commit df5c089c41a5c9f4a40658e217fa4bb1bc2d1f69
author Colm O hEigeartaigh <coheigea@users.noreply.github.com> Thu Jun 03 08:54:20 2021 +0100
committer GitHub <noreply@github.com> Thu Jun 03 08:54:20 2021 +0100
tree 2192811dbbbb1f8504ebd2cbf61e7e99f77eb738
parent e64175eeaeaf8365948e370f6bf9b923c6f9a346
parent 67b02139dc36547ca1664e971c3e3377863f21c8

Merge pull request #92 from apache/dependabot/maven/org.glassfish.jersey.core-jersey-common-2.34

Bump jersey-common from 2.28 to 2.34

.github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
deleted file mode 100644
index ddcfd3c..0000000
--- a/.github/dependabot.yml
+++ /dev/null
@@ -1,20 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-version: 2
-updates:
-  - package-ecosystem: "maven"
-    directory: "/"
-    schedule:
-      interval: "daily"

benchmark/pom.xml

diff --git a/benchmark/pom.xml b/benchmark/pom.xml
index 264059d..39e6353 100644
--- a/benchmark/pom.xml
+++ b/benchmark/pom.xml
@@ -31,7 +31,7 @@
 
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    <jmh.version>1.29</jmh.version>
+    <jmh.version>1.31</jmh.version>
     <javac.target>1.7</javac.target>
     <uberjar.name>benchmarks</uberjar.name>
   </properties>

kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java

diff --git a/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java b/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
index a2a95f7..c45e7d9 100644
--- a/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
+++ b/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
@@ -257,6 +257,7 @@
             entry.setDn(dn);
             entry.add("objectClass", "top", "person", "inetOrgPerson",
                     "krb5principal", "krb5kdcentry");
+            entry.add("uid", names[0]);
             entry.add("cn", names[0]);
             entry.add("sn", names[0]);
             entry.add(KerberosAttribute.KRB5_KEY_AT, keysInfo.getKeys());
@@ -267,8 +268,6 @@
             entry.add("krb5KDCFlags", "" + identity.getKdcFlags());
             entry.add(KerberosAttribute.KRB5_ACCOUNT_DISABLED_AT, ""
                     + identity.isDisabled());
-            entry.add("createTimestamp",
-                    toGeneralizedTime(identity.getCreatedTime()));
             entry.add(KerberosAttribute.KRB5_ACCOUNT_LOCKEDOUT_AT, ""
                     + identity.isLocked());
             entry.add(KerberosAttribute.KRB5_ACCOUNT_EXPIRATION_TIME_AT,
@@ -296,8 +295,24 @@
     @Override
     protected KrbIdentity doGetIdentity(String principalName) throws KrbException {
         KrbIdentity krbIdentity = new KrbIdentity(principalName);
+        String searchFilter =
+            String.format("(&(objectclass=krb5principal)(krb5PrincipalName=%s))", principalName);
         try {
-            Dn dn = toDn(principalName);
+            EntryCursor cursor = new FailoverInvocationHandler<EntryCursor>() {
+                @Override
+                public EntryCursor execute() throws LdapException {
+                    return connection.search(getConfig().getString("base_dn"), searchFilter,
+                        SearchScope.SUBTREE, "dn");
+                }
+            }.run();
+
+            // there should be at most one entry with this principal name
+            if (cursor == null || !cursor.next()) {
+                return null;
+            }
+            Dn dn = cursor.get().getDn();
+            cursor.close();
+
             Entry entry = new FailoverInvocationHandler<Entry>() {
                 @Override
                 public Entry execute() throws LdapException {
@@ -307,6 +322,7 @@
             if (entry == null) {
                 return null;
             }
+
             LdapIdentityGetHelper getHelper = new LdapIdentityGetHelper(entry);
             krbIdentity.setPrincipal(getHelper.getPrincipalName());
             krbIdentity.setKeyVersion(getHelper.getKeyVersion());
@@ -318,6 +334,8 @@
             krbIdentity.setLocked(getHelper.getLocked());
         } catch (LdapException e) {
             throw new KrbException("Failed to retrieve identity", e);
+        } catch (CursorException e) {
+            throw new KrbException("Failed to retrieve identity", e);
         } catch (ParseException e) {
             throw new KrbException("Failed to retrieve identity", e);
         } catch (IOException e) {
@@ -412,8 +430,8 @@
             cursor = new FailoverInvocationHandler<EntryCursor>() {
                 @Override
                 public EntryCursor execute() throws LdapException {
-                    return connection.search(getConfig().getString("base_dn"), "(objectclass=*)",
-                            SearchScope.ONELEVEL, KerberosAttribute.KRB5_PRINCIPAL_NAME_AT);
+                    return connection.search(getConfig().getString("base_dn"), "(objectclass=krb5principal)",
+                        SearchScope.SUBTREE, KerberosAttribute.KRB5_PRINCIPAL_NAME_AT);
                 }
             }.run();
             if (cursor == null) {

pom.xml

diff --git a/pom.xml b/pom.xml
index 71c0a59..a30d735 100644
--- a/pom.xml
+++ b/pom.xml
@@ -49,22 +49,22 @@
   <properties>
     <apacheds.version>2.0.0.AM26</apacheds.version>
     <commons-io.version>2.8.0</commons-io.version>
-    <gson.version>2.8.6</gson.version>
+    <gson.version>2.8.7</gson.version>
     <h2.version>1.4.200</h2.version>
     <ldap.api.version>2.0.1</ldap.api.version>
     <log4j.version>1.2.17</log4j.version>
     <junit.version>4.13.2</junit.version>
-    <nimbus.jose.version>9.8</nimbus.jose.version>
+    <nimbus.jose.version>9.9.3</nimbus.jose.version>
     <slf4j.version>1.7.30</slf4j.version>
     <assertj.version>3.19.0</assertj.version>
     <findbugs.version>3.0.5</findbugs.version>
     <buildtools.dir>${basedir}/build-tools</buildtools.dir>
     <skipTests>false</skipTests>
-    <jline.version>3.19.0</jline.version>
+    <jline.version>3.20.0</jline.version>
     <maven-javadoc-plugin.version>3.2.0</maven-javadoc-plugin.version>
     <maven-jxr-plugin.version>3.0.0</maven-jxr-plugin.version>
-    <mockito.version>3.8.0</mockito.version>
-    <netty.version>4.1.63.Final</netty.version>
+    <mockito.version>3.10.0</mockito.version>
+    <netty.version>4.1.65.Final</netty.version>
     <hadoop.version>3.1.3</hadoop.version>
     <bouncycastle.version>1.68</bouncycastle.version>
     <jersey.container.version>2.17</jersey.container.version>
@@ -73,7 +73,7 @@
     <commons-dbutils.version>1.7</commons-dbutils.version>
     <drizzle-jdbc.version>1.4</drizzle-jdbc.version>
     <jsch.version>0.1.55</jsch.version>
-    <maven-owasp-plugin-version>6.1.4</maven-owasp-plugin-version>
+    <maven-owasp-plugin-version>6.1.6</maven-owasp-plugin-version>
     <commons-codec.version>1.15</commons-codec.version>
     <commons-logging.version>1.2</commons-logging.version>
     <ini4j.version>0.5.4</ini4j.version>
@@ -258,7 +258,7 @@
             <dependency>
                 <groupId>com.puppycrawl.tools</groupId>
                 <artifactId>checkstyle</artifactId>
-                <version>8.41.1</version>
+                <version>8.42</version>
             </dependency>
           </dependencies>
           <configuration>