Author: erodriguez
Date: Wed Mar 16 21:38:42 2005
New Revision: 157903
URL: http://svn.apache.org/viewcvs?view=rev&rev=157903
Log:
Import updates related to exception handling change and move to kerberos-common.
Modified:
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/ErrorService.java
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/sam/TimestampChecker.java
Modified:
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
URL:
http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java?view=diff&r1=157902&r2=157903
==============================================================================
---
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
(original)
+++
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/AuthenticationService.java
Wed Mar 16 21:38:42 2005
@@ -26,6 +26,8 @@
import org.apache.kerberos.crypto.encryption.EncryptionEngine;
import org.apache.kerberos.crypto.encryption.EncryptionEngineFactory;
import org.apache.kerberos.crypto.encryption.EncryptionType;
+import org.apache.kerberos.exceptions.ErrorType;
+import org.apache.kerberos.exceptions.KerberosException;
import org.apache.kerberos.io.decoder.EncryptedDataDecoder;
import org.apache.kerberos.io.decoder.EncryptedTimestampDecoder;
import org.apache.kerberos.io.encoder.EncAsRepPartEncoder;
@@ -92,7 +94,7 @@
if ( entry == null )
{
- throw KerberosException.KDC_ERR_C_PRINCIPAL_UNKNOWN;
+ throw new KerberosException( ErrorType.KDC_ERR_C_PRINCIPAL_UNKNOWN
);
}
EncryptionKey clientKey = null;
@@ -107,7 +109,7 @@
if ( preAuthData == null )
{
- throw new KdcErrorPreauthRequired(
preparePreAuthenticationError() );
+ throw new KerberosException(
ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError() );
}
EncryptedTimeStamp timestamp = null;
@@ -129,27 +131,27 @@
}
catch (KerberosException ke)
{
- throw
KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
}
catch (IOException ioe)
{
- throw
KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
}
catch (ClassCastException cce)
{
- throw
KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
}
}
}
if ( timestamp == null )
{
- throw new KdcErrorPreauthRequired(
preparePreAuthenticationError() );
+ throw new KerberosException(
ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError() );
}
if ( !timestamp.getTimeStamp().isInClockSkew(
config.getClockSkew() ) )
{
- throw KerberosException.KDC_ERR_PREAUTH_FAILED;
+ throw new KerberosException(
ErrorType.KDC_ERR_PREAUTH_FAILED );
}
/*
@@ -167,7 +169,7 @@
if ( preAuthData == null || preAuthData.length == 0 )
{
- throw new KdcErrorPreauthRequired(
preparePreAuthenticationError() );
+ throw new KerberosException(
ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError() );
}
try
@@ -243,7 +245,7 @@
if ( serverKey == null )
{
- throw KerberosException.KDC_ERR_S_PRINCIPAL_UNKNOWN;
+ throw new KerberosException( ErrorType.KDC_ERR_S_PRINCIPAL_UNKNOWN
);
}
KerberosPrincipal ticketPrincipal =
request.getServerPrincipal();
@@ -271,7 +273,7 @@
request.getKdcOptions().get(KdcOptions.FORWARDED) ||
request.getKdcOptions().get(KdcOptions.ENC_TKT_IN_SKEY))
{
- throw KerberosException.KDC_ERR_BADOPTION;
+ throw new KerberosException(
ErrorType.KDC_ERR_BADOPTION );
}
newTicketBody.setSessionKey(new RandomKey().getNewSessionKey());
@@ -285,7 +287,7 @@
{
// TODO - possibly allow req.from range
if (!config.isPostdateAllowed())
- throw KerberosException.KDC_ERR_POLICY;
+ throw new KerberosException(
ErrorType.KDC_ERR_POLICY );
newTicketBody.setFlag(TicketFlags.INVALID);
newTicketBody.setStartTime(request.getFrom());
}
Modified:
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/ErrorService.java
URL:
http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/ErrorService.java?view=diff&r1=157902&r2=157903
==============================================================================
---
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/ErrorService.java
