directory/shared/branches/m1/ldap-model/src/main/java/org/apache/directory/shared/ldap/model/constants/SaslQoP.java
URL: http://svn.apache.org/viewvc/directory/shared/branches/m1/ldap-model/src/main/java/org/apache/directory/shared/ldap/model/constants/SaslQoP.java?rev=1071662&r1=1071661&r2=1071662&view=diff
==============================================================================
--- directory/shared/branches/m1/ldap-model/src/main/java/org/apache/directory/shared/ldap/model/constants/SaslQoP.java
(original)
+++ directory/shared/branches/m1/ldap-model/src/main/java/org/apache/directory/shared/ldap/model/constants/SaslQoP.java
Thu Feb 17 15:55:50 2011
@@ -21,32 +21,43 @@ package org.apache.directory.shared.ldap
 
 
 /**
- * Contains constants used for populating the SASL QoP 
- * in the RootDSE.
- * Final reference -> class shouldn't be extended
+ * This enums contains values for SASL QoP (Quality of Protection).
  * 
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  */
-public final class SaslQoP
+public enum SaslQoP
 {
+    /** Authentication only */
+    AUTH("auth"),
+
+    /** Authentication with integrity protection */
+    AUTH_INT("auth-int"),
+
+    /** Authentication with integrity and privacy protection */
+    AUTH_CONF("auth-conf");
+
+    /** The equivalent string value */
+    private String value;
+
+
     /**
-     *  Ensures no construction of this class, also ensures there is no need for final keyword
above
-     *  (Implicit super constructor is not visible for default constructor),
-     *  but is still self documenting.
+     * Creates a new instance of SaslQoP.
+     *
+     * @param value the equivalent string value
      */
-    private SaslQoP()
+    private SaslQoP( String value )
     {
+        this.value = value;
     }
 
-    /** The supported QOP attribute */
-    public final static String ATTRIBUTE = "supportedQoP";
 
-    /** Authentication only */
-    public final static String QOP_AUTH      = "auth" ;
-
-    /** Authentication with integrity protection */
-    public final static String QOP_AUTH_INT  = "auth-int" ;
-
-    /** Authentication with integrity and privacy protection */
-    public final static String QOP_AUTH_CONF = "auth-conf" ;
+    /**
+     * Gets the equivalent string value.
+     *
+     * @return the equivalent string value
+     */
+    public String getValue()
+    {
+        return value;
+    }
 }

Added: directory/shared/branches/m1/ldap-model/src/main/java/org/apache/directory/shared/ldap/model/constants/SaslSecurityStrength.java
URL: http://svn.apache.org/viewvc/directory/shared/branches/m1/ldap-model/src/main/java/org/apache/directory/shared/ldap/model/constants/SaslSecurityStrength.java?rev=1071662&view=auto
==============================================================================
--- directory/shared/branches/m1/ldap-model/src/main/java/org/apache/directory/shared/ldap/model/constants/SaslSecurityStrength.java
(added)
+++ directory/shared/branches/m1/ldap-model/src/main/java/org/apache/directory/shared/ldap/model/constants/SaslSecurityStrength.java
Thu Feb 17 15:55:50 2011
@@ -0,0 +1,64 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.shared.ldap.model.constants;
+
+
+/**
+ * This enums contains values for SASL Security Strength.
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public enum SaslSecurityStrength
+{
+    /** Low SASL Security Strength */
+    LOW("low"),
+
+    /** Medium SASL Security Strength */
+    MEDIUM("medium"),
+
+    /** High SASL Security Strength */
+    HIGH("high");
+
+    /** The equivalent string value */
+    private String value;
+
+
+    /**
+     * Creates a new instance of SaslSecurityStrength.
+     *
+     * @param value
+     *      the equivalent string value
+     */
+    private SaslSecurityStrength( String value )
+    {
+        this.value = value;
+    }
+
+
+    /**
+     * Gets the equivalent string value.
+     *
+     * @return the equivalent string value
+     */
+    public String getValue()
+    {
+        return value;
+    }
+}

Modified: directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/ConnectionParameter.java
URL: http://svn.apache.org/viewvc/directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/ConnectionParameter.java?rev=1071662&r1=1071661&r2=1071662&view=diff
==============================================================================
--- directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/ConnectionParameter.java
(original)
+++ directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/ConnectionParameter.java
Thu Feb 17 15:55:50 2011
@@ -25,6 +25,9 @@ import java.util.HashMap;
 import java.util.Map;
 import java.util.UUID;
 
