Denis Mikhalkin created DIRSERVER-1987:
------------------------------------------
Summary: Only one authenticator of particular type is (randomly)
configured during initialization
Key: DIRSERVER-1987
URL: https://issues.apache.org/jira/browse/DIRSERVER-1987
Project: Directory ApacheDS
Issue Type: Bug
Components: core
Affects Versions: 2.0.0-M17
Reporter: Denis Mikhalkin
I've developed a custom authenticator of type SIMPLE. ApacheDS already has a
default SimpleAuthenticator. I've added my authenticator to the configuration
at
ou=authenticators,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
Authenticator gets created (constructor is called) but the doInit method gets
called only once sometime, and then with null directory service. Sometimes
everything just works.
I debugged the issue and found the following piece of code in
AuthenticationInterceptor.register:
{code:java}
Collection<Authenticator> authenticatorList = getAuthenticators(
authenticator.getAuthenticatorType() );
if ( authenticatorList == null )
{
authenticatorList = new ArrayList<Authenticator>();
authenticatorsMapByType.put( authenticator.getAuthenticatorType(),
authenticatorList );
authenticators.add( authenticator );
}
if ( !authenticatorList.contains( authenticator ) )
{
authenticatorList.add( authenticator );
}
{code}
1. It first gets a list of existing authenticator of particular type. Let's say
there is already one authenticator of such type (say SimpleAuthenticator). The
list will be non-empty
2. Because the list is non-empty, the if statement is skipped
3. Because the list does not contain the second authenticator, it gets added to
the list. This list is in the map authenticatorsMapByType, so the authenticator
is registered in the map-by-type
BUT, since the if statement was skipped, the second authenticator is not added
to the list of all authenticators at "this.authenticators". So when the
authenticators are later initialized with directoryService and invoked, the
second authenticator is not in action.
The randomness of the behavior is associated with the order of authenticators
which are passed in into AuthenticationInterceptor.setAuthenticators. If my
authenticator is the first one, SimpleAuthenticator will be skipped. If my one
is the second, it gets skipped.
I'm not sure what is the expected behavior, but if all authenticators should be
active, the code should be modified as follows:
{code:java}
Collection<Authenticator> authenticatorList = getAuthenticators(
authenticator.getAuthenticatorType() );
if ( authenticatorList == null )
{
authenticatorList = new ArrayList<Authenticator>();
authenticatorsMapByType.put( authenticator.getAuthenticatorType(),
authenticatorList );
}
if ( !authenticatorList.contains( authenticator ) )
{
authenticatorList.add( authenticator );
authenticators.add( authenticator );
}
{code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