(original)
+++
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/ErrorService.java
Wed Mar 16 21:38:42 2005
@@ -17,6 +17,7 @@
package org.apache.kerberos.kdc;
+import org.apache.kerberos.exceptions.KerberosException;
import org.apache.kerberos.messages.ErrorMessage;
import org.apache.kerberos.messages.ErrorMessageModifier;
import org.apache.kerberos.messages.value.KerberosTime;
@@ -39,7 +40,7 @@
KerberosTime now = new KerberosTime();
- modifier.setErrorCode( exception.getOrdinal() );
+ modifier.setErrorCode( exception.getErrorCode() );
modifier.setExplanatoryText( exception.getMessage() );
modifier.setServerPrincipal( config.getKdcPrincipal() );
modifier.setServerTime( now );
Modified:
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java
URL:
http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java?view=diff&r1=157902&r2=157903
==============================================================================
---
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java
(original)
+++
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/KerberosService.java
Wed Mar 16 21:38:42 2005
@@ -31,6 +31,8 @@
import org.apache.kerberos.crypto.encryption.EncryptionEngine;
import org.apache.kerberos.crypto.encryption.EncryptionEngineFactory;
import org.apache.kerberos.crypto.encryption.EncryptionType;
+import org.apache.kerberos.exceptions.ErrorType;
+import org.apache.kerberos.exceptions.KerberosException;
import org.apache.kerberos.io.decoder.AuthenticatorDecoder;
import org.apache.kerberos.io.decoder.EncTicketPartDecoder;
import org.apache.kerberos.kdc.replay.InMemoryReplayCache;
@@ -100,7 +102,7 @@
}
}
- throw KerberosException.KDC_ERR_ETYPE_NOSUPP;
+ throw new KerberosException( ErrorType.KDC_ERR_ETYPE_NOSUPP );
}
protected void verifyTicket( Ticket ticket, KerberosPrincipal
serverPrincipal )
@@ -109,7 +111,7 @@
if ( !ticket.getRealm().equals( config.getPrimaryRealm() )
&& !ticket.getServerPrincipal().equals(
serverPrincipal ) )
{
- throw KerberosException.KRB_AP_ERR_NOT_US;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_NOT_US );
}
}
@@ -119,17 +121,17 @@
{
if ( authHeader.getProtocolVersionNumber() != 5 )
{
- throw KerberosException.KRB_AP_ERR_BADVERSION;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BADVERSION );
}
if ( authHeader.getMessageType() != MessageType.KRB_AP_REQ )
{
- throw KerberosException.KRB_AP_ERR_MSG_TYPE;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_MSG_TYPE );
}
if ( authHeader.getTicket().getTicketVersionNumber() != 5 )
{
- throw KerberosException.KRB_AP_ERR_BADVERSION;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BADVERSION );
}
KerberosPrincipal serverPrincipal = ticket.getServerPrincipal();
@@ -150,10 +152,10 @@
// TODO - check server key version number, skvno;
requires store
if ( false )
{
- throw KerberosException.KRB_AP_ERR_BADKEYVER;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BADKEYVER );
}
- throw KerberosException.KRB_AP_ERR_NOKEY;
+ throw new KerberosException( ErrorType.KRB_AP_ERR_NOKEY
);
}
try
@@ -168,7 +170,7 @@
}
catch (KerberosException ke)
{
- throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
}
Authenticator authenticator;
@@ -183,12 +185,12 @@
}
catch (KerberosException ke)
{
- throw KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
}
if ( !authenticator.getClientPrincipal().getName().equals(
ticket.getClientPrincipal().getName() ) )
{
- throw KerberosException.KRB_AP_ERR_BADMATCH;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BADMATCH );
}
// TODO - need to get at IP Address for sender
@@ -205,27 +207,27 @@
if( replayCache.isReplay( authenticator.getClientTime(),
authenticator.getClientPrincipal() ) )
{
- throw KerberosException.KRB_AP_ERR_REPEAT;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_REPEAT );
}
replayCache.save( authenticator.getClientTime(),
authenticator.getClientPrincipal() );
if ( !authenticator.getClientTime().isInClockSkew(