+import org.apache.directory.shared.ldap.model.constants.SaslQoP;
+import org.apache.directory.shared.ldap.model.constants.SaslSecurityStrength;
+
 
 /**
  * A Bean class to hold the connection parameters.
@@ -89,16 +92,6 @@ public class ConnectionParameter
 
     }
 
-    public enum SaslQop
-    {
-        AUTH, AUTH_INT, AUTH_INT_PRIV
-    }
-
-    public enum SaslSecurityStrength
-    {
-        LOW, MEDIUM, HIGH
-    }
-
     public enum Krb5CredentialConfiguration
     {
         USE_NATIVE, OBTAIN_TGT
@@ -140,7 +133,7 @@ public class ConnectionParameter
     private String saslRealm;
 
     /** The SASL qualitiy of protection. */
-    private SaslQop saslQop = SaslQop.AUTH;
+    private SaslQoP saslQop = SaslQoP.AUTH;
 
     /** The SASL security strength. */
     private SaslSecurityStrength saslSecurityStrength = SaslSecurityStrength.HIGH;
@@ -470,7 +463,7 @@ public class ConnectionParameter
      * 
      * @return the SASL qualitiy of protection
      */
-    public SaslQop getSaslQop()
+    public SaslQoP getSaslQop()
     {
         return saslQop;
     }
@@ -481,7 +474,7 @@ public class ConnectionParameter
      * 
      * @param saslQop the new SASL qualitiy of protection
      */
-    public void setSaslQop( SaslQop saslQop )
+    public void setSaslQop( SaslQoP saslQop )
     {
         this.saslQop = saslQop;
     }

Modified: directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/ConnectionIO.java
URL: http://svn.apache.org/viewvc/directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/ConnectionIO.java?rev=1071662&r1=1071661&r2=1071662&view=diff
==============================================================================
--- directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/ConnectionIO.java
(original)
+++ directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/ConnectionIO.java
Thu Feb 17 15:55:50 2011
@@ -26,9 +26,11 @@ import java.io.OutputStream;
 import java.util.HashSet;
 import java.util.Iterator;
 import java.util.Map;
-import java.util.Set;
 import java.util.Map.Entry;
+import java.util.Set;
 
+import org.apache.directory.shared.ldap.model.constants.SaslQoP;
+import org.apache.directory.shared.ldap.model.constants.SaslSecurityStrength;
 import org.apache.directory.studio.connection.core.ConnectionFolder;
 import org.apache.directory.studio.connection.core.ConnectionParameter;
 import org.apache.directory.studio.connection.core.ConnectionParameter.AuthenticationMethod;
@@ -36,8 +38,6 @@ import org.apache.directory.studio.conne
 import org.apache.directory.studio.connection.core.ConnectionParameter.Krb5Configuration;
 import org.apache.directory.studio.connection.core.ConnectionParameter.Krb5CredentialConfiguration;
 import org.apache.directory.studio.connection.core.ConnectionParameter.NetworkProvider;
-import org.apache.directory.studio.connection.core.ConnectionParameter.SaslQop;
-import org.apache.directory.studio.connection.core.ConnectionParameter.SaslSecurityStrength;
 import org.dom4j.Attribute;
 import org.dom4j.Document;
 import org.dom4j.DocumentException;
@@ -258,7 +258,15 @@ public class ConnectionIO
         Attribute saslQopAttribute = element.attribute( SASL_QOP_TAG );
         if ( saslQopAttribute != null )
         {
-            connection.setSaslQop( SaslQop.valueOf( saslQopAttribute.getValue() ) );
+            if ( "AUTH_INT_PRIV".equals( saslQopAttribute.getValue() ) )
+            {
+                // Used for legacy setting (before we used SaslQop enum from Shared)
+                connection.setSaslQop( SaslQoP.AUTH_CONF );
+            }
+            else
+            {
+                connection.setSaslQop( SaslQoP.valueOf( saslQopAttribute.getValue() ) );
+            }
         }
 
         // SASL Security Strength

Modified: directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/jndi/JNDIConnectionWrapper.java
URL: http://svn.apache.org/viewvc/directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/jndi/JNDIConnectionWrapper.java?rev=1071662&r1=1071661&r2=1071662&view=diff
==============================================================================
--- directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/jndi/JNDIConnectionWrapper.java
(original)
+++ directory/studio/branches/m1/plugins/connection.core/src/main/java/org/apache/directory/studio/connection/core/io/jndi/JNDIConnectionWrapper.java
Thu Feb 17 15:55:50 2011
@@ -63,9 +63,12 @@ import javax.security.auth.login.AppConf
 import javax.security.auth.login.Configuration;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
+import javax.security.sasl.Sasl;
 
