Return-Path: 
 <dev-return-37789-apmail-directory-dev-archive=directory.apache.org@directory.apache.org>
X-Original-To: apmail-directory-dev-archive@www.apache.org
Delivered-To: apmail-directory-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id E34911F51
	for <apmail-directory-dev-archive@www.apache.org>;
 Tue, 19 Apr 2011 13:00:36 +0000 (UTC)
Received: (qmail 82996 invoked by uid 500); 19 Apr 2011 07:33:56 -0000
Delivered-To: apmail-directory-dev-archive@directory.apache.org
Received: (qmail 82780 invoked by uid 500); 19 Apr 2011 07:33:54 -0000
Mailing-List: contact dev-help@directory.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@directory.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@directory.apache.org>
List-Post: <mailto:dev@directory.apache.org>
List-Id: <dev.directory.apache.org>
Reply-To: "Apache Directory Developers List" <dev@directory.apache.org>
Delivered-To: mailing list dev@directory.apache.org
Received: (qmail 82767 invoked by uid 99); 19 Apr 2011 07:33:52 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 19 Apr 2011 07:33:51 +0000
X-ASF-Spam-Status: No, hits=-0.7 required=5.0
	tests=FREEMAIL_FROM,MIME_QP_LONG_LINE,RCVD_IN_DNSWL_LOW,RFC_ABUSE_POST,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of pajbam@gmail.com designates
 74.125.82.42 as permitted sender)
Received: from [74.125.82.42] (HELO mail-ww0-f42.google.com) (74.125.82.42)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 19 Apr 2011 07:33:44 +0000
Received: by wwk4 with SMTP id 4so2651241wwk.1
        for <dev@directory.apache.org>; Tue, 19 Apr 2011 00:33:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:sender:content-type:mime-version:subject:from
         :in-reply-to:date:content-transfer-encoding:message-id:references:to
         :x-mailer;
        bh=aBJ8ZC+vGEdR3Bhsxln2/bCNIt7oyKEQ6Ra5PHsGnTQ=;
        b=K5g7e00+lda0RphdWlTt1PM9P1mzXX6jkCJYR/EzUQb9KMHCLzQVtFJj1Yb5ANfQ3p
         L4hSEID8RUWRsYUCu9hL6xD2aw36MibgO3GBbqISsZjcwV10y2qsuyHg7UwlAbESQc4W
         4AIgmT5+7RGaxSw0odUFX7i38ta1nKeN8MjnY=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=sender:content-type:mime-version:subject:from:in-reply-to:date
         :content-transfer-encoding:message-id:references:to:x-mailer;
        b=s46rEHlaVyRftp4zaaNz/diL83kzjJBJ/uquIppdgwjdS0KC3Swyn/ENNMSNhQkUhb
         yAgsBSn5jZZ9bg0exj0kzYZ6uvbtnrxoi82CeATfQ9BBLlzOYJyWwiTkGxcX3t9Ufhaq
         ltsThP4o2V7g+hYL9ONT+SYhFKakAlZ9DfYbA=
Received: by 10.216.79.1 with SMTP id h1mr5571985wee.103.1303198402613;
        Tue, 19 Apr 2011 00:33:22 -0700 (PDT)
Received: from [10.0.1.2] (def92-4-82-225-58-213.fbx.proxad.net
 [82.225.58.213])
        by mx.google.com with ESMTPS id g46sm1786132wes.16.2011.04.19.00.33.20
        (version=TLSv1/SSLv3 cipher=OTHER);
        Tue, 19 Apr 2011 00:33:21 -0700 (PDT)
Sender: Pierre-Arnaud Marcelot <pajbam@gmail.com>
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Apple Message framework v1084)
Subject: Re: svn commit: r1094786 - in /directory/apacheds/trunk:
 server-config/src/main/java/org/apache/directory/server/config/
 server-config/src/main/java/org/apache/directory/server/config/beans/
 server-config/src/main/resources/ service-builder/src/main/java/o...
From: Pierre-Arnaud Marcelot <pa@marcelot.net>
In-Reply-To: <20110418215029.EFE322388906@eris.apache.org>
Date: Tue, 19 Apr 2011 09:33:19 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <1B8597D5-4495-4080-9410-C3219723EB20@marcelot.net>
References: <20110418215029.EFE322388906@eris.apache.org>
To: dev@directory.apache.org
X-Mailer: Apple Mail (2.1084)

Hi Kiran,

I'm wondering if the Bean itself should not be renamed from =
'PasswordPolicyBean' to 'PasswordPoliciesBean' to allow the ConfigReader =
to work.

WDYT?