config.getClockSkew() ) )
{
- throw KerberosException.KRB_AP_ERR_SKEW;
+ throw new KerberosException( ErrorType.KRB_AP_ERR_SKEW
);
}
if ( ticket.getStartTime() != null &&
!ticket.getStartTime().isInClockSkew( config.getClockSkew() ) ||
ticket.getFlag( TicketFlags.INVALID ) )
{
// it hasn't yet become valid
- throw KerberosException.KRB_AP_ERR_TKT_NYV;
+ throw new KerberosException( ErrorType.KRB_AP_ERR_TKT_NYV );
}
// TODO - doesn't take into account skew
if ( !ticket.getEndTime().greaterThan( new KerberosTime() ) )
{
- throw KerberosException.KRB_AP_ERR_TKT_EXPIRED;
+ throw new KerberosException( ErrorType.KRB_AP_ERR_TKT_EXPIRED );
}
authHeader.setOption( ApOptions.MUTUAL_REQUIRED );
Modified:
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java
URL:
http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java?view=diff&r1=157902&r2=157903
==============================================================================
---
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java
(original)
+++
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/kdc/TicketGrantingService.java
Wed Mar 16 21:38:42 2005
@@ -30,6 +30,8 @@
import org.apache.kerberos.crypto.encryption.EncryptionEngine;
import org.apache.kerberos.crypto.encryption.EncryptionEngineFactory;
import org.apache.kerberos.crypto.encryption.EncryptionType;
+import org.apache.kerberos.exceptions.ErrorType;
+import org.apache.kerberos.exceptions.KerberosException;
import org.apache.kerberos.io.decoder.ApplicationRequestDecoder;
import org.apache.kerberos.io.decoder.AuthorizationDataDecoder;
import org.apache.kerberos.io.encoder.EncTgsRepPartEncoder;
@@ -103,7 +105,7 @@
{
if ( request.getPreAuthData()[0].getDataType() !=
PreAuthenticationDataType.PA_TGS_REQ )
{
- throw KerberosException.KDC_ERR_PADATA_TYPE_NOSUPP;
+ throw new KerberosException(
ErrorType.KDC_ERR_PADATA_TYPE_NOSUPP );
}
byte[] undecodedAuthHeader =
request.getPreAuthData()[0].getDataValue();
@@ -119,7 +121,7 @@
{
if ( authChecksum == null )
{
- throw KerberosException.KRB_AP_ERR_INAPP_CKSUM;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_INAPP_CKSUM );
}
/*
@@ -152,7 +154,7 @@
if ( !equal )
{
- throw KerberosException.KRB_AP_ERR_MODIFIED;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_MODIFIED );
}
}
@@ -177,7 +179,7 @@
endif
endif
*/
- throw KerberosException.KDC_ERR_S_PRINCIPAL_UNKNOWN;
+ throw new KerberosException(
ErrorType.KDC_ERR_S_PRINCIPAL_UNKNOWN );
}
return serverKey;
}
@@ -222,7 +224,7 @@
{
if ( !tgt.getFlag( TicketFlags.FORWARDABLE ) )
{
- throw KerberosException.KDC_ERR_BADOPTION;
+ throw new KerberosException(
ErrorType.KDC_ERR_BADOPTION );
}
newTicketBody.setFlag( TicketFlags.FORWARDABLE );
@@ -232,7 +234,7 @@
{
if ( !tgt.getFlag( TicketFlags.FORWARDABLE ) )
{
- throw KerberosException.KDC_ERR_BADOPTION;
+ throw new KerberosException(
ErrorType.KDC_ERR_BADOPTION );
}
newTicketBody.setFlag( TicketFlags.FORWARDED );
newTicketBody.setClientAddresses(
request.getAddresses() );
@@ -248,7 +250,7 @@
{
if ( !tgt.getFlag( TicketFlags.PROXIABLE ) )
{
- throw KerberosException.KDC_ERR_BADOPTION;
+ throw new KerberosException(
ErrorType.KDC_ERR_BADOPTION );
}
newTicketBody.setFlag( TicketFlags.PROXIABLE );
@@ -258,7 +260,7 @@
{
if ( !tgt.getFlag( TicketFlags.PROXIABLE ) )
{
- throw KerberosException.KDC_ERR_BADOPTION;
+ throw new KerberosException(
ErrorType.KDC_ERR_BADOPTION );
}
newTicketBody.setFlag( TicketFlags.PROXY );
@@ -270,7 +272,7 @@
{
if ( !tgt.getFlag( TicketFlags.MAY_POSTDATE ) )
{
- throw KerberosException.KDC_ERR_BADOPTION;
+ throw new KerberosException(
ErrorType.KDC_ERR_BADOPTION );
}
newTicketBody.setFlag( TicketFlags.MAY_POSTDATE );
@@ -280,7 +282,7 @@
{
if ( !tgt.getFlag( TicketFlags.MAY_POSTDATE ) )
{
- throw KerberosException.KDC_ERR_BADOPTION;
+ throw new KerberosException(
ErrorType.KDC_ERR_BADOPTION );
}
newTicketBody.setFlag( TicketFlags.POSTDATED );
