Working on patch (need feedback)

2003-06-24 Thread Gross, Jessica
While using Tomcat and Active Directory, I found a small bug.  Normally in LDAP, you 
escape certain special characters, one of which being the comma.  This is done by 

DN=CN=Doe\, Jane, OU=unit, OU=People

However, when I instructed Tomcat to search for roles by inserting the distinguished 
name, no results were found.  This is because I found in Active Directory in an object 
filter you must put

member=CN=Doe\\, Jane, OU=unit, OU=People or member=CN=Doe, Jane, OU=unit, OU=People

I have written a patch that at the moment can implement either of those two fixes by 
encoding the filter.  I have tried to find the answer at the LDAP specifications at 
http://rfc.sunsite.dk/rfc/rfc2253.html.  Is this just Active Directory messing up?  
Does my fix seem reasonable?  What is the best method to fix my problems and stay 
within LDAP specifications?

Any feedback or suggestions are welcomed.

Thanks,
Jessica

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



RE: Working on patch (need feedback)

2003-06-24 Thread Gross, Jessica
In LDAP, different attributes are separated by a comma, so you must distinguish when 
you use a comma in the middle of the attribute.  This means a comma in the middle of 
the attribute must be escaped.  Sorry for the confusion.  Hope this clears it up.

Jessica

-Original Message-
From: Shapira, Yoav [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 24, 2003 1:44 PM
To: Tomcat Developers List
Subject: RE: Working on patch (need feedback) 



Howdy,
What about the other commas?  I'm not that familiar with LDAP specs, so
this may be a stupid question, but why are you escaping only the first
comma?

Yoav Shapira
Millennium ChemInformatics


-Original Message-
From: Gross, Jessica [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 24, 2003 12:08 PM
To: [EMAIL PROTECTED]
Subject: Working on patch (need feedback)

While using Tomcat and Active Directory, I found a small bug.  Normally
in
LDAP, you escape certain special characters, one of which being the
comma.
This is done by

DN=CN=Doe\, Jane, OU=unit, OU=People

However, when I instructed Tomcat to search for roles by inserting the
distinguished name, no results were found.  This is because I found in
Active Directory in an object filter you must put

member=CN=Doe\\, Jane, OU=unit, OU=People or member=CN=Doe, Jane,
OU=unit, OU=People

I have written a patch that at the moment can implement either of those
two
fixes by encoding the filter.  I have tried to find the answer at the
LDAP
specifications at http://rfc.sunsite.dk/rfc/rfc2253.html.  Is this just
Active Directory messing up?  Does my fix seem reasonable?  What is the
best method to fix my problems and stay within LDAP specifications?

Any feedback or suggestions are welcomed.

Thanks,
Jessica

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




This e-mail, including any attachments, is a confidential business communication, and 
may contain information that is confidential, proprietary and/or privileged.  This 
e-mail is intended only for the individual(s) to whom it is addressed, and may not be 
saved, copied, printed, disclosed or used by anyone else.  If you are not the(an) 
intended recipient, please immediately delete this e-mail from your computer system 
and notify the sender.  Thank you.


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



Implementing my own realm

2003-07-30 Thread Gross, Jessica
  I could really use some help.  So I have created my own realm that extends the 
JNDIRealm, you can see that class further down.   I also created the LDAPMessageFormat 
class.  So I put these classes into a jar, which I put into server/lib folder in 
tomcat.  In my server.xml instead of using the className for the 
org.apacheJNDIRealm, I put in the name of my realm.  When I startup tomcat, I get 
this error, 

ServerLifecycleLister: Can't create mbean for realm [EMAIL PROTECTED]

Does anyone know how to fix this problem?  I would greatly appreciate any help.  In 
case you are wondering, all the realm should do in addition to the JNDIRealm is to fix 
the bug, http://nagoya.apache.org/bugzilla/show_bug.cgi?id=16541.  Many thanks in 
advance!

Jessica



public class StrykerJNDIRealm extends JNDIRealm {

/**
 * Set the message format pattern for selecting users in this Realm.
 *
 * @param userSearch The new user search pattern
 */
public void setUserSearch(String userSearch) {
System.out.println(in StrykerJNDI realm);
this.userSearch = userSearch;
if (userSearch == null)
userSearchFormat = null;
else
userSearchFormat = new LDAPMessageFormat(userSearch);

}
}





public class LDAPMessageFormat extends MessageFormat {

/**
 * @param pattern
 */
public LDAPMessageFormat(String pattern) {
super(pattern);
}

public String format(String[] pattern) {
String format = format((Object)pattern);
return filterEncode(format);
}

/**
 * Put the codefilter/code into the proper form.  LDAP servers require a 
',' within an attribute
 * to be encoded by a '\'.  It further requires a '\' to encode a '\' when 
using a search filter.
 * 
 * @param String filter The codefilter/code to be encoded
 */
public String filterEncode(String filter) {

int backslash = filter.indexOf('\\');
int nextSlash = 1;
int equal = 0;
int comma = 0;
boolean firstTime = true;
String charAfterBack = filter.substring(backslash + 1, backslash + 2);

while (nextSlash  0  backslash  0) {

// Section 4 of http://rfc.sunsite.dk/rfc/rfc2253.html states
//
// Implementations MUST allow a value to be surrounded by quote (''
// ASCII 34) characters, which are not part of the value.  Inside the
// quoted value, the following characters can occur without any
// escaping:
// ',', '=', '+', '', '', '#' and ';' 
//
// So if none of these characters are currently being escaped return 
original filter
if ((charAfterBack.compareTo(,)) != 0
 (charAfterBack.compareTo(=)) != 0
 (charAfterBack.compareTo(+)) != 0
 (charAfterBack.compareTo()) != 0
 (charAfterBack.compareTo()) != 0
 (charAfterBack.compareTo(#)) != 0
 (charAfterBack.compareTo(+)) != 0
 (charAfterBack.compareTo(;)) != 0)
return filter;

