Author: elecharny Date: Wed Feb 6 22:46:42 2013 New Revision: 1443255 URL: http://svn.apache.org/viewvc?rev=1443255&view=rev Log: o Added some better toString() methods in many kerberos classes o Added some missing Javadoc o Added a dedicated KERBEROS logger o Removed useless imports Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcRep.java directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReq.java directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/PaData.java directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/PrincipalName.java directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/KrbError.java directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/Ticket.java directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/DirectoryPrincipalStore.java directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcContext.java directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationContext.java directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java directory/shared/trunk/ldap/model/src/test/java/org/apache/directory/api/ldap/model/entry/EntrySerializationTest.java Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcRep.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcRep.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcRep.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcRep.java Wed Feb 6 22:46:42 2013 @@ -423,12 +423,16 @@ public class KdcRep extends KerberosMess /** - * @see Object#toString() + * Pretty print the instance */ - public String toString() + public String toString( String tabs ) { StringBuilder sb = new StringBuilder(); + sb.append( tabs ).append( + "\n>-------------------------------------------------------------------------------\n" ); + sb.append( tabs ).append( "KdcRep : " ); + if ( getMessageType() == KerberosMessageType.AS_REP ) { sb.append( "AS-REP" ).append( '\n' ); @@ -442,20 +446,31 @@ public class KdcRep extends KerberosMess sb.append( "Unknown" ).append( '\n' ); } - sb.append( "pvno : " ).append( getProtocolVersionNumber() ).append( '\n' ); + sb.append( tabs ).append( "pvno : " ).append( getProtocolVersionNumber() ).append( '\n' ); - sb.append( "msg-type : " ); + sb.append( tabs ).append( "msg-type : " ).append( getMessageType() ).append( '\n' ); for ( PaData paDataElem : paData ) { - sb.append( "padata : " ).append( paDataElem ).append( '\n' ); + sb.append( tabs ).append( "padata : " ).append( paDataElem.toString( tabs + " " ) ).append( '\n' ); } - sb.append( "crealm : " ).append( crealm ).append( '\n' ); - sb.append( "cname : " ).append( cname ).append( '\n' ); - sb.append( "ticket : " ).append( ticket ).append( '\n' ); - sb.append( "enc-part : " ).append( encPart ).append( '\n' ); + sb.append( tabs ).append( "crealm : " ).append( crealm ).append( '\n' ); + sb.append( tabs ).append( "cname : " ).append( cname ).append( '\n' ); + sb.append( ticket.toString( tabs ) ); + sb.append( encPart.toString( tabs ) ); + sb.append( tabs ).append( + "\n-------------------------------------------------------------------------------<\n" ); return sb.toString(); } + + + /** + * @see Object#toString() + */ + public String toString() + { + return toString( "" ); + } } Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReq.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReq.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReq.