Author: akarasulu Date: Wed Mar 16 11:04:02 2005 New Revision: 157788 URL: http://svn.apache.org/viewcvs?view=rev&rev=157788 Log: changes ...
o committed Endi's patches as is but will do some modifications and moving around of things after commit - use this as point of reference. Here's the JIRA issue where the patch was contributed: http://issues.apache.org/jira/browse/DIREVE-145 Endi, You can track changes I make after this and discuss it with me on list. Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/Authenticator.java directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorConfig.java directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorContext.java directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/ContextPartitionConfig.java directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/EnvKeys.java directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/PartitionConfigBuilder.java directory/apacheds/trunk/main/project.xml Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/Authenticator.java URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/Authenticator.java?view=auto&rev=157788 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/Authenticator.java (added) +++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/Authenticator.java Wed Mar 16 11:04:02 2005 @@ -0,0 +1,92 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.ldap.server; + +import org.apache.ldap.server.jndi.ServerContext; +import org.apache.ldap.server.auth.LdapPrincipal; + +import javax.naming.NamingException; + + +/** + * Base class for all Authenticators. + * + * @author <a href="mailto:[EMAIL PROTECTED]">Endi S. Dewata</a> + */ +public class Authenticator { + + /** authenticator config */ + public AuthenticatorConfig authenticatorConfig; + /** authenticator context */ + public AuthenticatorContext authenticatorContext; + /** authenticator type */ + public String type; + + /** + * Create a new Authenticator. + * + * @param type authenticator's type + */ + public Authenticator( String type ) + { + this.type = type; + } + + public AuthenticatorContext getAuthenticatorContext() + { + return authenticatorContext; + } + + public String getType() + { + return type; + } + + /** + * Called by the authenticator container to indicate that the authenticator is being placed into service. + * + * @param authenticatorConfig + * @throws NamingException + */ + public void init( AuthenticatorConfig authenticatorConfig ) throws NamingException + { + this.authenticatorConfig = authenticatorConfig; + this.authenticatorContext = authenticatorConfig.getAuthenticatorContext(); + init(); + } + + /** + * A convenience method which can be overridden so that there's no need to call super.init( authenticatorConfig ). + */ + public void init() throws NamingException + { + + } + + /** + * Perform the authentication operation and return the authorization id if successfull. + * + * @param ctx + * @return the authorization id + * @throws NamingException + */ + public LdapPrincipal authenticate( ServerContext ctx ) throws NamingException + { + return null; + } + +} \ No newline at end of file Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorConfig.java URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorConfig.java?view=auto&rev=157788 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorConfig.java (added) +++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorConfig.java Wed Mar 16 11:04:02 2005 @@ -0,0 +1,83 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.ldap.server; + +import java.util.Enumeration; +import java.util.Properties; + +/** + * A configuration bean for Authenticators. + * + * @author <a href="mailto:[EMAIL PROTECTED]">Endi S. Dewata</a> + */ +public class AuthenticatorConfig { + + private String authenticatorName; + private String authenticatorClass; + private AuthenticatorContext authenticatorContext; + private Properties properties = new Properties(); + + public String getAuthenticatorName() + { + return authenticatorName; + } + + public void setAuthenticatorName( String authenticatorName ) + { + this.authenticatorName = authenticatorName; + } + + public String getAuthenticatorClass() + { + return authenticatorClass; + } + + public void setAuthenticatorClass( String authenticatorClass ) + { + this.authenticatorClass = authenticatorClass; + } + + public Properties getProperties() + { + return properties; + } + + public void setProperties( Properties properties ) + { + this.properties = properties; + } + + public String getInitParameter( String name ) + { + return properties.getProperty( name ); + } + + public Enumeration getInitParameterNames() + { + return properties.keys(); + } + + public AuthenticatorContext