/*String before = filter.substring(0, backslash + 1);
String after = filter.substring(backslash + 1);
nextSlash = after.indexOf('\\');
backslash = backslash + nextSlash + 1;

filter = before + \\ + after;*/

// remove the backslash that is escaping 
String before = filter.substring(0, backslash);
String after = filter.substring(backslash + 1);
nextSlash = after.indexOf('\\');
backslash = backslash + nextSlash + 1;
//find where to put the quotes around
//beginning of quotes after the objectname = attribute = ..., 
attribute=...,
if (firstTime) {
equal = before.indexOf('=');
equal = (before.substring(equal + 1)).indexOf('=') + equal + 1;
firstTime = false;
} else
equal = before.indexOf('=');

//end of quotes before comma separating attributes 
//making sure not to grab the comma that is being escaped
comma = (after.substring(1)).indexOf(',');
if (comma  0  equal  0)
filter =
before.substring(0, equal + 1)
+ \
+ before.substring(equal + 1)
+ after.substring(0, comma + 1)
+ \
+ after.substring(comma + 1);
}
return filter;
}

}

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



RE: Implementing my own realm

2003-07-30 Thread Gross, Jessica
I've edited the mbeans-descriptors.xml and solve that problem at least.

-Original Message-
From: Gross, Jessica 
Sent: Wednesday, July 30, 2003 10:55 AM
To: [EMAIL PROTECTED]
Subject: Implementing my own realm


  I could really use some help.  So I have created my own realm that extends the 
JNDIRealm, you can see that class further down.   I also created the LDAPMessageFormat 
class.  So I put these classes into a jar, which I put into server/lib folder in 
tomcat.  In my server.xml instead of using the className for the 
org.apacheJNDIRealm, I put in the name of my realm.  When I startup tomcat, I get 
this error, 

ServerLifecycleLister: Can't create mbean for realm [EMAIL PROTECTED]

Does anyone know how to fix this problem?  I would greatly appreciate any help.  In 
case you are wondering, all the realm should do in addition to the JNDIRealm is to fix 
the bug, http://nagoya.apache.org/bugzilla/show_bug.cgi?id=16541.  Many thanks in 
advance!

Jessica



public class StrykerJNDIRealm extends JNDIRealm {

/**
 * Set the message format pattern for selecting users in this Realm.
 *
 * @param userSearch The new user search pattern
 */
public void setUserSearch(String userSearch) {
System.out.println(in StrykerJNDI realm);
this.userSearch = userSearch;
if (userSearch == null)
userSearchFormat = null;
else
userSearchFormat = new LDAPMessageFormat(userSearch);

}
}





public class LDAPMessageFormat extends MessageFormat {

/**
 * @param pattern
 */
public LDAPMessageFormat(String pattern) {
super(pattern);
}

public String format(String[] pattern) {
String format = format((Object)pattern);
return filterEncode(format);
}

/**
 * Put the codefilter/code into the proper form.  LDAP servers require a 
',' within an attribute
 * to be encoded by a '\'.  It further requires a '\' to encode a '\' when 
using a search filter.
 * 
 * @param String filter The codefilter/code to be encoded
 */
public String filterEncode(String filter) {

int backslash = filter.indexOf('\\');
int nextSlash = 1;
int equal = 0;
int comma = 0;
boolean firstTime = true;
String charAfterBack = filter.substring(backslash + 1, backslash + 2);

while (nextSlash  0  backslash  0) {

// Section 4 of http://rfc.sunsite.dk/rfc/rfc2253.html states
//
// Implementations MUST allow a value to be surrounded by quote (''
// ASCII 34) characters, which are not part of the value.  Inside the
// quoted value, the following characters can occur without any
// escaping:
// ',', '=', '+', '', '', '#' and ';' 
//
// So if none of these characters are currently being escaped return 
original filter
if ((charAfterBack.compareTo(,)) != 0
 (charAfterBack.compareTo(=)) != 0
 (charAfterBack.compareTo(+)) != 0
 (charAfterBack.compareTo()) != 0
 (charAfterBack.compareTo()) != 0
 (charAfterBack.compareTo(#)) != 0
 (charAfterBack.compareTo(+)) != 0
 (charAfterBack.compareTo(;)) != 0)
return filter;

/*String before = filter.substring(0, backslash + 1);
String after = filter.substring(backslash + 1);
nextSlash = after.indexOf('\\');
backslash = backslash + nextSlash + 1;

filter = before + \\ + after;*/

// remove the backslash that is escaping 
String before = filter.substring(0, backslash);
String after = filter.substring(backslash + 1);
nextSlash = after.indexOf('\\');
backslash = backslash + nextSlash + 1;
//find where to put the quotes around
//beginning of quotes after the objectname = attribute = ..., 
attribute=...,
if (firstTime) {
equal = before.indexOf('=');
equal = (before.substring(equal + 1)).indexOf('=') + equal + 1;
firstTime = false;
} else
equal = before.indexOf('=');

//end of quotes before comma separating attributes 
//making sure not to grab the comma that is being escaped
comma = (after.substring(1)).indexOf(',');
if (comma  0  equal  0)
filter =
before.substring(0, equal + 1)
+ \
+ before.substring(equal + 1)
+ after.substring(0, comma + 1)
+ \
+ after.substring(comma + 1);
}
return filter;
}

}

-
To unsubscribe, e