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReq.java Wed Feb 6 22:46:42 2013 @@ -264,36 +264,50 @@ public abstract class KdcReq extends Ker /** - * @see Object#toString() + * Pretty print the instance */ - public String toString() + public String toString( String tabs ) { StringBuilder sb = new StringBuilder(); + sb.append( tabs ).append( + "\n>-------------------------------------------------------------------------------\n" ); if ( getMessageType() == KerberosMessageType.AS_REQ ) { - sb.append( "AS-REQ" ).append( '\n' ); + sb.append( tabs ).append( "AS-REQ" ).append( '\n' ); } else if ( getMessageType() == KerberosMessageType.TGS_REQ ) { - sb.append( "TGS-REQ" ).append( '\n' ); + sb.append( tabs ).append( "TGS-REQ" ).append( '\n' ); } else { - sb.append( "Unknown" ).append( '\n' ); + sb.append( tabs ).append( "Unknown" ).append( '\n' ); } - sb.append( "pvno : " ).append( getProtocolVersionNumber() ).append( '\n' ); + sb.append( tabs ).append( "pvno : " ).append( getProtocolVersionNumber() ).append( '\n' ); - sb.append( "msg-type : " ); + sb.append( tabs ).append( "msg-type : " ).append( getMessageType() ).append( "\n" ); for ( PaData paDataElem : paData ) { - sb.append( "padata : " ).append( paDataElem ).append( '\n' ); + sb.append( tabs ).append( "padata :\n" ); + sb.append( paDataElem.toString( tabs + " " ) ).append( '\n' ); } - sb.append( "kdc-req-body : " ).append( kdcReqBody ).append( '\n' ); + sb.append( tabs ).append( "kdc-req-body : \n" ); + sb.append( kdcReqBody.toString( tabs + " " ) ).append( '\n' ); + sb.append( tabs ).append( "\n-------------------------------------------------------------------------------<\n" ); return sb.toString(); } + + + /** + * @see Object#toString() + */ + public String toString() + { + return toString( "" ); + } } Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java Wed Feb 6 22:46:42 2013 @@ -755,42 +755,44 @@ public class KdcReqBody extends Abstract /** - * @see Object#toString() + * Pretty print the instance */ - @Override - public String toString() + public String toString( String tabs ) { StringBuilder sb = new StringBuilder(); - sb.append( "KDCOptions : " ).append( kdcOptions ).append( '\n' ); + if ( ( kdcOptions != null ) && ( kdcOptions.size() > 0 ) ) + { + sb.append( tabs ).append( "KDCOptions : " ).append( kdcOptions ).append( '\n' ); + } if ( cName != null ) { - sb.append( "cname : " ).append( cName ).append( '\n' ); + sb.append( tabs ).append( "cname : " ).append( cName ).append( '\n' ); } - sb.append( "realm : " ).append( realm ).append( '\n' ); + sb.append( tabs ).append( "realm : " ).append( realm ).append( '\n' ); if ( sName != null ) { - sb.append( "sname : " ).append( sName ).append( '\n' ); + sb.append( tabs ).append( "sname : " ).append( sName ).append( '\n' ); } if ( from != null ) { - sb.append( "from : " ).append( from ).append( '\n' ); + sb.append( tabs ).append( "from : " ).append( from ).append( '\n' ); } - sb.append( "till : " ).append( till ).append( '\n' ); + sb.append( tabs ).append( "till : " ).append( till ).append( '\n' ); if ( rtime != null ) { - sb.append( "rtime : " ).append( rtime ).append( '\n' ); + sb.append( tabs ).append( "rtime : " ).append( rtime ).append( '\n' ); } - sb.append( "nonce : " ).append( nonce ).append( '\n' ); + sb.append( tabs ).append( "nonce : " ).append( nonce ).append( '\n' ); - sb.append( "etype : " ); + sb.append( tabs ).append( "etype : " ); boolean isFirst = true; for ( EncryptionType encryptionType : eType ) @@ -807,11 +809,10 @@ public class KdcReqBody extends Abstract sb.append( encryptionType ); } - sb.append( '\n' ); - if ( addresses != null ) { - sb.append( "addresses : " ); + sb.append( '\n' ); + sb.append( tabs ).append( "addresses : " ); isFirst = true; for ( HostAddress hostAddress : addresses.getAddresses() ) @@ -827,18 +828,18 @@ public class KdcReqBody extends Abstract sb.append( hostAddress ); } - - sb.append( '\n' ); } if ( encAuthorizationData != null ) { - sb.append( "enc-authorization-data" ).append( encAuthorizationData ).append( '\n' ); + sb.append( '\n' ); + sb.append( tabs ).append( "enc-authorization-data" ).append( encAuthorizationData ); } if ( additionalTickets.size() != 0 ) { - sb.append( "Tickets : " ); + sb.append( '\n' ); + sb.append( tabs ).append( "Tickets : " ); isFirst = true; for ( Ticket ticket : additionalTickets ) @@ -846,18 +847,22 @@ public class KdcReqBody extends Abstract if ( isFirst ) { isFirst = false; - } - else - { - sb.append( " " ); + sb.append( '\n' ); } - sb.append( ticket ); + sb.append( ticket.toString( tabs + " " ) ); } - - sb.append( '\n' ); } return sb.toString(); } + + + /** + * @see Object#toString() + */ + public String toString() + { + return toString( "" ); + } } Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/PaData.