getAuthenticatorContext() + { + return authenticatorContext; + } + + public void setAuthenticatorContext( AuthenticatorContext authenticatorContext ) + { + this.authenticatorContext = authenticatorContext; + } +} Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorContext.java URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorContext.java?view=auto&rev=157788 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorContext.java (added) +++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/AuthenticatorContext.java Wed Mar 16 11:04:02 2005 @@ -0,0 +1,58 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.ldap.server; + +/** + * Base class for all Authenticators. + * + * @author <a href="mailto:direct [EMAIL PROTECTED]">Apache Directory Project</a> + * @version $Rev: 124525 $ + */ +public class AuthenticatorContext { + + /** the root nexus to all database partitions */ + private RootNexus rootNexus; + /** whether or not to allow anonymous users */ + private boolean allowAnonymous = false; + + /** + * Create a new AuthenticatorContext. + */ + public AuthenticatorContext() + { + } + + public RootNexus getRootNexus() + { + return rootNexus; + } + public void setRootNexus( RootNexus rootNexus ) + { + this.rootNexus = rootNexus; + } + + public boolean getAllowAnonymous() + { + return allowAnonymous; + } + + public void setAllowAnonymous( boolean allowAnonymous ) + { + this.allowAnonymous = allowAnonymous; + } + +} \ No newline at end of file Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/ContextPartitionConfig.java URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/ContextPartitionConfig.java?view=diff&r1=157787&r2=157788 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/ContextPartitionConfig.java (original) +++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/ContextPartitionConfig.java Wed Mar 16 11:04:02 2005 @@ -88,7 +88,7 @@ return partitionClass; } - public void setPartitionClass(String partitionClass) + public void setPartitionClass( String partitionClass ) { this.partitionClass = partitionClass; } @@ -98,7 +98,7 @@ return properties; } - public void setProperties(String properties) + public void setProperties( String properties ) { this.properties = properties; } Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java?view=auto&rev=157788 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java (added) +++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java Wed Mar 16 11:04:02 2005 @@ -0,0 +1,46 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.ldap.server.auth; + +import org.apache.ldap.server.Authenticator; +import org.apache.ldap.server.jndi.ServerContext; +import org.apache.ldap.common.exception.LdapNoPermissionException; + +import javax.naming.NamingException; + +/** + * @author <a href="mailto:[EMAIL PROTECTED]">Endi S. Dewata</a> + */ +public class AnonymousAuthenticator extends Authenticator { + + public AnonymousAuthenticator( ) + { + super( "none" ); + } + + public LdapPrincipal authenticate( ServerContext ctx ) throws NamingException + { + if ( getAuthenticatorContext().getAllowAnonymous() ) + { + return LdapPrincipal.ANONYMOUS ; + } + else + { + throw new LdapNoPermissionException( "Anonymous bind NOT permitted!" ); + } + } +} Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java?view=auto&rev=157788 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java (added) +++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java Wed Mar 16 11:04:02 2005 @@ -0,0 +1,101 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.ldap.server.auth; + +import org.apache.ldap.server.Authenticator; +import org.apache.ldap.server.RootNexus; +import org.apache.ldap.server.jndi.ServerContext; +import org.apache.ldap.common.exception.LdapNameNotFoundException; +import org.apache.ldap.common.exception.LdapAuthenticationException; +import org.apache.ldap.common.util.ArrayUtils; +import org.apache.ldap.common.name.LdapName; + +import javax.naming.Context; +import javax.naming.NamingException; +import javax.naming.directory.Attributes; +import javax.naming.directory.Attribute; + +/** + * @author <a href="mailto:[EMAIL PROTECTED]">Endi S. Dewata</a> + */ +public class SimpleAuthenticator extends Authenticator { + + public SimpleAuthenticator( ) + { + super( "simple" ); + } + + public LdapPrincipal authenticate( ServerContext ctx ) throws NamingException + { + Object creds = ctx.getEnvironment().get( Context.SECURITY_CREDENTIALS ); + + if ( creds == null ) + { + creds = ArrayUtils.EMPTY_BYTE_ARRAY; + } + else if ( creds instanceof String ) + { + creds = ( ( String ) creds ).getBytes(); + } + + // let's get the principal now + String principal; + if ( ! ctx.getEnvironment().containsKey( Context.SECURITY_PRINCIPAL ) ) + { + throw new LdapAuthenticationException(); + } + else + { + principal = ( String ) ctx.getEnvironment().get( Context.SECURITY_PRINCIPAL ); + if ( principal == null ) + { + throw new LdapAuthenticationException(); + } + } + + LdapName principalDn = new LdapName( principal ); + RootNexus rootNexus = getAuthenticatorContext().getRootNexus(); + Attributes userEntry = rootNexus.lookup( principalDn ); + + if ( userEntry == null ) + { + throw new LdapNameNotFoundException(); + } + + Object userPassword; + Attribute userPasswordAttr = userEntry.get( "userPassword" ); + if ( userPasswordAttr == null ) + { + userPassword = ArrayUtils.EMPTY_BYTE_ARRAY; + } + else + { + userPassword = userPasswordAttr.get(); + if ( userPassword instanceof String ) + { + userPassword = ( ( String ) userPassword ).getBytes(); + } + } + + if ( ! ArrayUtils.isEquals( creds, userPassword ) ) + { + throw new LdapAuthenticationException(); + } + + return new LdapPrincipal( principalDn ); + } +} Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java?view=diff&r1=157787&r2=157788 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java (original) +++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java Wed Mar 16 11:04:02 2005 @@ -19,19 +19,19 @@ import javax.naming.Context; import javax.naming.NamingException; -import javax.naming.directory.Attribute; -import javax.naming.directory.Attributes; import org.apache.ldap.common.exception.LdapAuthenticationException; import org.apache.ldap.common.exception.LdapAuthenticationNotSupportedException; -import org.apache.ldap.common.exception.LdapNameNotFoundException; -import org.apache.ldap.common.exception.LdapNoPermissionException; import org.apache.ldap.common.message.ResultCodeEnum; -import org.apache.ldap.common.name.LdapName; -import org.apache.ldap.common.util.ArrayUtils; -import org.apache.ldap.server.RootNexus; +import org.apache.ldap.common.util.StringTools; import org.apache.ldap.server.auth.LdapPrincipal; +import org.apache.ldap.server.Authenticator; +import java.util.Map; +import java.util.LinkedHashMap; +import java.util.Collection; +import java.util.ArrayList; +import java.util.Iterator; /** * A service used to for authenticating users. @@ -48,23 +48,65 @@ /** short for Context.SECURITY_CREDENTIALS */ private static final String CREDS = Context.SECURITY_CREDENTIALS; - /** the root nexus to all database partitions */ - private final RootNexus nexus; - /** whether or not to allow anonymous users */ - private boolean allowAnonymous = false; + /** authenticators **/ + public Map authenticators = new LinkedHashMap(); /** * Creates an authentication service interceptor. + */ + public AuthenticationService() + { + } + + /** + * Registers an Authenticator with this AuthenticatorService. Called by each + * Authenticator implementation after it has started to register for + * authentication operation calls. * - * @param nexus the root nexus to access all database partitions + * @param authenticator Authenticator component to register with this + * AuthenticatorService. */ - public AuthenticationService( RootNexus nexus, boolean allowAnonymous ) + public void register( Authenticator authenticator ) { - this.nexus = nexus; - this.allowAnonymous = allowAnonymous; + Collection authenticatorList = getAuthenticators( authenticator.getType() ); + if ( authenticatorList == null ) + { + authenticatorList = new ArrayList(); + authenticators.put( authenticator.getType(), authenticatorList ); + } + authenticatorList.add( authenticator ); } + /** + * Unregisters an Authenticator with this AuthenticatorService. Called for each + * registered Authenticator right before it is to be stopped. This prevents + * protocol server requests from reaching the Backend and effectively puts + * the ContextPartition's naming context offline. + * + * @param authenticator Authenticator component to unregister with this + * AuthenticatorService. + */ + public void unregister( Authenticator authenticator ) + { + Collection authenticatorList = getAuthenticators( authenticator.getType() ); + if ( authenticatorList == null ) + { + return; + } + authenticatorList.remove( authenticator ); + } + + /** + * Gets the authenticators with a specific type. + * + * @param type the authentication type + * @return the authenticators with the specified type + */ + public Collection getAuthenticators( String type ) + { + return (Collection)authenticators.get( type ); + } public void invoke( Invocation invocation ) throws NamingException { @@ -87,117 +129,66 @@ return; } - // check the kind of authentication being performed - if ( ctx.getEnvironment().containsKey( AUTH_TYPE ) ) - { - // authentication type can be anything + String authList = ( String ) ctx.getEnvironment().get( AUTH_TYPE ); - String auth = ( String ) ctx.getEnvironment().get( AUTH_TYPE ); - if ( auth.equalsIgnoreCase( "none" ) ) - { - doAuthNone( ctx ); - } - else if ( auth.equalsIgnoreCase( "simple" ) ) + if ( authList == null ) + { + if ( ctx.getEnvironment().containsKey( CREDS ) ) { - doAuthSimple( ctx ); + // authentication type is simple here + authList = "simple"; } else { - doAuthSasl( ctx ); + // authentication type is anonymous + authList = "none"; } - } - else if ( ctx.getEnvironment().containsKey( CREDS ) ) - { - // authentication type is simple here - doAuthSimple( ctx ); - } - else - { - // authentication type is anonymous - doAuthNone( ctx ); - } - // remove creds so there is no security risk - ctx.removeFromEnvironment( CREDS ); - } - - - private void doAuthSasl( ServerContext ctx ) throws NamingException - { - ctx.getEnvironment(); // shut's up idea's yellow light - ResultCodeEnum rc = ResultCodeEnum.AUTHMETHODNOTSUPPORTED; - throw new LdapAuthenticationNotSupportedException( rc ); - } - - - private void doAuthNone( ServerContext ctx ) throws NamingException - { - if ( allowAnonymous ) - { - ctx.setPrincipal( LdapPrincipal.ANONYMOUS ); - } - else - { - throw new LdapNoPermissionException( "Anonymous bind NOT permitted!" ); } - } + authList = StringTools.deepTrim( authList ); + String[] auth = authList.split( " " ); - private void doAuthSimple( ServerContext ctx ) throws NamingException - { - Object creds = ctx.getEnvironment().get( CREDS ); + Collection authenticators = null; - if ( creds == null ) - { - creds = ArrayUtils.EMPTY_BYTE_ARRAY; - } - else if ( creds instanceof String ) + // pick the first matching authenticator type + for ( int i=0; i<auth.length; i++) { - creds = ( ( String ) creds ).getBytes(); + authenticators = getAuthenticators( auth[i] ); + if ( authenticators != null ) break; } - // let's get the principal now - String principal; - if ( ! ctx.getEnvironment().containsKey( PRINCIPAL ) ) + if ( authenticators == null ) { - throw new LdapAuthenticationException(); + ctx.getEnvironment(); // shut's up idea's yellow light + ResultCodeEnum rc = ResultCodeEnum.AUTHMETHODNOTSUPPORTED; + throw new LdapAuthenticationNotSupportedException( rc ); } - else + + // try each authenticators + for ( Iterator i = authenticators.iterator(); i.hasNext(); ) { - principal = ( String ) ctx.getEnvironment().get( PRINCIPAL ); - if ( principal == null ) + try { - throw new LdapAuthenticationException(); - } - } + Authenticator authenticator = ( Authenticator ) i.next(); - LdapName principalDn = new LdapName( principal ); - Attributes userEntry = nexus.lookup( principalDn ); - if ( userEntry == null ) - { - throw new LdapNameNotFoundException(); - } + // perform the authentication + LdapPrincipal authorizationId = authenticator.authenticate( ctx ); - Object userPassword; - Attribute userPasswordAttr = userEntry.get( "userPassword" ); - if ( userPasswordAttr == null ) - { - userPassword = ArrayUtils.EMPTY_BYTE_ARRAY; - } - else - { - userPassword = userPasswordAttr.get(); - if ( userPassword instanceof String ) + // authentication was successful + ctx.setPrincipal( authorizationId ); + + // remove creds so there is no security risk + ctx.removeFromEnvironment( CREDS ); + + return; + } + catch ( LdapAuthenticationException e ) { - userPassword = ( ( String ) userPassword ).getBytes(); + // authentication failed, try the next authenticator } } - if ( ! ArrayUtils.isEquals( creds, userPassword ) ) - { - throw new LdapAuthenticationException(); - } - - ctx.setPrincipal( new LdapPrincipal( principalDn ) ); + throw new LdapAuthenticationException(); } } Added: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java?view=auto&rev=157788 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java (added) +++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticatorConfigBuilder.java Wed Mar 16 11:04:02 2005 @@ -0,0 +1,131 @@ +/* + * Copyright 2004 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ +package org.apache.ldap.server.jndi; + + +import java.util.Hashtable; +import java.util.Properties; +import java.io.FileInputStream; + +import org.apache.ldap.common.util.StringTools; +import org.apache.ldap.server.AuthenticatorConfig; + +import javax.naming.NamingException; + + +/** + * An authenticator configuration builder which produces AuthenticatorConfig + * objects from various configuration formats, namely Hashtables. + * + * @author <a href="mailto:[EMAIL PROTECTED]">Endi S. Dewata</a> + */ +public class AuthenticatorConfigBuilder +{ + /** keep this so we do not have create empty ones over and over again */ + private final static AuthenticatorConfig[] EMPTY = new