Regards,
Pierre-Arnaud

On 18 avr. 2011, at 23:50, kayyagari@apache.org wrote:

> Author: kayyagari
> Date: Mon Apr 18 21:50:29 2011
> New Revision: 1094786
>=20
> URL: http://svn.apache.org/viewvc?rev=3D1094786&view=3Drev
> Log:
> o added a new container for password policies in config file
> o added support for reading multiple password policies
>=20
> Modified:
>    =
directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/=
server/config/ConfigPartitionReader.java
>    =
directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/=
server/config/beans/DirectoryServiceBean.java
>    =
directory/apacheds/trunk/server-config/src/main/resources/config.ldif
>    =
directory/apacheds/trunk/service-builder/src/main/java/org/apache/director=
y/server/config/ServiceBuilder.java
>=20
> Modified: =
directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/=
server/config/ConfigPartitionReader.java
> URL: =
http://svn.apache.org/viewvc/directory/apacheds/trunk/server-config/src/ma=
in/java/org/apache/directory/server/config/ConfigPartitionReader.java?rev=3D=
1094786&r1=3D1094785&r2=3D1094786&view=3Ddiff
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
> --- =
directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/=
server/config/ConfigPartitionReader.java (original)
> +++ =
directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/=
server/config/ConfigPartitionReader.java Mon Apr 18 21:50:29 2011
> @@ -573,7 +573,13 @@ public class ConfigPartitionReader
>                     {
>                         // Try by removing 'es'
>                         attributeName =3D fieldName.substring( 0, =
fieldName.length() - 2 );
> -
> +                       =20
> +                        // if not found try by removing 'ies' and =
adding 'y' , e.x ads-passwordPolicies
> +                        if ( fieldName.endsWith( "ies" ) && =
!schemaManager.getObjectClassRegistry().contains( attributeName ) )
> +                        {
> +                            attributeName =3D fieldName.substring( 0, =
fieldName.length() - 3 ) + "y";
> +                        }
> +                       =20
>                         if ( =
!schemaManager.getObjectClassRegistry().contains( attributeName ) )
>                         {
>                             String message =3D "Cannot find the =
ObjectClass named " + attributeName + " in the schema";
>=20
> Modified: =
directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/=
server/config/beans/DirectoryServiceBean.java
> URL: =
http://svn.apache.org/viewvc/directory/apacheds/trunk/server-config/src/ma=
in/java/org/apache/directory/server/config/beans/DirectoryServiceBean.java=
?rev=3D1094786&r1=3D1094785&r2=3D1094786&view=3Ddiff
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
> --- =
directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/=
server/config/beans/DirectoryServiceBean.java (original)
> +++ =
directory/apacheds/trunk/server-config/src/main/java/org/apache/directory/=
server/config/beans/DirectoryServiceBean.java Mon Apr 18 21:50:29 2011
> @@ -90,8 +90,8 @@ public class DirectoryServiceBean extend
>     private List<PartitionBean> partitions =3D new =
ArrayList<PartitionBean>();
>=20
>     /** The reference to the Password Policy component */
> -    @ConfigurationElement
> -    private PasswordPolicyBean passwordPolicy;
> +    @ConfigurationElement(attributeType =3D "ads-passwordPolicies", =
container =3D "passwordPolicies")
> +    private List<PasswordPolicyBean> passwordPolicies =3D new =
ArrayList<PasswordPolicyBean>();
>=20
>=20
>     /**
> @@ -524,24 +524,36 @@ public class DirectoryServiceBean extend
>=20
>=20
>     /**
> -     * @return the passwordPolicy
> +     * @return the passwordPolicies
>      */
> -    public PasswordPolicyBean getPasswordPolicy()
> +    public List<PasswordPolicyBean> getPasswordPolicies()
>     {
> -        return passwordPolicy;
> +        return passwordPolicies;
>     }
>=20
>=20
>     /**
> -     * @param passwordPolicy the passwordPolicy to set
> +     * @param passwordPolicies the pwdPolicies to set
>      */
> -    public void setPasswordPolicy( PasswordPolicyBean passwordPolicy =
)
> +    public void setPasswordPolicies( List<PasswordPolicyBean> =
passwordPolicies )
>     {
> -        this.passwordPolicy =3D passwordPolicy;
> +        this.passwordPolicies =3D passwordPolicies;
>     }
>=20
>=20
>     /**
> +     * @param ppolicies the password policies to add
> +     */
> +    public void addPasswordPolicies( PasswordPolicyBean... ppolicies =
)
> +    {
> +        for ( PasswordPolicyBean ppolicy : ppolicies )
> +        {