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/PaData.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/PaData.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/PaData.java Wed Feb 6 22:46:42 2013 @@ -261,7 +261,7 @@ public class PaData extends AbstractAsn1 { StringBuilder sb = new StringBuilder(); - sb.append( tabs ).append( "PreAuthenticationData : {\n" ); + sb.append( tabs ).append( "PreAuthenticationData : \n" ); sb.append( tabs ).append( " padata-type: " ).append( paDataType ).append( '\n' ); if ( paDataValue != null ) @@ -269,8 +269,6 @@ public class PaData extends AbstractAsn1 sb.append( tabs + " padata-value:" ).append( Strings.dumpBytes( paDataValue ) ).append( '\n' ); } - sb.append( tabs + "}\n" ); - return sb.toString(); } } Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/PrincipalName.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/PrincipalName.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/PrincipalName.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/PrincipalName.java Wed Feb 6 22:46:42 2013 @@ -457,13 +457,13 @@ public class PrincipalName extends Abstr { StringBuilder sb = new StringBuilder(); - sb.append( "PrincipalName : {\n" ); + sb.append( "{ " ); - sb.append( " name-type: " ).append( nameType.name() ).append( '\n' ); + sb.append( "name-type: " ).append( nameType.name() ); if ( ( nameString != null ) && ( nameString.size() != 0 ) ) { - sb.append( " name-string : <" ); + sb.append( ", name-string : <" ); boolean isFirst = true; for ( String name : nameString ) @@ -480,11 +480,11 @@ public class PrincipalName extends Abstr sb.append( '\'' ).append( name ).append( '\'' ); } - sb.append( ">\n}" ); + sb.append( "> }" ); } else { - sb.append( " no name-string\n}" ); + sb.append( " no name-string }" ); } return sb.toString(); Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/KrbError.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/KrbError.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/KrbError.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/KrbError.java Wed Feb 6 22:46:42 2013 @@ -552,7 +552,7 @@ public class KrbError extends KerberosMe buffer.put( TLV.getBytes( cTimeLength ) ); // The value - buffer.put( ( byte ) UniversalTag.GENERALIZED_TIME.getValue() ); + buffer.put( UniversalTag.GENERALIZED_TIME.getValue() ); buffer.put( ( byte ) 0x0F ); buffer.put( cTime.getBytes() ); } @@ -571,7 +571,7 @@ public class KrbError extends KerberosMe buffer.put( TLV.getBytes( sTimeLength ) ); // The value - buffer.put( ( byte ) UniversalTag.GENERALIZED_TIME.getValue() ); + buffer.put( UniversalTag.GENERALIZED_TIME.getValue() ); buffer.put( ( byte ) 0x0F ); buffer.put( sTime.getBytes() ); @@ -662,7 +662,7 @@ public class KrbError extends KerberosMe { StringBuilder sb = new StringBuilder(); - sb.append( "KRB-ERROR : {\n" ); + sb.append( "\nKRB-ERROR : {\n" ); sb.append( " pvno: " ).append( getProtocolVersionNumber() ).append( '\n' ); sb.append( " msgType: " ).append( getMessageType() ).append( '\n' ); Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/Ticket.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/Ticket.