@@ -288,7 +290,7 @@
if ( !config.isPostdateAllowed() )
{
- throw KerberosException.KDC_ERR_POLICY;
+ throw new KerberosException(
ErrorType.KDC_ERR_POLICY );
}
newTicketBody.setStartTime( request.getFrom() );
@@ -298,12 +300,12 @@
{
if ( !tgt.getFlag( TicketFlags.INVALID ) )
{
- throw KerberosException.KDC_ERR_POLICY;
+ throw new KerberosException(
ErrorType.KDC_ERR_POLICY );
}
if ( tgt.getStartTime().greaterThan( new KerberosTime()
) )
{
- throw KerberosException.KRB_AP_ERR_TKT_NYV;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_TKT_NYV );
}
/*
@@ -319,7 +321,7 @@
if ( request.getOption( KdcOptions.RESERVED ) ||
request.getOption( KdcOptions.RENEWABLE_OK ) )
{
- throw KerberosException.KDC_ERR_BADOPTION;
+ throw new KerberosException(
ErrorType.KDC_ERR_BADOPTION );
}
}
@@ -336,12 +338,12 @@
{
if ( !tgt.getFlag( TicketFlags.RENEWABLE ) )
{
- throw KerberosException.KDC_ERR_BADOPTION;
+ throw new KerberosException(
ErrorType.KDC_ERR_BADOPTION );
}
if ( tgt.getRenewTill().greaterThan( now ) )
{
- throw KerberosException.KRB_AP_ERR_TKT_EXPIRED;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_TKT_EXPIRED );
}
echoTicket( newTicketBody, tgt );
@@ -445,11 +447,11 @@
}
catch (KerberosException e)
{
- throw
KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
}
catch (IOException ioe)
{
- throw
KerberosException.KRB_AP_ERR_BAD_INTEGRITY;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
}
AuthorizationData ticketData =
tgt.getAuthorizationData();
Modified:
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java
URL:
http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java?view=diff&r1=157902&r2=157903
==============================================================================
---
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java
(original)
+++
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java
Wed Mar 16 21:38:42 2005
@@ -19,10 +19,11 @@
import java.io.IOException;
+import org.apache.kerberos.exceptions.ErrorType;
+import org.apache.kerberos.exceptions.KerberosException;
import org.apache.kerberos.kdc.AuthenticationService;
import org.apache.kerberos.kdc.ErrorService;
import org.apache.kerberos.kdc.KdcConfiguration;
-import org.apache.kerberos.kdc.KerberosException;
import org.apache.kerberos.kdc.TicketGrantingService;
import org.apache.kerberos.messages.AuthenticationReply;
import org.apache.kerberos.messages.ErrorMessage;
@@ -94,10 +95,10 @@
case 11:
case 13:
- throw KerberosException.KRB_AP_ERR_BADDIRECTION;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_BADDIRECTION );
default:
- throw
KerberosException.KRB_AP_ERR_MSG_TYPE;
+ throw new KerberosException(
ErrorType.KRB_AP_ERR_MSG_TYPE );
}
}
catch ( KerberosException ke )
Modified:
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/sam/TimestampChecker.java
URL:
http://svn.apache.org/viewcvs/directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/sam/TimestampChecker.java?view=diff&r1=157902&r2=157903
==============================================================================
---
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/sam/TimestampChecker.java
(original)
+++
directory/protocol-providers/kerberos/trunk/core/src/java/org/apache/kerberos/sam/TimestampChecker.java
Wed Mar 16 21:38:42 2005
@@ -24,9 +24,9 @@
import org.apache.kerberos.crypto.encryption.EncryptionEngine;
import org.apache.kerberos.crypto.encryption.EncryptionEngineFactory;
import org.apache.kerberos.crypto.encryption.EncryptionType;
+import org.apache.kerberos.exceptions.KerberosException;
import org.apache.kerberos.io.decoder.EncryptedDataDecoder;
import org.apache.kerberos.io.decoder.EncryptedTimestampDecoder;
-import org.apache.kerberos.kdc.KerberosException;
import org.apache.kerberos.messages.value.EncryptedData;
import org.apache.kerberos.messages.value.EncryptedTimeStamp;
import org.apache.kerberos.messages.value.EncryptionKey;
