Author: akarasulu
Date: Thu Mar 17 13:04:51 2005
New Revision: 157976
URL: http://svn.apache.org/viewcvs?view=rev&rev=157976
Log:
changes ...
o factored out Authenticator as interface
o created new AbstractAuthenticator base class
o cleaned and documented just a little
Added:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AbstractAuthenticator.java
Modified:
directory/apacheds/trunk/CHANGES.txt
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/Authenticator.java
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AuthenticatorConfig.java
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AuthenticatorContext.java
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java
Modified: directory/apacheds/trunk/CHANGES.txt
URL:
http://svn.apache.org/viewcvs/directory/apacheds/trunk/CHANGES.txt?view=diff&r1=157975&r2=157976
==============================================================================
--- directory/apacheds/trunk/CHANGES.txt (original)
+++ directory/apacheds/trunk/CHANGES.txt Thu Mar 17 13:04:51 2005
@@ -1,5 +1,5 @@
-Changes since 0.8
-=================
+Changes in 0.9
+==============
o added Preferences implementation for system settings (user Prefs not done)
o added support for JNDI state factories and object factories
@@ -8,4 +8,5 @@
just needs to be added.
o added factory.hints property to help drive the selection of a object
factory when there are multiple alternatives
-
+ o added Authenticator (thanks to Endi)
+ o added support for multiple types of backends (thanks to Endi)
Added:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AbstractAuthenticator.java
URL:
http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AbstractAuthenticator.java?view=auto&rev=157976
==============================================================================
---
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AbstractAuthenticator.java
(added)
+++
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AbstractAuthenticator.java
Thu Mar 17 13:04:51 2005
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.ldap.server.auth;
+
+
+import javax.naming.NamingException;
+
+
+/**
+ * Base class for all Authenticators.
+ *
+ * @author <a href="mailto:[email protected]";>Apache Directory
Project</a>
+ */
+public abstract class AbstractAuthenticator implements Authenticator
+{
+
+ /** authenticator config */
+ public AuthenticatorConfig authenticatorConfig;
+ /** authenticator context */
+ public AuthenticatorContext authenticatorContext;
+ /** authenticator type */
+ public String type;
+
+ /**
+ * Create a new Authenticator.
+ *
+ * @param type authenticator's type
+ */
+ public AbstractAuthenticator( String type )
+ {
+ this.type = type;
+ }
+
+
+ public AuthenticatorContext getAuthenticatorContext()
+ {
+ return authenticatorContext;
+ }
+
+
+ public String getType()
+ {
+ return type;
+ }
+
+
+ public void init( AuthenticatorConfig authenticatorConfig ) throws
NamingException
+ {
+ this.authenticatorConfig = authenticatorConfig;
+
+ this.authenticatorContext =
authenticatorConfig.getAuthenticatorContext();
+
+ init();
+ }
+}
\ No newline at end of file
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java
URL:
http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java?view=diff&r1=157975&r2=157976
==============================================================================
---
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java
(original)
+++
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AnonymousAuthenticator.java
Thu Mar 17 13:04:51 2005
@@ -22,14 +22,22 @@
import javax.naming.NamingException;
/**
- * @author <a href="mailto:[EMAIL PROTECTED]">Endi S. Dewata</a>
+ * Endi can you please javadoc this code.
+ *
+ * @author <a href="mailto:[email protected]";>Apache Directory
Project</a>
*/
-public class AnonymousAuthenticator extends Authenticator {
-
+public class AnonymousAuthenticator extends AbstractAuthenticator
+{
public AnonymousAuthenticator( )
{
super( "none" );
}
+
+
+ public void init() throws NamingException
+ {
+ }
+
public LdapPrincipal authenticate( ServerContext ctx ) throws
NamingException
{
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/Authenticator.java
URL:
http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/Authenticator.java?view=diff&r1=157975&r2=157976
==============================================================================
---
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/Authenticator.java
(original)
+++
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/Authenticator.java
Thu Mar 17 13:04:51 2005
@@ -16,45 +16,23 @@
*/
package org.apache.ldap.server.auth;
+
import org.apache.ldap.server.jndi.ServerContext;
-import org.apache.ldap.server.auth.LdapPrincipal;
import javax.naming.NamingException;
/**
- * Base class for all Authenticators.
+ * Endi when you have a chance please document this class with the proper
javadocs.
