Author: erodriguez
Date: Sat Mar 12 12:27:45 2005
New Revision: 157276
URL: http://svn.apache.org/viewcvs?view=rev&rev=157276
Log:
Moved PasswordStore interface to kerberos-store component.
Removed:
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/store/
Modified:
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/protocol/ChangePasswordProtocolHandler.java
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/protocol/ChangePasswordProtocolProvider.java
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/service/ChangePasswordServiceImpl.java
Modified:
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/protocol/ChangePasswordProtocolHandler.java
URL:
http://svn.apache.org/viewcvs/incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/protocol/ChangePasswordProtocolHandler.java?view=diff&r1=157275&r2=157276
==============================================================================
---
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/protocol/ChangePasswordProtocolHandler.java
(original)
+++
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/protocol/ChangePasswordProtocolHandler.java
Sat Mar 12 12:27:45 2005
@@ -21,9 +21,9 @@
import org.apache.changepw.messages.ChangePasswordReply;
import org.apache.changepw.messages.ChangePasswordRequest;
import org.apache.changepw.service.ChangePasswordServiceImpl;
-import org.apache.changepw.store.PasswordStore;
import org.apache.kerberos.kdc.KdcConfiguration;
import org.apache.kerberos.kdc.store.PrincipalStore;
+import org.apache.kerberos.store.PasswordStore;
import org.apache.mina.common.IdleStatus;
import org.apache.mina.protocol.ProtocolHandler;
import org.apache.mina.protocol.ProtocolSession;
@@ -31,17 +31,20 @@
public class ChangePasswordProtocolHandler implements ProtocolHandler
{
- private PasswordStore store;
- private PrincipalStore bootstrap;
private KdcConfiguration config;
+ private PrincipalStore store;
+ private PasswordStore change;
- public ChangePasswordProtocolHandler( PasswordStore store,
PrincipalStore bootstrap, KdcConfiguration config )
+
+ public ChangePasswordProtocolHandler( KdcConfiguration config,
PrincipalStore store,
+ PasswordStore change )
{
- this.store = store;
- this.bootstrap = bootstrap;
- this.config = config;
+ this.config = config;
+ this.store = store;
+ this.change = change;
}
-
+
+
public void sessionOpened( ProtocolSession session )
{
System.out.println( session.getRemoteAddress() + " OPENED" );
@@ -69,7 +72,7 @@
{
System.out.println( session.getRemoteAddress() + " RCVD: " + message );
- ChangePasswordService changepwService = new ChangePasswordServiceImpl(
store, bootstrap, config );
+ ChangePasswordService changepwService = new ChangePasswordServiceImpl(
config, store, change );
try
{
Modified:
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/protocol/ChangePasswordProtocolProvider.java
URL:
http://svn.apache.org/viewcvs/incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/protocol/ChangePasswordProtocolProvider.java?view=diff&r1=157275&r2=157276
==============================================================================
---
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/protocol/ChangePasswordProtocolProvider.java
(original)
+++
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/protocol/ChangePasswordProtocolProvider.java
Sat Mar 12 12:27:45 2005
@@ -17,9 +17,9 @@
package org.apache.changepw.protocol;
-import org.apache.changepw.store.PasswordStore;
import org.apache.kerberos.kdc.KdcConfiguration;
import org.apache.kerberos.kdc.store.PrincipalStore;
+import org.apache.kerberos.store.PasswordStore;
import org.apache.mina.protocol.ProtocolCodecFactory;
import org.apache.mina.protocol.ProtocolDecoder;
import org.apache.mina.protocol.ProtocolEncoder;
@@ -29,20 +29,9 @@
public class ChangePasswordProtocolProvider implements ProtocolProvider
{
- private PasswordStore store;
- private PrincipalStore bootstrap;
- private KdcConfiguration config;
-
- public ChangePasswordProtocolProvider( PasswordStore store,
PrincipalStore bootstrap, KdcConfiguration config )
- {
- this.store = store;
- this.bootstrap = bootstrap;
- this.config = config;
- }
-
// Protocol handler is usually a singleton.