AuthenticatorConfig[0]; + + + /** + * Extracts properties from a Hashtable and builds a configuration bean for + * an Authenticator. + * + * @param authenticatorName the name of the authenticator to extract configs for + * @param env the Hastable containing usually JNDI environment settings + * @return the extracted configuration object + * @throws javax.naming.NamingException + */ + public static AuthenticatorConfig getAuthenticatorConfig( String authenticatorName, Hashtable env ) + throws NamingException + { + final StringBuffer buf = new StringBuffer(); + final AuthenticatorConfig config = new AuthenticatorConfig(); + + // -------------------------------------------------------------------- + // set id for authenticator + // -------------------------------------------------------------------- + + config.setAuthenticatorName( authenticatorName ); + + // -------------------------------------------------------------------- + // set authenticator class + // -------------------------------------------------------------------- + + buf.setLength( 0 ); + buf.append( EnvKeys.AUTHENTICATOR_CLASS ).append( authenticatorName ); + String authenticatorClass = ( String ) env.get( buf.toString() ); + + if ( authenticatorClass != null ) + { + config.setAuthenticatorClass( authenticatorClass ); + } + + // -------------------------------------------------------------------- + // set authenticator properties + // -------------------------------------------------------------------- + + buf.setLength( 0 ); + buf.append( EnvKeys.AUTHENTICATOR_PROPERTIES ).append( authenticatorName ); + String propertiesFile = ( String ) env.get( buf.toString() ); + + if ( propertiesFile != null ) + { + try + { + Properties properties = config.getProperties(); + properties.load( new FileInputStream( propertiesFile ) ); + config.setProperties( properties ); + } + catch ( Exception e ) + { + throw new NamingException( e.getMessage() ); + } + } + + return config; + } + + + /** + * Extracts properties from a Hashtable and builds a set of configurations + * bean for Authenticators. + * + * @param env the Hastable containing usually JNDI environment settings + * @return all the extracted configuration objects configured + * @throws javax.naming.NamingException + */ + public static AuthenticatorConfig[] getAuthenticatorConfigs( Hashtable env ) + throws NamingException + { + String idList = ( String ) env.get( EnvKeys.AUTHENTICATORS ); + + // return empty array when we got nothin to work with! + if ( idList == null || idList.trim().length() == 0 ) + { + return EMPTY; + } + + idList = StringTools.deepTrim( idList ); + final String[] ids = idList.split( " " ); + final AuthenticatorConfig[] configs = new AuthenticatorConfig[ids.length]; + for ( int ii = 0; ii < configs.length; ii++ ) + { + configs[ii] = getAuthenticatorConfig( ids[ii], env ); + } + + return configs; + } +} Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java?view=diff&r1=157787&r2=157788 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java (original) +++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java Wed Mar 16 11:04:02 2005 @@ -39,11 +39,9 @@ import org.apache.ldap.common.schema.Normalizer; import org.apache.ldap.common.util.DateUtils; import org.apache.ldap.common.util.StringTools; -import org.apache.ldap.server.ApplicationPartition; -import org.apache.ldap.server.ContextPartition; -import org.apache.ldap.server.ContextPartitionConfig; -import org.apache.ldap.server.RootNexus; -import org.apache.ldap.server.SystemPartition; +import org.apache.ldap.server.*; +import org.apache.ldap.server.auth.AnonymousAuthenticator; +import org.apache.ldap.server.auth.SimpleAuthenticator; import org.apache.ldap.server.db.Database; import org.apache.ldap.server.db.DefaultSearchEngine; import org.apache.ldap.server.db.ExpressionEnumerator; @@ -503,9 +501,64 @@ boolean allowAnonymous = !initialEnv.containsKey( EnvKeys.DISABLE_ANONYMOUS ); - Interceptor interceptor = new AuthenticationService( nexus, allowAnonymous ); + AuthenticationService authenticationService = new AuthenticationService(); - provider.addInterceptor( interceptor, state ); + // create authenticator context + AuthenticatorContext authenticatorContext = new AuthenticatorContext(); + authenticatorContext.setRootNexus( nexus ); + authenticatorContext.setAllowAnonymous( allowAnonymous ); + + try // initialize default authenticators + { + // create anonymous authenticator + AuthenticatorConfig authenticatorConfig = new AuthenticatorConfig(); + authenticatorConfig.setAuthenticatorName( "none" ); + authenticatorConfig.setAuthenticatorContext( authenticatorContext ); + + Authenticator authenticator = new AnonymousAuthenticator(); + authenticator.init( authenticatorConfig ); + authenticationService.register( authenticator ); + + // create simple authenticator + authenticatorConfig = new AuthenticatorConfig(); + authenticatorConfig.setAuthenticatorName( "simple" ); + authenticatorConfig.setAuthenticatorContext( authenticatorContext ); + + authenticator = new SimpleAuthenticator(); + authenticator.init( authenticatorConfig ); + authenticationService.register( authenticator ); + } + catch ( Exception e ) + { + throw new NamingException( e.getMessage() ); + } + + AuthenticatorConfig[] configs = null; + configs = AuthenticatorConfigBuilder + .getAuthenticatorConfigs( initialEnv ); + + for ( int ii = 0; ii < configs.length; ii++ ) + { + try + { + configs[ii].setAuthenticatorContext( authenticatorContext ); + + String authenticatorClass = configs[ii].getAuthenticatorClass(); + Class clazz = Class.forName( authenticatorClass ); + Constructor constructor = clazz.getConstructor( new Class[] { } ); + + Authenticator authenticator = ( Authenticator ) constructor.newInstance( new Object[] { } ); + authenticator.init( configs[ii] ); + + authenticationService.register( authenticator ); + } + catch ( Exception e ) + { + e.printStackTrace(); + } + } + + provider.addInterceptor( authenticationService, state ); /* * Create and add the Eve Exception service interceptor to both the @@ -515,7 +568,7 @@ FilterService filterService = new FilterServiceImpl(); - interceptor = ( Interceptor ) filterService; + Interceptor interceptor = ( Interceptor ) filterService; provider.addInterceptor( interceptor, state ); Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/EnvKeys.java URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/EnvKeys.java?view=diff&r1=157787&r2=157788 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/EnvKeys.java (original) +++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/EnvKeys.java Wed Mar 16 11:04:02 2005 @@ -45,6 +45,12 @@ public static final String SCHEMAS = "server.schemas"; /** bootstrap prop: if key is present it enables anonymous users */ public static final String DISABLE_ANONYMOUS = "server.disable.anonymous"; + /** a comma separated list of authenticator names */ + public static final String AUTHENTICATORS = "server.authenticators"; + /** the envprop key base to the authenticator implementation class */ + public static final String AUTHENTICATOR_CLASS = "server.authenticator.class."; + /** the envprop key base to the properties of an authenticator */ + public static final String AUTHENTICATOR_PROPERTIES = "server.authenticator.properties."; // ------------------------------------------------------------------------ @@ -71,7 +77,7 @@ /** the envprop key base to the implementation of a partition */ public static final String PARTITION_CLASS = "server.db.partition.class."; /** the envprop key base to the properties of a partition */ - public static final String PROPERTIES = "server.db.partition.properties."; + public static final String PARTITION_PROPERTIES = "server.db.partition.properties."; /** the envprop key base to the space separated list of indices for a partition */ public static final String INDICES = "server.db.partition.indices."; /** the envprop key base to the Attributes for the context nexus entry */ Modified: directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/PartitionConfigBuilder.java URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/PartitionConfigBuilder.java?view=diff&r1=157787&r2=157788 ============================================================================== --- directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/PartitionConfigBuilder.java (original) +++ directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/PartitionConfigBuilder.java Wed Mar 16 11:04:02 2005 @@ -93,7 +93,7 @@ // -------------------------------------------------------------------- buf.setLength( 0 ); - buf.append( EnvKeys.PROPERTIES ).append( id ); + buf.append( EnvKeys.PARTITION_PROPERTIES ).append( id ); String properties = ( String ) env.get( buf.toString() ); if ( properties != null ) Modified: directory/apacheds/trunk/main/project.xml URL: http://svn.apache.org/viewcvs/directory/apacheds/trunk/main/project.xml?view=diff&r1=157787&r2=157788 ============================================================================== --- directory/apacheds/trunk/main/project.xml (original) +++ directory/apacheds/trunk/main/project.xml Wed Mar 16 11:04:02 2005 @@ -88,8 +88,8 @@ <version>0.9-SNAPSHOT</version> </dependency> <dependency> - <groupId>directory</groupId> - <artifactId>apacheds-protocol</artifactId> + <groupId>directory-protocols</groupId> + <artifactId>ldap-protocol</artifactId> <version>0.9-SNAPSHOT</version> </dependency> <dependency>
