directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James C. Wu (JIRA)" <j...@apache.org>
Subject [jira] [Reopened] (DIRSERVER-1829) bug in initializing authenticators for AuthenticatorInterceptor
Date Sat, 25 May 2013 00:08:20 GMT

     [ https://issues.apache.org/jira/browse/DIRSERVER-1829?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

James C. Wu reopened DIRSERVER-1829:
------------------------------------


this bug is still there.
                
> bug in initializing authenticators for AuthenticatorInterceptor
> ---------------------------------------------------------------
>
>                 Key: DIRSERVER-1829
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1829
>             Project: Directory ApacheDS
>          Issue Type: Bug
>    Affects Versions: 2.0.0-M11
>            Reporter: James C. Wu
>            Priority: Minor
>             Fix For: 2.0.0-RC1
>
>
> Le 4/16/13 8:05 PM, Wu, James C. a écrit :
> > Hi,
> >
> > I am looking at this two method definition in the AuthenticationInterceptor.java
class.  This two method should both set to the authenticators for the interceptor to the input
given in the parameter given both are a setter.  However, the logic of method body of these
two methods are quite different. The first method just set the member variable (authenticators)
to the input parameters, while the second method will register the authenticator and strangely
enough, it does not set the member variable (authenticators) to the input parameter.
> >
> >     /**
> >      * @param authenticators authenticators to be used by this AuthenticationInterceptor
> >      */
> >     public void setAuthenticators( Set<Authenticator> authenticators )
> >     {
> >         if ( authenticators == null )
> >         {
> >             this.authenticators.clear();
> >         }
> >         else
> >         {
> >             this.authenticators = authenticators;
> >         }
> >     }
> >
> >
> >     /**
> >      * @param authenticators authenticators to be used by this AuthenticationInterceptor
> >      */
> >     public void setAuthenticators( Authenticator[] authenticators )
> >     {
> >         if ( authenticators == null )
> >         {
> >             throw new IllegalArgumentException( "The given authenticators set is
null" );
> >         }
> >
> >         this.authenticators.clear();
> >         this.authenticatorsMapByType.clear();
> >
> >         for ( Authenticator authenticator : authenticators )
> >         {
> >             try
> >             {
> >                 register( authenticator, directoryService );
> >             }
> >             catch ( LdapException le )
> >             {
> >                 LOG.error( "Cannot register authenticator {}", authenticator );
> >             }
> >         }
> >     }
> >
> >
> > I traced the execution of the start of the apacheds service. During the startup
of the apacheds service, three authenticators will be created, and the setAuthenticators(
Authenticator[] authenticators ) method will be called. But due to the fact that, the member
variable authenticators is not set, when the execution gets to init method of the authenticatorinterceptor,
three new default authenticator will be created because the authenticators is null and default
authenticators are created. Now we have six authenticators. Three of them (Simple, Strong,
Anonymous) created by the setDefaultAuthenticators are in the authenticators list, the other
three (Simple, Strong, Anonymous) created by createInterceptors  in the ServiceBuilder class
are in the authenticatorsMapByType map.
> >
> > I am thinking this is a bug. First of all, these two methods should behave in the
same way. Second, we should not have duplicated authenticators, plus the three authenticators
created by the createInterceptors   method in the ServiceBuilder class is not properly initialized.
Their directoryService field is null.
> This is clearly a wrong initialization. My understanding is that we have stacked layers
on top of layers during years, but never cleaned up the class.
> I also modified this code 8 weeks ago, I don't remember why I change it this way (cf
http://svn.apache.org/viewvc/directory/apacheds/trunk/interceptors/authn/src/main/java/org/apache/directory/server/core/authn/AuthenticationInterceptor.java?r1=1424688&r2=1446503&diff_format=h),
> but this is clearly wrong...

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message