- private ProtocolHandler HANDLER = new ChangePasswordProtocolHandler(
store, bootstrap, config );
-
+ private ProtocolHandler HANDLER;
+
// Codec factory is also usually a singleton.
private static ProtocolCodecFactory CODEC_FACTORY = new
ProtocolCodecFactory()
{
@@ -58,7 +47,15 @@
return new ChangePasswordDecoder();
}
};
-
+
+
+ public ChangePasswordProtocolProvider( KdcConfiguration config,
PrincipalStore store,
+ PasswordStore change )
+ {
+ HANDLER = new ChangePasswordProtocolHandler( config, store,
change );
+ }
+
+
public ProtocolCodecFactory getCodecFactory()
{
return CODEC_FACTORY;
Modified:
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/service/ChangePasswordServiceImpl.java
URL:
http://svn.apache.org/viewcvs/incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/service/ChangePasswordServiceImpl.java?view=diff&r1=157275&r2=157276
==============================================================================
---
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/service/ChangePasswordServiceImpl.java
(original)
+++
incubator/directory/protocols/changepw/trunk/core/src/java/org/apache/changepw/service/ChangePasswordServiceImpl.java
Sat Mar 12 12:27:45 2005
@@ -29,7 +29,6 @@
import org.apache.changepw.messages.ChangePasswordReply;
import org.apache.changepw.messages.ChangePasswordReplyModifier;
import org.apache.changepw.messages.ChangePasswordRequest;
-import org.apache.changepw.store.PasswordStore;
import org.apache.changepw.value.ChangePasswordData;
import org.apache.changepw.value.ChangePasswordDataModifier;
import org.apache.kerberos.crypto.encryption.EncryptionEngine;
@@ -53,6 +52,7 @@
import org.apache.kerberos.messages.value.EncryptedData;
import org.apache.kerberos.messages.value.EncryptionKey;
import org.apache.kerberos.messages.value.HostAddress;
+import org.apache.kerberos.store.PasswordStore;
/**
@@ -61,26 +61,28 @@
public class ChangePasswordServiceImpl extends KerberosService implements
ChangePasswordService
{
private KdcConfiguration config;
- private PasswordStore store;
+ private PasswordStore change;
- public ChangePasswordServiceImpl( PasswordStore store, PrincipalStore
bootstrap, KdcConfiguration config )
+ public ChangePasswordServiceImpl( KdcConfiguration config,
PrincipalStore store, PasswordStore change )
{
- super( config, bootstrap );
+ super( config, store );
- this.store = store;
- this.config = config;
+ this.config = config;
+ this.change = change;
}
- public ChangePasswordReply getReplyFor(ChangePasswordRequest request)
+ public ChangePasswordReply getReplyFor( ChangePasswordRequest request )
throws KerberosException, IOException
{
ApplicationRequest authHeader = request.getAuthHeader();
Ticket ticket = authHeader.getTicket();
- Authenticator authenticator = verifyAuthHeader(authHeader,
ticket);
+ System.out.println( "Ticket principal " +
ticket.getServerPrincipal() );
- verifyTicket(ticket, config.getChangepwPrincipal());
+ Authenticator authenticator = verifyAuthHeader( authHeader,
ticket );
+
+ verifyTicket( ticket, config.getChangepwPrincipal() );
// TODO - check ticket is for service authorized to change
passwords
//
ticket.getServerPrincipal().getName().equals(config.getChangepwPrincipal().getName()));
@@ -93,29 +95,35 @@
// getDecryptedData the request's private message with the
subsession key
EncryptedData encReqPrivPart =
request.getPrivateMessage().getEncryptedPart();
EncKrbPrivPart privatePart;
- try {
+ try
+ {
EncryptionEngine engine =
EncryptionEngineFactory.getEncryptionEngineFor( sessionKey );
-
- byte[] decPrivPart =
engine.getDecryptedData(sessionKey, encReqPrivPart);
-
+
+ byte[] decPrivPart = engine.getDecryptedData(
sessionKey, encReqPrivPart );
+
EncKrbPrivPartDecoder privDecoder = new
EncKrbPrivPartDecoder();
- privatePart = privDecoder.decode(decPrivPart);
- } catch (KerberosException ke) {
+ privatePart = privDecoder.decode( decPrivPart );
+ }
+ catch (KerberosException ke)
+ {
ke.printStackTrace();
throw ChangePasswordException.KRB5_KPASSWD_AUTHERROR;
}
ChangePasswordData passwordData = null;
- if (request.getProtocolVersionNumber() == (short)1) {
+ if ( request.getProtocolVersionNumber() == (short)1 )
+ {
// Use protocol version 0x0001, the legacy Kerberos
change password protocol
ChangePasswordDataModifier modifier = new
ChangePasswordDataModifier();
- modifier.setNewPassword(privatePart.getUserData());
+ modifier.setNewPassword( privatePart.getUserData() );
passwordData = modifier.getChangePasswdData();
- } else {
+ }
+ else
+ {
// Use protocol version 0xFF80, the
backwards-compatible MS protocol