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.lang.StringUtils;
+import org.apache.directory.shared.ldap.model.constants.SaslQoP;
+import org.apache.directory.shared.ldap.model.constants.SaslSecurityStrength;
 import org.apache.directory.shared.ldap.model.exception.LdapURLEncodingException;
 import org.apache.directory.shared.ldap.model.filter.LdapURL;
 import org.apache.directory.shared.ldap.model.message.Referral;
@@ -1019,37 +1022,37 @@ public class JNDIConnectionWrapper imple
                             switch ( connection.getConnectionParameter().getSaslQop() )
                             {
                                 case AUTH:
-                                    context.addToEnvironment( "javax.security.sasl.qop",
"auth" );
+                                    context.addToEnvironment( Sasl.QOP, SaslQoP.AUTH.getValue()
);
                                     break;
                                 case AUTH_INT:
-                                    context.addToEnvironment( "javax.security.sasl.qop",
"auth-int" );
+                                    context.addToEnvironment( Sasl.QOP, SaslQoP.AUTH_INT.getValue()
);
                                     break;
-                                case AUTH_INT_PRIV:
-                                    context.addToEnvironment( "javax.security.sasl.qop",
"auth-conf" );
+                                case AUTH_CONF:
+                                    context.addToEnvironment( Sasl.QOP, SaslQoP.AUTH_CONF.getValue()
);
                                     break;
                             }
 
                             // Request mutual authentication
                             if ( connection.getConnectionParameter().isSaslMutualAuthentication()
)
                             {
-                                context.addToEnvironment( "javax.security.sasl.server.authentication",
"true" );
+                                context.addToEnvironment( Sasl.SERVER_AUTH, "true" );
                             }
                             else
                             {
-                                context.removeFromEnvironment( "javax.security.sasl.server.authentication"
);
+                                context.removeFromEnvironment( Sasl.SERVER_AUTH );
                             }
 
                             // Request cryptographic protection strength
                             switch ( connection.getConnectionParameter().getSaslSecurityStrength()
)
                             {
                                 case HIGH:
-                                    context.addToEnvironment( "javax.security.sasl.strength",
"high" );
+                                    context.addToEnvironment( Sasl.STRENGTH, SaslSecurityStrength.HIGH.getValue()
);
                                     break;
                                 case MEDIUM:
-                                    context.addToEnvironment( "javax.security.sasl.strength",
"medium" );
+                                    context.addToEnvironment( Sasl.STRENGTH, SaslSecurityStrength.MEDIUM.getValue()
);
                                     break;
                                 case LOW:
-                                    context.addToEnvironment( "javax.security.sasl.strength",
"low" );
+                                    context.addToEnvironment( Sasl.STRENGTH, SaslSecurityStrength.LOW.getValue()
);
                                     break;
                             }
                         }
@@ -1116,7 +1119,6 @@ public class JNDIConnectionWrapper imple
 
             if ( !useKrb5SystemProperties )
             {
-
                 // Kerberos Configuration
                 switch ( connection.getConnectionParameter().getKrb5Configuration() )
                 {

Modified: directory/studio/branches/m1/plugins/connection.ui/src/main/java/org/apache/directory/studio/connection/ui/widgets/AuthenticationParameterPage.java
URL: http://svn.apache.org/viewvc/directory/studio/branches/m1/plugins/connection.ui/src/main/java/org/apache/directory/studio/connection/ui/widgets/AuthenticationParameterPage.java?rev=1071662&r1=1071661&r2=1071662&view=diff
==============================================================================
--- directory/studio/branches/m1/plugins/connection.ui/src/main/java/org/apache/directory/studio/connection/ui/widgets/AuthenticationParameterPage.java
(original)
+++ directory/studio/branches/m1/plugins/connection.ui/src/main/java/org/apache/directory/studio/connection/ui/widgets/AuthenticationParameterPage.java
Thu Feb 17 15:55:50 2011
@@ -22,6 +22,8 @@ package org.apache.directory.studio.conn
 