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/Ticket.java (original) +++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/messages/Ticket.java Wed Feb 6 22:46:42 2013 @@ -424,18 +424,27 @@ public class Ticket extends KerberosMess /** - * @see Object#toString() + * Pretty print the instance */ - public String toString() + public String toString( String tabs ) { StringBuilder sb = new StringBuilder(); - sb.append( "Ticket :\n" ); - sb.append( " tkt-vno : " ).append( getProtocolVersionNumber() ).append( "\n" ); - sb.append( " realm : " ).append( realm ).append( "\n" ); - sb.append( " sname : " ).append( sName ).append( "\n" ); - sb.append( " enc-part : " ).append( encPart ).append( "\n" ); + sb.append( tabs ).append( "Ticket :\n" ); + sb.append( tabs ).append( " tkt-vno : " ).append( getProtocolVersionNumber() ).append( "\n" ); + sb.append( tabs ).append( " realm : " ).append( realm ).append( "\n" ); + sb.append( tabs ).append( " sname : " ).append( sName ).append( "\n" ); + sb.append( tabs ).append( " enc-part : " ).append( encPart ).append( "\n" ); return sb.toString(); } + + + /** + * @see Object#toString() + */ + public String toString() + { + return toString( "" ); + } } Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/DirectoryPrincipalStore.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/DirectoryPrincipalStore.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/DirectoryPrincipalStore.java (original) +++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/DirectoryPrincipalStore.java Wed Feb 6 22:46:42 2013 @@ -59,9 +59,10 @@ public class DirectoryPrincipalStore imp /** The directory service backing store for this PrincipalStore. */ private final DirectoryService directoryService; private final Dn searchBaseDn; - + private CoreSession adminSession; - + + /** * Creates a new instance of DirectoryPrincipalStore. * @@ -78,62 +79,70 @@ public class DirectoryPrincipalStore imp /** * {@inheritDoc} */ - public void changePassword( KerberosPrincipal byPrincipal, KerberosPrincipal forPrincipal, String newPassword, boolean isInitialTicket ) throws ChangePasswordException + public void changePassword( KerberosPrincipal byPrincipal, KerberosPrincipal forPrincipal, String newPassword, + boolean isInitialTicket ) throws ChangePasswordException { try { Entry ebyPrincipalEntry = null; - + ebyPrincipalEntry = StoreUtils.findPrincipalEntry( adminSession, searchBaseDn, byPrincipal.getName() ); - - if( ebyPrincipalEntry == null ) + + if ( ebyPrincipalEntry == null ) { - throw new ChangePasswordException( ChangePasswdErrorType.KRB5_KPASSWD_HARDERROR, ( "No such principal " + byPrincipal ).getBytes() ); + throw new ChangePasswordException( ChangePasswdErrorType.KRB5_KPASSWD_HARDERROR, + ( "No such principal " + byPrincipal ).getBytes() ); } - + SchemaManager schemaManager = directoryService.getSchemaManager(); - + CoreSession bySession = null; - - boolean isAdmin = ebyPrincipalEntry.getDn().getNormName().equals( ServerDNConstants.ADMIN_SYSTEM_DN_NORMALIZED ); - + + boolean isAdmin = ebyPrincipalEntry.getDn().getNormName() + .equals( ServerDNConstants.ADMIN_SYSTEM_DN_NORMALIZED ); + if ( !isInitialTicket && !isAdmin ) { throw new ChangePasswordException( ChangePasswdErrorType.KRB5_KPASSWD_INITIAL_FLAG_NEEDED ); } // if admin assign the admin session - if( isAdmin ) + if ( isAdmin ) { bySession = adminSession; } // otherwise create a new session for the user with 'byPrincipal' who is trying to change the password for 'forPrincipal' else { - LdapPrincipal byLdapPrincipal = new LdapPrincipal( schemaManager, ebyPrincipalEntry.getDn(), AuthenticationLevel.SIMPLE ); - + LdapPrincipal byLdapPrincipal = new LdapPrincipal( schemaManager, ebyPrincipalEntry.getDn(), + AuthenticationLevel.SIMPLE ); + bySession = new DefaultCoreSession( byLdapPrincipal, directoryService ); } - + Attribute newPasswordAttribute = new DefaultAttribute( - schemaManager.lookupAttributeTypeRegistry( SchemaConstants.USER_PASSWORD_AT ), Strings.getBytesUtf8(newPassword) ); - Modification passwordMod = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE, newPasswordAttribute ); - - Attribute principalAttribute = new DefaultAttribute( - schemaManager.lookupAttributeTypeRegistry( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT ), forPrincipal.getName() ); - Modification principalMod = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE, principalAttribute ); - + schemaManager.lookupAttributeTypeRegistry( SchemaConstants.USER_PASSWORD_AT ), + Strings.getBytesUtf8( newPassword ) ); + Modification passwordMod = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE, + newPasswordAttribute ); + + Attribute principalAttribute = new DefaultAttribute( + schemaManager.lookupAttributeTypeRegistry( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT ), + forPrincipal.getName() ); + Modification principalMod = new DefaultModification( ModificationOperation.REPLACE_ATTRIBUTE, + principalAttribute ); + Entry forPrincipalEntry = StoreUtils.findPrincipalEntry( bySession, searchBaseDn, forPrincipal.getName() ); - + adminSession.modify( forPrincipalEntry.getDn(), passwordMod, principalMod ); } - catch( LdapException e ) + catch ( LdapException e ) { - throw new ChangePasswordException( ChangePasswdErrorType.KRB5_KPASSWD_ACCESSDENIED, e ); + throw new ChangePasswordException( ChangePasswdErrorType.KRB5_KPASSWD_ACCESSDENIED, e ); } - catch( Exception e ) + catch ( Exception e ) { - throw new ChangePasswordException( ChangePasswdErrorType.KRB5_KPASSWD_HARDERROR, e ); + throw new ChangePasswordException( ChangePasswdErrorType.KRB5_KPASSWD_HARDERROR, e ); } } Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcContext.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcContext.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcContext.java (original) +++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcContext.java Wed Feb 6 22:46:42 2013 @@ -32,18 +32,30 @@ import org.apache.directory.shared.kerbe /** + * The context used to store the collected and computed data while processing a + * kerberos message. + * * @author Apache Directory Project */ -public class KdcContext +public abstract class KdcContext { private static final long serialVersionUID = 6490030984626825108L; + /** The KDC server configuration */ private KerberosConfig config; private PrincipalStore store; + + /** The request being processed */ private KdcReq request; + + /** The kerberos response */ private KerberosMessage reply; + + /** The client IP address */ private InetAddress clientAddress; private CipherTextHandler cipherTextHandler; + + /** The encryption type */ private EncryptionType encryptionType; /** the replay cache */ @@ -177,6 +189,26 @@ public class KdcContext { this.encryptionType = encryptionType; } + + + /** + * @see Object#toString() + */ + public String toString() + { + StringBuilder sb = new StringBuilder(); + + sb.append( "Req : " ).append( request.toString( " " ) ); + sb.append( "Client address : " ).append( clientAddress ); + + if ( encryptionType != null ) + { + sb.append( '\n' ); + sb.append( "EncryptionType : " ).append( encryptionType ); + } + + return sb.toString(); + } /** Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationContext.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationContext.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationContext.java (original) +++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationContext.java Wed Feb 6 22:46:42 2013 @@ -35,12 +35,19 @@ public class AuthenticationContext exten { private static final long serialVersionUID = -2249170923251265359L; + /** The Kerberos Ticket associated to this context */ private Ticket ticket; + + /** The client key */ private EncryptionKey clientKey; + /** The client entry */ private PrincipalStoreEntry clientEntry; + + /** The server entry */ private PrincipalStoreEntry serverEntry; + /** Tell if we have had a pre-authentication */ private boolean isPreAuthenticated; @@ -150,4 +157,20 @@ public class AuthenticationContext exten { this.isPreAuthenticated = isPreAuthenticated; } + + + /** + * @see Object#toString() + */ + public String toString() + { + StringBuilder sb = new StringBuilder(); + + sb.append( "AuthenticationContext \n" ); + sb.append( super.toString() ).append( '\n' ); + sb.append( "PreAuth : " ).append( isPreAuthenticated ).append( "\n" ); + sb.append( "Client Entry : " ).append( clientEntry ).append( "\n" ); + + return sb.toString(); + } } Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java (original) +++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java Wed Feb 6 22:46:42 2013 @@ -55,8 +55,9 @@ import org.slf4j.LoggerFactory; */ public class KerberosProtocolHandler implements IoHandler { - /** The logger for this class */ - private static final Logger log = LoggerFactory.getLogger( KerberosProtocolHandler.class ); + /** The loggers for this class */ + private static final Logger LOG = LoggerFactory.getLogger( KerberosProtocolHandler.class ); + private static final Logger LOG_KRB = LoggerFactory.getLogger( "KERBEROS" ); /** The KDC server */ private KdcServer kdcServer; @@ -80,61 +81,106 @@ public class KerberosProtocolHandler imp } + /** + * {@inheritDoc} + */ public void sessionCreated( IoSession session ) throws Exception { - if ( log.isDebugEnabled() ) + if ( LOG.isDebugEnabled() ) + { + LOG.debug( "{} CREATED: {}", session.getRemoteAddress(), session.getTransportMetadata() ); + } + + if ( LOG_KRB.isDebugEnabled() ) { - log.debug( "{} CREATED: {}", session.getRemoteAddress(), session.getTransportMetadata() ); + LOG_KRB.debug( "{} CREATED: {}", session.getRemoteAddress(), session.getTransportMetadata() ); } } + /** + * {@inheritDoc} + */ public void sessionOpened( IoSession session ) { - if ( log.isDebugEnabled() ) + if ( LOG.isDebugEnabled() ) + { + LOG.debug( "{} OPENED", session.getRemoteAddress() ); + } + + if ( LOG_KRB.isDebugEnabled() ) { - log.debug( "{} OPENED", session.getRemoteAddress() ); + LOG_KRB.debug( "{} OPENED", session.getRemoteAddress() ); } } + /** + * {@inheritDoc} + */ public void sessionClosed( IoSession session ) { - if ( log.isDebugEnabled() ) + if ( LOG.isDebugEnabled() ) { - log.debug( "{} CLOSED", session.getRemoteAddress() ); + LOG.debug( "{} CLOSED", session.getRemoteAddress() ); + } + + if ( LOG_KRB.isDebugEnabled() ) + { + LOG_KRB.debug( "{} CLOSED", session.getRemoteAddress() ); } } + /** + * {@inheritDoc} + */ public void sessionIdle( IoSession session, IdleStatus status ) { - if ( log.isDebugEnabled() ) + if ( LOG.isDebugEnabled() ) { - log.debug( "{} IDLE ({})", session.getRemoteAddress(), status ); + LOG.debug( "{} IDLE ({})", session.getRemoteAddress(), status ); + } + + if ( LOG_KRB.isDebugEnabled() ) + { + LOG_KRB.debug( "{} IDLE ({})", session.getRemoteAddress(), status ); } } + /** + * {@inheritDoc} + */ public void exceptionCaught( IoSession session, Throwable cause ) { - log.error( session.getRemoteAddress() + " EXCEPTION", cause ); + LOG.error( "{} EXCEPTION", session.getRemoteAddress(), cause ); + LOG_KRB.error( "{} EXCEPTION", session.getRemoteAddress(), cause ); session.close( true ); } + /** + * {@inheritDoc} + */ public void messageReceived( IoSession session, Object message ) { - if ( log.isDebugEnabled() ) + if ( LOG.isDebugEnabled() ) + { + LOG.debug( "{} RCVD: {}", session.getRemoteAddress(), message ); + } + + if ( LOG_KRB.isDebugEnabled() ) { - log.debug( "{} RCVD: {}", session.getRemoteAddress(), message ); + LOG_KRB.debug( "{} RCVD: {}", session.getRemoteAddress(), message ); } InetAddress clientAddress = ( ( InetSocketAddress ) session.getRemoteAddress() ).getAddress(); if ( !( message instanceof KdcReq ) ) { - log.error( I18n.err( I18n.ERR_152, ErrorType.KRB_AP_ERR_BADDIRECTION ) ); + LOG.error( I18n.err( I18n.ERR_152, ErrorType.KRB_AP_ERR_BADDIRECTION ) ); + LOG_KRB.error( I18n.err( I18n.ERR_152, ErrorType.KRB_AP_ERR_BADDIRECTION ) ); session.write( getErrorMessage( kdcServer.getConfig().getServicePrincipal(), new KerberosException( ErrorType.KRB_AP_ERR_BADDIRECTION ) ) ); @@ -159,6 +205,8 @@ public class KerberosProtocolHandler imp AuthenticationService.execute( authContext ); + LOG_KRB.debug( "AuthenticationContext for AS_REQ : \n{}", authContext ); + session.write( authContext.getReply() ); break; @@ -173,6 +221,8 @@ public class KerberosProtocolHandler imp TicketGrantingService.execute( tgsContext ); + LOG_KRB.debug( "TGSContext for TGS_REQ : \n {}", tgsContext ); + session.write( tgsContext.getReply() ); break; @@ -188,27 +238,19 @@ public class KerberosProtocolHandler imp { String messageText = ke.getLocalizedMessage() + " (" + ke.getErrorCode() + ")"; - if ( log.isDebugEnabled() ) - { - log.warn( messageText, ke ); - } - else - { - log.warn( messageText ); - } + LOG.warn( messageText, ke ); + LOG_KRB.warn( messageText, ke ); KrbError error = getErrorMessage( kdcServer.getConfig().getServicePrincipal(), ke ); - if ( log.isDebugEnabled() ) - { - logErrorMessage( error ); - } + logErrorMessage( error ); session.write( error ); } catch ( Exception e ) { - log.error( I18n.err( I18n.ERR_152, e.getLocalizedMessage() ), e ); + LOG.error( I18n.err( I18n.ERR_152, e.getLocalizedMessage() ), e ); + LOG_KRB.error( I18n.err( I18n.ERR_152, e.getLocalizedMessage() ), e ); session.write( getErrorMessage( kdcServer.getConfig().getServicePrincipal(), new KerberosException( ErrorType.KDC_ERR_SVC_UNAVAILABLE ) ) ); @@ -216,15 +258,30 @@ public class KerberosProtocolHandler imp } + /** + * {@inheritDoc} + */ public void messageSent( IoSession session, Object message ) { - if ( log.isDebugEnabled() ) + if ( LOG.isDebugEnabled() ) + { + LOG.debug( "{} SENT: {}", session.getRemoteAddress(), message ); + } + + if ( LOG_KRB.isDebugEnabled() ) { - log.debug( "{} SENT: {}", session.getRemoteAddress(), message ); + LOG_KRB.debug( "{} SENT: {}", session.getRemoteAddress(), message ); } } + /** + * Construct an error message given some conditions + * + * @param principal The Kerberos Principal + * @param exception The Exception we've got + * @return The resulting KrbError + */ protected KrbError getErrorMessage( KerberosPrincipal principal, KerberosException exception ) { KrbError krbError = new KrbError(); @@ -243,11 +300,16 @@ public class KerberosProtocolHandler imp } + /** + * Creates an explicit error message + * The error we've get + * @param error + */ protected void logErrorMessage( KrbError error ) { try { - StringBuffer sb = new StringBuffer(); + StringBuilder sb = new StringBuilder(); sb.append( "Responding to request with error:" ); sb.append( "\n\t" + "explanatory text: " + error.getEText() ); @@ -257,12 +319,16 @@ public class KerberosProtocolHandler imp sb.append( "\n\t" + "serverPrincipal: " + error.getSName() ).append( "@" ).append( error.getRealm() ); sb.append( "\n\t" + "server time: " + error.getSTime() ); - log.debug( sb.toString() ); + String message = sb.toString(); + + LOG.debug( message ); + LOG_KRB.debug( message ); } catch ( Exception e ) { // This is a monitor. No exceptions should bubble up. - log.error( I18n.err( I18n.ERR_155 ), e ); + LOG.error( I18n.err( I18n.ERR_155 ), e ); + LOG_KRB.error( I18n.err( I18n.ERR_155 ), e ); } } } Modified: directory/shared/trunk/ldap/model/src/test/java/org/apache/directory/api/ldap/model/entry/EntrySerializationTest.java URL: http://svn.apache.org/viewvc/directory/shared/trunk/ldap/model/src/test/java/org/apache/directory/api/ldap/model/entry/EntrySerializationTest.java?rev=1443255&r1=1443254&r2=1443255&view=diff ============================================================================== --- directory/shared/trunk/ldap/model/src/test/java/org/apache/directory/api/ldap/model/entry/EntrySerializationTest.java (original) +++ directory/shared/trunk/ldap/model/src/test/java/org/apache/directory/api/ldap/model/entry/EntrySerializationTest.java Wed Feb 6 22:46:42 2013 @@ -29,8 +29,6 @@ import java.io.IOException; import java.io.ObjectInputStream; import java.io.ObjectOutputStream; -import org.apache.directory.api.ldap.model.entry.DefaultEntry; -import org.apache.directory.api.ldap.model.entry.Entry; import org.apache.directory.api.ldap.model.exception.LdapException; import org.junit.Test; import org.junit.runner.RunWith;