ChangePasswordDataDecoder passwordDecoder = new
ChangePasswordDataDecoder();
- passwordData =
passwordDecoder.decodeChangePasswordData(privatePart.getUserData());
+ passwordData =
passwordDecoder.decodeChangePasswordData( privatePart.getUserData() );
}
// usec and seq-number must be present per MS but aren't in
legacy kpasswd
@@ -123,63 +131,77 @@
// ignore r-address
// generate key from password
- String password = new String(passwordData.getNewPassword());
+ String password = new String( passwordData.getNewPassword() );
KerberosPrincipal clientPrincipal =
authenticator.getClientPrincipal();
- KerberosKey newKey = new KerberosKey(clientPrincipal,
password.toCharArray(), "DES");
+ KerberosKey newKey = new KerberosKey( clientPrincipal,
password.toCharArray(), "DES" );
+
+ System.out.println( "Got client principal " + clientPrincipal );
+ System.out.println( "Got client password " + password );
// store password in database
- String principalName = store.changePassword(clientPrincipal,
newKey.getEncoded());
- System.out.println("Successfully modified principal named " +
principalName);
+ String principalName = change.changePassword( clientPrincipal,
newKey.getEncoded() );
+ System.out.println( "Successfully modified principal named " +
principalName );
// begin building reply
// create priv message
// user-data component is short result code
EncKrbPrivPartModifier modifier = new EncKrbPrivPartModifier();
- byte[] resultCode = {(byte)0x00, (byte)0x00};
- modifier.setUserData(resultCode);
+ byte[] resultCode = { (byte)0x00, (byte)0x00 };
+ modifier.setUserData( resultCode );
- modifier.setSenderAddress(new
HostAddress(InetAddress.getLocalHost()));
+ modifier.setSenderAddress( new HostAddress(
InetAddress.getLocalHost() ) );
EncKrbPrivPart privPart = modifier.getEncKrbPrivPart();
+ System.out.println( "Sender address " +
privPart.getSenderAddress() );
+ System.out.println( "Recipient address " +
privPart.getRecipientAddress() );
+ System.out.println( "Localhost address " +
InetAddress.getLocalHost() );
+
EncKrbPrivPartEncoder encoder = new EncKrbPrivPartEncoder();
- byte[] encodedPrivPart = encoder.encode(privPart);
+ byte[] encodedPrivPart = encoder.encode( privPart );
EncryptedData encPrivPart = null;
- try {
+ try
+ {
EncryptionEngine engine =
EncryptionEngineFactory.getEncryptionEngineFor( sessionKey );
-
- encPrivPart = engine.getEncryptedData(sessionKey,
encodedPrivPart);
- } catch (KerberosException ke) {
+
+ encPrivPart = engine.getEncryptedData( sessionKey,
encodedPrivPart );
+ }
+ catch (KerberosException ke)
+ {
ke.printStackTrace();
}
- PrivateMessage privateMessage = new PrivateMessage(encPrivPart);
+
+ PrivateMessage privateMessage = new PrivateMessage( encPrivPart
);
// Begin AP_REP generation
EncApRepPartModifier encApModifier = new EncApRepPartModifier();
- encApModifier.setClientTime(authenticator.getClientTime());
-
encApModifier.setClientMicroSecond(authenticator.getClientMicroSecond());
- encApModifier.setSequenceNumber(new
Integer(authenticator.getSequenceNumber()));
-
encApModifier.setSubSessionKey(authenticator.getSubSessionKey());
+ encApModifier.setClientTime( authenticator.getClientTime() );
+ encApModifier.setClientMicroSecond(
authenticator.getClientMicroSecond() );
+ encApModifier.setSequenceNumber( new Integer(
authenticator.getSequenceNumber() ) );
+ encApModifier.setSubSessionKey(
authenticator.getSubSessionKey() );
EncApRepPart repPart = encApModifier.getEncApRepPart();
EncApRepPartEncoder repEncoder = new EncApRepPartEncoder();
- byte[] encodedRepPart = repEncoder.encode(repPart);
+ byte[] encodedRepPart = repEncoder.encode( repPart );
EncryptedData encRepPart = null;
- try {
+ try
+ {
EncryptionEngine engine =
EncryptionEngineFactory.getEncryptionEngineFor( ticket.getSessionKey() );
-
- encRepPart =
engine.getEncryptedData(ticket.getSessionKey(), encodedRepPart);
- } catch (KerberosException ke) {
+
+ encRepPart = engine.getEncryptedData(
ticket.getSessionKey(), encodedRepPart );
+ }
+ catch (KerberosException ke)
+ {
ke.printStackTrace();
}
- ApplicationReply appReply = new ApplicationReply(encRepPart);
+ ApplicationReply appReply = new ApplicationReply( encRepPart );
// return status message value object
ChangePasswordReplyModifier replyModifier = new
ChangePasswordReplyModifier();
- replyModifier.setApplicationReply(appReply);
- replyModifier.setPrivateMessage(privateMessage);
+ replyModifier.setApplicationReply( appReply );
+ replyModifier.setPrivateMessage( privateMessage );
return replyModifier.getChangePasswordReply();
}