> +            this.passwordPolicies.add( ppolicy );
> +        }
> +    }
> +
> +   =20
> +    /**
>      * {@inheritDoc}
>      */
>     public String toString()
> @@ -592,9 +604,12 @@ public class DirectoryServiceBean extend
>             sb.append( changeLog.toString( "  " ) );
>         }
>=20
> -        if ( passwordPolicy !=3D null )
> +        if ( ( passwordPolicies !=3D null ) && ( =
passwordPolicies.size() > 0 ) )
>         {
> -            sb.append( passwordPolicy.toString( "  " ) );
> +            for ( PasswordPolicyBean ppolicy : passwordPolicies )
> +            {
> +                sb.append( ppolicy.toString( "    " ) );
> +            }
>         }
>=20
>         sb.append( "  servers : \n" );
>=20
> Modified: =
directory/apacheds/trunk/server-config/src/main/resources/config.ldif
> URL: =
http://svn.apache.org/viewvc/directory/apacheds/trunk/server-config/src/ma=
in/resources/config.ldif?rev=3D1094786&r1=3D1094785&r2=3D1094786&view=3Ddi=
ff
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
> --- =
directory/apacheds/trunk/server-config/src/main/resources/config.ldif =
(original)
> +++ =
directory/apacheds/trunk/server-config/src/main/resources/config.ldif =
Mon Apr 18 21:50:29 2011
> @@ -23,6 +23,7 @@ ads-servers: ldapServer
> ads-servers: ntpServer
> ads-partitions: example
> ads-partitions: system
> +ads-passwordPolicies: default
> ads-interceptors: aciAuthorizationInterceptor
> ads-interceptors: authenticationInterceptor
> ads-interceptors: collectiveAttributeInterceptor
> @@ -216,11 +217,16 @@ ads-interceptorclassname: org.apache.dir
> ads-interceptorid: triggerInterceptor
> ads-enabled: TRUE
>=20
> -dn: ads-pwdId=3DpwdPolicy,ads-directoryServiceId=3Ddefault,ou=3Dconfig
> +dn: ou=3DpasswordPolicies,ads-directoryServiceId=3Ddefault,ou=3Dconfig
> +objectClass: organizationalUnit
> +objectClass: top
> +ou: passwordPolicies
> +
> +dn: =
ads-pwdId=3Ddefault,ou=3DpasswordPolicies,ads-directoryServiceId=3Ddefault=
,ou=3Dconfig
> objectClass: top
> objectClass: ads-base
> objectClass: ads-passwordPolicy
> -ads-pwdId: pwdPolicy
> +ads-pwdId: default
> ads-pwdSafeModify: FALSE
> ads-pwdMaxAge: 0
> ads-pwdFailureCountInterval: 30
>=20
> Modified: =
directory/apacheds/trunk/service-builder/src/main/java/org/apache/director=
y/server/config/ServiceBuilder.java
> URL: =
http://svn.apache.org/viewvc/directory/apacheds/trunk/service-builder/src/=
main/java/org/apache/directory/server/config/ServiceBuilder.java?rev=3D109=
4786&r1=3D1094785&r2=3D1094786&view=3Ddiff
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
> --- =
directory/apacheds/trunk/service-builder/src/main/java/org/apache/director=
y/server/config/ServiceBuilder.java (original)
> +++ =
directory/apacheds/trunk/service-builder/src/main/java/org/apache/director=
y/server/config/ServiceBuilder.java Mon Apr 18 21:50:29 2011
> @@ -1270,16 +1270,30 @@ public class ServiceBuilder
>             directoryService.setJournal( jl );
>         }
>=20
> -        // password policy
> -        // TODO add support for reading multiple policies from the =
config
> -        PasswordPolicyConfiguration pPolicyConfig =3D =
createPwdPolicyConfig( directoryServiceBean.getPasswordPolicy() );
> -        if ( pPolicyConfig !=3D null )
> +        // password policies
> +        List<PasswordPolicyBean> ppolicyBeans =3D =
directoryServiceBean.getPasswordPolicies();
> +        PpolicyConfigContainer ppolicyContainer =3D new  =
PpolicyConfigContainer();
> +
> +        for ( PasswordPolicyBean ppolicyBean : ppolicyBeans )
>         {
> -            PpolicyConfigContainer pPolicies =3D new  =
PpolicyConfigContainer();
> -            pPolicies.setDefaultPolicy( pPolicyConfig );
> -            directoryService.setPwdPolicies( pPolicies );
> +            PasswordPolicyConfiguration ppolicyConfig =3D =
createPwdPolicyConfig( ppolicyBean );
> +           =20
> +            if ( ppolicyConfig !=3D null )
> +            {
> +                // the name should be strictly 'default', the default =
policy can't be enforced by defining a new AT
> +                if ( ppolicyBean.getPwdId().equalsIgnoreCase( =
"default" ) )
> +                {
> +                    ppolicyContainer.setDefaultPolicy( ppolicyConfig =
);
> +                }
> +                else
> +                {
> +                    ppolicyContainer.addPolicy( ppolicyBean.getDn(), =
ppolicyConfig );
> +                }
> +            }
>         }
>=20
> +        directoryService.setPwdPolicies( ppolicyContainer );
> +       =20
>         // MaxPDUSize
>         directoryService.setMaxPDUSize( =
directoryServiceBean.getDsMaxPDUSize() );
>=20
>=20
>=20