*
- * @author <a href="mailto:[EMAIL PROTECTED]">Endi S. Dewata</a>
+ * @author <a href="mailto:[email protected]";>Apache Directory
Project</a>
+ * @version $Rev$
*/
-public class Authenticator {
+public interface Authenticator
+{
+ AuthenticatorContext getAuthenticatorContext();
- /** authenticator config */
- public AuthenticatorConfig authenticatorConfig;
- /** authenticator context */
- public AuthenticatorContext authenticatorContext;
- /** authenticator type */
- public String type;
-
- /**
- * Create a new Authenticator.
- *
- * @param type authenticator's type
- */
- public Authenticator( String type )
- {
- this.type = type;
- }
-
- public AuthenticatorContext getAuthenticatorContext()
- {
- return authenticatorContext;
- }
-
- public String getType()
- {
- return type;
- }
+ String getType();
/**
* Called by the authenticator container to indicate that the
authenticator is being placed into service.
@@ -62,20 +40,12 @@
* @param authenticatorConfig
* @throws NamingException
*/
- public void init( AuthenticatorConfig authenticatorConfig ) throws
NamingException
- {
- this.authenticatorConfig = authenticatorConfig;
- this.authenticatorContext =
authenticatorConfig.getAuthenticatorContext();
- init();
- }
+ void init( AuthenticatorConfig authenticatorConfig ) throws
NamingException;
/**
* A convenience method which can be overridden so that there's no need to
call super.init( authenticatorConfig ).
*/
- public void init() throws NamingException
- {
-
- }
+ void init() throws NamingException;
/**
* Perform the authentication operation and return the authorization id if
successfull.
@@ -84,9 +54,5 @@
* @return the authorization id
* @throws NamingException
*/
- public LdapPrincipal authenticate( ServerContext ctx ) throws
NamingException
- {
- return null;
- }
-
-}
\ No newline at end of file
+ LdapPrincipal authenticate( ServerContext ctx ) throws NamingException;
+}
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AuthenticatorConfig.java
URL:
http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AuthenticatorConfig.java?view=diff&r1=157975&r2=157976
==============================================================================
---
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AuthenticatorConfig.java
(original)
+++
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AuthenticatorConfig.java
Thu Mar 17 13:04:51 2005
@@ -20,9 +20,10 @@
import java.util.Properties;
/**
- * A configuration bean for Authenticators.
+ * A configuration bean for Authenticators.
*
- * @author <a href="mailto:[EMAIL PROTECTED]">Endi S. Dewata</a>
+ * @todo Endi this class needs javadocs for the methods
+ * @author <a href="mailto:[email protected]";>Apache Directory
Project</a>
*/
public class AuthenticatorConfig {
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AuthenticatorContext.java
URL:
http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AuthenticatorContext.java?view=diff&r1=157975&r2=157976
==============================================================================
---
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AuthenticatorContext.java
(original)
+++
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/AuthenticatorContext.java
Thu Mar 17 13:04:51 2005
@@ -23,10 +23,11 @@
/**
* Base class for all Authenticators.
*
- * @author <a href="mailto:direct [EMAIL PROTECTED]">Apache Directory
Project</a>
+ * @author <a href="mailto:[email protected]";>Apache Directory
Project</a>
* @version $Rev: 124525 $
*/
-public class AuthenticatorContext {
+public class AuthenticatorContext
+{
/** the root nexus to all database partitions */
private RootNexus rootNexus;
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java
URL:
http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java?view=diff&r1=157975&r2=157976
==============================================================================
---
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java
(original)
+++
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/auth/SimpleAuthenticator.java
Thu Mar 17 13:04:51 2005
@@ -16,6 +16,7 @@
*/
package org.apache.ldap.server.auth;
+
import org.apache.ldap.server.RootNexus;
import org.apache.ldap.server.jndi.ServerContext;
import org.apache.ldap.common.exception.LdapNameNotFoundException;
@@ -28,18 +29,44 @@
import javax.naming.directory.Attributes;
import javax.naming.directory.Attribute;
+
/**
- * @author <a href="mailto:[EMAIL PROTECTED]">Endi S. Dewata</a>
+ * A simple Authenticator that just authenticates clear text passwords
+ * contained within the <code>userPassword</code> attribute.
+ *
+ * @author <a href="mailto:[email protected]";>Apache Directory
Project</a>
*/
-public class SimpleAuthenticator extends Authenticator {
-
+public class SimpleAuthenticator extends AbstractAuthenticator
+{
+ /**
+ * Creates a simple authenticator for clear text passwords in
+ * userPassword attributes.
+ */
public SimpleAuthenticator( )
{
super( "simple" );
}
+
+ /**
+ * Does nothing!