 
 import org.apache.commons.lang.StringUtils;
+import org.apache.directory.shared.ldap.model.constants.SaslQoP;
+import org.apache.directory.shared.ldap.model.constants.SaslSecurityStrength;
 import org.apache.directory.shared.ldap.model.filter.LdapURL;
 import org.apache.directory.shared.ldap.model.filter.LdapURL.Extension;
 import org.apache.directory.studio.common.ui.widgets.BaseWidgetUtils;
@@ -32,8 +34,6 @@ import org.apache.directory.studio.conne
 import org.apache.directory.studio.connection.core.ConnectionParameter.AuthenticationMethod;
 import org.apache.directory.studio.connection.core.ConnectionParameter.Krb5Configuration;
 import org.apache.directory.studio.connection.core.ConnectionParameter.Krb5CredentialConfiguration;
-import org.apache.directory.studio.connection.core.ConnectionParameter.SaslQop;
-import org.apache.directory.studio.connection.core.ConnectionParameter.SaslSecurityStrength;
 import org.apache.directory.studio.connection.core.jobs.CheckBindRunnable;
 import org.apache.directory.studio.connection.ui.AbstractConnectionParameterPage;
 import org.apache.directory.studio.connection.ui.ConnectionUIConstants;
@@ -58,6 +58,7 @@ import org.eclipse.swt.widgets.Composite
 import org.eclipse.swt.widgets.Control;
 import org.eclipse.swt.widgets.Display;
 import org.eclipse.swt.widgets.Group;
+import org.eclipse.swt.widgets.Label;
 import org.eclipse.swt.widgets.Text;
 import org.eclipse.ui.forms.events.ExpansionAdapter;
 import org.eclipse.ui.forms.events.ExpansionEvent;
@@ -204,16 +205,16 @@ public class AuthenticationParameterPage
     }
 
 
-    private SaslQop getSaslQop()
+    private SaslQoP getSaslQop()
     {
         switch ( saslQopCombo.getSelectionIndex() )
         {
             case 1:
-                return SaslQop.AUTH_INT;
+                return SaslQoP.AUTH_INT;
             case 2:
-                return SaslQop.AUTH_INT_PRIV;
+                return SaslQoP.AUTH_CONF;
             default:
-                return SaslQop.AUTH;
+                return SaslQoP.AUTH;
         }
     }
 
@@ -599,8 +600,8 @@ public class AuthenticationParameterPage
         saveBindPasswordButton.setSelection( parameter.getBindPassword() != null );
 
         saslRealmText.setText( parameter.getSaslRealm() != null ? parameter.getSaslRealm()
: "" ); //$NON-NLS-1$
-        int qopIndex = parameter.getSaslQop() == SaslQop.AUTH_INT ? 1
-            : parameter.getSaslQop() == SaslQop.AUTH_INT_PRIV ? 2 : 0;
+        int qopIndex = parameter.getSaslQop() == SaslQoP.AUTH_INT ? 1
+            : parameter.getSaslQop() == SaslQoP.AUTH_CONF ? 2 : 0;
         saslQopCombo.select( qopIndex );
         int securityStrengthIndex = parameter.getSaslSecurityStrength() == SaslSecurityStrength.MEDIUM
? 1 : parameter
             .getSaslSecurityStrength() == SaslSecurityStrength.LOW ? 2 : 0;
@@ -927,7 +928,7 @@ public class AuthenticationParameterPage
                     case AUTH_INT:
                         ldapUrl.getExtensions().add( new Extension( false, X_SASL_QOP, X_SASL_QOP_AUTH_INT
) );
                         break;
-                    case AUTH_INT_PRIV:
+                    case AUTH_CONF:
                         ldapUrl.getExtensions().add( new Extension( false, X_SASL_QOP, X_SASL_QOP_AUTH_INT_PRIV
) );
                         break;
                 }
@@ -1045,15 +1046,15 @@ public class AuthenticationParameterPage
         String saslQop = ldapUrl.getExtensionValue( X_SASL_QOP );
         if ( StringUtils.isNotEmpty( saslQop ) && X_SASL_QOP_AUTH_INT.equalsIgnoreCase(
saslQop ) )
         {
-            parameter.setSaslQop( SaslQop.AUTH_INT );
+            parameter.setSaslQop( SaslQoP.AUTH_INT );
         }
         else if ( StringUtils.isNotEmpty( saslQop ) && X_SASL_QOP_AUTH_INT_PRIV.equalsIgnoreCase(
saslQop ) )
         {
-            parameter.setSaslQop( SaslQop.AUTH_INT_PRIV );
+            parameter.setSaslQop( SaslQoP.AUTH_CONF );
         }
         else
         {
-            parameter.setSaslQop( SaslQop.AUTH );
+            parameter.setSaslQop( SaslQoP.AUTH );
         }
 
         // SASL security strength, default to HIGH



Mime
View raw message