+ *
+ * @see Authenticator#init()
+ */
+ public void init() throws NamingException
+ {
+ }
+
+
+ /**
+ * Uses the userPassword field of the user to authenticate.
+ *
+ * @see
Authenticator#authenticate(org.apache.ldap.server.jndi.ServerContext)
+ */
public LdapPrincipal authenticate( ServerContext ctx ) throws
NamingException
{
+ // ---- extract password from JNDI environment
+
Object creds = ctx.getEnvironment().get( Context.SECURITY_CREDENTIALS
);
if ( creds == null )
@@ -51,8 +78,10 @@
creds = ( ( String ) creds ).getBytes();
}
- // let's get the principal now
+ // ---- extract principal from JNDI environment
+
String principal;
+
if ( ! ctx.getEnvironment().containsKey( Context.SECURITY_PRINCIPAL ) )
{
throw new LdapAuthenticationException();
@@ -60,14 +89,19 @@
else
{
principal = ( String ) ctx.getEnvironment().get(
Context.SECURITY_PRINCIPAL );
+
if ( principal == null )
{
throw new LdapAuthenticationException();
}
}
+ // ---- lookup the principal entry's userPassword attribute
+
LdapName principalDn = new LdapName( principal );
+
RootNexus rootNexus = getAuthenticatorContext().getRootNexus();
+
Attributes userEntry = rootNexus.lookup( principalDn );
if ( userEntry == null )
@@ -76,7 +110,11 @@
}
Object userPassword;
+
Attribute userPasswordAttr = userEntry.get( "userPassword" );
+
+ // ---- assert that credentials match
+
if ( userPasswordAttr == null )
{
userPassword = ArrayUtils.EMPTY_BYTE_ARRAY;
@@ -84,6 +122,7 @@
else
{
userPassword = userPasswordAttr.get();
+
if ( userPassword instanceof String )
{
userPassword = ( ( String ) userPassword ).getBytes();
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java
URL:
http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java?view=diff&r1=157975&r2=157976
==============================================================================
---
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java
(original)
+++
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/AuthenticationService.java
Thu Mar 17 13:04:51 2005
@@ -25,7 +25,7 @@
import org.apache.ldap.common.message.ResultCodeEnum;
import org.apache.ldap.common.util.StringTools;
import org.apache.ldap.server.auth.LdapPrincipal;
-import org.apache.ldap.server.auth.Authenticator;
+import org.apache.ldap.server.auth.AbstractAuthenticator;
import org.apache.ldap.server.auth.Authenticator;
import java.util.Map;
@@ -44,8 +44,7 @@
{
/** short for Context.SECURITY_AUTHENTICATION */
private static final String AUTH_TYPE = Context.SECURITY_AUTHENTICATION;
- /** short for Context.SECURITY_PRINCIPAL */
- private static final String PRINCIPAL = Context.SECURITY_PRINCIPAL;
+
/** short for Context.SECURITY_CREDENTIALS */
private static final String CREDS = Context.SECURITY_CREDENTIALS;
@@ -68,7 +67,7 @@
* @param authenticator Authenticator component to register with this
* AuthenticatorService.
*/
- public void register( Authenticator authenticator )
+ public void register( AbstractAuthenticator authenticator )
{
Collection authenticatorList = getAuthenticators(
authenticator.getType() );
if ( authenticatorList == null )
Modified:
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java
URL:
http://svn.apache.org/viewcvs/directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java?view=diff&r1=157975&r2=157976
==============================================================================
---
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java
(original)
+++
directory/apacheds/trunk/core/src/main/java/org/apache/ldap/server/jndi/CoreContextFactory.java
Thu Mar 17 13:04:51 2005
@@ -514,7 +514,7 @@
authenticatorConfig.setAuthenticatorName( "none" );
authenticatorConfig.setAuthenticatorContext( authenticatorContext
);
- Authenticator authenticator = new AnonymousAuthenticator();
+ AbstractAuthenticator authenticator = new AnonymousAuthenticator();
authenticator.init( authenticatorConfig );
authenticationService.register( authenticator );
@@ -546,7 +546,7 @@
Class clazz = Class.forName( authenticatorClass );
Constructor constructor = clazz.getConstructor( new Class[] {
} );
- Authenticator authenticator = ( Authenticator )
constructor.newInstance( new Object[] { } );
+ AbstractAuthenticator authenticator = ( AbstractAuthenticator
) constructor.newInstance( new Object[] { } );
authenticator.init( configs[ii] );
authenticationService.register( authenticator );
